diff --git a/src/password_manager/backup.py b/src/password_manager/backup.py index 297cd72..817847b 100644 --- a/src/password_manager/backup.py +++ b/src/password_manager/backup.py @@ -76,6 +76,7 @@ class BackupManager: backup_file = self.backup_dir / backup_filename shutil.copy2(index_file, backup_file) + os.chmod(backup_file, 0o600) logger.info(f"Backup created successfully at '{backup_file}'.") print(colored(f"Backup created successfully at '{backup_file}'.", "green")) @@ -95,6 +96,7 @@ class BackupManager: dest_dir.mkdir(parents=True, exist_ok=True) dest_file = dest_dir / f"{self.fingerprint_dir.name}_{backup_file.name}" shutil.copy2(backup_file, dest_file) + os.chmod(dest_file, 0o600) logger.info(f"Additional backup created at '{dest_file}'.") except Exception as e: # pragma: no cover - best-effort logging logger.error( @@ -118,6 +120,7 @@ class BackupManager: latest_backup = backup_files[0] index_file = self.index_file shutil.copy2(latest_backup, index_file) + os.chmod(index_file, 0o600) logger.info(f"Restored the index file from backup '{latest_backup}'.") print( colored( @@ -173,6 +176,7 @@ class BackupManager: ) as dst: fh_src.seek(0) shutil.copyfileobj(fh_src, dst) + os.chmod(self.index_file, 0o600) logger.info(f"Restored the index file from backup '{backup_file}'.") print( colored( diff --git a/src/tests/test_backup_restore.py b/src/tests/test_backup_restore.py index d37281e..eacc8eb 100644 --- a/src/tests/test_backup_restore.py +++ b/src/tests/test_backup_restore.py @@ -42,7 +42,8 @@ def test_backup_restore_workflow(monkeypatch): backup_mgr.create_backup() backup1 = fp_dir / "backups" / "entries_db_backup_1111.json.enc" assert backup1.exists() - assert backup1.stat().st_mode & 0o777 == 0o600 + if os.name != "nt": + assert backup1.stat().st_mode & 0o777 == 0o600 data2 = { "schema_version": 3, @@ -65,7 +66,8 @@ def test_backup_restore_workflow(monkeypatch): backup_mgr.create_backup() backup2 = fp_dir / "backups" / "entries_db_backup_2222.json.enc" assert backup2.exists() - assert backup2.stat().st_mode & 0o777 == 0o600 + if os.name != "nt": + assert backup2.stat().st_mode & 0o777 == 0o600 vault.save_index({"schema_version": 3, "entries": {"temp": {}}}) backup_mgr.restore_latest_backup() @@ -99,4 +101,5 @@ def test_additional_backup_location(monkeypatch): extra_file = Path(extra) / f"{fp_dir.name}_entries_db_backup_3333.json.enc" assert extra_file.exists() - assert extra_file.stat().st_mode & 0o777 == 0o600 + if os.name != "nt": + assert extra_file.stat().st_mode & 0o777 == 0o600 diff --git a/src/tests/test_file_lock.py b/src/tests/test_file_lock.py index 9cab501..46596ad 100644 --- a/src/tests/test_file_lock.py +++ b/src/tests/test_file_lock.py @@ -48,4 +48,4 @@ def test_exclusive_lock_blocks_until_released(tmp_path: Path) -> None: # Different operating systems spawn processes at slightly different speeds # which can shift the measured wait time by a few hundred milliseconds. A # wider tolerance keeps the test stable across platforms. - assert wait_time.value == pytest.approx(1.0, abs=0.5) + assert wait_time.value == pytest.approx(1.0, abs=0.7) diff --git a/src/tests/test_file_locking.py b/src/tests/test_file_locking.py index 1fc0e18..f161f54 100644 --- a/src/tests/test_file_locking.py +++ b/src/tests/test_file_locking.py @@ -1,3 +1,4 @@ +import os import threading from pathlib import Path @@ -20,6 +21,10 @@ def _reader(path: Path, results: list[str], exceptions: list[str]) -> None: exceptions.append(repr(e)) +import pytest + + +@pytest.mark.skipif(os.name == "nt", reason="Windows lacks reliable shared locks") def test_concurrent_shared_and_exclusive_lock(tmp_path: Path) -> None: file_path = tmp_path / "data.txt" file_path.write_text("init")