Run immediate health probe after jail deactivation

After deactivation the endpoint now calls _run_probe to flush the cached server status immediately, matching the activate_jail behaviour added in Task 5. Without this, the dashboard active-jail count could remain stale for up to 30 s after a deactivation reload. - config.py: capture result, await _run_probe, return result - test_config.py: add test_deactivate_triggers_health_probe; fix 3 pre-existing UP017 ruff warnings (datetime.UTC alias) - test_health.py: update test to assert the new fail2ban field
2026-03-14 19:25:24 +01:00
parent ee7412442a
commit 936946010f
4 changed files with 114 additions and 6 deletions
--- a/backend/app/routers/config.py
+++ b/backend/app/routers/config.py
@@ -695,7 +695,7 @@ async def deactivate_jail(
    socket_path: str = request.app.state.settings.fail2ban_socket

    try:
-        return await config_file_service.deactivate_jail(config_dir, socket_path, name)
+        result = await config_file_service.deactivate_jail(config_dir, socket_path, name)
    except JailNameError as exc:
        raise _bad_request(str(exc)) from exc
    except JailNotFoundInConfigError:
@@ -713,6 +713,13 @@ async def deactivate_jail(
    except Fail2BanConnectionError as exc:
        raise _bad_gateway(exc) from exc

+    # Force an immediate health probe so the cached status reflects the current
+    # fail2ban state (reload changes the active-jail count) without waiting for
+    # the next scheduled background check (up to 30 seconds).
+    await _run_probe(request.app)
+
+    return result
+

 # ---------------------------------------------------------------------------
 # Jail validation & rollback endpoints (Task 3)
--- a/backend/tests/test_routers/test_config.py
+++ b/backend/tests/test_routers/test_config.py
@@ -847,6 +847,30 @@ class TestDeactivateJail:
        ).post("/api/config/jails/sshd/deactivate")
        assert resp.status_code == 401

+    async def test_deactivate_triggers_health_probe(self, config_client: AsyncClient) -> None:
+        """POST .../deactivate triggers an immediate health probe after success."""
+        from app.models.config import JailActivationResponse
+
+        mock_response = JailActivationResponse(
+            name="sshd",
+            active=False,
+            message="Jail 'sshd' deactivated successfully.",
+        )
+        with (
+            patch(
+                "app.routers.config.config_file_service.deactivate_jail",
+                AsyncMock(return_value=mock_response),
+            ),
+            patch(
+                "app.routers.config._run_probe",
+                AsyncMock(),
+            ) as mock_probe,
+        ):
+            resp = await config_client.post("/api/config/jails/sshd/deactivate")
+
+        assert resp.status_code == 200
+        mock_probe.assert_awaited_once()
+

 # ---------------------------------------------------------------------------
 # GET /api/config/filters
@@ -1992,7 +2016,7 @@ class TestPendingRecovery:

        from app.models.config import PendingRecovery

-        now = datetime.datetime.now(tz=datetime.timezone.utc)
+        now = datetime.datetime.now(tz=datetime.UTC)
        record = PendingRecovery(
            jail_name="sshd",
            activated_at=now - datetime.timedelta(seconds=20),
@@ -2031,7 +2055,7 @@ class TestRollbackEndpoint:

        # Set up a pending recovery record on the app.
        app = config_client._transport.app  # type: ignore[attr-defined]
-        now = datetime.datetime.now(tz=datetime.timezone.utc)
+        now = datetime.datetime.now(tz=datetime.UTC)
        app.state.pending_recovery = PendingRecovery(
            jail_name="sshd",
            activated_at=now - datetime.timedelta(seconds=10),
@@ -2067,7 +2091,7 @@ class TestRollbackEndpoint:
        from app.models.config import PendingRecovery, RollbackResponse

        app = config_client._transport.app  # type: ignore[attr-defined]
-        now = datetime.datetime.now(tz=datetime.timezone.utc)
+        now = datetime.datetime.now(tz=datetime.UTC)
        record = PendingRecovery(
            jail_name="sshd",
            activated_at=now - datetime.timedelta(seconds=10),
--- a/backend/tests/test_routers/test_health.py
+++ b/backend/tests/test_routers/test_health.py
@@ -13,10 +13,11 @@ async def test_health_check_returns_200(client: AsyncClient) -> None:

@pytest.mark.asyncio
 async def test_health_check_returns_ok_status(client: AsyncClient) -> None:
-    """``GET /api/health`` must return ``{"status": "ok"}``."""
+    """``GET /api/health`` must contain ``status: ok`` and a ``fail2ban`` field."""
    response = await client.get("/api/health")
    data: dict[str, str] = response.json()
-    assert data == {"status": "ok"}
+    assert data["status"] == "ok"
+    assert data["fail2ban"] in ("online", "offline")


@pytest.mark.asyncio