fix: add encryption command test

alexandria/core/management/commands/encrypt_files.py

@@ -15,7 +15,7 @@ def handle(self, *args, **options):
         if (
             not settings.ALEXANDRIA_ENABLE_AT_REST_ENCRYPTION
             or settings.ALEXANDRIA_ENCRYPTION_METHOD
-            == File.EncryptionStatus.NOT_ENCRYPTED
+            == File.EncryptionStatus.NOT_ENCRYPTED.value
         ):
             return self.stdout.write(
                 self.style.WARNING(

alexandria/core/tests/test_commands.py

@@ -0,0 +1,53 @@
+import pytest
+from django.core.management import call_command
+from io import StringIO
+from alexandria.core.models import File
+from django.core.files import File as DjangoFile
+from alexandria.storages.backends.s3 import SsecGlobalS3Storage
+
+
+def test_encrypt_files(db, settings, mocker, file_factory):
+    file_old = file_factory(encryption_status=File.EncryptionStatus.NOT_ENCRYPTED)
+    file_global = file_factory(encryption_status=File.EncryptionStatus.SSEC_GLOBAL_KEY)
+    file_object = file_factory(encryption_status=File.EncryptionStatus.SSEC_OBJECT_KEY)
+
+    settings.ALEXANDRIA_ENABLE_AT_REST_ENCRYPTION = True
+    settings.ALEXANDRIA_ENCRYPTION_METHOD = File.EncryptionStatus.SSEC_GLOBAL_KEY.value
+    settings.DEFAULT_FILE_STORAGE = "alexandria.storages.backends.s3.S3Storage"
+
+    mocker.patch("storages.backends.s3.S3Storage.save")
+    mocker.patch("storages.backends.s3.S3Storage.open")
+    SsecGlobalS3Storage.save.return_value = "name-of-the-file"
+    SsecGlobalS3Storage.open.return_value = DjangoFile(open("README.md", "rb"))
+    call_command("encrypt_files")
+
+    file_old.refresh_from_db()
+    file_global.refresh_from_db()
+    file_object.refresh_from_db()
+
+    assert SsecGlobalS3Storage.save.called_once()
+    assert SsecGlobalS3Storage.open.called_once()
+    assert file_old.encryption_status == File.EncryptionStatus.SSEC_GLOBAL_KEY
+    assert file_global.encryption_status == File.EncryptionStatus.SSEC_GLOBAL_KEY
+    assert file_object.encryption_status == File.EncryptionStatus.SSEC_OBJECT_KEY
+
+
+@pytest.mark.parametrize(
+    "enable_encryption,encryption_method",
+    [
+        (False, "ssec-global"),
+        (True, File.EncryptionStatus.NOT_ENCRYPTED.value),
+    ],
+)
+def test_encrypt_files_misconfigured(
+    db, settings, file_factory, enable_encryption, encryption_method
+):
+    file_factory(encryption_status=File.EncryptionStatus.NOT_ENCRYPTED)
+
+    settings.ALEXANDRIA_ENABLE_AT_REST_ENCRYPTION = enable_encryption
+    settings.ALEXANDRIA_ENCRYPTION_METHOD = encryption_method
+
+    out = StringIO()
+    call_command("encrypt_files", stdout=out)
+
+    assert "Encryption is not enabled. Skipping encryption of files." in out.getvalue()

alexandria/storages/fields.py

@@ -36,7 +36,7 @@ def pre_save(self, instance, add):
                     f"{File.EncryptionStatus.values}. {method} is not valid"
                 )
                 raise ImproperlyConfigured(msg)
-            elif method == File.EncryptionStatus.NOT_ENCRYPTED:
+            elif method == File.EncryptionStatus.NOT_ENCRYPTED.value:
                 raise ImproperlyConfigured(
                     "ALEXANDRIA_ENCRYPTION_METHOD is set to NOT_ENCRYPTED while ALEXANDRIA_ENABLE_AT_REST_ENCRYPTION is enabled."
                 )

alexandria/storages/tests/test_dynamic_field.py

@@ -38,7 +38,7 @@ def test_dynamic_storage_select_global_ssec(
             "alexandria.storages.backends.s3.S3Storage",
         ),
         (
-            "none",
+            File.EncryptionStatus.NOT_ENCRYPTED.value,
             "alexandria.storages.backends.s3.S3Storage",
         ),
         (