Fix tests using the new api root
This commit is contained in:
@@ -15,7 +15,7 @@ import secrets, string, os
|
||||
from dotenv import load_dotenv
|
||||
|
||||
load_dotenv()
|
||||
SECRET_KEY = os.getenv("SECRET_KEY")
|
||||
SECRET_KEY = os.getenv("SECRET_KEY", default="ff"*16)
|
||||
ALGORITHM = "HS256"
|
||||
ACCESS_TOKEN_EXPIRE_MINUTES = 120
|
||||
|
||||
|
||||
@@ -68,7 +68,7 @@ def regular_user(db_session):
|
||||
def auth_headers(client, admin_user):
|
||||
"""Get authentication headers for admin user."""
|
||||
response = client.post(
|
||||
"/token",
|
||||
"/api/v1/token",
|
||||
data={"username": admin_user.name, "password": "admin123"}
|
||||
)
|
||||
token = response.json()["access_token"]
|
||||
@@ -79,7 +79,7 @@ def auth_headers(client, admin_user):
|
||||
def user_auth_headers(client, regular_user):
|
||||
"""Get authentication headers for regular user."""
|
||||
response = client.post(
|
||||
"/token",
|
||||
"/api/v1/token",
|
||||
data={"username": regular_user.name, "password": "user123"}
|
||||
)
|
||||
token = response.json()["access_token"]
|
||||
|
||||
@@ -13,7 +13,7 @@ def test_create_access_auth(client, auth_headers):
|
||||
]
|
||||
}
|
||||
|
||||
response = client.post("/aa/", json=aa_data, headers=auth_headers)
|
||||
response = client.post("/api/v1/aa/", json=aa_data, headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
data = response.json()
|
||||
@@ -25,7 +25,7 @@ def test_create_access_auth(client, auth_headers):
|
||||
|
||||
def test_get_all_access_auths(client, auth_headers, test_aa):
|
||||
"""Test retrieving all access authorizations."""
|
||||
response = client.get("/aa/", headers=auth_headers)
|
||||
response = client.get("/api/v1/aa/", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
aa_list = response.json()
|
||||
@@ -37,7 +37,7 @@ def test_get_all_access_auths(client, auth_headers, test_aa):
|
||||
|
||||
def test_get_access_auth_by_id(client, auth_headers, test_aa):
|
||||
"""Test retrieving a specific access authorization by ID."""
|
||||
response = client.get(f"/aa/{test_aa.id}", headers=auth_headers)
|
||||
response = client.get(f"/api/v1/aa/{test_aa.id}", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
data = response.json()
|
||||
@@ -47,14 +47,14 @@ def test_get_access_auth_by_id(client, auth_headers, test_aa):
|
||||
|
||||
def test_get_nonexistent_access_auth(client, auth_headers):
|
||||
"""Test retrieving a non-existent access authorization."""
|
||||
response = client.get("/aa/99999", headers=auth_headers)
|
||||
response = client.get("/api/v1/aa/99999", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_assign_access_auth_to_group(client, auth_headers, test_group, test_aa):
|
||||
"""Test assigning an access authorization to a group."""
|
||||
response = client.put(
|
||||
f"/aa/assign/{test_group.id}/{test_aa.id}",
|
||||
f"/api/v1/aa/assign/{test_group.id}/{test_aa.id}",
|
||||
headers=auth_headers
|
||||
)
|
||||
assert response.status_code == 200
|
||||
@@ -68,11 +68,11 @@ def test_assign_access_auth_to_group(client, auth_headers, test_group, test_aa):
|
||||
def test_assign_already_assigned_access_auth(client, auth_headers, test_group, test_aa):
|
||||
"""Test assigning an already assigned access authorization."""
|
||||
# First assignment
|
||||
client.put(f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers)
|
||||
client.put(f"/api/v1/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers)
|
||||
|
||||
# Second assignment should indicate it's already assigned
|
||||
response = client.put(
|
||||
f"/aa/assign/{test_group.id}/{test_aa.id}",
|
||||
f"/api/v1/aa/assign/{test_group.id}/{test_aa.id}",
|
||||
headers=auth_headers
|
||||
)
|
||||
# According to the code, this returns 409 with "already assigned" message
|
||||
@@ -83,11 +83,11 @@ def test_assign_already_assigned_access_auth(client, auth_headers, test_group, t
|
||||
def test_unassign_access_auth_from_group(client, auth_headers, test_group, test_aa):
|
||||
"""Test unassigning an access authorization from a group."""
|
||||
# First assign
|
||||
client.put(f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers)
|
||||
client.put(f"/api/v1/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers)
|
||||
|
||||
# Then unassign
|
||||
response = client.put(
|
||||
f"/aa/unassign/{test_group.id}/{test_aa.id}",
|
||||
f"/api/v1/aa/unassign/{test_group.id}/{test_aa.id}",
|
||||
headers=auth_headers
|
||||
)
|
||||
assert response.status_code == 200
|
||||
@@ -96,7 +96,7 @@ def test_unassign_access_auth_from_group(client, auth_headers, test_group, test_
|
||||
def test_unassign_nonexistent_assignment(client, auth_headers, test_group, test_aa):
|
||||
"""Test unassigning a non-existent assignment."""
|
||||
response = client.put(
|
||||
f"/aa/unassign/{test_group.id}/{test_aa.id}",
|
||||
f"/api/v1/aa/unassign/{test_group.id}/{test_aa.id}",
|
||||
headers=auth_headers
|
||||
)
|
||||
assert response.status_code == 404
|
||||
@@ -104,13 +104,13 @@ def test_unassign_nonexistent_assignment(client, auth_headers, test_group, test_
|
||||
|
||||
def test_assign_to_nonexistent_group(client, auth_headers, test_aa):
|
||||
"""Test assigning an AA to a non-existent group."""
|
||||
response = client.put(f"/aa/assign/99999/{test_aa.id}", headers=auth_headers)
|
||||
response = client.put(f"/api/v1/aa/assign/99999/{test_aa.id}", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_assign_nonexistent_aa(client, auth_headers, test_group):
|
||||
"""Test assigning a non-existent AA to a group."""
|
||||
response = client.put(f"/aa/assign/{test_group.id}/99999", headers=auth_headers)
|
||||
response = client.put(f"/api/v1/aa/assign/{test_group.id}/99999", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@@ -122,7 +122,7 @@ def test_update_access_auth(client, auth_headers, test_aa):
|
||||
}
|
||||
|
||||
response = client.patch(
|
||||
f"/aa/{test_aa.id}",
|
||||
f"/api/v1/aa/{test_aa.id}",
|
||||
json=update_data,
|
||||
headers=auth_headers
|
||||
)
|
||||
@@ -142,7 +142,7 @@ def test_update_access_auth_with_timetables(client, auth_headers, test_aa):
|
||||
}
|
||||
|
||||
response = client.patch(
|
||||
f"/aa/{test_aa.id}",
|
||||
f"/api/v1/aa/{test_aa.id}",
|
||||
json=update_data,
|
||||
headers=auth_headers
|
||||
)
|
||||
@@ -157,24 +157,24 @@ def test_update_access_auth_with_timetables(client, auth_headers, test_aa):
|
||||
def test_update_nonexistent_access_auth(client, auth_headers):
|
||||
"""Test updating a non-existent access authorization."""
|
||||
update_data = {"name": "Updated"}
|
||||
response = client.patch("/aa/99999", json=update_data, headers=auth_headers)
|
||||
response = client.patch("/api/v1/aa/99999", json=update_data, headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_delete_access_auth(client, auth_headers, test_aa):
|
||||
"""Test deleting an access authorization."""
|
||||
response = client.delete(f"/aa/{test_aa.id}", headers=auth_headers)
|
||||
response = client.delete(f"/api/v1/aa/{test_aa.id}", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
assert "deleted successfully" in response.json()["message"].lower()
|
||||
|
||||
# Verify AA is deleted
|
||||
response = client.get(f"/aa/{test_aa.id}", headers=auth_headers)
|
||||
response = client.get(f"/api/v1/aa/{test_aa.id}", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_delete_nonexistent_access_auth(client, auth_headers):
|
||||
"""Test deleting a non-existent access authorization."""
|
||||
response = client.delete("/aa/99999", headers=auth_headers)
|
||||
response = client.delete("/api/v1/aa/99999", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@@ -182,16 +182,16 @@ def test_aa_operations_by_non_admin(client, test_aa, user_auth_headers):
|
||||
"""Test that non-admin users cannot perform AA operations."""
|
||||
# Try to create an AA
|
||||
response = client.post(
|
||||
"/aa/",
|
||||
"/api/v1/aa/",
|
||||
json={"name": "test", "is_active": True, "timetables": []},
|
||||
headers=user_auth_headers
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
# Try to get all AAs
|
||||
response = client.get("/aa/", headers=user_auth_headers)
|
||||
response = client.get("/api/v1/aa/", headers=user_auth_headers)
|
||||
assert response.status_code == 403
|
||||
|
||||
# Try to assign AA
|
||||
response = client.put(f"/aa/assign/1/{test_aa.id}", headers=user_auth_headers)
|
||||
response = client.put(f"/api/v1/aa/assign/1/{test_aa.id}", headers=user_auth_headers)
|
||||
assert response.status_code == 403
|
||||
|
||||
@@ -158,7 +158,7 @@ def test_token_endpoint(client, admin_user):
|
||||
"""Test the token endpoint for login."""
|
||||
# Test successful login
|
||||
response = client.post(
|
||||
"/token",
|
||||
"/api/v1/token",
|
||||
data={"username": admin_user.name, "password": "admin123"}
|
||||
)
|
||||
assert response.status_code == 200
|
||||
@@ -168,14 +168,14 @@ def test_token_endpoint(client, admin_user):
|
||||
|
||||
# Test failed login with wrong password
|
||||
response = client.post(
|
||||
"/token",
|
||||
"/api/v1/token",
|
||||
data={"username": admin_user.name, "password": "wrongpassword"}
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
# Test failed login with non-existent user
|
||||
response = client.post(
|
||||
"/token",
|
||||
"/api/v1/token",
|
||||
data={"username": "nonexistent", "password": "password"}
|
||||
)
|
||||
assert response.status_code == 401
|
||||
@@ -184,12 +184,12 @@ def test_token_endpoint(client, admin_user):
|
||||
def test_test_login_endpoint(client, admin_user, auth_headers):
|
||||
"""Test the test login endpoint."""
|
||||
# Test with valid token
|
||||
response = client.get("/test/login", headers=auth_headers)
|
||||
response = client.get("/api/v1/test/login", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert data["name"] == admin_user.name
|
||||
assert data["is_admin"] is True
|
||||
|
||||
# Test without token
|
||||
response = client.get("/test/login")
|
||||
response = client.get("/api/v1/test/login")
|
||||
assert response.status_code == 401
|
||||
|
||||
@@ -3,7 +3,7 @@ from fastapi import status
|
||||
|
||||
def test_get_cards_for_group(client, auth_headers, test_group, test_card):
|
||||
"""Test getting all cards for a group."""
|
||||
response = client.get(f"/cards/{test_group.id}", headers=auth_headers)
|
||||
response = client.get(f"/api/v1/cards/{test_group.id}", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
cards = response.json()
|
||||
@@ -13,7 +13,7 @@ def test_get_cards_for_group(client, auth_headers, test_group, test_card):
|
||||
|
||||
def test_get_cards_for_nonexistent_group(client, auth_headers):
|
||||
"""Test getting cards for a non-existent group."""
|
||||
response = client.get("/cards/99999", headers=auth_headers)
|
||||
response = client.get("/api/v1/cards/99999", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
cards = response.json()
|
||||
@@ -23,9 +23,9 @@ def test_get_cards_for_nonexistent_group(client, auth_headers):
|
||||
def test_card_operations_by_non_admin(client, test_group, user_auth_headers):
|
||||
"""Test that non-admin users cannot perform card operations."""
|
||||
# Try to add a card
|
||||
response = client.post(f"/cards/{test_group.id}", headers=user_auth_headers)
|
||||
response = client.post(f"/api/v1/cards/{test_group.id}", headers=user_auth_headers)
|
||||
assert response.status_code == 403
|
||||
|
||||
# Try to get cards
|
||||
response = client.get(f"/cards/{test_group.id}", headers=user_auth_headers)
|
||||
response = client.get(f"/api/v1/cards/{test_group.id}", headers=user_auth_headers)
|
||||
assert response.status_code == 403
|
||||
|
||||
@@ -6,7 +6,7 @@ def test_create_group(client, auth_headers):
|
||||
"""Test creating a new group."""
|
||||
group_data = {"name": "New Test Group"}
|
||||
|
||||
response = client.post("/groups/", json=group_data, headers=auth_headers)
|
||||
response = client.post("/api/v1/groups/", json=group_data, headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
data = response.json()
|
||||
@@ -18,14 +18,14 @@ def test_create_duplicate_group(client, auth_headers, test_group):
|
||||
"""Test creating a group with a duplicate name."""
|
||||
group_data = {"name": test_group.name}
|
||||
|
||||
response = client.post("/groups/", json=group_data, headers=auth_headers)
|
||||
response = client.post("/api/v1/groups/", json=group_data, headers=auth_headers)
|
||||
# This should fail due to unique constraint
|
||||
assert response.status_code == 409 # Validation error
|
||||
|
||||
|
||||
def test_get_groups(client, auth_headers, test_group):
|
||||
"""Test retrieving all groups."""
|
||||
response = client.get("/groups/", headers=auth_headers)
|
||||
response = client.get("/api/v1/groups/", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
groups = response.json()
|
||||
@@ -37,19 +37,19 @@ def test_get_groups(client, auth_headers, test_group):
|
||||
|
||||
def test_delete_group(client, auth_headers, test_group):
|
||||
"""Test deleting a group."""
|
||||
response = client.delete(f"/groups/{test_group.id}", headers=auth_headers)
|
||||
response = client.delete(f"/api/v1/groups/{test_group.id}", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
assert "deleted successfully" in response.json()["message"].lower()
|
||||
|
||||
# Verify group is deleted
|
||||
response = client.get("/groups/", headers=auth_headers)
|
||||
response = client.get("/api/v1/groups/", headers=auth_headers)
|
||||
groups = response.json()
|
||||
assert not any(group["id"] == test_group.id for group in groups)
|
||||
|
||||
|
||||
def test_delete_nonexistent_group(client, auth_headers):
|
||||
"""Test deleting a non-existent group."""
|
||||
response = client.delete("/groups/99999", headers=auth_headers)
|
||||
response = client.delete("/api/v1/groups/99999", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@@ -57,12 +57,12 @@ def test_group_operations_by_non_admin(client, user_auth_headers):
|
||||
"""Test that non-admin users cannot perform group operations."""
|
||||
# Try to create a group
|
||||
response = client.post(
|
||||
"/groups/",
|
||||
"/api/v1/groups/",
|
||||
json={"name": "test"},
|
||||
headers=user_auth_headers
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
# Try to get groups
|
||||
response = client.get("/groups/", headers=user_auth_headers)
|
||||
response = client.get("/api/v1/groups/", headers=user_auth_headers)
|
||||
assert response.status_code == 403
|
||||
|
||||
@@ -11,7 +11,7 @@ def test_create_user(client, auth_headers):
|
||||
"password": "newpassword123"
|
||||
}
|
||||
|
||||
response = client.post("/users/", json=user_data, headers=auth_headers)
|
||||
response = client.post("/api/v1/users/", json=user_data, headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
data = response.json()
|
||||
@@ -30,13 +30,13 @@ def test_create_user_unauthorized(client):
|
||||
"password": "password123"
|
||||
}
|
||||
|
||||
response = client.post("/users/", json=user_data)
|
||||
response = client.post("/api/v1/users/", json=user_data)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_get_users(client, auth_headers, admin_user, regular_user):
|
||||
"""Test retrieving all users."""
|
||||
response = client.get("/users/", headers=auth_headers)
|
||||
response = client.get("/api/v1/users/", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
users = response.json()
|
||||
@@ -49,7 +49,7 @@ def test_get_users(client, auth_headers, admin_user, regular_user):
|
||||
|
||||
def test_get_user_by_id(client, auth_headers, regular_user):
|
||||
"""Test retrieving a specific user by ID."""
|
||||
response = client.get(f"/users/{regular_user.id}", headers=auth_headers)
|
||||
response = client.get(f"/api/v1/users/{regular_user.id}", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
|
||||
data = response.json()
|
||||
@@ -59,7 +59,7 @@ def test_get_user_by_id(client, auth_headers, regular_user):
|
||||
|
||||
def test_get_nonexistent_user(client, auth_headers):
|
||||
"""Test retrieving a non-existent user."""
|
||||
response = client.get("/users/99999", headers=auth_headers)
|
||||
response = client.get("/api/v1/users/99999", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
assert "not found" in response.json()["detail"].lower()
|
||||
|
||||
@@ -72,7 +72,7 @@ def test_update_user(client, auth_headers, regular_user):
|
||||
}
|
||||
|
||||
response = client.patch(
|
||||
f"/users/{regular_user.id}",
|
||||
f"/api/v1/users/{regular_user.id}",
|
||||
json=update_data,
|
||||
headers=auth_headers
|
||||
)
|
||||
@@ -92,7 +92,7 @@ def test_update_user_password(client, auth_headers, regular_user):
|
||||
}
|
||||
|
||||
response = client.patch(
|
||||
f"/users/{regular_user.id}",
|
||||
f"/api/v1/users/{regular_user.id}",
|
||||
json=update_data,
|
||||
headers=auth_headers
|
||||
)
|
||||
@@ -100,7 +100,7 @@ def test_update_user_password(client, auth_headers, regular_user):
|
||||
|
||||
# Verify password can be used for login
|
||||
login_response = client.post(
|
||||
"/token",
|
||||
"/api/v1/token",
|
||||
data={"username": regular_user.name, "password": "new_password_456"}
|
||||
)
|
||||
assert login_response.status_code == 200
|
||||
@@ -109,24 +109,24 @@ def test_update_user_password(client, auth_headers, regular_user):
|
||||
def test_update_nonexistent_user(client, auth_headers):
|
||||
"""Test updating a non-existent user."""
|
||||
update_data = {"name": "updated"}
|
||||
response = client.patch("/users/99999", json=update_data, headers=auth_headers)
|
||||
response = client.patch("/api/v1/users/99999", json=update_data, headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_delete_user(client, auth_headers, regular_user):
|
||||
"""Test deleting a user."""
|
||||
response = client.delete(f"/users/{regular_user.id}", headers=auth_headers)
|
||||
response = client.delete(f"/api/v1/users/{regular_user.id}", headers=auth_headers)
|
||||
assert response.status_code == 200
|
||||
assert "deleted successfully" in response.json()["message"].lower()
|
||||
|
||||
# Verify user is deleted
|
||||
response = client.get(f"/users/{regular_user.id}", headers=auth_headers)
|
||||
response = client.get(f"/api/v1/users/{regular_user.id}", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_delete_nonexistent_user(client, auth_headers):
|
||||
"""Test deleting a non-existent user."""
|
||||
response = client.delete("/users/99999", headers=auth_headers)
|
||||
response = client.delete("/api/v1/users/99999", headers=auth_headers)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
@@ -134,17 +134,17 @@ def test_user_operations_by_non_admin(client, user_auth_headers):
|
||||
"""Test that non-admin users cannot perform admin operations."""
|
||||
# Try to create a user
|
||||
response = client.post(
|
||||
"/users/",
|
||||
"/api/v1/users/",
|
||||
json={"name": "test", "password": "pass"},
|
||||
headers=user_auth_headers
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
# Try to get users
|
||||
response = client.get("/users/", headers=user_auth_headers)
|
||||
response = client.get("/api/v1/users/", headers=user_auth_headers)
|
||||
assert response.status_code == 403
|
||||
|
||||
# Try to delete the admin user (if ID is known)
|
||||
# This would require knowing the admin user ID
|
||||
# response = client.delete(f"/users/{admin_id}", headers=user_auth_headers)
|
||||
# response = client.delete(f"/api/v1/users/{admin_id}", headers=user_auth_headers)
|
||||
# assert response.status_code == 403
|
||||
|
||||
Reference in New Issue
Block a user