"""Tests for the dashboard router (GET /api/dashboard/status).""" from __future__ import annotations from pathlib import Path import aiosqlite import pytest from httpx import ASGITransport, AsyncClient from app.config import Settings from app.db import init_db from app.main import create_app from app.models.server import ServerStatus # --------------------------------------------------------------------------- # Fixtures # --------------------------------------------------------------------------- _SETUP_PAYLOAD = { "master_password": "testpassword1", "database_path": "bangui.db", "fail2ban_socket": "/var/run/fail2ban/fail2ban.sock", "timezone": "UTC", "session_duration_minutes": 60, } @pytest.fixture async def dashboard_client(tmp_path: Path) -> AsyncClient: # type: ignore[misc] """Provide an authenticated ``AsyncClient`` with a pre-seeded server status. Unlike the shared ``client`` fixture this one also exposes access to ``app.state`` via the app instance so we can seed the status cache. """ settings = Settings( database_path=str(tmp_path / "dashboard_test.db"), fail2ban_socket="/tmp/fake_fail2ban.sock", session_secret="test-dashboard-secret", session_duration_minutes=60, timezone="UTC", log_level="debug", ) app = create_app(settings=settings) db: aiosqlite.Connection = await aiosqlite.connect(settings.database_path) db.row_factory = aiosqlite.Row await init_db(db) app.state.db = db # Pre-seed a server status so the endpoint has something to return. app.state.server_status = ServerStatus( online=True, version="1.0.2", active_jails=2, total_bans=10, total_failures=5, ) transport = ASGITransport(app=app) async with AsyncClient(transport=transport, base_url="http://test") as ac: # Complete setup so the middleware doesn't redirect. resp = await ac.post("/api/setup", json=_SETUP_PAYLOAD) assert resp.status_code == 201 # Login to get a session cookie. login_resp = await ac.post( "/api/auth/login", json={"password": _SETUP_PAYLOAD["master_password"]}, ) assert login_resp.status_code == 200 yield ac await db.close() @pytest.fixture async def offline_dashboard_client(tmp_path: Path) -> AsyncClient: # type: ignore[misc] """Like ``dashboard_client`` but with an offline server status.""" settings = Settings( database_path=str(tmp_path / "dashboard_offline_test.db"), fail2ban_socket="/tmp/fake_fail2ban.sock", session_secret="test-dashboard-offline-secret", session_duration_minutes=60, timezone="UTC", log_level="debug", ) app = create_app(settings=settings) db: aiosqlite.Connection = await aiosqlite.connect(settings.database_path) db.row_factory = aiosqlite.Row await init_db(db) app.state.db = db app.state.server_status = ServerStatus(online=False) transport = ASGITransport(app=app) async with AsyncClient(transport=transport, base_url="http://test") as ac: resp = await ac.post("/api/setup", json=_SETUP_PAYLOAD) assert resp.status_code == 201 login_resp = await ac.post( "/api/auth/login", json={"password": _SETUP_PAYLOAD["master_password"]}, ) assert login_resp.status_code == 200 yield ac await db.close() # --------------------------------------------------------------------------- # Tests # --------------------------------------------------------------------------- class TestDashboardStatus: """GET /api/dashboard/status.""" async def test_returns_200_when_authenticated( self, dashboard_client: AsyncClient ) -> None: """Authenticated request returns HTTP 200.""" response = await dashboard_client.get("/api/dashboard/status") assert response.status_code == 200 async def test_returns_401_when_unauthenticated( self, client: AsyncClient ) -> None: """Unauthenticated request returns HTTP 401.""" # Complete setup so the middleware allows the request through. await client.post("/api/setup", json=_SETUP_PAYLOAD) response = await client.get("/api/dashboard/status") assert response.status_code == 401 async def test_response_shape_when_online( self, dashboard_client: AsyncClient ) -> None: """Response contains the expected ``status`` object shape.""" response = await dashboard_client.get("/api/dashboard/status") body = response.json() assert "status" in body status = body["status"] assert "online" in status assert "version" in status assert "active_jails" in status assert "total_bans" in status assert "total_failures" in status async def test_cached_values_returned_when_online( self, dashboard_client: AsyncClient ) -> None: """Endpoint returns the exact values from ``app.state.server_status``.""" response = await dashboard_client.get("/api/dashboard/status") status = response.json()["status"] assert status["online"] is True assert status["version"] == "1.0.2" assert status["active_jails"] == 2 assert status["total_bans"] == 10 assert status["total_failures"] == 5 async def test_offline_status_returned_correctly( self, offline_dashboard_client: AsyncClient ) -> None: """Endpoint returns online=False when the cache holds an offline snapshot.""" response = await offline_dashboard_client.get("/api/dashboard/status") assert response.status_code == 200 status = response.json()["status"] assert status["online"] is False assert status["version"] is None assert status["active_jails"] == 0 assert status["total_bans"] == 0 assert status["total_failures"] == 0 async def test_returns_offline_when_state_not_initialised( self, client: AsyncClient ) -> None: """Endpoint returns online=False as a safe default if the cache is absent.""" # Setup + login so the endpoint is reachable. await client.post("/api/setup", json=_SETUP_PAYLOAD) await client.post( "/api/auth/login", json={"password": _SETUP_PAYLOAD["master_password"]}, ) # server_status is not set on app.state in the shared `client` fixture. response = await client.get("/api/dashboard/status") assert response.status_code == 200 status = response.json()["status"] assert status["online"] is False