From 751634ff8d8a050bf08ef2b5d59838679c921c7b Mon Sep 17 00:00:00 2001
From: wlandau-lilly <will.landau@lilly.com>
Date: Fri, 15 Sep 2023 13:14:15 -0400
Subject: [PATCH] test crew_tls()

---
 R/crew_tls.R                   | 57 ++++++++++++----------
 tests/testthat/test-crew_tls.R | 86 ++++++++++++++++++++++++++++++++++
 2 files changed, 119 insertions(+), 24 deletions(-)
 create mode 100644 tests/testthat/test-crew_tls.R

diff --git a/R/crew_tls.R b/R/crew_tls.R
index 743907fd..bcf2fa7d 100644
--- a/R/crew_tls.R
+++ b/R/crew_tls.R
@@ -147,30 +147,39 @@ crew_class_tls <- R6::R6Class(
     #' @description Validation for custom mode.
     #' @return `NULL` (invisibly).
     validate_mode_custom = function() {
-      for (field in c("key", "password", "certificates")) {
-        crew_assert(
-          self[[field]],
-          is.character(.),
-          length(.) >= 1L,
-          nzchar(.),
-          !anyNA(.),
-          message = paste(
-            "If mode is \"custom\", then crew_tls() argument",
-            field,
-            "must be of type character and be non-missing and nonempty."
-          )
+      crew_assert(
+        self$key,
+        is.character(.),
+        length(.) == 1L,
+        nzchar(.),
+        !anyNA(.),
+        message = paste(
+          "If mode is \"custom\", then crew_tls() argument key",
+          "must be a nonempty nonmissing character of length 1."
         )
-      }
-      for (field in c("key", "password")) {
-        crew_assert(
-          length(self[[field]]) == 1L,
-          message = paste(
-            "If mode is \"custom\", then crew_tls() argument",
-            field,
-            "must have length 1."
-          )
+      )
+      crew_assert(
+        self$password %|||% "x",
+        is.character(.),
+        length(.) == 1L,
+        nzchar(.),
+        !anyNA(.),
+        message = paste(
+          "If mode is \"custom\", then crew_tls() argument password",
+          "must be NULL or a nonempty nonmissing character of length 1."
         )
-      }
+      )
+      crew_assert(
+        self$certificates,
+        is.character(.),
+        length(.) >= 1L,
+        nzchar(.),
+        !anyNA(.),
+        message = paste(
+          "If mode is \"custom\", then crew_tls() argument certificates",
+          "must a nonempty nonmissing character vector of length >= 1."
+        )
+      )
       files <- c(self$key, self$certificates)
       for (file in files) {
         crew_assert(
@@ -236,10 +245,10 @@ crew_tls_assert_certificate <- function(certificate) {
     )
   )
   crew_assert(
-    lines[length(lines)] == "-----BEGIN CERTIFICATE-----",
+    lines[length(lines)] == "-----END CERTIFICATE-----",
     message = paste(
       "certificate file must end with the line",
-      "-----BEGIN CERTIFICATE-----.",
+      "-----END CERTIFICATE-----.",
       "please make sure you have a valid certificate in PEM format."
     )
   )
diff --git a/tests/testthat/test-crew_tls.R b/tests/testthat/test-crew_tls.R
new file mode 100644
index 00000000..dd1ab816
--- /dev/null
+++ b/tests/testthat/test-crew_tls.R
@@ -0,0 +1,86 @@
+test_that("crew_tls() none", {
+  expect_silent(crew_tls(mode = "none")$validate())
+})
+
+test_that("crew_tls() automatic", {
+  expect_silent(crew_tls(mode = "automatic")$validate())
+})
+
+test_that("crew_tls() custom with no files", {
+  expect_crew_error(crew_tls(mode = "custom")$validate())
+})
+
+test_that("crew_tls() bad mode", {
+  expect_crew_error(crew_tls(mode = "nope")$validate())
+})
+
+test_that("crew_tls_assert_key()", {
+  temp <- tempfile()
+  on.exit(unlink(temp))
+  expect_crew_error(crew_tls_assert_key(temp))
+  file.create(temp)
+  expect_crew_error(crew_tls_assert_key(temp))
+  writeLines(c("abc", "123"), temp)
+  expect_crew_error(crew_tls_assert_key(temp))
+  writeLines(
+    c(
+      "-----BEGIN PRIVATE KEY-----",
+      "lines",
+      "-----END PRIVATE KEY-----"
+    ),
+    temp
+  )
+  expect_silent(crew_tls_assert_key(temp))
+  writeLines(
+    c(
+      "-----BEGIN ENCRYPTED PRIVATE KEY-----",
+      "lines",
+      "-----END ENCRYPTED PRIVATE KEY-----"
+    ),
+    temp
+  )
+  expect_silent(crew_tls_assert_key(temp))
+})
+
+test_that("crew_tls_assert_certificate()", {
+  temp <- tempfile()
+  on.exit(unlink(temp))
+  expect_crew_error(crew_tls_assert_certificate(temp))
+  file.create(temp)
+  expect_crew_error(crew_tls_assert_certificate(temp))
+  writeLines(c("abc", "123"), temp)
+  expect_crew_error(crew_tls_assert_certificate(temp))
+  writeLines(
+    c(
+      "-----BEGIN CERTIFICATE-----",
+      "lines",
+      "-----END CERTIFICATE-----"
+    ),
+    temp
+  )
+  expect_silent(crew_tls_assert_certificate(temp))
+})
+
+test_that("crew_tls() with mock credentials", {
+  key <- tempfile()
+  certificates <- tempfile()
+  on.exit(unlink(c(key, certificates)))
+  writeLines(
+    c(
+      "-----BEGIN PRIVATE KEY-----",
+      "lines",
+      "-----END PRIVATE KEY-----"
+    ),
+    key
+  )
+  writeLines(
+    c(
+      "-----BEGIN CERTIFICATE-----",
+      "lines",
+      "-----END CERTIFICATE-----"
+    ),
+    certificates
+  )
+  tls <- crew_tls(mode = "custom", key = key, certificates = certificates)
+  expect_silent(tls$validate())
+})