server/tests/test_settings_persistence.py

from __future__ import annotations

from pathlib import Path
import tempfile

from sqlalchemy import create_engine
from sqlalchemy.orm import Session, sessionmaker

from app.core import secret_box
from app.db.base import Base
from app.models.system_setting import SystemSetting
from app.models.system_setting_secret import SystemSettingSecret
from app.schemas.settings import SettingsWrite
from app.services.settings import SettingsService


def build_session(db_file: Path) -> Session:
    engine = create_engine(
        f"sqlite+pysqlite:///{db_file.as_posix()}",
        connect_args={"check_same_thread": False},
    )
    SystemSetting.__table__.create(bind=engine)
    SystemSettingSecret.__table__.create(bind=engine)
    session_factory = sessionmaker(bind=engine, autoflush=False, autocommit=False)
    return session_factory()


def build_temp_secret_dir() -> Path:
    return Path(tempfile.mkdtemp(prefix="xf-settings-test-", dir="D:\\tmp"))


def test_settings_service_persists_non_secret_and_secret_fields(monkeypatch) -> None:
    temp_dir = build_temp_secret_dir()
    monkeypatch.setattr(secret_box, "SECRET_KEY_FILE", temp_dir / "settings.key")
    monkeypatch.setattr(Base.metadata, "create_all", lambda *args, **kwargs: None)

    with build_session(temp_dir / "settings.db") as db:
        service = SettingsService(db)
        initial_snapshot = service.get_settings_snapshot()
        payload = initial_snapshot.model_dump()

        payload["companyForm"]["companyName"] = "YGSOFT"
        payload["companyForm"]["displayName"] = "云广软件"
        payload["adminForm"]["adminAccount"] = "admin-root"
        payload["adminForm"]["adminEmail"] = "admin@example.com"
        payload["adminForm"]["newPassword"] = "54321"
        payload["adminForm"]["confirmPassword"] = "54321"
        payload["llmForm"]["mainModel"] = "glm-4.5"
        payload["llmForm"]["mainApiKey"] = "main-secret"
        payload["mailForm"]["password"] = "smtp-secret"

        saved_snapshot = service.save_settings_snapshot(SettingsWrite(**payload))

        assert saved_snapshot.companyForm.companyName == "YGSOFT"
        assert saved_snapshot.companyForm.displayName == "云广软件"
        assert saved_snapshot.llmForm.mainModel == "glm-4.5"
        assert saved_snapshot.llmForm.mainApiKey == ""
        assert saved_snapshot.llmForm.mainApiKeyConfigured is True
        assert saved_snapshot.mailForm.password == ""
        assert saved_snapshot.mailForm.passwordConfigured is True
        assert saved_snapshot.adminForm.newPassword == ""
        assert saved_snapshot.adminForm.adminPasswordConfigured is True

        assert service.load_saved_model_api_key("main") == "main-secret"
        assert service.verify_admin_login("admin-root", "54321") is not None
        assert service.verify_admin_login("admin@example.com", "54321") is not None


def test_blank_secret_input_does_not_clear_saved_secret(monkeypatch) -> None:
    temp_dir = build_temp_secret_dir()
    monkeypatch.setattr(secret_box, "SECRET_KEY_FILE", temp_dir / "settings.key")
    monkeypatch.setattr(Base.metadata, "create_all", lambda *args, **kwargs: None)

    with build_session(temp_dir / "settings.db") as db:
        service = SettingsService(db)
        first_payload = service.get_settings_snapshot().model_dump()
        first_payload["llmForm"]["mainApiKey"] = "persisted-key"
        service.save_settings_snapshot(SettingsWrite(**first_payload))

        second_payload = service.get_settings_snapshot().model_dump()
        second_payload["llmForm"]["mainApiKey"] = ""
        service.save_settings_snapshot(SettingsWrite(**second_payload))

        assert service.load_saved_model_api_key("main") == "persisted-key"
feat: add system settings with model connectivity and encrypted storage 2026-05-08 08:56:52 +08:00			`from __future__ import annotations`

			`from pathlib import Path`
			`import tempfile`

			`from sqlalchemy import create_engine`
			`from sqlalchemy.orm import Session, sessionmaker`

			`from app.core import secret_box`
			`from app.db.base import Base`
			`from app.models.system_setting import SystemSetting`
			`from app.models.system_setting_secret import SystemSettingSecret`
			`from app.schemas.settings import SettingsWrite`
			`from app.services.settings import SettingsService`


			`def build_session(db_file: Path) -> Session:`
			`engine = create_engine(`
			`f"sqlite+pysqlite:///{db_file.as_posix()}",`
			`connect_args={"check_same_thread": False},`
			`)`
			`SystemSetting.__table__.create(bind=engine)`
			`SystemSettingSecret.__table__.create(bind=engine)`
			`session_factory = sessionmaker(bind=engine, autoflush=False, autocommit=False)`
			`return session_factory()`


			`def build_temp_secret_dir() -> Path:`
			`return Path(tempfile.mkdtemp(prefix="xf-settings-test-", dir="D:\\tmp"))`


			`def test_settings_service_persists_non_secret_and_secret_fields(monkeypatch) -> None:`
			`temp_dir = build_temp_secret_dir()`
			`monkeypatch.setattr(secret_box, "SECRET_KEY_FILE", temp_dir / "settings.key")`
			`monkeypatch.setattr(Base.metadata, "create_all", lambda args, *kwargs: None)`

			`with build_session(temp_dir / "settings.db") as db:`
			`service = SettingsService(db)`
			`initial_snapshot = service.get_settings_snapshot()`
			`payload = initial_snapshot.model_dump()`

			`payload["companyForm"]["companyName"] = "YGSOFT"`
			`payload["companyForm"]["displayName"] = "云广软件"`
			`payload["adminForm"]["adminAccount"] = "admin-root"`
			`payload["adminForm"]["adminEmail"] = "admin@example.com"`
			`payload["adminForm"]["newPassword"] = "54321"`
			`payload["adminForm"]["confirmPassword"] = "54321"`
			`payload["llmForm"]["mainModel"] = "glm-4.5"`
			`payload["llmForm"]["mainApiKey"] = "main-secret"`
			`payload["mailForm"]["password"] = "smtp-secret"`

			`saved_snapshot = service.save_settings_snapshot(SettingsWrite(**payload))`

			`assert saved_snapshot.companyForm.companyName == "YGSOFT"`
			`assert saved_snapshot.companyForm.displayName == "云广软件"`
			`assert saved_snapshot.llmForm.mainModel == "glm-4.5"`
			`assert saved_snapshot.llmForm.mainApiKey == ""`
			`assert saved_snapshot.llmForm.mainApiKeyConfigured is True`
			`assert saved_snapshot.mailForm.password == ""`
			`assert saved_snapshot.mailForm.passwordConfigured is True`
			`assert saved_snapshot.adminForm.newPassword == ""`
			`assert saved_snapshot.adminForm.adminPasswordConfigured is True`

			`assert service.load_saved_model_api_key("main") == "main-secret"`
			`assert service.verify_admin_login("admin-root", "54321") is not None`
			`assert service.verify_admin_login("admin@example.com", "54321") is not None`


			`def test_blank_secret_input_does_not_clear_saved_secret(monkeypatch) -> None:`
			`temp_dir = build_temp_secret_dir()`
			`monkeypatch.setattr(secret_box, "SECRET_KEY_FILE", temp_dir / "settings.key")`
			`monkeypatch.setattr(Base.metadata, "create_all", lambda args, *kwargs: None)`

			`with build_session(temp_dir / "settings.db") as db:`
			`service = SettingsService(db)`
			`first_payload = service.get_settings_snapshot().model_dump()`
			`first_payload["llmForm"]["mainApiKey"] = "persisted-key"`
			`service.save_settings_snapshot(SettingsWrite(**first_payload))`

			`second_payload = service.get_settings_snapshot().model_dump()`
			`second_payload["llmForm"]["mainApiKey"] = ""`
			`service.save_settings_snapshot(SettingsWrite(**second_payload))`

			`assert service.load_saved_model_api_key("main") == "persisted-key"`