from __future__ import annotations import asyncio import sys import tempfile import unittest from pathlib import Path import httpx sys.path.insert(0, str(Path(__file__).resolve().parents[3])) from backend.app.dependencies import get_file_ops_service from backend.app.fs.filesystem_adapter import FilesystemAdapter from backend.app.main import app from backend.app.security.path_guard import PathGuard from backend.app.services.file_ops_service import FileOpsService class FileOpsApiGoldenTest(unittest.TestCase): def setUp(self) -> None: self.temp_dir = tempfile.TemporaryDirectory() self.root = Path(self.temp_dir.name) / "root" self.root.mkdir(parents=True, exist_ok=True) self.scope = self.root / "scope" self.scope.mkdir(parents=True, exist_ok=True) (self.scope / "old.txt").write_text("x", encoding="utf-8") (self.scope / "existing.txt").write_text("y", encoding="utf-8") service = FileOpsService( path_guard=PathGuard({"storage1": str(self.root)}), filesystem=FilesystemAdapter(), ) async def _override_file_ops_service() -> FileOpsService: return service app.dependency_overrides[get_file_ops_service] = _override_file_ops_service def tearDown(self) -> None: app.dependency_overrides.clear() self.temp_dir.cleanup() def _post(self, url: str, payload: dict[str, str]) -> httpx.Response: async def _run() -> httpx.Response: transport = httpx.ASGITransport(app=app) async with httpx.AsyncClient(transport=transport, base_url="http://testserver") as client: return await client.post(url, json=payload) return asyncio.run(_run()) def test_mkdir_success(self) -> None: response = self._post( "/api/files/mkdir", {"parent_path": "storage1/scope", "name": "new_folder"}, ) self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), {"path": "storage1/scope/new_folder"}) self.assertTrue((self.scope / "new_folder").is_dir()) def test_mkdir_conflict_directory_exists(self) -> None: (self.scope / "existing_dir").mkdir() response = self._post( "/api/files/mkdir", {"parent_path": "storage1/scope", "name": "existing_dir"}, ) self.assertEqual(response.status_code, 409) self.assertEqual( response.json(), { "error": { "code": "already_exists", "message": "Target path already exists", "details": {"path": "storage1/scope/existing_dir"}, } }, ) def test_mkdir_conflict_file_exists(self) -> None: response = self._post( "/api/files/mkdir", {"parent_path": "storage1/scope", "name": "existing.txt"}, ) self.assertEqual(response.status_code, 409) self.assertEqual( response.json(), { "error": { "code": "already_exists", "message": "Target path already exists", "details": {"path": "storage1/scope/existing.txt"}, } }, ) def test_rename_success(self) -> None: response = self._post( "/api/files/rename", {"path": "storage1/scope/old.txt", "new_name": "renamed.txt"}, ) self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), {"path": "storage1/scope/renamed.txt"}) self.assertFalse((self.scope / "old.txt").exists()) self.assertTrue((self.scope / "renamed.txt").exists()) def test_rename_conflict(self) -> None: response = self._post( "/api/files/rename", {"path": "storage1/scope/old.txt", "new_name": "existing.txt"}, ) self.assertEqual(response.status_code, 409) self.assertEqual( response.json(), { "error": { "code": "already_exists", "message": "Target path already exists", "details": {"path": "storage1/scope/existing.txt"}, } }, ) def test_rename_not_found(self) -> None: response = self._post( "/api/files/rename", {"path": "storage1/scope/missing.txt", "new_name": "renamed.txt"}, ) self.assertEqual(response.status_code, 404) self.assertEqual( response.json(), { "error": { "code": "path_not_found", "message": "Requested path was not found", "details": {"path": "storage1/scope/missing.txt"}, } }, ) def test_rename_invalid_new_name_dotdot(self) -> None: response = self._post( "/api/files/rename", {"path": "storage1/scope/old.txt", "new_name": ".."}, ) self.assertEqual(response.status_code, 400) self.assertEqual( response.json(), { "error": { "code": "invalid_request", "message": "Invalid name", "details": {"new_name": ".."}, } }, ) def test_rename_invalid_new_name_with_slash(self) -> None: response = self._post( "/api/files/rename", {"path": "storage1/scope/old.txt", "new_name": "a/b"}, ) self.assertEqual(response.status_code, 400) self.assertEqual( response.json(), { "error": { "code": "invalid_request", "message": "Invalid name", "details": {"new_name": "a/b"}, } }, ) def test_mkdir_invalid_path(self) -> None: response = self._post( "/api/files/mkdir", {"parent_path": "storage1/scope", "name": "bad/name"}, ) self.assertEqual(response.status_code, 400) self.assertEqual( response.json(), { "error": { "code": "invalid_request", "message": "Invalid name", "details": {"name": "bad/name"}, } }, ) def test_mkdir_traversal_attempt(self) -> None: response = self._post( "/api/files/mkdir", {"parent_path": "storage1/../etc", "name": "x"}, ) self.assertEqual(response.status_code, 403) self.assertEqual( response.json(), { "error": { "code": "path_traversal_detected", "message": "Path traversal is not allowed", "details": {"path": "storage1/../etc"}, } }, ) def test_delete_file_success(self) -> None: target = self.scope / "delete_me.txt" target.write_text("z", encoding="utf-8") response = self._post( "/api/files/delete", {"path": "storage1/scope/delete_me.txt"}, ) self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), {"path": "storage1/scope/delete_me.txt"}) self.assertFalse(target.exists()) def test_delete_empty_directory_success(self) -> None: target = self.scope / "empty_dir" target.mkdir() response = self._post( "/api/files/delete", {"path": "storage1/scope/empty_dir"}, ) self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), {"path": "storage1/scope/empty_dir"}) self.assertFalse(target.exists()) def test_delete_not_found(self) -> None: response = self._post( "/api/files/delete", {"path": "storage1/scope/missing.txt"}, ) self.assertEqual(response.status_code, 404) self.assertEqual( response.json(), { "error": { "code": "path_not_found", "message": "Requested path was not found", "details": {"path": "storage1/scope/missing.txt"}, } }, ) def test_delete_traversal_attempt(self) -> None: response = self._post( "/api/files/delete", {"path": "storage1/../etc/passwd"}, ) self.assertEqual(response.status_code, 403) self.assertEqual( response.json(), { "error": { "code": "path_traversal_detected", "message": "Path traversal is not allowed", "details": {"path": "storage1/../etc/passwd"}, } }, ) def test_delete_non_empty_directory_conflict(self) -> None: target = self.scope / "non_empty" target.mkdir() (target / "a.txt").write_text("a", encoding="utf-8") response = self._post( "/api/files/delete", {"path": "storage1/scope/non_empty"}, ) self.assertEqual(response.status_code, 409) self.assertEqual( response.json(), { "error": { "code": "directory_not_empty", "message": "Directory is not empty", "details": {"path": "storage1/scope/non_empty"}, } }, ) def test_delete_non_empty_directory_recursive_success(self) -> None: target = self.scope / "non_empty_recursive" target.mkdir() nested = target / "nested" nested.mkdir() (nested / "a.txt").write_text("a", encoding="utf-8") response = self._post( "/api/files/delete", {"path": "storage1/scope/non_empty_recursive", "recursive": True}, ) self.assertEqual(response.status_code, 200) self.assertEqual(response.json(), {"path": "storage1/scope/non_empty_recursive"}) self.assertFalse(target.exists()) def test_delete_invalid_path(self) -> None: response = self._post( "/api/files/delete", {"path": ""}, ) self.assertEqual(response.status_code, 400) self.assertEqual( response.json(), { "error": { "code": "invalid_request", "message": "Query parameter 'path' is required", "details": None, } }, ) if __name__ == "__main__": unittest.main()