""" Persistence and integrity verification tests for Flex-O entities. Ensures fingerprints survive JSON export/import and detect tampering. """ import os import sys import json import pytest from datetime import datetime sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), '..'))) from flexoentity import FlexOID, EntityType, EntityState, FlexoEntity @pytest.fixture def approved_entity(): q = FlexoEntity( domain="AF", etype=EntityType.QUESTION, text_seed="What is Ohm’s law?", state=EntityState.DRAFT, ) q.approve() q.sign() q.publish() return q def test_json_roundtrip_preserves_integrity(approved_entity): """ Export to JSON and reload — ensure state-aware and content-only integrity behave as expected. """ json_str = approved_entity.to_json() loaded = FlexoEntity.from_json(json_str) # Because the signature encodes lifecycle state, any state change breaks strict integrity assert not FlexoEntity.verify_integrity(loaded) assert approved_entity.flexo_id.signature == loaded.flexo_id.signature assert approved_entity.flexo_id == loaded.flexo_id assert loaded.state == approved_entity.state def test_json_tampering_detection(approved_entity): """Tampering with content should invalidate fingerprint verification.""" json_str = approved_entity.to_json() tampered_data = json.loads(json_str) tampered_data["text_seed"] = "Tampered content injection" tampered_json = json.dumps(tampered_data) loaded = FlexoEntity.from_json(tampered_json) assert not FlexoEntity.verify_integrity(loaded) def test_json_file_corruption(approved_entity, tmp_path): """Simulate file corruption — integrity check must fail.""" file = tmp_path / "entity.json" json_str = approved_entity.to_json() file.write_text(json_str) # Corrupt the file corrupted = json_str.replace("Ohm’s", "Omm’s") file.write_text(corrupted) loaded = FlexoEntity.from_json(file.read_text()) assert not FlexoEntity.verify_integrity(loaded)