"""Tests for password strength validation.""" from local_deep_research.security.password_validator import PasswordValidator class TestPasswordValidator: """Unit tests for PasswordValidator.validate_strength.""" def test_valid_password(self): errors = PasswordValidator.validate_strength("strongp4ss") assert errors == [] def test_too_short(self): errors = PasswordValidator.validate_strength("ab1") assert any("8 characters" in e for e in errors) def test_missing_lowercase(self): errors = PasswordValidator.validate_strength("UPPERCASE1") assert any("lowercase" in e for e in errors) def test_missing_digit(self): errors = PasswordValidator.validate_strength("nodigitshere") assert any("digit" in e for e in errors) def test_multiple_errors_for_weak_password(self): errors = PasswordValidator.validate_strength("abc") # Should flag: too short, no digit assert len(errors) >= 2 def test_exactly_8_chars_valid(self): errors = PasswordValidator.validate_strength("abcdef1x") assert errors == [] def test_7_chars_invalid(self): errors = PasswordValidator.validate_strength("abcde1x") assert any("8 characters" in e for e in errors) def test_special_chars_allowed(self): errors = PasswordValidator.validate_strength("p@ssw0rd!") assert errors == [] def test_very_long_password_valid(self): errors = PasswordValidator.validate_strength("a1" + "a" * 200) assert errors == [] def test_get_requirements_returns_non_empty_list(self): reqs = PasswordValidator.get_requirements() assert isinstance(reqs, list) assert len(reqs) > 0 assert all(isinstance(r, str) for r in reqs) def test_get_requirements_count_matches_validate_strength_checks(self): """The number of requirements should match the number of checks in validate_strength (one error per check when all fail).""" reqs = PasswordValidator.get_requirements() # Empty string fails every check errors = PasswordValidator.validate_strength("") assert len(reqs) == len(errors)