[management] Refactor peers to use store methods (#2893)

2025-08-14 01:08:46 +02:00 · 2025-01-20 20:41:46 +03:00
parent c619bf5b0c
commit 1ad2cb5582
30 changed files with 1614 additions and 857 deletions
--- a/management/server/store/sql_store_test.go
+++ b/management/server/store/sql_store_test.go
@ -14,6 +14,7 @@ import (
 	"time"

 	"github.com/google/uuid"
+	"github.com/netbirdio/netbird/management/server/util"
 	"github.com/rs/xid"
 	log "github.com/sirupsen/logrus"
 	"github.com/stretchr/testify/assert"
@ -422,12 +423,7 @@ func TestSqlite_GetAccount(t *testing.T) {
 	require.Equal(t, status.NotFound, parsedErr.Type(), "should return not found error")
 }

-func TestSqlite_SavePeer(t *testing.T) {
-	if runtime.GOOS == "windows" {
-		t.Skip("The SQLite store is not properly supported by Windows yet")
-	}
-
-	t.Setenv("NETBIRD_STORE_ENGINE", string(SqliteStoreEngine))
+func TestSqlStore_SavePeer(t *testing.T) {
 	store, cleanUp, err := NewTestStoreFromSQL(context.Background(), "../testdata/store.sql", t.TempDir())
 	t.Cleanup(cleanUp)
 	assert.NoError(t, err)
@ -437,15 +433,16 @@ func TestSqlite_SavePeer(t *testing.T) {

 	// save status of non-existing peer
 	peer := &nbpeer.Peer{
-		Key:    "peerkey",
-		ID:     "testpeer",
-		IP:     net.IP{127, 0, 0, 1},
-		Meta:   nbpeer.PeerSystemMeta{Hostname: "testingpeer"},
-		Name:   "peer name",
-		Status: &nbpeer.PeerStatus{Connected: true, LastSeen: time.Now().UTC()},
+		Key:       "peerkey",
+		ID:        "testpeer",
+		IP:        net.IP{127, 0, 0, 1},
+		Meta:      nbpeer.PeerSystemMeta{Hostname: "testingpeer"},
+		Name:      "peer name",
+		Status:    &nbpeer.PeerStatus{Connected: true, LastSeen: time.Now().UTC()},
+		CreatedAt: time.Now().UTC(),
 	}
 	ctx := context.Background()
-	err = store.SavePeer(ctx, account.Id, peer)
+	err = store.SavePeer(ctx, LockingStrengthUpdate, account.Id, peer)
 	assert.Error(t, err)
 	parsedErr, ok := status.FromError(err)
 	require.True(t, ok)
@ -461,23 +458,21 @@ func TestSqlite_SavePeer(t *testing.T) {
 	updatedPeer.Status.Connected = false
 	updatedPeer.Meta.Hostname = "updatedpeer"

-	err = store.SavePeer(ctx, account.Id, updatedPeer)
+	err = store.SavePeer(ctx, LockingStrengthUpdate, account.Id, updatedPeer)
 	require.NoError(t, err)

 	account, err = store.GetAccount(context.Background(), account.Id)
 	require.NoError(t, err)

 	actual := account.Peers[peer.ID]
-	assert.Equal(t, updatedPeer.Status, actual.Status)
 	assert.Equal(t, updatedPeer.Meta, actual.Meta)
+	assert.Equal(t, updatedPeer.Status.Connected, actual.Status.Connected)
+	assert.Equal(t, updatedPeer.Status.LoginExpired, actual.Status.LoginExpired)
+	assert.Equal(t, updatedPeer.Status.RequiresApproval, actual.Status.RequiresApproval)
+	assert.WithinDurationf(t, updatedPeer.Status.LastSeen, actual.Status.LastSeen.UTC(), time.Millisecond, "LastSeen should be equal")
 }

-func TestSqlite_SavePeerStatus(t *testing.T) {
-	if runtime.GOOS == "windows" {
-		t.Skip("The SQLite store is not properly supported by Windows yet")
-	}
-
-	t.Setenv("NETBIRD_STORE_ENGINE", string(SqliteStoreEngine))
+func TestSqlStore_SavePeerStatus(t *testing.T) {
 	store, cleanUp, err := NewTestStoreFromSQL(context.Background(), "../testdata/store.sql", t.TempDir())
 	t.Cleanup(cleanUp)
 	assert.NoError(t, err)
@ -487,7 +482,7 @@ func TestSqlite_SavePeerStatus(t *testing.T) {

 	// save status of non-existing peer
 	newStatus := nbpeer.PeerStatus{Connected: false, LastSeen: time.Now().UTC()}
-	err = store.SavePeerStatus(account.Id, "non-existing-peer", newStatus)
+	err = store.SavePeerStatus(context.Background(), LockingStrengthUpdate, account.Id, "non-existing-peer", newStatus)
 	assert.Error(t, err)
 	parsedErr, ok := status.FromError(err)
 	require.True(t, ok)
@ -506,33 +501,34 @@ func TestSqlite_SavePeerStatus(t *testing.T) {
 	err = store.SaveAccount(context.Background(), account)
 	require.NoError(t, err)

-	err = store.SavePeerStatus(account.Id, "testpeer", newStatus)
+	err = store.SavePeerStatus(context.Background(), LockingStrengthUpdate, account.Id, "testpeer", newStatus)
 	require.NoError(t, err)

 	account, err = store.GetAccount(context.Background(), account.Id)
 	require.NoError(t, err)

 	actual := account.Peers["testpeer"].Status
-	assert.Equal(t, newStatus, *actual)
+	assert.Equal(t, newStatus.Connected, actual.Connected)
+	assert.Equal(t, newStatus.LoginExpired, actual.LoginExpired)
+	assert.Equal(t, newStatus.RequiresApproval, actual.RequiresApproval)
+	assert.WithinDurationf(t, newStatus.LastSeen, actual.LastSeen.UTC(), time.Millisecond, "LastSeen should be equal")

 	newStatus.Connected = true

-	err = store.SavePeerStatus(account.Id, "testpeer", newStatus)
+	err = store.SavePeerStatus(context.Background(), LockingStrengthUpdate, account.Id, "testpeer", newStatus)
 	require.NoError(t, err)

 	account, err = store.GetAccount(context.Background(), account.Id)
 	require.NoError(t, err)

 	actual = account.Peers["testpeer"].Status
-	assert.Equal(t, newStatus, *actual)
+	assert.Equal(t, newStatus.Connected, actual.Connected)
+	assert.Equal(t, newStatus.LoginExpired, actual.LoginExpired)
+	assert.Equal(t, newStatus.RequiresApproval, actual.RequiresApproval)
+	assert.WithinDurationf(t, newStatus.LastSeen, actual.LastSeen.UTC(), time.Millisecond, "LastSeen should be equal")
 }

-func TestSqlite_SavePeerLocation(t *testing.T) {
-	if runtime.GOOS == "windows" {
-		t.Skip("The SQLite store is not properly supported by Windows yet")
-	}
-
-	t.Setenv("NETBIRD_STORE_ENGINE", string(SqliteStoreEngine))
+func TestSqlStore_SavePeerLocation(t *testing.T) {
 	store, cleanUp, err := NewTestStoreFromSQL(context.Background(), "../testdata/store.sql", t.TempDir())
 	t.Cleanup(cleanUp)
 	assert.NoError(t, err)
@ -549,10 +545,11 @@ func TestSqlite_SavePeerLocation(t *testing.T) {
 			CityName:     "City",
 			GeoNameID:    1,
 		},
-		Meta: nbpeer.PeerSystemMeta{},
+		CreatedAt: time.Now().UTC(),
+		Meta:      nbpeer.PeerSystemMeta{},
 	}
 	// error is expected as peer is not in store yet
-	err = store.SavePeerLocation(account.Id, peer)
+	err = store.SavePeerLocation(context.Background(), LockingStrengthUpdate, account.Id, peer)
 	assert.Error(t, err)

 	account.Peers[peer.ID] = peer
@ -564,7 +561,7 @@ func TestSqlite_SavePeerLocation(t *testing.T) {
 	peer.Location.CityName = "Berlin"
 	peer.Location.GeoNameID = 2950159

-	err = store.SavePeerLocation(account.Id, account.Peers[peer.ID])
+	err = store.SavePeerLocation(context.Background(), LockingStrengthUpdate, account.Id, account.Peers[peer.ID])
 	assert.NoError(t, err)

 	account, err = store.GetAccount(context.Background(), account.Id)
@ -574,7 +571,7 @@ func TestSqlite_SavePeerLocation(t *testing.T) {
 	assert.Equal(t, peer.Location, actual)

 	peer.ID = "non-existing-peer"
-	err = store.SavePeerLocation(account.Id, peer)
+	err = store.SavePeerLocation(context.Background(), LockingStrengthUpdate, account.Id, peer)
 	assert.Error(t, err)
 	parsedErr, ok := status.FromError(err)
 	require.True(t, ok)
@ -925,47 +922,6 @@ func TestPostgresql_DeleteAccount(t *testing.T) {

 }

-func TestPostgresql_SavePeerStatus(t *testing.T) {
-	if (os.Getenv("CI") == "true" && runtime.GOOS == "darwin") || runtime.GOOS == "windows" {
-		t.Skip("skip CI tests on darwin and windows")
-	}
-
-	t.Setenv("NETBIRD_STORE_ENGINE", string(PostgresStoreEngine))
-	store, cleanUp, err := NewTestStoreFromSQL(context.Background(), "../testdata/store.sql", t.TempDir())
-	t.Cleanup(cleanUp)
-	assert.NoError(t, err)
-
-	account, err := store.GetAccount(context.Background(), "bf1c8084-ba50-4ce7-9439-34653001fc3b")
-	require.NoError(t, err)
-
-	// save status of non-existing peer
-	newStatus := nbpeer.PeerStatus{Connected: true, LastSeen: time.Now().UTC()}
-	err = store.SavePeerStatus(account.Id, "non-existing-peer", newStatus)
-	assert.Error(t, err)
-
-	// save new status of existing peer
-	account.Peers["testpeer"] = &nbpeer.Peer{
-		Key:    "peerkey",
-		ID:     "testpeer",
-		IP:     net.IP{127, 0, 0, 1},
-		Meta:   nbpeer.PeerSystemMeta{},
-		Name:   "peer name",
-		Status: &nbpeer.PeerStatus{Connected: false, LastSeen: time.Now().UTC()},
-	}
-
-	err = store.SaveAccount(context.Background(), account)
-	require.NoError(t, err)
-
-	err = store.SavePeerStatus(account.Id, "testpeer", newStatus)
-	require.NoError(t, err)
-
-	account, err = store.GetAccount(context.Background(), account.Id)
-	require.NoError(t, err)
-
-	actual := account.Peers["testpeer"].Status
-	assert.Equal(t, newStatus.Connected, actual.Connected)
-}
-
 func TestPostgresql_TestGetAccountByPrivateDomain(t *testing.T) {
 	if (os.Getenv("CI") == "true" && runtime.GOOS == "darwin") || runtime.GOOS == "windows" {
 		t.Skip("skip CI tests on darwin and windows")
@ -1043,7 +999,7 @@ func TestSqlite_GetTakenIPs(t *testing.T) {
 		AccountID: existingAccountID,
 		IP:        net.IP{1, 1, 1, 1},
 	}
-	err = store.AddPeerToAccount(context.Background(), peer1)
+	err = store.AddPeerToAccount(context.Background(), LockingStrengthUpdate, peer1)
 	require.NoError(t, err)

 	takenIPs, err = store.GetTakenIPs(context.Background(), LockingStrengthShare, existingAccountID)
@ -1056,7 +1012,7 @@ func TestSqlite_GetTakenIPs(t *testing.T) {
 		AccountID: existingAccountID,
 		IP:        net.IP{2, 2, 2, 2},
 	}
-	err = store.AddPeerToAccount(context.Background(), peer2)
+	err = store.AddPeerToAccount(context.Background(), LockingStrengthUpdate, peer2)
 	require.NoError(t, err)

 	takenIPs, err = store.GetTakenIPs(context.Background(), LockingStrengthShare, existingAccountID)
@ -1088,7 +1044,7 @@ func TestSqlite_GetPeerLabelsInAccount(t *testing.T) {
 		AccountID: existingAccountID,
 		DNSLabel:  "peer1.domain.test",
 	}
-	err = store.AddPeerToAccount(context.Background(), peer1)
+	err = store.AddPeerToAccount(context.Background(), LockingStrengthUpdate, peer1)
 	require.NoError(t, err)

 	labels, err = store.GetPeerLabelsInAccount(context.Background(), LockingStrengthShare, existingAccountID)
@ -1100,7 +1056,7 @@ func TestSqlite_GetPeerLabelsInAccount(t *testing.T) {
 		AccountID: existingAccountID,
 		DNSLabel:  "peer2.domain.test",
 	}
-	err = store.AddPeerToAccount(context.Background(), peer2)
+	err = store.AddPeerToAccount(context.Background(), LockingStrengthUpdate, peer2)
 	require.NoError(t, err)

 	labels, err = store.GetPeerLabelsInAccount(context.Background(), LockingStrengthShare, existingAccountID)
@ -2561,3 +2517,329 @@ func TestSqlStore_AddAndRemoveResourceFromGroup(t *testing.T) {
 	require.NoError(t, err)
 	require.NotContains(t, group.Resources, *res)
 }
+
+func TestSqlStore_AddPeerToGroup(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_policy_migrate.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	accountID := "bf1c8084-ba50-4ce7-9439-34653001fc3b"
+	peerID := "cfefqs706sqkneg59g4g"
+	groupID := "cfefqs706sqkneg59g4h"
+
+	group, err := store.GetGroupByID(context.Background(), LockingStrengthShare, accountID, groupID)
+	require.NoError(t, err, "failed to get group")
+	require.Len(t, group.Peers, 0, "group should have 0 peers")
+
+	err = store.AddPeerToGroup(context.Background(), LockingStrengthUpdate, accountID, peerID, groupID)
+	require.NoError(t, err, "failed to add peer to group")
+
+	group, err = store.GetGroupByID(context.Background(), LockingStrengthShare, accountID, groupID)
+	require.NoError(t, err, "failed to get group")
+	require.Len(t, group.Peers, 1, "group should have 1 peers")
+	require.Contains(t, group.Peers, peerID)
+}
+
+func TestSqlStore_AddPeerToAllGroup(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_policy_migrate.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	accountID := "bf1c8084-ba50-4ce7-9439-34653001fc3b"
+	groupID := "cfefqs706sqkneg59g3g"
+
+	peer := &nbpeer.Peer{
+		ID:        "peer1",
+		AccountID: accountID,
+		DNSLabel:  "peer1.domain.test",
+	}
+
+	group, err := store.GetGroupByID(context.Background(), LockingStrengthShare, accountID, groupID)
+	require.NoError(t, err, "failed to get group")
+	require.Len(t, group.Peers, 2, "group should have 2 peers")
+	require.NotContains(t, group.Peers, peer.ID)
+
+	err = store.AddPeerToAccount(context.Background(), LockingStrengthUpdate, peer)
+	require.NoError(t, err, "failed to add peer to account")
+
+	err = store.AddPeerToAllGroup(context.Background(), LockingStrengthUpdate, accountID, peer.ID)
+	require.NoError(t, err, "failed to add peer to all group")
+
+	group, err = store.GetGroupByID(context.Background(), LockingStrengthShare, accountID, groupID)
+	require.NoError(t, err, "failed to get group")
+	require.Len(t, group.Peers, 3, "group should have  peers")
+	require.Contains(t, group.Peers, peer.ID)
+}
+
+func TestSqlStore_AddPeerToAccount(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_policy_migrate.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	accountID := "bf1c8084-ba50-4ce7-9439-34653001fc3b"
+
+	peer := &nbpeer.Peer{
+		ID:        "peer1",
+		AccountID: accountID,
+		Key:       "key",
+		IP:        net.IP{1, 1, 1, 1},
+		Meta: nbpeer.PeerSystemMeta{
+			Hostname:  "hostname",
+			GoOS:      "linux",
+			Kernel:    "Linux",
+			Core:      "21.04",
+			Platform:  "x86_64",
+			OS:        "Ubuntu",
+			WtVersion: "development",
+			UIVersion: "development",
+		},
+		Name:     "peer.test",
+		DNSLabel: "peer",
+		Status: &nbpeer.PeerStatus{
+			LastSeen:         time.Now().UTC(),
+			Connected:        true,
+			LoginExpired:     false,
+			RequiresApproval: false,
+		},
+		SSHKey:                      "ssh-key",
+		SSHEnabled:                  false,
+		LoginExpirationEnabled:      true,
+		InactivityExpirationEnabled: false,
+		LastLogin:                   util.ToPtr(time.Now().UTC()),
+		CreatedAt:                   time.Now().UTC(),
+		Ephemeral:                   true,
+	}
+	err = store.AddPeerToAccount(context.Background(), LockingStrengthUpdate, peer)
+	require.NoError(t, err, "failed to add peer to account")
+
+	storedPeer, err := store.GetPeerByID(context.Background(), LockingStrengthShare, accountID, peer.ID)
+	require.NoError(t, err, "failed to get peer")
+
+	assert.Equal(t, peer.ID, storedPeer.ID)
+	assert.Equal(t, peer.AccountID, storedPeer.AccountID)
+	assert.Equal(t, peer.Key, storedPeer.Key)
+	assert.Equal(t, peer.IP.String(), storedPeer.IP.String())
+	assert.Equal(t, peer.Meta, storedPeer.Meta)
+	assert.Equal(t, peer.Name, storedPeer.Name)
+	assert.Equal(t, peer.DNSLabel, storedPeer.DNSLabel)
+	assert.Equal(t, peer.SSHKey, storedPeer.SSHKey)
+	assert.Equal(t, peer.SSHEnabled, storedPeer.SSHEnabled)
+	assert.Equal(t, peer.LoginExpirationEnabled, storedPeer.LoginExpirationEnabled)
+	assert.Equal(t, peer.InactivityExpirationEnabled, storedPeer.InactivityExpirationEnabled)
+	assert.WithinDurationf(t, peer.GetLastLogin(), storedPeer.GetLastLogin().UTC(), time.Millisecond, "LastLogin should be equal")
+	assert.WithinDurationf(t, peer.CreatedAt, storedPeer.CreatedAt.UTC(), time.Millisecond, "CreatedAt should be equal")
+	assert.Equal(t, peer.Ephemeral, storedPeer.Ephemeral)
+	assert.Equal(t, peer.Status.Connected, storedPeer.Status.Connected)
+	assert.Equal(t, peer.Status.LoginExpired, storedPeer.Status.LoginExpired)
+	assert.Equal(t, peer.Status.RequiresApproval, storedPeer.Status.RequiresApproval)
+	assert.WithinDurationf(t, peer.Status.LastSeen, storedPeer.Status.LastSeen.UTC(), time.Millisecond, "LastSeen should be equal")
+}
+
+func TestSqlStore_GetPeerGroups(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_policy_migrate.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	accountID := "bf1c8084-ba50-4ce7-9439-34653001fc3b"
+	peerID := "cfefqs706sqkneg59g4g"
+
+	groups, err := store.GetPeerGroups(context.Background(), LockingStrengthShare, accountID, peerID)
+	require.NoError(t, err)
+	assert.Len(t, groups, 1)
+	assert.Equal(t, groups[0].Name, "All")
+
+	err = store.AddPeerToGroup(context.Background(), LockingStrengthUpdate, accountID, peerID, "cfefqs706sqkneg59g4h")
+	require.NoError(t, err)
+
+	groups, err = store.GetPeerGroups(context.Background(), LockingStrengthShare, accountID, peerID)
+	require.NoError(t, err)
+	assert.Len(t, groups, 2)
+}
+
+func TestSqlStore_GetAccountPeers(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_with_expired_peers.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	tests := []struct {
+		name          string
+		accountID     string
+		expectedCount int
+	}{
+		{
+			name:          "should retrieve peers for an existing account ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			expectedCount: 4,
+		},
+		{
+			name:          "should return no peers for a non-existing account ID",
+			accountID:     "nonexistent",
+			expectedCount: 0,
+		},
+		{
+			name:          "should return no peers for an empty account ID",
+			accountID:     "",
+			expectedCount: 0,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			peers, err := store.GetAccountPeers(context.Background(), LockingStrengthShare, tt.accountID)
+			require.NoError(t, err)
+			require.Len(t, peers, tt.expectedCount)
+		})
+	}
+
+}
+
+func TestSqlStore_GetAccountPeersWithExpiration(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_with_expired_peers.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	tests := []struct {
+		name          string
+		accountID     string
+		expectedCount int
+	}{
+		{
+			name:          "should retrieve peers with expiration for an existing account ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			expectedCount: 1,
+		},
+		{
+			name:          "should return no peers with expiration for a non-existing account ID",
+			accountID:     "nonexistent",
+			expectedCount: 0,
+		},
+		{
+			name:          "should return no peers with expiration for a empty account ID",
+			accountID:     "",
+			expectedCount: 0,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			peers, err := store.GetAccountPeersWithExpiration(context.Background(), LockingStrengthShare, tt.accountID)
+			require.NoError(t, err)
+			require.Len(t, peers, tt.expectedCount)
+		})
+	}
+}
+
+func TestSqlStore_GetAccountPeersWithInactivity(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_with_expired_peers.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	tests := []struct {
+		name          string
+		accountID     string
+		expectedCount int
+	}{
+		{
+			name:          "should retrieve peers with inactivity for an existing account ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			expectedCount: 1,
+		},
+		{
+			name:          "should return no peers with inactivity for a non-existing account ID",
+			accountID:     "nonexistent",
+			expectedCount: 0,
+		},
+		{
+			name:          "should return no peers with inactivity for an empty account ID",
+			accountID:     "",
+			expectedCount: 0,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			peers, err := store.GetAccountPeersWithInactivity(context.Background(), LockingStrengthShare, tt.accountID)
+			require.NoError(t, err)
+			require.Len(t, peers, tt.expectedCount)
+		})
+	}
+}
+
+func TestSqlStore_GetAllEphemeralPeers(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/storev1.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	peers, err := store.GetAllEphemeralPeers(context.Background(), LockingStrengthShare)
+	require.NoError(t, err)
+	require.Len(t, peers, 1)
+	require.True(t, peers[0].Ephemeral)
+}
+
+func TestSqlStore_GetUserPeers(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_with_expired_peers.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	tests := []struct {
+		name          string
+		accountID     string
+		userID        string
+		expectedCount int
+	}{
+		{
+			name:          "should retrieve peers for existing account ID and user ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			userID:        "f4f6d672-63fb-11ec-90d6-0242ac120003",
+			expectedCount: 1,
+		},
+		{
+			name:          "should return no peers for non-existing account ID with existing user ID",
+			accountID:     "nonexistent",
+			userID:        "f4f6d672-63fb-11ec-90d6-0242ac120003",
+			expectedCount: 0,
+		},
+		{
+			name:          "should return no peers for non-existing user ID with existing account ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			userID:        "nonexistent_user",
+			expectedCount: 0,
+		},
+		{
+			name:          "should retrieve peers for another valid account ID and user ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			userID:        "edafee4e-63fb-11ec-90d6-0242ac120003",
+			expectedCount: 2,
+		},
+		{
+			name:          "should return no peers for existing account ID with empty user ID",
+			accountID:     "bf1c8084-ba50-4ce7-9439-34653001fc3b",
+			userID:        "",
+			expectedCount: 0,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			peers, err := store.GetUserPeers(context.Background(), LockingStrengthShare, tt.accountID, tt.userID)
+			require.NoError(t, err)
+			require.Len(t, peers, tt.expectedCount)
+		})
+	}
+}
+
+func TestSqlStore_DeletePeer(t *testing.T) {
+	store, cleanup, err := NewTestStoreFromSQL(context.Background(), "../testdata/store_with_expired_peers.sql", t.TempDir())
+	t.Cleanup(cleanup)
+	require.NoError(t, err)
+
+	accountID := "bf1c8084-ba50-4ce7-9439-34653001fc3b"
+	peerID := "csrnkiq7qv9d8aitqd50"
+
+	err = store.DeletePeer(context.Background(), LockingStrengthUpdate, accountID, peerID)
+	require.NoError(t, err)
+
+	peer, err := store.GetPeerByID(context.Background(), LockingStrengthShare, accountID, peerID)
+	require.Error(t, err)
+	require.Nil(t, peer)
+}