semantics
This commit is contained in:
@@ -1,10 +1,10 @@
|
||||
# [DEF:TestAuth:Module]
|
||||
# #region TestAuth [C:2] [TYPE Module]
|
||||
# @PURPOSE: Covers authentication service/repository behavior and auth bootstrap helpers.
|
||||
# @LAYER: Test
|
||||
# @RELATION: TESTS -> AuthService
|
||||
# @RELATION: TESTS -> AuthRepository
|
||||
# @RELATION: TESTS -> create_admin
|
||||
# @RELATION: TESTS -> ensure_encryption_key
|
||||
# @LAYER Tests
|
||||
# @RELATION BINDS_TO -> AuthService
|
||||
# @RELATION BINDS_TO -> AuthRepository
|
||||
# @RELATION BINDS_TO -> create_admin
|
||||
# @RELATION BINDS_TO -> ensure_encryption_key
|
||||
|
||||
import sys
|
||||
from pathlib import Path
|
||||
@@ -61,8 +61,8 @@ def auth_repo(db_session):
|
||||
return AuthRepository(db_session)
|
||||
|
||||
|
||||
# [DEF:test_create_user:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_create_user [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_create_user(auth_repo):
|
||||
"""Test user creation"""
|
||||
user = User(
|
||||
@@ -82,11 +82,11 @@ def test_create_user(auth_repo):
|
||||
assert verify_password("testpassword123", retrieved_user.password_hash)
|
||||
|
||||
|
||||
# [/DEF:test_create_user:Function]
|
||||
# #endregion test_create_user
|
||||
|
||||
|
||||
# [DEF:test_authenticate_user:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_authenticate_user [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_authenticate_user(auth_service, auth_repo):
|
||||
"""Test user authentication with valid and invalid credentials"""
|
||||
user = User(
|
||||
@@ -113,11 +113,11 @@ def test_authenticate_user(auth_service, auth_repo):
|
||||
assert invalid_user is None
|
||||
|
||||
|
||||
# [/DEF:test_authenticate_user:Function]
|
||||
# #endregion test_authenticate_user
|
||||
|
||||
|
||||
# [DEF:test_create_session:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_create_session [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_create_session(auth_service, auth_repo):
|
||||
"""Test session token creation"""
|
||||
user = User(
|
||||
@@ -137,11 +137,11 @@ def test_create_session(auth_service, auth_repo):
|
||||
assert len(session["access_token"]) > 0
|
||||
|
||||
|
||||
# [/DEF:test_create_session:Function]
|
||||
# #endregion test_create_session
|
||||
|
||||
|
||||
# [DEF:test_role_permission_association:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_role_permission_association [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_role_permission_association(auth_repo):
|
||||
"""Test role and permission association"""
|
||||
role = Role(name="Admin", description="System administrator")
|
||||
@@ -162,11 +162,11 @@ def test_role_permission_association(auth_repo):
|
||||
assert "admin:users:WRITE" in permissions
|
||||
|
||||
|
||||
# [/DEF:test_role_permission_association:Function]
|
||||
# #endregion test_role_permission_association
|
||||
|
||||
|
||||
# [DEF:test_user_role_association:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_user_role_association [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_user_role_association(auth_repo):
|
||||
"""Test user and role association"""
|
||||
role = Role(name="Admin", description="System administrator")
|
||||
@@ -189,11 +189,11 @@ def test_user_role_association(auth_repo):
|
||||
assert retrieved_user.roles[0].name == "Admin"
|
||||
|
||||
|
||||
# [/DEF:test_user_role_association:Function]
|
||||
# #endregion test_user_role_association
|
||||
|
||||
|
||||
# [DEF:test_ad_group_mapping:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_ad_group_mapping [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_ad_group_mapping(auth_repo):
|
||||
"""Test AD group mapping"""
|
||||
role = Role(name="ADFS_Admin", description="ADFS administrators")
|
||||
@@ -215,11 +215,11 @@ def test_ad_group_mapping(auth_repo):
|
||||
assert retrieved_mapping.role_id == role.id
|
||||
|
||||
|
||||
# [/DEF:test_ad_group_mapping:Function]
|
||||
# #endregion test_ad_group_mapping
|
||||
|
||||
|
||||
# [DEF:test_create_admin_creates_user_with_optional_email:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_create_admin_creates_user_with_optional_email [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_create_admin_creates_user_with_optional_email(monkeypatch, db_session):
|
||||
"""Test bootstrap admin creation stores optional email and Admin role"""
|
||||
monkeypatch.setattr("src.scripts.create_admin.AuthSessionLocal", lambda: db_session)
|
||||
@@ -235,11 +235,11 @@ def test_create_admin_creates_user_with_optional_email(monkeypatch, db_session):
|
||||
assert created_user.roles[0].name == "Admin"
|
||||
|
||||
|
||||
# [/DEF:test_create_admin_creates_user_with_optional_email:Function]
|
||||
# #endregion test_create_admin_creates_user_with_optional_email
|
||||
|
||||
|
||||
# [DEF:test_create_admin_is_idempotent_for_existing_user:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_create_admin_is_idempotent_for_existing_user [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_create_admin_is_idempotent_for_existing_user(monkeypatch, db_session):
|
||||
"""Test bootstrap admin creation preserves existing user on repeated runs"""
|
||||
monkeypatch.setattr("src.scripts.create_admin.AuthSessionLocal", lambda: db_session)
|
||||
@@ -260,11 +260,11 @@ def test_create_admin_is_idempotent_for_existing_user(monkeypatch, db_session):
|
||||
assert not verify_password("new-password", created_user.password_hash)
|
||||
|
||||
|
||||
# [/DEF:test_create_admin_is_idempotent_for_existing_user:Function]
|
||||
# #endregion test_create_admin_is_idempotent_for_existing_user
|
||||
|
||||
|
||||
# [DEF:test_ensure_encryption_key_generates_backend_env_file:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_ensure_encryption_key_generates_backend_env_file [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_ensure_encryption_key_generates_backend_env_file(monkeypatch, tmp_path):
|
||||
"""Test first-time initialization generates and persists a Fernet key."""
|
||||
env_file = tmp_path / ".env"
|
||||
@@ -281,11 +281,11 @@ def test_ensure_encryption_key_generates_backend_env_file(monkeypatch, tmp_path)
|
||||
assert verify_fernet_key(generated_key)
|
||||
|
||||
|
||||
# [/DEF:test_ensure_encryption_key_generates_backend_env_file:Function]
|
||||
# #endregion test_ensure_encryption_key_generates_backend_env_file
|
||||
|
||||
|
||||
# [DEF:test_ensure_encryption_key_reuses_existing_env_file_value:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_ensure_encryption_key_reuses_existing_env_file_value [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_ensure_encryption_key_reuses_existing_env_file_value(monkeypatch, tmp_path):
|
||||
"""Test persisted key is reused without rewriting file contents."""
|
||||
env_file = tmp_path / ".env"
|
||||
@@ -304,11 +304,11 @@ def test_ensure_encryption_key_reuses_existing_env_file_value(monkeypatch, tmp_p
|
||||
)
|
||||
|
||||
|
||||
# [/DEF:test_ensure_encryption_key_reuses_existing_env_file_value:Function]
|
||||
# #endregion test_ensure_encryption_key_reuses_existing_env_file_value
|
||||
|
||||
|
||||
# [DEF:test_ensure_encryption_key_prefers_process_environment:Function]
|
||||
# @RELATION: BINDS_TO -> TestAuth
|
||||
# #region test_ensure_encryption_key_prefers_process_environment [C:2] [TYPE Function]
|
||||
# @RELATION BINDS_TO -> TestAuth
|
||||
def test_ensure_encryption_key_prefers_process_environment(monkeypatch, tmp_path):
|
||||
"""Test explicit process environment has priority over file generation."""
|
||||
env_file = tmp_path / ".env"
|
||||
@@ -321,7 +321,7 @@ def test_ensure_encryption_key_prefers_process_environment(monkeypatch, tmp_path
|
||||
assert not env_file.exists()
|
||||
|
||||
|
||||
# [/DEF:test_ensure_encryption_key_prefers_process_environment:Function]
|
||||
# #endregion test_ensure_encryption_key_prefers_process_environment
|
||||
|
||||
|
||||
def verify_fernet_key(value: str) -> bool:
|
||||
@@ -329,4 +329,4 @@ def verify_fernet_key(value: str) -> bool:
|
||||
return True
|
||||
|
||||
|
||||
# [/DEF:TestAuth:Module]
|
||||
# #endregion TestAuth
|
||||
|
||||
Reference in New Issue
Block a user