cefdb9f51d
Implemented SshKeyService class following TDD principles with comprehensive test coverage: Service Methods: - create_ssh_key(name, private_key, password) - Creates SSH key with AES-256-GCM encryption - list_ssh_keys() - Lists all SSH keys (without decrypted keys) - get_ssh_key(key_id) - Retrieves SSH key by ID - delete_ssh_key(key_id) - Deletes key with usage validation - get_decrypted_key(key_id) - Returns decrypted private key for Git operations Features: - Encrypts SSH private keys before storing using app.security.encrypt_data - Generates SHA256 fingerprints for key identification - Validates SSH key format (RSA, OpenSSH, DSA, EC, ED25519, PGP) - Prevents deletion of keys in use by servers - Base64-encoding for encrypted data storage in Text columns - Uses app.config.settings.encrypt_key for encryption Tests: - 16 comprehensive test cases covering all service methods - All tests passing (16/16) - Tests for encryption/decryption, validation, usage checks, edge cases Files: - backend/app/services/ssh_key_service.py - SshKeyService implementation - backend/tests/test_services/test_ssh_key_service.py - Test suite - backend/tests/conftest.py - Fixed test encryption key length (32 bytes) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
61 lines
1.7 KiB
Python
61 lines
1.7 KiB
Python
import sys
|
|
import pytest
|
|
from pathlib import Path
|
|
|
|
# Add backend to path
|
|
sys.path.insert(0, str(Path(__file__).parent.parent))
|
|
|
|
from sqlalchemy import create_engine
|
|
from sqlalchemy.orm import sessionmaker
|
|
|
|
# NOTE: This import will fail until models are created in Task 2.1
|
|
# This is expected behavior - the models module doesn't exist yet
|
|
from app.models import Base
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def db_path(tmp_path):
|
|
"""临时数据库路径."""
|
|
return tmp_path / "test.db"
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def db_engine(db_path):
|
|
"""临时数据库引擎."""
|
|
engine = create_engine(f"sqlite:///{db_path}", connect_args={"check_same_thread": False})
|
|
Base.metadata.create_all(engine)
|
|
yield engine
|
|
engine.dispose()
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def db_session(db_engine):
|
|
"""临时数据库会话."""
|
|
SessionLocal = sessionmaker(bind=db_engine, autocommit=False, autoflush=False)
|
|
session = SessionLocal()
|
|
yield session
|
|
session.close()
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def test_encrypt_key():
|
|
"""测试加密密钥."""
|
|
import base64
|
|
return base64.b64encode(b'test-key-32-bytes-long-123456789').decode()
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def test_env_vars(db_path, test_encrypt_key, monkeypatch):
|
|
"""设置测试环境变量."""
|
|
# Clear global settings to ensure fresh config
|
|
import app.config
|
|
app.config._settings = None
|
|
|
|
monkeypatch.setenv("GM_ENCRYPT_KEY", test_encrypt_key)
|
|
monkeypatch.setenv("GM_API_TOKEN", "test-token")
|
|
monkeypatch.setenv("GM_DATA_DIR", str(db_path.parent))
|
|
return {
|
|
"GM_ENCRYPT_KEY": test_encrypt_key,
|
|
"GM_API_TOKEN": "test-token",
|
|
}
|