add option to set user-password for service when updating its hash

2025-06-28 14:51:43 +00:00 · 2021-09-05 15:40:03 +03:00
parent 08e0237639
commit 18de70154e
7 changed files with 45 additions and 22 deletions
--- a/tests/ahriman/application/handlers/test_handler_create_user.py
+++ b/tests/ahriman/application/handlers/test_handler_create_user.py
@ -20,6 +20,7 @@ def _default_args(args: argparse.Namespace) -> argparse.Namespace:
    args.username = "user"
    args.password = "pa55w0rd"
    args.role = UserAccess.Status
+    args.as_service = False
    return args


@ -49,11 +50,11 @@ def test_create_configuration(configuration: Configuration, user: User, mocker:
    set_mock = mocker.patch("ahriman.core.configuration.Configuration.set_option")
    write_mock = mocker.patch("ahriman.core.configuration.Configuration.write")

-    CreateUser.create_configuration(configuration, user, "salt")
+    CreateUser.create_configuration(configuration, user, "salt", False)
    write_mock.assert_called_once()
    set_mock.assert_has_calls([
        mock.call("auth", "salt", pytest.helpers.anyvar(str)),
-        mock.call(section, user.username, user.password)
+        mock.call(section, user.username, pytest.helpers.anyvar(str))
    ])


@ -65,7 +66,7 @@ def test_create_configuration_not_loaded(configuration: Configuration, user: Use
    mocker.patch("pathlib.Path.open")
    write_mock = mocker.patch("ahriman.core.configuration.Configuration.write")

-    CreateUser.create_configuration(configuration, user, "salt")
+    CreateUser.create_configuration(configuration, user, "salt", False)
    write_mock.assert_not_called()


@ -78,8 +79,28 @@ def test_create_configuration_user_exists(configuration: Configuration, user: Us
    mocker.patch("pathlib.Path.open")
    mocker.patch("ahriman.core.configuration.Configuration.write")

-    CreateUser.create_configuration(configuration, user, "salt")
-    assert configuration.get(section, user.username) == user.password
+    CreateUser.create_configuration(configuration, user, "salt", False)
+    generated = User.from_option(user.username, configuration.get(section, user.username))
+    assert generated.check_credentials(user.password, configuration.get("auth", "salt"))
+
+
+def test_create_configuration_with_plain_password(
+        configuration: Configuration,
+        user: User,
+        mocker: MockerFixture) -> None:
+    """
+    must set plain text password and user for the service
+    """
+    section = Configuration.section_name("auth", user.access.value)
+    mocker.patch("pathlib.Path.open")
+    mocker.patch("ahriman.core.configuration.Configuration.write")
+
+    CreateUser.create_configuration(configuration, user, "salt", True)
+
+    generated = User.from_option(user.username, configuration.get(section, user.username))
+    service = User.from_option(configuration.get("web", "username"), configuration.get("web", "password"))
+    assert generated.username == service.username
+    assert generated.check_credentials(service.password, configuration.get("auth", "salt"))


 def test_create_user(args: argparse.Namespace, user: User) -> None:
@ -87,9 +108,8 @@ def test_create_user(args: argparse.Namespace, user: User) -> None:
    must create user
    """
    args = _default_args(args)
-    generated = CreateUser.create_user(args, "salt")
+    generated = CreateUser.create_user(args)
    assert generated.username == user.username
-    assert generated.check_credentials(user.password, "salt")
    assert generated.access == user.access


@ -101,10 +121,10 @@ def test_create_user_getpass(args: argparse.Namespace, mocker: MockerFixture) ->
    args.password = None

    getpass_mock = mocker.patch("getpass.getpass", return_value="password")
-    generated = CreateUser.create_user(args, "salt")
+    generated = CreateUser.create_user(args)

    getpass_mock.assert_called_once()
-    assert generated.check_credentials("password", "salt")
+    assert generated.password == "password"


 def test_get_salt_read(configuration: Configuration) -> None:
--- a/tests/ahriman/core/auth/test_mapping_auth.py
+++ b/tests/ahriman/core/auth/test_mapping_auth.py
@ -58,7 +58,7 @@ def test_check_credentials(mapping_auth: MappingAuth, user: User) -> None:
    must return true for valid credentials
    """
    current_password = user.password
-    user.password = user.hash_password(user.password, mapping_auth.salt)
+    user.password = user.hash_password(mapping_auth.salt)
    mapping_auth._users[user.username] = user
    assert mapping_auth.check_credentials(user.username, current_password)
    assert not mapping_auth.check_credentials(user.username, user.password)  # here password is hashed so it is invalid
--- a/tests/ahriman/models/test_user.py
+++ b/tests/ahriman/models/test_user.py
@ -26,7 +26,7 @@ def test_check_credentials_hash_password(user: User) -> None:
    must generate and validate user password
    """
    current_password = user.password
-    user.password = user.hash_password(current_password, "salt")
+    user.password = user.hash_password("salt")
    assert user.check_credentials(current_password, "salt")
    assert not user.check_credentials(current_password, "salt1")
    assert not user.check_credentials(user.password, "salt")
--- a/tests/ahriman/web/conftest.py
+++ b/tests/ahriman/web/conftest.py
@ -37,7 +37,7 @@ def application_with_auth(configuration: Configuration, user: User, mocker: Mock
    mocker.patch("pathlib.Path.mkdir")
    application = setup_service("x86_64", configuration)

-    generated = User(user.username, user.hash_password(user.password, application["validator"].salt), user.access)
+    generated = User(user.username, user.hash_password(application["validator"].salt), user.access)
    application["validator"]._users[generated.username] = generated

    return application