romfast/rar-autopass
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
rar-autopass/tests/test_worker_observ.py
Claude Agent c842e3352a feat(5.6): observabilitate + jurnal aplicatie + lifecycle trimiteri blocate 
Implementeaza PRD 5.6 complet (14 stories, TDD). Doua axe:

Lifecycle trimiteri blocate (Val A):
- submissions_admin.py: sterge/repune scoped (404 cross-account inaintea lui 409 stare)
- reactivare dedup peste `error` cu CAS (WHERE id=? AND status='error'), creds noi in
  submissions + accounts.rar_creds_enc; worker invalideaza sesiunea RAR la creds proaspete
  (JWT 30h vechi nu mai trimite cu parola gresita); camp aditiv `reactivated:true`
- retentie randuri blocate 30z; purge_expired exclude queued/sending; purge_after curatat
  la reactivare/requeue
- API DELETE /v1/prezentari/{id} + /repune (200+JSON); UI butoane + bulk + banner actionabil

Observabilitate:
- app/observ.py log_event: dublu canal app_events (DB) + RotatingFileHandler per-proces,
  redactare creds/PII la scriere (redact_pii/vin_partial)
- request_id middleware + X-Request-ID pe toate raspunsurile
- handler global excepții -> 500 envelope 6-chei + request_id (traceback doar in jurnal)
- audit cerere API (api_prezentari/api_auth_esuat) + audit worker (rar_login/tranzitii)
- tab "Jurnal" filtrabil scoped (non-admin doar contul sau); retentie jurnal 90z
- rar_error expus in GET /v1/prezentari/{id} (recovery observabil)

pytest -q: 741 passed, 0 failed. Docs: PRD raport VERIFY, contract endpointuri noi, ROADMAP.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-23 18:45:39 +00:00

123 lines
4.2 KiB
Python
Raw Permalink Blame History

"""Teste US-005 (PRD 5.6): audit login RAR + ciclu de viata trimiteri (worker)."""
from __future__ import annotations
import json
import os
import tempfile
import pytest
from app.rar_client import RarAuthError
@pytest.fixture()
def env(monkeypatch):
tmp = tempfile.mkdtemp()
monkeypatch.setenv("AUTOPASS_DB_PATH", os.path.join(tmp, "wo.db"))
monkeypatch.setenv("AUTOPASS_LOG_DIR", os.path.join(tmp, "logs"))
from app.config import get_settings
get_settings.cache_clear()
from app.db import get_connection, init_db
init_db()
conn = get_connection()
settings = get_settings()
yield conn, settings
conn.close()
get_settings.cache_clear()
_CONTENT = {"vin": "WVWZZZ1KZAW000123", "nr_inmatriculare": "B999TST",
"data_prestatie": "2026-06-15", "odometru_final": "123456",
"prestatii": [{"cod_prestatie": "OE-1"}], "sistem_reparat": "null"}
def _events(conn, tip=None):
if tip:
return conn.execute("SELECT * FROM app_events WHERE tip=?", (tip,)).fetchall()
return conn.execute("SELECT * FROM app_events").fetchall()
class FakeRar:
def __init__(self, *, token="JWT-TEST", login_exc=None, post_result=None):
self.token = token
self.login_exc = login_exc
self.post_result = post_result if post_result is not None else {"id": 1000}
self.closed = False
def login(self, email, password):
if self.login_exc:
raise self.login_exc
return self.token
def get_nomenclator(self, token):
return []
def post_prezentare(self, token, payload):
return self.post_result
def close(self):
self.closed = True
def test_login_reusit_logat(env, monkeypatch):
conn, settings = env
import app.worker.__main__ as w
monkeypatch.setattr(w, "RarClient", lambda s: FakeRar())
sessions = w.AccountSessions(settings)
tok = sessions.get_token(conn, 2, {"email": "a@b.ro", "password": "secretaXY"})
assert tok == "JWT-TEST"
rows = _events(conn, "rar_login")
assert len(rows) == 1
assert rows[0]["account_id"] == 2
ctx = rows[0]["context_json"]
assert "ok" in ctx
# fara parola in clar nicaieri
assert "secretaXY" not in (rows[0]["mesaj"] or "")
assert "secretaXY" not in (ctx or "")
def test_login_401_logat_fara_parola(env, monkeypatch):
conn, settings = env
import app.worker.__main__ as w
monkeypatch.setattr(w, "RarClient", lambda s: FakeRar(login_exc=RarAuthError("401", status_code=401)))
sessions = w.AccountSessions(settings)
with pytest.raises(RarAuthError):
sessions.get_token(conn, 3, {"email": "a@b.ro", "password": "parolaGRESITA"})
rows = _events(conn, "rar_login")
assert len(rows) == 1
assert rows[0]["nivel"] == "WARNING"
assert "esuat" in rows[0]["context_json"]
assert "parolaGRESITA" not in (rows[0]["context_json"] or "")
assert "parolaGRESITA" not in (rows[0]["mesaj"] or "")
def test_tranzitie_sent_si_error_logate(env, monkeypatch):
conn, settings = env
import app.worker.__main__ as w
from app.accounts import create_account
acct = create_account(conn, "Service Worker Obs", active=True)
cur = conn.execute(
"INSERT INTO submissions (idempotency_key, account_id, status, payload_json) VALUES (?, ?, 'sending', ?)",
(f"k-{os.urandom(4).hex()}", acct, json.dumps(_CONTENT)),
)
sid = int(cur.lastrowid)
claimed = {"id": sid, "account_id": acct, "content": _CONTENT}
rar = FakeRar()
res = w.process_one(conn, settings, rar, "tok", claimed)
assert res == "sent"
assert len(_events(conn, "submission_sent")) == 1
assert _events(conn, "submission_sent")[0]["account_id"] == 2
# eroare 4xx nerecuperabila -> submission_error
from app.rar_client import RarError
cur2 = conn.execute(
"INSERT INTO submissions (idempotency_key, account_id, status, payload_json) VALUES (?, 2, 'sending', ?)",
(f"k-{os.urandom(4).hex()}", json.dumps(_CONTENT)),
)
sid2 = int(cur2.lastrowid)
rar_err = FakeRar()
rar_err.post_prezentare = lambda t, p: (_ for _ in ()).throw(RarError("403", status_code=403))
w.process_one(conn, settings, rar_err, "tok", {"id": sid2, "account_id": 2, "content": _CONTENT})
assert len(_events(conn, "submission_error")) == 1
Reference in New Issue View Git Blame Copy Permalink