feat(5.20): US-013 retragere accounts.rar_creds_enc -> per-env + DROP cu garda
Toate citirile pe coloana legacy accounts.rar_creds_enc mutate pe sloturile per-env (rar_creds_test_enc/rar_creds_prod_enc): worker fallback+keepalive, are_creds (web) si are_creds_rar (integrare, +are_creds_test/_prod), write-back API la reactivare, purjare la stergere cont, _get_acasa_context/_fetch_cont_env_state. Contract API (aditiv): POST /v1/conturi/rar-creds primeste rar_target optional (test/prod), scrie in slotul corect + activeaza mediul; DELETE primeste ?env (sterge un slot sau ambele). Documentat in docs/api-rar-contract.md. DROP cu garda in db.py (schema.sql fara coloana pe DB fresh): - 6a: eliminat ADD COLUMN rar_creds_enc (fara ping-pong re-ADD dupa DROP) - 6b: try/except fail-safe (nu crapa boot-ul) + garda sqlite_version >= 3.35 - 6c: re-backfill old->new imediat inainte de assert (ancora globala) - garda orfane: DROP anulat daca vreun creds legacy nu a aterizat in slot per-env - backup criptat accounts_rar_creds_enc_backup inainte de DROP - 6d: verificare prin PRAGMA table_info (NU grep — submissions are aceeasi coloana) Garda one-way, idempotenta la boot repetat (verificat). submissions.rar_creds_enc ramane neatinsa. tests/test_retragere_creds_enc.py: niciun read pe coloana veche, conturi rar-creds env-aware, are_creds per-env, DROP blocat de garda la lipsa copiere. 9 teste existente actualizate pe sloturi per-env. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -94,16 +94,21 @@ def test_delete_purjeaza_pii_si_elibereaza_cui(conn):
|
||||
"""Stergerea soft purjeaza creds RAR + revoca cheile API + elibereaza CUI (re-inregistrabil)."""
|
||||
from app.accounts import create_account, delete_account, list_accounts
|
||||
acct_id = create_account(conn, "Service GDPR", cui="RO12345", active=True)
|
||||
conn.execute("UPDATE accounts SET rar_creds_enc='secret_enc' WHERE id=?", (acct_id,))
|
||||
# US-013: creds in sloturi per-env (rar_creds_enc legacy dropata)
|
||||
conn.execute(
|
||||
"UPDATE accounts SET rar_creds_test_enc='secret_enc_test', rar_creds_prod_enc='secret_enc_prod' WHERE id=?",
|
||||
(acct_id,),
|
||||
)
|
||||
conn.execute("INSERT INTO api_keys (account_id, key_hash, active) VALUES (?, 'h', 1)", (acct_id,))
|
||||
conn.commit()
|
||||
|
||||
delete_account(conn, acct_id)
|
||||
|
||||
row = conn.execute("SELECT status, rar_creds_enc, cui FROM accounts WHERE id=?",
|
||||
row = conn.execute("SELECT status, rar_creds_test_enc, rar_creds_prod_enc, cui FROM accounts WHERE id=?",
|
||||
(acct_id,)).fetchone()
|
||||
assert row["status"] == "deleted"
|
||||
assert row["rar_creds_enc"] is None, "creds RAR trebuie purjate la stergere"
|
||||
assert row["rar_creds_test_enc"] is None, "creds RAR test trebuie purjate la stergere"
|
||||
assert row["rar_creds_prod_enc"] is None, "creds RAR prod trebuie purjate la stergere"
|
||||
assert row["cui"] is None, "CUI trebuie eliberat la stergere"
|
||||
key_active = conn.execute("SELECT active FROM api_keys WHERE account_id=?", (acct_id,)).fetchone()
|
||||
assert key_active["active"] == 0, "cheile API trebuie revocate"
|
||||
@@ -133,15 +138,16 @@ def test_migrare_deriva_status_din_active(conn):
|
||||
from app.db import _migrate
|
||||
|
||||
# Reconstruim accounts fara `status` (rebuild de tabela — singura cale in SQLite vechi).
|
||||
# US-013: rar_creds_enc nu mai exista in accounts (dropata); nu e in legacy DDL.
|
||||
conn.executescript(
|
||||
"""
|
||||
PRAGMA foreign_keys=OFF;
|
||||
CREATE TABLE accounts_legacy (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT NOT NULL, cui TEXT,
|
||||
active INTEGER NOT NULL DEFAULT 1, rar_creds_enc TEXT, created_at TEXT
|
||||
active INTEGER NOT NULL DEFAULT 1, created_at TEXT
|
||||
);
|
||||
INSERT INTO accounts_legacy (id, name, cui, active, rar_creds_enc, created_at)
|
||||
SELECT id, name, cui, active, rar_creds_enc, created_at FROM accounts;
|
||||
INSERT INTO accounts_legacy (id, name, cui, active, created_at)
|
||||
SELECT id, name, cui, active, created_at FROM accounts;
|
||||
DROP TABLE accounts;
|
||||
ALTER TABLE accounts_legacy RENAME TO accounts;
|
||||
"""
|
||||
|
||||
Reference in New Issue
Block a user