From 6230aedc25096206360b85de8c92aa8061ed32ca Mon Sep 17 00:00:00 2001
From: Johanna Dorothea Reichmann <transcaffeine@finally.coffee>
Date: Tue, 31 Jan 2023 10:48:53 +0100
Subject: [PATCH] fix(matrix_token_login): handle admin flag in check_mode

---
 plugins/modules/matrix_token_login.py         |  16 ++-
 .../test_AnsibleModuleMatrixTokenLogin.py     | 103 ++++++++++++++++++
 2 files changed, 110 insertions(+), 9 deletions(-)
 create mode 100644 tests/unit/test_AnsibleModuleMatrixTokenLogin.py

diff --git a/plugins/modules/matrix_token_login.py b/plugins/modules/matrix_token_login.py
index e0c3715..158d733 100644
--- a/plugins/modules/matrix_token_login.py
+++ b/plugins/modules/matrix_token_login.py
@@ -40,8 +40,10 @@ options:
         required: true
     admin:
         description:
-            - Whether to set the user as admin during login
+            - Whether to set the user as admin during login.
+            - Omitting this does not alter admin status, by setting a value, the user is either pro- or demoted to/from admin.
         type: bool
+        required: false
 requirements:
     -  matrix-nio (Python library)
     -  jwcrypto (Python library)
@@ -123,12 +125,6 @@ async def run_module():
     if not HAS_NIO:
         await module.fail_json(msg=missing_required_lib("matrix-nio"))
 
-    if module.check_mode:
-        result["changed"] = True
-        result["device_id"] = "FAKEDEVICE"
-        result["token"] = "syt_fake_token"
-        await module.exit_json(**result)
-
     failed = False
 
     # Create client object
@@ -140,15 +136,17 @@ async def run_module():
     if key is None:
         await module.fail_json(msg="A key has to be provided")
 
+    admin = module.params["admin"]
+
     # Move check-mode handling after check for missing key
     if module.check_mode:
         result["changed"] = True
+        if admin is not None:
+            result["admin"] = admin
         result["device_id"] = "FAKEDEVICE"
         result["token"] = "syt_fake_token"
         await module.exit_json(**result)
 
-    admin = module.params["admin"]
-
     method, path, data = Api.login(
         client.user,
         password="",
diff --git a/tests/unit/test_AnsibleModuleMatrixTokenLogin.py b/tests/unit/test_AnsibleModuleMatrixTokenLogin.py
new file mode 100644
index 0000000..91b888f
--- /dev/null
+++ b/tests/unit/test_AnsibleModuleMatrixTokenLogin.py
@@ -0,0 +1,103 @@
+from __future__ import absolute_import, division, print_function, annotations
+
+import types
+
+import pytest
+from _pytest.monkeypatch import MonkeyPatch
+
+from ansible_collections.famedly.matrix.plugins.module_utils import matrix
+from ansible_collections.famedly.matrix.plugins.modules import matrix_token_login
+
+from ansible_collections.famedly.matrix.tests.unit.mock_nio.MatrixNioBase import (
+    MatrixNioBase,
+)
+from ansible_collections.famedly.matrix.tests.unit.mock_nio.MatrixNioSuccess import (
+    MatrixNioSuccess,
+)
+from ansible_collections.famedly.matrix.tests.unit.mock_nio.room import failure
+from ansible_collections.famedly.matrix.tests.unit.utils import (
+    AnsibleExitJson,
+    AnsibleFailJson,
+    assert_expression,
+    set_module_args,
+    exit_json,
+    fail_json,
+)
+
+
+class TestAnsibleModuleMatrixTokenLogin:
+    @staticmethod
+    def patchAnsibleNioModule(
+        monkeypatch: MonkeyPatch, mock_class: type(MatrixNioBase)
+    ):
+        # Mock ansible functions
+        monkeypatch.setattr(matrix.AnsibleModule, "exit_json", exit_json)
+        monkeypatch.setattr(matrix.AnsibleModule, "fail_json", fail_json)
+        # Mock MatrixNio
+        for method in MatrixNioBase.__dict__:
+            if isinstance(
+                getattr(mock_class, method),
+                (types.FunctionType, types.BuiltinFunctionType),
+            ):
+                monkeypatch.setattr(
+                    matrix.AsyncClient, method, getattr(mock_class, method)
+                )
+        monkeypatch.setattr(matrix.AsyncClient, "logged_in", False)
+
+    def test_token_login_check_mode(self, monkeypatch):
+        self.patchAnsibleNioModule(monkeypatch, MatrixNioSuccess)
+        set_module_args(
+            {
+                "hs_url": "matrix.example.tld",
+                "user_id": "myuser",
+                "key": "static-psk",
+            },
+            check_mode=True
+        )
+        with pytest.raises(AnsibleExitJson) as result:
+            matrix_token_login.main()
+        ansible_result = result.value.result
+        assert_expression(ansible_result["changed"] is True)
+        # If admin was not set, we do not expect any information about admin status
+        assert_expression("admin" not in ansible_result)
+        assert_expression(ansible_result["device_id"] != "")
+        assert_expression(ansible_result["token"] != "")
+
+    def test_token_login_check_mode_admin(self, monkeypatch):
+        self.patchAnsibleNioModule(monkeypatch, MatrixNioSuccess)
+        set_module_args(
+            {
+                "hs_url": "matrix.example.tld",
+                "user_id": "myuser",
+                "key": "static-psk",
+                "admin": True
+            },
+            check_mode=True
+        )
+        with pytest.raises(AnsibleExitJson) as result:
+            matrix_token_login.main()
+        ansible_result = result.value.result
+        assert_expression(ansible_result["changed"] is True)
+        assert_expression(ansible_result["admin"] is True)
+        assert_expression(ansible_result["device_id"] != "")
+        assert_expression(ansible_result["token"] != "")
+
+    def test_token_login_check_mode_demote_admin(self, monkeypatch):
+        self.patchAnsibleNioModule(monkeypatch, MatrixNioSuccess)
+        set_module_args(
+            {
+                "hs_url": "matrix.example.tld",
+                "user_id": "myuser",
+                "key": "static-psk",
+                "admin": False
+            },
+            check_mode=True
+        )
+        with pytest.raises(AnsibleExitJson) as result:
+            matrix_token_login.main()
+        ansible_result = result.value.result
+        assert_expression(ansible_result["changed"] is True)
+        # When admin has been set to false, expect the user to be demoted
+        assert_expression(ansible_result["admin"] is False)
+        assert_expression(ansible_result["device_id"] != "")
+        assert_expression(ansible_result["token"] != "")