# pylint: disable=redefined-outer-name # pylint: disable=unused-argument import json import pytest from tests.common import ( generate_system_query, generate_users_query, read_json, write_json, ) invalid_usernames = [ "root", "messagebus", "postfix", "polkituser", "dovecot2", "dovenull", "nginx", "postgres", "systemd-journal-gateway", "prosody", "systemd-network", "systemd-resolve", "systemd-timesync", "opendkim", "rspamd", "sshd", "selfprivacy-api", "restic", "redis", "pleroma", "ocserv", "nextcloud", "memcached", "knot-resolver", "gitea", "bitwarden_rs", "vaultwarden", "acme", "virtualMail", "nixbld1", "nixbld2", "nixbld29", "nobody", ] ## FIXTURES ################################################### @pytest.fixture def no_users(mocker, datadir): mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "no_users.json") assert read_json(datadir / "no_users.json")["users"] == [] return datadir @pytest.fixture def one_user(mocker, datadir): mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "one_user.json") assert read_json(datadir / "one_user.json")["users"] == [ { "username": "user1", "hashedPassword": "HASHED_PASSWORD_1", "sshKeys": ["ssh-rsa KEY user1@pc"], } ] return datadir @pytest.fixture def some_users(mocker, datadir): mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "some_users.json") assert read_json(datadir / "some_users.json")["users"] == [ { "username": "user1", "hashedPassword": "HASHED_PASSWORD_1", "sshKeys": ["ssh-rsa KEY user1@pc"], }, {"username": "user2", "hashedPassword": "HASHED_PASSWORD_2", "sshKeys": []}, {"username": "user3", "hashedPassword": "HASHED_PASSWORD_3"}, ] return datadir @pytest.fixture def undefined_settings(mocker, datadir): mocker.patch("selfprivacy_api.utils.USERDATA_FILE", new=datadir / "undefined.json") assert "users" not in read_json(datadir / "undefined.json") return datadir class ProcessMock: """Mock subprocess.Popen""" def __init__(self, args, **kwargs): self.args = args self.kwargs = kwargs def communicate(): return (b"NEW_HASHED", None) returncode = 0 @pytest.fixture def mock_subprocess_popen(mocker): mock = mocker.patch("subprocess.Popen", autospec=True, return_value=ProcessMock) return mock ## TESTS ###################################################### API_USERS_INFO = """ allUsers { username sshKeys } """ def test_graphql_get_users_unauthorized(client, some_users, mock_subprocess_popen): """Test wrong auth""" response = client.get( "/graphql", json={ "query": generate_users_query([API_USERS_INFO]), }, ) assert response.status_code == 200 assert response.json.get("data") is None def test_graphql_get_some_users(authorized_client, some_users, mock_subprocess_popen): response = authorized_client.get( "/graphql", json={ "query": generate_users_query([API_USERS_INFO]), }, ) assert response.status_code == 200 assert response.json.get("data") is not None assert len(response.json["data"]["users"]["allUsers"]) == 4 assert response.json["data"]["users"]["allUsers"][0]["username"] == "user1" assert response.json["data"]["users"]["allUsers"][0]["sshKeys"] == [ "ssh-rsa KEY user1@pc" ] assert response.json["data"]["users"]["allUsers"][1]["username"] == "user2" assert response.json["data"]["users"]["allUsers"][1]["sshKeys"] == [] assert response.json["data"]["users"]["allUsers"][3]["username"] == "tester" assert response.json["data"]["users"]["allUsers"][3]["sshKeys"] == [ "ssh-rsa KEY test@pc" ] def test_graphql_get_no_users(authorized_client, no_users, mock_subprocess_popen): response = authorized_client.get( "/graphql", json={ "query": generate_users_query([API_USERS_INFO]), }, ) assert response.status_code == 200 assert response.json.get("data") is not None assert len(response.json["data"]["users"]["allUsers"]) == 1 assert response.json["data"]["users"]["allUsers"][0]["username"] == "tester" assert response.json["data"]["users"]["allUsers"][0]["sshKeys"] == [ "ssh-rsa KEY test@pc" ] API_GET_USERS = """ getUser($username: String) { getUser(username: $username) { user } } """ def test_graphql_get_one_user_unauthorized(client, one_user, mock_subprocess_popen): response = client.post( "/graphql", json={ "query": generate_users_query([API_GET_USERS]), "variables": { "username": "user1", }, }, ) assert response.status_code == 200 assert response.json.get("data") is None def test_graphql_get_one_user(authorized_client, one_user, mock_subprocess_popen): response = authorized_client.get( "/graphql", json={ "query": generate_users_query([API_GET_USERS]), "variables": { "username": "user1", }, }, ) assert response.status_code == 200 assert response.json.get("data") is not None # assert len(response.json["data"]["users"]["getUser"]) == 1 # assert response.json["data"]["users"]["getUser"][0]["username"] == "user1" # assert response.json["data"]["users"]["getUser"][0]["sshKeys"] == ["ssh-rsa KEY user1@pc"] def test_graphql_get_some_user(authorized_client, some_user, mock_subprocess_popen): response = authorized_client.get( "/graphql", json={ "query": generate_users_query([API_GET_USERS]), "variables": { "username": "user2", }, }, ) assert response.status_code == 200 assert response.json.get("data") is not None # assert len(response.json["data"]["users"]["getUser"]) == 1 # assert response.json["data"]["users"]["getUser"][0]["username"] == "user1" # assert response.json["data"]["users"]["getUser"][0]["sshKeys"] == ["ssh-rsa KEY user1@pc"] def test_graphql_get_root_user(authorized_client, one_user, mock_subprocess_popen): response = authorized_client.get( "/graphql", json={ "query": generate_users_query([API_GET_USERS]), "variables": { "username": "root", }, }, ) assert response.status_code == 200 assert response.json.get("data") is not None def test_graphql_get_main_user(authorized_client, one_user, mock_subprocess_popen): response = authorized_client.get( "/graphql", json={ "query": generate_users_query([API_GET_USERS]), "variables": { "username": "tester", # ssh-rsa KEY test@pc }, }, ) assert response.status_code == 200 assert response.json.get("data") is not None API_CHANGE_USERS_MUTATION = """ mutation createUser($username: String, $password: String) { createUser(username: $username, password: $password) { success message code user } } """ def test_graphql_add_user_unauthorize(client, one_user, mock_subprocess_popen): response = client.post( "/graphql", json={ "query": API_CHANGE_USERS_MUTATION, "variables": { "username": "user1", "password": "12345678", }, }, ) assert response.status_code == 200 assert response.json.get("data") is None def test_graphql_add_usere(authorized_client, one_user, mock_subprocess_popen): response = authorized_client.post( "/graphql", json={ "query": API_CHANGE_USERS_MUTATION, "variables": { "username": "user1", "password": "12345678", }, }, ) assert response.status_code == 200 assert response.json.get("data") is not None # assert response.json["data"][""]["message"] is not None # assert response.json["data"][""]["code"] == 200 # assert response.json["data"][""]["success"] is True