From bda2a7c1f70f5adf30825323c8877886c481f125 Mon Sep 17 00:00:00 2001 From: def Date: Wed, 27 Jul 2022 19:06:20 +0200 Subject: [PATCH] add ssh tests --- selfprivacy_api/graphql/schema.py | 2 + tests/test_graphql/test_ssh.py | 348 ++++++++++++++++++++++++++++++ 2 files changed, 350 insertions(+) create mode 100644 tests/test_graphql/test_ssh.py diff --git a/selfprivacy_api/graphql/schema.py b/selfprivacy_api/graphql/schema.py index 3a623f5..fb01776 100644 --- a/selfprivacy_api/graphql/schema.py +++ b/selfprivacy_api/graphql/schema.py @@ -4,6 +4,7 @@ import strawberry from selfprivacy_api.graphql import IsAuthenticated from selfprivacy_api.graphql.mutations.api_mutations import ApiMutations +from selfprivacy_api.graphql.mutations.ssh_mutations import SshMutations from selfprivacy_api.graphql.mutations.system_mutations import SystemMutations from selfprivacy_api.graphql.queries.api_queries import Api @@ -38,6 +39,7 @@ class Mutation( ApiMutations, SystemMutations, UserMutations, + SshMutations, ): """Root schema for mutations""" diff --git a/tests/test_graphql/test_ssh.py b/tests/test_graphql/test_ssh.py new file mode 100644 index 0000000..0c69463 --- /dev/null +++ b/tests/test_graphql/test_ssh.py @@ -0,0 +1,348 @@ +# pylint: disable=redefined-outer-name +# pylint: disable=unused-argument +import pytest + +from tests.common import ( + read_json, +) + + +class ProcessMock: + """Mock subprocess.Popen""" + + def __init__(self, args, **kwargs): + self.args = args + self.kwargs = kwargs + + def communicate(): # pylint: disable=no-method-argument + return (b"NEW_HASHED", None) + + returncode = 0 + + +@pytest.fixture +def mock_subprocess_popen(mocker): + mock = mocker.patch("subprocess.Popen", autospec=True, return_value=ProcessMock) + return mock + + +@pytest.fixture +def some_users(mocker, datadir): + mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "some_users.json") + assert read_json(datadir / "some_users.json")["users"] == [ + { + "username": "user1", + "hashedPassword": "HASHED_PASSWORD_1", + "sshKeys": ["ssh-rsa KEY user1@pc"], + }, + {"username": "user2", "hashedPassword": "HASHED_PASSWORD_2", "sshKeys": []}, + {"username": "user3", "hashedPassword": "HASHED_PASSWORD_3"}, + ] + return datadir + + +# TESTS ######################################################## + + +API_CREATE_SSH_MUTATION = """ +mutation createSsh($input: SshMutationsInput!) { + createSsh(input: $input) { + success + message + code + user { + username + sshKeys + } + } +} +""" + + +def test_graphql_add_ssh_unauthorized(client, some_users, mock_subprocess_popen): + response = client.post( + "/graphql", + json={ + "query": API_CREATE_SSH_MUTATION, + "variables": { + "input": { + "username": "user1", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is None + + +def test_graphql_add_ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_CREATE_SSH_MUTATION, + "variables": { + "input": { + "username": "user1", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["createSsh"]["code"] == 200 + assert response.json["data"]["createSsh"]["message"] is not None + assert response.json["data"]["createSsh"]["success"] is True + + assert response.json["data"]["createSsh"]["user"]["username"] == "user1" + # assert response.json["data"]["createSsh"]["user"]["sshKeys"] == [ # i know + # "ssh-rsa KEY test_key@pc" + # ] + + +def test_graphql_add_root_ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_CREATE_SSH_MUTATION, + "variables": { + "input": { + "username": "root", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["createSsh"]["code"] == 200 + assert response.json["data"]["createSsh"]["message"] is not None + assert response.json["data"]["createSsh"]["success"] is True + + assert response.json["data"]["createSsh"]["user"]["username"] == "root" + # assert response.json["data"]["createSsh"]["user"]["sshKeys"] == [ # i know + # "ssh-rsa KEY test_key@pc" + # ] + + +def test_graphql_add_main_ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_CREATE_SSH_MUTATION, + "variables": { + "input": { + "username": "tester", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["createSsh"]["code"] == 200 + assert response.json["data"]["createSsh"]["message"] is not None + assert response.json["data"]["createSsh"]["success"] is True + + assert response.json["data"]["createSsh"]["user"]["username"] == "tester" + # assert response.json["data"]["createSsh"]["user"]["sshKeys"] == [ # i know + # "ssh-rsa KEY test_key@pc" + # ] + + +def test_graphql_add_404ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_CREATE_SSH_MUTATION, + "variables": { + "input": { + "username": "user1", + "sshKey": "trust me, this is the ssh key", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["createSsh"]["code"] == 400 + assert response.json["data"]["createSsh"]["message"] is not None + assert response.json["data"]["createSsh"]["success"] is False + + +def test_graphql_add_ssh_404user(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_CREATE_SSH_MUTATION, + "variables": { + "input": { + "username": "user666", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["createSsh"]["code"] == 404 + assert response.json["data"]["createSsh"]["message"] is not None + assert response.json["data"]["createSsh"]["success"] is False + + +API_DELETE_SSH_MUTATION = """ +mutation deleteSsh($input: SshMutationsInput!) { + deleteSsh(input: $input) { + success + message + code + user { + username + sshKeys + } + } +} +""" + + +def test_graphql_dell_ssh_unauthorized(client, some_users, mock_subprocess_popen): + response = client.post( + "/graphql", + json={ + "query": API_DELETE_SSH_MUTATION, + "variables": { + "input": { + "username": "user1", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is None + + +def test_graphql_dell_ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_DELETE_SSH_MUTATION, + "variables": { + "input": { + "username": "user1", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["deleteSsh"]["code"] == 200 + assert response.json["data"]["deleteSsh"]["message"] is not None + assert response.json["data"]["deleteSsh"]["success"] is True + + assert response.json["data"]["deleteSsh"]["user"]["username"] == "user1" + # assert response.json["data"]["deleteSsh"]["user"]["sshKeys"] == [ # i know + # "ssh-rsa KEY test_key@pc" + # ] + + +def test_graphql_dell_root_ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_DELETE_SSH_MUTATION, + "variables": { + "input": { + "username": "root", + "sshKey": "ssh-rsa KEY root@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["deleteSsh"]["code"] == 200 + assert response.json["data"]["deleteSsh"]["message"] is not None + assert response.json["data"]["deleteSsh"]["success"] is True + + assert response.json["data"]["deleteSsh"]["user"]["username"] == "root" + # assert response.json["data"]["deleteSsh"]["user"]["sshKeys"] == [ # i know + # "ssh-rsa KEY test_key@pc" + # ] + + +def test_graphql_dell_main_ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_DELETE_SSH_MUTATION, + "variables": { + "input": { + "username": "tester", + "sshKey": "ssh-rsa KEY tester@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["deleteSsh"]["code"] == 200 + assert response.json["data"]["deleteSsh"]["message"] is not None + assert response.json["data"]["deleteSsh"]["success"] is True + + assert response.json["data"]["deleteSsh"]["user"]["username"] == "tester" + assert response.json["data"]["deleteSsh"]["user"]["sshKeys"] == [ # i know + "ssh-rsa KEY test_key@pc" + ] + + +def test_graphql_dell_404ssh(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_DELETE_SSH_MUTATION, + "variables": { + "input": { + "username": "user1", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["deleteSsh"]["code"] == 404 + assert response.json["data"]["deleteSsh"]["message"] is not None + assert response.json["data"]["deleteSsh"]["success"] is False + + +def test_graphql_dell_ssh_404user(authorized_client, some_users, mock_subprocess_popen): + response = authorized_client.post( + "/graphql", + json={ + "query": API_DELETE_SSH_MUTATION, + "variables": { + "input": { + "username": "user666", + "sshKey": "ssh-rsa KEY test_key@pc", + }, + }, + }, + ) + assert response.status_code == 200 + assert response.json.get("data") is not None + + assert response.json["data"]["deleteSsh"]["code"] == 404 + assert response.json["data"]["deleteSsh"]["message"] is not None + assert response.json["data"]["deleteSsh"]["success"] is False