Added user admin auto creation for Sqlite

2025-10-29 22:07:27 +01:00
parent 5d869e3793
commit ea7cf786cb
9 changed files with 870 additions and 410 deletions
--- a/tests/core/test_auth_service.py
+++ b/tests/core/test_auth_service.py
@@ -77,6 +77,178 @@ class TestAuthServiceRegisterLogin(object):
    """Failure: Login fails if the user does not exist."""
    with pytest.raises(InvalidCredentialsError):
      auth_service.login("non.existent@example.com", "AnyPassword")
+  
+  def test_create_admin_if_needed_success_with_custom_credentials(
+      self,
+      auth_service: AuthService
+  ):
+    """Success: Admin is created with custom credentials when no users exist."""
+    
+    # Arrange
+    custom_email = "custom.admin@example.com"
+    custom_username = "custom_admin"
+    custom_password = "CustomAdminPass123!"
+    
+    # Act
+    result = auth_service.create_admin_if_needed(
+      admin_email=custom_email,
+      admin_username=custom_username,
+      admin_password=custom_password
+    )
+    
+    # Assert
+    assert result is True
+    
+    # Verify admin user was created
+    admin_user = auth_service.user_repository.get_user_by_email(custom_email)
+    assert admin_user is not None
+    assert admin_user.email == custom_email
+    assert admin_user.username == custom_username
+    assert "admin" in admin_user.roles
+    
+    # Verify password was hashed
+    auth_service.password_manager.hash_password.assert_called()
+  
+  def test_create_admin_if_needed_success_with_default_credentials(
+      self,
+      auth_service: AuthService,
+      monkeypatch
+  ):
+    """Success: Admin is created with default credentials from environment variables."""
+    
+    # Arrange
+    monkeypatch.setenv("AUTH_ADMIN_EMAIL", "env.admin@example.com")
+    monkeypatch.setenv("AUTH_ADMIN_USERNAME", "env_admin")
+    monkeypatch.setenv("AUTH_ADMIN_PASSWORD", "EnvAdminPass123!")
+    
+    # Act
+    result = auth_service.create_admin_if_needed()
+    
+    # Assert
+    assert result is True
+    
+    # Verify admin user was created with env variables
+    admin_user = auth_service.user_repository.get_user_by_email("env.admin@example.com")
+    assert admin_user is not None
+    assert admin_user.email == "env.admin@example.com"
+    assert admin_user.username == "env_admin"
+    assert "admin" in admin_user.roles
+  
+  def test_create_admin_if_needed_success_with_hardcoded_defaults(
+      self,
+      auth_service: AuthService,
+      monkeypatch
+  ):
+    """Success: Admin is created with hardcoded defaults when no env vars or params provided."""
+    
+    # Arrange - Clear any existing env variables
+    monkeypatch.delenv("AUTH_ADMIN_EMAIL", raising=False)
+    monkeypatch.delenv("AUTH_ADMIN_USERNAME", raising=False)
+    monkeypatch.delenv("AUTH_ADMIN_PASSWORD", raising=False)
+    
+    # Act
+    result = auth_service.create_admin_if_needed()
+    
+    # Assert
+    assert result is True
+    
+    # Verify admin user was created with hardcoded defaults
+    admin_user = auth_service.user_repository.get_user_by_email("admin@myauth.com")
+    assert admin_user is not None
+    assert admin_user.email == "admin@myauth.com"
+    assert admin_user.username == "admin"
+    assert "admin" in admin_user.roles
+  
+  def test_create_admin_if_needed_no_creation_when_users_exist(
+      self,
+      auth_service: AuthService,
+      test_user_data_create: UserCreate
+  ):
+    """Failure: Admin is not created when users already exist in the system."""
+    
+    # Arrange - Create a regular user first
+    auth_service.register(test_user_data_create)
+    
+    # Act
+    result = auth_service.create_admin_if_needed(
+      admin_email="should.not.be.created@example.com",
+      admin_username="should_not_exist",
+      admin_password="ShouldNotExist123!"
+    )
+    
+    # Assert
+    assert result is False
+    
+    # Verify admin user was NOT created
+    admin_user = auth_service.user_repository.get_user_by_email(
+      "should.not.be.created@example.com"
+    )
+    assert admin_user is None
+    
+    # Verify only the original user exists
+    assert auth_service.count_users() == 1
+  
+  def test_create_admin_if_needed_parameters_override_env_variables(
+      self,
+      auth_service: AuthService,
+      monkeypatch
+  ):
+    """Success: Parameters take precedence over environment variables."""
+    
+    # Arrange
+    monkeypatch.setenv("AUTH_ADMIN_EMAIL", "env.admin@example.com")
+    monkeypatch.setenv("AUTH_ADMIN_USERNAME", "env_admin")
+    monkeypatch.setenv("AUTH_ADMIN_PASSWORD", "EnvAdminPass123!")
+    
+    param_email = "param.admin@example.com"
+    param_username = "param_admin"
+    param_password = "ParamAdminPass123!"
+    
+    # Act
+    result = auth_service.create_admin_if_needed(
+      admin_email=param_email,
+      admin_username=param_username,
+      admin_password=param_password
+    )
+    
+    # Assert
+    assert result is True
+    
+    # Verify parameters were used, not env variables
+    admin_user = auth_service.user_repository.get_user_by_email(param_email)
+    assert admin_user is not None
+    assert admin_user.email == param_email
+    assert admin_user.username == param_username
+    
+    # Verify env admin was NOT created
+    env_admin = auth_service.user_repository.get_user_by_email("env.admin@example.com")
+    assert env_admin is None
+  
+  def test_create_admin_if_needed_mixed_parameters_and_env(
+      self,
+      auth_service: AuthService,
+      monkeypatch
+  ):
+    """Success: Partial parameters combine with environment variables."""
+    
+    # Arrange
+    monkeypatch.setenv("AUTH_ADMIN_EMAIL", "env.admin@example.com")
+    monkeypatch.setenv("AUTH_ADMIN_USERNAME", "env_admin")
+    monkeypatch.setenv("AUTH_ADMIN_PASSWORD", "EnvAdminPass123!")
+    
+    # Act - Only provide email as parameter
+    result = auth_service.create_admin_if_needed(
+      admin_email="partial.admin@example.com"
+    )
+    
+    # Assert
+    assert result is True
+    
+    # Verify email from parameter, username and password from env
+    admin_user = auth_service.user_repository.get_user_by_email("partial.admin@example.com")
+    assert admin_user is not None
+    assert admin_user.email == "partial.admin@example.com"
+    assert admin_user.username == "env_admin"


 class TestAuthServiceTokenManagement(object):
--- a/tests/persistence/test_sqlite_user.py
+++ b/tests/persistence/test_sqlite_user.py
@@ -1,12 +1,12 @@
 # tests/persistence/test_sqlite_user.py

-import pytest
-import json
 from datetime import datetime

-from myauth.persistence.sqlite import SQLiteUserRepository
-from myauth.models.user import UserCreate, UserUpdate
+import pytest
+
 from myauth.exceptions import UserAlreadyExistsError, UserNotFoundError
+from myauth.models.user import UserCreate, UserUpdate
+from myauth.persistence.sqlite import SQLiteUserRepository


 def test_i_can_create_and_retrieve_user_by_email(user_repository: SQLiteUserRepository,
@@ -152,4 +152,139 @@ def test_i_cannot_retrieve_non_existent_user_by_email(user_repository: SQLiteUse
  """Ensures retrieval by email returns None for non-existent email."""
  
  retrieved_user = user_repository.get_user_by_email("ghost@example.com")
-  assert retrieved_user is None
+  assert retrieved_user is None
+
+
+def test_i_can_list_users_with_pagination(user_repository: SQLiteUserRepository,
+                                          test_user_hashed_password: str):
+  """Verifies that list_users returns paginated results correctly."""
+  
+  # Create multiple users
+  for i in range(5):
+    user_data = UserCreate(
+      email=f"user{i}@example.com",
+      username=f"User{i}",
+      password="#Password123",
+      roles=["user"],
+      user_settings={}
+    )
+    user_repository.create_user(user_data, test_user_hashed_password)
+  
+  # Test: Get first 3 users
+  users_page1 = user_repository.list_users(skip=0, limit=3)
+  assert len(users_page1) == 3
+  
+  # Test: Get next 2 users
+  users_page2 = user_repository.list_users(skip=3, limit=3)
+  assert len(users_page2) == 2
+  
+  # Test: Verify no duplicates between pages
+  page1_ids = {user.id for user in users_page1}
+  page2_ids = {user.id for user in users_page2}
+  assert len(page1_ids.intersection(page2_ids)) == 0
+
+
+def test_i_can_list_users_with_default_pagination(user_repository: SQLiteUserRepository,
+                                                  test_user_data_create: UserCreate,
+                                                  test_user_hashed_password: str):
+  """Verifies that list_users works with default parameters."""
+  
+  # Create 2 users
+  user_repository.create_user(test_user_data_create, test_user_hashed_password)
+  
+  user_data2 = UserCreate(
+    email="user2@example.com",
+    username="User2",
+    password="#Password123",
+    roles=["user"],
+    user_settings={}
+  )
+  user_repository.create_user(user_data2, test_user_hashed_password)
+  
+  # Test: Default parameters (skip=0, limit=100)
+  users = user_repository.list_users()
+  assert len(users) == 2
+  assert all(isinstance(user.created_at, datetime) for user in users)
+
+
+def test_i_get_empty_list_when_no_users_exist(user_repository: SQLiteUserRepository):
+  """Verifies that list_users returns an empty list when no users exist."""
+  
+  users = user_repository.list_users()
+  assert users == []
+  assert isinstance(users, list)
+
+
+def test_i_can_skip_beyond_available_users(user_repository: SQLiteUserRepository,
+                                           test_user_data_create: UserCreate,
+                                           test_user_hashed_password: str):
+  """Verifies that skipping beyond available users returns an empty list."""
+  
+  user_repository.create_user(test_user_data_create, test_user_hashed_password)
+  
+  # Skip beyond the only user
+  users = user_repository.list_users(skip=10, limit=10)
+  assert users == []
+
+
+def test_i_can_count_users(user_repository: SQLiteUserRepository,
+                           test_user_hashed_password: str):
+  """Verifies that count_users returns the correct number of users."""
+  
+  # Initial count should be 0
+  assert user_repository.count_users() == 0
+  
+  # Create first user
+  user_data1 = UserCreate(
+    email="user1@example.com",
+    username="User1",
+    password="#Password123",
+    roles=["user"],
+    user_settings={}
+  )
+  user_repository.create_user(user_data1, test_user_hashed_password)
+  assert user_repository.count_users() == 1
+  
+  # Create second user
+  user_data2 = UserCreate(
+    email="user2@example.com",
+    username="User2",
+    password="#Password123",
+    roles=["user"],
+    user_settings={}
+  )
+  user_repository.create_user(user_data2, test_user_hashed_password)
+  assert user_repository.count_users() == 2
+
+
+def test_i_get_zero_count_when_no_users_exist(user_repository: SQLiteUserRepository):
+  """Verifies that count_users returns 0 when the database is empty."""
+  
+  count = user_repository.count_users()
+  assert count == 0
+  assert isinstance(count, int)
+
+
+def test_list_users_returns_correct_user_structure(user_repository: SQLiteUserRepository,
+                                                   test_user_data_create: UserCreate,
+                                                   test_user_hashed_password: str):
+  """Verifies that list_users returns UserInDB objects with all fields."""
+  
+  user_repository.create_user(test_user_data_create, test_user_hashed_password)
+  
+  users = user_repository.list_users()
+  
+  assert len(users) == 1
+  user = users[0]
+  
+  # Verify all fields are present and correct type
+  assert user.id is not None
+  assert user.email == test_user_data_create.email
+  assert user.username == test_user_data_create.username
+  assert user.hashed_password == test_user_hashed_password
+  assert isinstance(user.roles, list)
+  assert isinstance(user.user_settings, dict)
+  assert isinstance(user.is_verified, bool)
+  assert isinstance(user.is_active, bool)
+  assert isinstance(user.created_at, datetime)
+  assert isinstance(user.updated_at, datetime)