MCPcopy Create free account
hub / github.com/vastsa/FileCodeBox / ConfigServiceSecurityTests

Class ConfigServiceSecurityTests

tests/test_admin_security.py:160–221  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

158
159
160class ConfigServiceSecurityTests(SettingsOverrideMixin, unittest.TestCase):
161 def test_admin_password_update_rotates_jwt_secret(self):
162 old_secret = "j" * 48
163 settings.user_config = {
164 **copy.deepcopy(DEFAULT_CONFIG),
165 "admin_token": hash_password("old-admin-password"),
166 "jwt_secret": old_secret,
167 }
168 original_key_value = admin_services.KeyValue
169 original_refresh_settings = admin_services.refresh_settings
170 admin_services.KeyValue = FakeKeyValue
171 admin_services.refresh_settings = fake_refresh_settings
172 FakeKeyValue.saved_value = None
173 try:
174 asyncio.run(ConfigService().update_config({"admin_token": "new-admin-password"}))
175 finally:
176 admin_services.KeyValue = original_key_value
177 admin_services.refresh_settings = original_refresh_settings
178
179 self.assertIsNotNone(FakeKeyValue.saved_value)
180 self.assertTrue(verify_password("new-admin-password", FakeKeyValue.saved_value["admin_token"]))
181 self.assertNotEqual(FakeKeyValue.saved_value["jwt_secret"], old_secret)
182 self.assertGreaterEqual(len(FakeKeyValue.saved_value["jwt_secret"]), 32)
183
184 def test_initialize_system_sets_admin_password_and_jwt_secret(self):
185 original_key_value = core_config.KeyValue
186 original_refresh_settings = core_config.refresh_settings
187 FakeConfigKeyValue.record = FakeConfigRecord(
188 {
189 **copy.deepcopy(DEFAULT_CONFIG),
190 "admin_token": "",
191 "jwt_secret": "",
192 }
193 )
194 FakeConfigKeyValue.saved_value = None
195 core_config.KeyValue = FakeConfigKeyValue
196 core_config.refresh_settings = fake_refresh_settings
197 try:
198 asyncio.run(
199 core_config.initialize_system(
200 admin_password="new-admin-password",
201 site_name="我的文件快递柜",
202 setup_options={
203 "uploadSize": 50 * 1024 * 1024,
204 "errorCount": 6,
205 "expireStyle": ["day", "count"],
206 },
207 )
208 )
209 finally:
210 core_config.KeyValue = original_key_value
211 core_config.refresh_settings = original_refresh_settings
212
213 self.assertIsNotNone(FakeConfigKeyValue.saved_value)
214 self.assertTrue(
215 verify_password("new-admin-password", FakeConfigKeyValue.saved_value["admin_token"])
216 )
217 self.assertGreaterEqual(len(FakeConfigKeyValue.saved_value["jwt_secret"]), 32)

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected