Merge pull request #7 from PADAS/gundi-3858-fix-test-auth

GUNDI-3858: Fix test credentials
PADAS · Dec 30, 2024 · ce7f584 · ce7f584
2 parents bd7e9b2 + 17f1ee9
commit ce7f584
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 4 deletions.
diff --git a/app/actions/handlers.py b/app/actions/handlers.py
@@ -10,7 +10,7 @@
 from gundi_core.schemas.v2 import Integration
 from app.services.utils import find_config_for_action
 from app.services.state import IntegrationStateManager
-from .configurations import AuthenticateConfig, PullObservationsConfig, PullEventsConfig
+from .configurations import AuthenticateConfig, PullObservationsConfig, PullEventsConfig, ERAuthenticationType
 from ..services.activity_logger import activity_logger
 from ..services.gundi import send_events_to_gundi, send_observations_to_gundi
 
@@ -37,14 +37,18 @@ async def action_auth(integration: Integration, action_config: AuthenticateConfi
             connect_timeout=DEFAULT_CONNECT_TIMEOUT_SECONDS,
     ) as er_client:
         try:
-            if auth_config.token:
+            if auth_config.authentication_type == ERAuthenticationType.TOKEN:
+                if not auth_config.token:
+                    return {"valid_credentials": False, "error": "Please provide a token."}
                 result = await er_client.get_me()
                 # ToDo: Support doing a deeper check on permissions here or in a separate handler
                 valid_credentials = result.get('is_active', False)
-            elif auth_config.username and auth_config.password:
+            elif auth_config.authentication_type == ERAuthenticationType.USERNAME_PASSWORD:
+                if not auth_config.username or not auth_config.password:
+                    return {"valid_credentials": False, "error": "Please provide both a username and a password."}
                 valid_credentials = await er_client.login()
             else:
-                return {"valid_credentials": False, "error": "Please provide either a token or username/password."}
+                return {"valid_credentials": False, "error": "Please select an valid authentication method."}
         except ERClientException as e:
             # ToDo. Differentiate ER errors from invalid credentials in the ER client
             return {"valid_credentials": False, "error": str(e)}

diff --git a/app/actions/tests/test_actions.py b/app/actions/tests/test_actions.py
@@ -131,3 +131,54 @@ async def test_execute_auth_action_with_invalid_url(
     assert not mock_erclient_class.return_value.get_me.called
     assert response.get("valid_credentials") == False
     assert "error" in response
+
+
+@pytest.mark.asyncio
+async def test_execute_auth_action_with_empty_token(
+        mocker, mock_gundi_client_v2, mock_erclient_class,
+        er_integration_v2, mock_publish_event
+):
+    mocker.patch("app.services.action_runner._portal", mock_gundi_client_v2)
+    mocker.patch("app.services.activity_logger.publish_event", mock_publish_event)
+    mocker.patch("app.services.action_runner.publish_event", mock_publish_event)
+    mocker.patch("app.actions.handlers.AsyncERClient", mock_erclient_class)
+
+    response = await execute_action(
+        integration_id=str(er_integration_v2.id),
+        action_id="auth",
+        config_overrides={
+            "authentication_type": "token",
+            "token": ""
+        }
+    )
+
+    assert mock_gundi_client_v2.get_integration_details.called
+    assert not mock_erclient_class.return_value.get_me.called
+    assert response.get("valid_credentials") == False
+    assert "error" in response
+
+
+@pytest.mark.asyncio
+async def test_execute_auth_action_with_empty_user(
+        mocker, mock_gundi_client_v2, mock_erclient_class,
+        er_integration_v2, mock_publish_event
+):
+    mocker.patch("app.services.action_runner._portal", mock_gundi_client_v2)
+    mocker.patch("app.services.activity_logger.publish_event", mock_publish_event)
+    mocker.patch("app.services.action_runner.publish_event", mock_publish_event)
+    mocker.patch("app.actions.handlers.AsyncERClient", mock_erclient_class)
+
+    response = await execute_action(
+        integration_id=str(er_integration_v2.id),
+        action_id="auth",
+        config_overrides={
+            "authentication_type": "username_password",
+            "username": "",
+            "password": "password"
+        }
+    )
+
+    assert mock_gundi_client_v2.get_integration_details.called
+    assert not mock_erclient_class.return_value.get_me.called
+    assert response.get("valid_credentials") == False
+    assert "error" in response