Store remote sync bindings in vault data

This commit is contained in:
Joe Julian
2026-04-06 11:32:04 -07:00
parent 32c7b49f4f
commit 5e1e9f82fb
4 changed files with 196 additions and 2 deletions
+95
View File
@@ -114,3 +114,98 @@ func TestRemoteBindingJSONStoresOnlyNonSecretReferences(t *testing.T) {
}
}
}
func TestConfigureRemoteBindingStoresProfileAndCredentialsInVault(t *testing.T) {
t.Parallel()
var model vault.Model
binding, err := ConfigureRemoteBinding(&model, RemoteBindingInput{
LocalVaultPath: "/tmp/family.kdbx",
RemoteProfileID: "family-webdav",
RemoteProfileName: "Family Vault",
BaseURL: "https://dav.example.invalid/remote.php/dav",
RemotePath: "files/family/keepass.kdbx",
CredentialEntryID: "remote-creds-1",
CredentialTitle: "WebDAV Sign-In",
Username: "tjulian",
Password: "token-1",
CredentialPath: []string{"Crew", "Internet"},
SyncMode: SyncModeAutomaticOnOpenSave,
})
if err != nil {
t.Fatalf("ConfigureRemoteBinding() error = %v", err)
}
if len(model.RemoteProfiles) != 1 {
t.Fatalf("len(RemoteProfiles) = %d, want 1", len(model.RemoteProfiles))
}
if got := model.RemoteProfiles[0].BaseURL; got != "https://dav.example.invalid/remote.php/dav" {
t.Fatalf("stored remote profile base URL = %q, want remote.php/dav URL", got)
}
credentials, err := model.EntryByID("remote-creds-1")
if err != nil {
t.Fatalf("EntryByID(remote-creds-1) error = %v", err)
}
if credentials.Username != "tjulian" || credentials.Password != "token-1" {
t.Fatalf("stored credential entry = %#v, want tjulian/token-1", credentials)
}
if binding.LocalVaultPath != "/tmp/family.kdbx" {
t.Fatalf("binding LocalVaultPath = %q, want /tmp/family.kdbx", binding.LocalVaultPath)
}
if binding.RemoteProfileID != "family-webdav" || binding.CredentialEntryID != "remote-creds-1" {
t.Fatalf("binding = %#v, want only vault references", binding)
}
}
func TestConfigureRemoteBindingRejectsIncompleteInput(t *testing.T) {
t.Parallel()
for _, tc := range []struct {
name string
input RemoteBindingInput
}{
{
name: "missing_local_vault_path",
input: RemoteBindingInput{
RemoteProfileID: "family-webdav",
BaseURL: "https://dav.example.invalid/remote.php/dav",
RemotePath: "files/family/keepass.kdbx",
CredentialEntryID: "remote-creds-1",
Password: "token-1",
},
},
{
name: "missing_remote_base_url",
input: RemoteBindingInput{
LocalVaultPath: "/tmp/family.kdbx",
RemoteProfileID: "family-webdav",
RemotePath: "files/family/keepass.kdbx",
CredentialEntryID: "remote-creds-1",
Password: "token-1",
},
},
{
name: "missing_credential_entry_id",
input: RemoteBindingInput{
LocalVaultPath: "/tmp/family.kdbx",
RemoteProfileID: "family-webdav",
BaseURL: "https://dav.example.invalid/remote.php/dav",
RemotePath: "files/family/keepass.kdbx",
Password: "token-1",
},
},
} {
tc := tc
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
var model vault.Model
if _, err := ConfigureRemoteBinding(&model, tc.input); err == nil {
t.Fatalf("ConfigureRemoteBinding(%#v) error = nil, want validation error", tc.input)
}
})
}
}