from fastapi.testclient import TestClient from app.main import app def test_router_list_marks_global_ssh_key_usage(monkeypatch, tmp_path): monkeypatch.setenv("DATABASE_URL", f"sqlite:///{tmp_path / 'routers.db'}") monkeypatch.setenv("DATA_DIR", str(tmp_path / 'data')) monkeypatch.setenv("SECRET_KEY", "test-secret") monkeypatch.setenv("DEFAULT_ADMIN_USERNAME", "admin") monkeypatch.setenv("DEFAULT_ADMIN_PASSWORD", "admin") with TestClient(app) as client: login_response = client.post("/api/auth/login", data={"username": "admin", "password": "admin"}) token = login_response.json()["access_token"] headers = {"Authorization": f"Bearer {token}"} settings_response = client.put( "/api/settings", json={ "backup_retention_days": 7, "log_retention_days": 7, "export_cron": "", "binary_cron": "", "retention_cron": "", "enable_auto_export": False, "connection_test_interval_minutes": 0, "global_ssh_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nabc\n-----END OPENSSH PRIVATE KEY-----", "pushover_token": None, "pushover_userkey": None, "notify_failures_only": True, "smtp_host": None, "smtp_port": 587, "smtp_login": None, "smtp_password": None, "smtp_notifications_enabled": False, "recipient_email": None, "clear_global_ssh_key": False }, headers=headers, ) assert settings_response.status_code == 200 create_response = client.post( "/api/routers", json={ "name": "edge01", "host": "10.0.0.1", "port": 22, "ssh_user": "admin", "ssh_password": None, "ssh_key": None }, headers=headers, ) assert create_response.status_code == 200 list_response = client.get("/api/routers", headers=headers) assert list_response.status_code == 200 payload = list_response.json() assert payload[0]["uses_global_ssh_key"] is True assert payload[0]["has_effective_ssh_key"] is True def test_router_password_auth_overrides_global_ssh_key(monkeypatch, tmp_path): monkeypatch.setenv("DATABASE_URL", f"sqlite:///{tmp_path / 'routers-password.db'}") monkeypatch.setenv("DATA_DIR", str(tmp_path / 'data-password')) monkeypatch.setenv("SECRET_KEY", "test-secret") monkeypatch.setenv("DEFAULT_ADMIN_USERNAME", "admin") monkeypatch.setenv("DEFAULT_ADMIN_PASSWORD", "admin") with TestClient(app) as client: login_response = client.post("/api/auth/login", data={"username": "admin", "password": "admin"}) token = login_response.json()["access_token"] headers = {"Authorization": f"Bearer {token}"} settings_response = client.put( "/api/settings", json={ "backup_retention_days": 7, "log_retention_days": 7, "export_cron": "", "binary_cron": "", "retention_cron": "", "enable_auto_export": False, "connection_test_interval_minutes": 0, "global_ssh_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nabc\n-----END OPENSSH PRIVATE KEY-----", "pushover_token": None, "pushover_userkey": None, "notify_failures_only": True, "smtp_host": None, "smtp_port": 587, "smtp_login": None, "smtp_password": None, "smtp_notifications_enabled": False, "recipient_email": None, "clear_global_ssh_key": False }, headers=headers, ) assert settings_response.status_code == 200 create_response = client.post( "/api/routers", json={ "name": "edge02", "host": "10.0.0.2", "port": 22, "ssh_user": "admin", "ssh_password": "secret-pass", "ssh_key": None }, headers=headers, ) assert create_response.status_code == 200 payload = create_response.json() assert payload["uses_global_ssh_key"] is False assert payload["has_effective_ssh_key"] is False assert payload["has_effective_password"] is True