Hugging Face's logo

Spaces:
Gregorfun
/
PixelForge
Running on Zero

App Files Community
PixelForge / imageforge /backend /tests /test_security.py
Gregorfun's picture
Gregorfun
Initial commit
32c5da4
raw
history blame contribute delete
941 Bytes
import pytest
from backend.app.core.security import ApiSecurity
def test_security_allows_without_required_key(monkeypatch) -> None:
 monkeypatch.setattr("backend.app.core.security.API_KEYS", "")
 sec = ApiSecurity()
 principal = sec.authenticate(api_key=None, client_id="local")
 assert principal.role == "operator"
def test_security_rejects_invalid_key(monkeypatch) -> None:
 monkeypatch.setattr("backend.app.core.security.API_KEYS", "abc")
 sec = ApiSecurity()
 with pytest.raises(Exception):
 sec.authenticate(api_key="wrong", client_id="local")
def test_security_role_mapping(monkeypatch) -> None:
 monkeypatch.setattr("backend.app.core.security.API_KEYS", "k1:viewer,k2:admin")
 sec = ApiSecurity()
 viewer = sec.authenticate(api_key="k1", client_id="local")
 admin = sec.authenticate(api_key="k2", client_id="local")
 assert viewer.role == "viewer"
 assert admin.role == "admin"