from tests.unit.app.app_route_helpers import * def test_reset_wger_password(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr(app_module.keycloak_admin, "find_user", lambda username: {"attributes": {"mailu_email": ["alice@bstein.dev"]}}) monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None) monkeypatch.setattr(app_module.wger, "sync_user", lambda *args, **kwargs: {"status": "ok"}) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 200 payload = resp.json() assert payload["status"] == "ok" def test_wger_reset_missing_username(monkeypatch) -> None: ctx = AuthContext(username="", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 400 def test_wger_reset_unconfigured(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: False) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 503 def test_wger_reset_uses_mailu_string(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) captured = {} monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr( app_module.keycloak_admin, "find_user", lambda username: {"attributes": {"mailu_email": "alias@bstein.dev"}}, ) monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None) def fake_sync_user(username, email, password, wait=True): captured["email"] = email return {"status": "ok"} monkeypatch.setattr(app_module.wger, "sync_user", fake_sync_user) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 200 assert captured["email"] == "alias@bstein.dev" def test_wger_reset_error(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr(app_module.keycloak_admin, "find_user", lambda username: {"attributes": {"mailu_email": ["alice@bstein.dev"]}}) monkeypatch.setattr(app_module.wger, "sync_user", lambda *args, **kwargs: {"status": "error"}) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 502 def test_wger_reset_http_exception(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr(app_module.keycloak_admin, "find_user", lambda username: {"attributes": {"mailu_email": ["alice@bstein.dev"]}}) def raise_http(*_args, **_kwargs): raise HTTPException(status_code=409, detail="conflict") monkeypatch.setattr(app_module.wger, "sync_user", raise_http) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 409 def test_wger_reset_handles_storage_error(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr(app_module.keycloak_admin, "find_user", lambda username: {"attributes": {"mailu_email": ["alice@bstein.dev"]}}) monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None) monkeypatch.setattr(app_module.wger, "sync_user", lambda *args, **kwargs: {"status": "ok"}) monkeypatch.setattr( app_module.storage, "record_task_run", lambda *args, **kwargs: (_ for _ in ()).throw(RuntimeError("fail")), ) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 200 def test_wger_reset_handles_find_user_error(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr( app_module.keycloak_admin, "find_user", lambda *_args, **_kwargs: (_ for _ in ()).throw(RuntimeError("fail")), ) monkeypatch.setattr(app_module.keycloak_admin, "set_user_attribute", lambda *args, **kwargs: None) monkeypatch.setattr(app_module.wger, "sync_user", lambda *args, **kwargs: {"status": "ok"}) resp = client.post( "/api/account/wger/reset", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 200 def test_wger_rotation_check(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr(app_module.wger, "check_rotation_for_user", lambda username: {"status": "ok", "username": username}) resp = client.post( "/api/account/wger/rotation/check", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 200 assert resp.json() == {"status": "ok", "username": "alice"} def test_wger_rotation_check_error(monkeypatch) -> None: ctx = AuthContext(username="alice", email="", groups=["dev"], claims={}) client = _client(monkeypatch, ctx) monkeypatch.setattr(app_module.keycloak_admin, "ready", lambda: True) monkeypatch.setattr( app_module.wger, "check_rotation_for_user", lambda username: {"status": "error", "detail": "stale"}, ) resp = client.post( "/api/account/wger/rotation/check", headers={"Authorization": "Bearer token"}, ) assert resp.status_code == 502 assert resp.json()["detail"] == "stale"