ariadne/tests/unit/app/test_app_mailu_account_routes.py

from tests.unit.app.app_route_helpers import *


def test_rotate_mailu_password(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)

    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)
    monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None)
    monkeypatch.setattr(app_module.mailu, "ready", lambda: True)
    monkeypatch.setattr(app_module.mailu, "sync", lambda *args, **kwargs: None)
    monkeypatch.setattr(app_module.nextcloud, "sync_mail", lambda *args, **kwargs: {"status": "ok"})

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 200
    payload = resp.json()
    assert payload["sync_ok"] is True
    assert payload["password"]

def test_rotate_mailu_password_missing_config(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)

    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: False)

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 503

def test_require_account_access_allows_when_disabled(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=[], claims={})
    dummy_settings = type("S", (), {"account_allowed_groups": []})()
    monkeypatch.setattr(app_module, "settings", dummy_settings)
    app_module._require_account_access(ctx)

def test_rotate_mailu_password_missing_username(monkeypatch) -> None:
    ctx = AuthContext(username="", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)
    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 400

def test_rotate_mailu_password_sync_error(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)

    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)
    monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None)
    monkeypatch.setattr(app_module.mailu, "sync", lambda *args, **kwargs: (_ for _ in ()).throw(RuntimeError("fail")))
    monkeypatch.setattr(app_module.nextcloud, "sync_mail", lambda *args, **kwargs: (_ for _ in ()).throw(RuntimeError("fail")))

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 200
    payload = resp.json()
    assert payload["sync_ok"] is False
    assert payload["nextcloud_sync"]["status"] == "error"

def test_rotate_mailu_password_handles_storage_error(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)

    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)
    monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None)
    monkeypatch.setattr(app_module.storage, "record_task_run", lambda *args, **kwargs: (_ for _ in ()).throw(RuntimeError("fail")))

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 200

def test_rotate_mailu_password_failure(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)

    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)
    monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: (_ for _ in ()).throw(RuntimeError("fail")))

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 502

def test_rotate_mailu_password_http_exception(monkeypatch) -> None:
    ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})
    client = _client(monkeypatch, ctx)

    monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)
    monkeypatch.setattr(
        app_module.keycloak_admin,
        "set_user_attribute",
        lambda *args, **kwargs: (_ for _ in ()).throw(HTTPException(status_code=409, detail="conflict")),
    )

    resp = client.post(
        "/api/account/mailu/rotate",
        headers={"Authorization": "Bearer token"},
    )
    assert resp.status_code == 409
test(ariadne): split oversized unit suites 2026-04-21 02:05:59 -03:00			`from tests.unit.app.app_route_helpers import *`


			`def test_rotate_mailu_password(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`

			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)`
			`monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda args, *kwargs: None)`
			`monkeypatch.setattr(app_module.mailu, "ready", lambda: True)`
			`monkeypatch.setattr(app_module.mailu, "sync", lambda args, *kwargs: None)`
			`monkeypatch.setattr(app_module.nextcloud, "sync_mail", lambda args, *kwargs: {"status": "ok"})`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 200`
			`payload = resp.json()`
			`assert payload["sync_ok"] is True`
			`assert payload["password"]`

			`def test_rotate_mailu_password_missing_config(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`

			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: False)`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 503`

			`def test_require_account_access_allows_when_disabled(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=[], claims={})`
			`dummy_settings = type("S", (), {"account_allowed_groups": []})()`
			`monkeypatch.setattr(app_module, "settings", dummy_settings)`
			`app_module._require_account_access(ctx)`

			`def test_rotate_mailu_password_missing_username(monkeypatch) -> None:`
			`ctx = AuthContext(username="", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`
			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 400`

			`def test_rotate_mailu_password_sync_error(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`

			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)`
			`monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda args, *kwargs: None)`
			`monkeypatch.setattr(app_module.mailu, "sync", lambda args, *kwargs: (_ for _ in ()).throw(RuntimeError("fail")))`
			`monkeypatch.setattr(app_module.nextcloud, "sync_mail", lambda args, *kwargs: (_ for _ in ()).throw(RuntimeError("fail")))`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 200`
			`payload = resp.json()`
			`assert payload["sync_ok"] is False`
			`assert payload["nextcloud_sync"]["status"] == "error"`

			`def test_rotate_mailu_password_handles_storage_error(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`

			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)`
			`monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda args, *kwargs: None)`
			`monkeypatch.setattr(app_module.storage, "record_task_run", lambda args, *kwargs: (_ for _ in ()).throw(RuntimeError("fail")))`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 200`

			`def test_rotate_mailu_password_failure(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`

			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)`
			`monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda args, *kwargs: (_ for _ in ()).throw(RuntimeError("fail")))`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 502`

			`def test_rotate_mailu_password_http_exception(monkeypatch) -> None:`
			`ctx = AuthContext(username="alice", email="", groups=["dev"], claims={})`
			`client = _client(monkeypatch, ctx)`

			`monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True)`
			`monkeypatch.setattr(`
			`app_module.keycloak_admin,`
			`"set_user_attribute",`
			`lambda args, *kwargs: (_ for _ in ()).throw(HTTPException(status_code=409, detail="conflict")),`
			`)`

			`resp = client.post(`
			`"/api/account/mailu/rotate",`
			`headers={"Authorization": "Bearer token"},`
			`)`
			`assert resp.status_code == 409`