""" Tests for OCI Config CRUD operations. """ import io import pytest # Dummy PEM key for uploads (valid RSA format header/footer, not a real key) _DUMMY_PEM = b"""-----BEGIN RSA PRIVATE KEY----- MIIBogIBAAJBALRiMLAHudeSA/x3hB2f+2NRkJmcOUNKwNuvTT0GKQFYSNDF0FNv TESTDATAFORTHEMOCKPEMFILEXYZABC0123456789ABCDEF0123456789 -----END RSA PRIVATE KEY----- """ # Module-level storage for IDs across ordered tests _state: dict = {} @pytest.mark.anyio async def test_create_oci_config(client, admin_headers): """POST /api/oci/config — create via multipart form.""" r = await client.post( "/api/oci/config", data={ "tenancy_name": "TestTenancy", "tenancy_ocid": "ocid1.tenancy.oc1..test", "user_ocid": "ocid1.user.oc1..test", "fingerprint": "aa:bb:cc:dd", "region": "us-ashburn-1", "compartment_id": "ocid1.compartment.oc1..test", "auth_type": "api_key", }, files={"private_key": ("key.pem", io.BytesIO(_DUMMY_PEM), "application/x-pem-file")}, headers=admin_headers, ) assert r.status_code == 200, r.text body = r.json() assert "id" in body _state["cid"] = body["id"] @pytest.mark.anyio async def test_list_oci_configs(client, admin_headers): """GET /api/oci/configs — list must include the created config.""" r = await client.get("/api/oci/configs", headers=admin_headers) assert r.status_code == 200 configs = r.json() assert isinstance(configs, list) assert any(c["id"] == _state["cid"] for c in configs) @pytest.mark.anyio async def test_update_oci_config(client, admin_headers): """PUT /api/oci/configs/{cid} — update tenancy_name via multipart form.""" cid = _state["cid"] r = await client.put( f"/api/oci/configs/{cid}", data={ "tenancy_name": "Updated", "region": "us-ashburn-1", }, headers=admin_headers, ) assert r.status_code == 200, r.text @pytest.mark.anyio async def test_delete_oci_config(client, admin_headers): """DELETE /api/oci/configs/{cid} — remove config.""" cid = _state["cid"] r = await client.delete(f"/api/oci/configs/{cid}", headers=admin_headers) assert r.status_code == 200, r.text @pytest.mark.anyio async def test_user_isolation(client, admin_headers, user_headers): """User A creates a config; user B cannot see it in their list.""" # Admin creates a config r = await client.post( "/api/oci/config", data={ "tenancy_name": "IsolationTest", "tenancy_ocid": "ocid1.tenancy.oc1..isolation", "user_ocid": "ocid1.user.oc1..isolation", "fingerprint": "ee:ff:00:11", "region": "eu-frankfurt-1", "auth_type": "api_key", }, files={"private_key": ("key.pem", io.BytesIO(_DUMMY_PEM), "application/x-pem-file")}, headers=admin_headers, ) assert r.status_code == 200 admin_cid = r.json()["id"] # Regular user lists configs — should NOT see admin's config r2 = await client.get("/api/oci/configs", headers=user_headers) assert r2.status_code == 200 user_ids = [c["id"] for c in r2.json()] assert admin_cid not in user_ids # Cleanup await client.delete(f"/api/oci/configs/{admin_cid}", headers=admin_headers)