import pytest from fastapi import status def test_create_access_auth(client, auth_headers): """Test creating a new access authorization.""" aa_data = { "name": "New AA", "is_active": True, "timetables": [ {"weekday": 1, "starttime": "08:00", "duration": 60}, {"weekday": 2, "starttime": "09:00", "duration": 90} ] } response = client.post("/aa/", json=aa_data, headers=auth_headers) assert response.status_code == 200 data = response.json() assert data["name"] == "New AA" assert data["is_active"] is True assert "id" in data assert len(data["timetables"]) == 2 def test_get_all_access_auths(client, auth_headers, test_aa): """Test retrieving all access authorizations.""" response = client.get("/aa/", headers=auth_headers) assert response.status_code == 200 aa_list = response.json() assert len(aa_list) >= 1 aa_names = [aa["name"] for aa in aa_list] assert test_aa.name in aa_names def test_get_access_auth_by_id(client, auth_headers, test_aa): """Test retrieving a specific access authorization by ID.""" response = client.get(f"/aa/{test_aa.id}", headers=auth_headers) assert response.status_code == 200 data = response.json() assert data["id"] == test_aa.id assert data["name"] == test_aa.name def test_get_nonexistent_access_auth(client, auth_headers): """Test retrieving a non-existent access authorization.""" response = client.get("/aa/99999", headers=auth_headers) assert response.status_code == 404 def test_assign_access_auth_to_group(client, auth_headers, test_group, test_aa): """Test assigning an access authorization to a group.""" response = client.put( f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers ) assert response.status_code == 200 data = response.json() assert data["id"] == test_group.id # The AA should now be in the group's accessauths # Note: The response model might not include the full relationship def test_assign_already_assigned_access_auth(client, auth_headers, test_group, test_aa): """Test assigning an already assigned access authorization.""" # First assignment client.put(f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers) # Second assignment should indicate it's already assigned response = client.put( f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers ) # According to the code, this returns 200 with "already assigned" message assert response.status_code == 200 def test_unassign_access_auth_from_group(client, auth_headers, test_group, test_aa): """Test unassigning an access authorization from a group.""" # First assign client.put(f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers) # Then unassign response = client.put( f"/aa/unassign/{test_group.id}/{test_aa.id}", headers=auth_headers ) assert response.status_code == 200 def test_unassign_nonexistent_assignment(client, auth_headers, test_group, test_aa): """Test unassigning a non-existent assignment.""" response = client.put( f"/aa/unassign/{test_group.id}/{test_aa.id}", headers=auth_headers ) # According to the code, this returns 200 with "not assigned" message assert response.status_code == 200 def test_assign_to_nonexistent_group(client, auth_headers, test_aa): """Test assigning an AA to a non-existent group.""" response = client.put(f"/aa/assign/99999/{test_aa.id}", headers=auth_headers) assert response.status_code == 404 def test_assign_nonexistent_aa(client, auth_headers, test_group): """Test assigning a non-existent AA to a group.""" response = client.put(f"/aa/assign/{test_group.id}/99999", headers=auth_headers) assert response.status_code == 404 def test_update_access_auth(client, auth_headers, test_aa): """Test updating an access authorization.""" update_data = { "name": "Updated AA", "is_active": False } response = client.patch( f"/aa/{test_aa.id}", json=update_data, headers=auth_headers ) assert response.status_code == 200 data = response.json() assert data["name"] == "Updated AA" assert data["is_active"] is False def test_update_access_auth_with_timetables(client, auth_headers, test_aa): """Test updating an access authorization with new timetables.""" update_data = { "timetables": [ {"weekday": 5, "starttime": "10:00", "duration": 120} ] } response = client.patch( f"/aa/{test_aa.id}", json=update_data, headers=auth_headers ) assert response.status_code == 200 jresponse = response.json() assert len(jresponse["timetables"]) == 1 assert jresponse["timetables"][0]["weekday"] == 5 assert jresponse["timetables"][0]["starttime"] == "10:00:00" assert jresponse["timetables"][0]["duration"] == 120 def test_update_nonexistent_access_auth(client, auth_headers): """Test updating a non-existent access authorization.""" update_data = {"name": "Updated"} response = client.patch("/aa/99999", json=update_data, headers=auth_headers) assert response.status_code == 404 def test_delete_access_auth(client, auth_headers, test_aa): """Test deleting an access authorization.""" response = client.delete(f"/aa/{test_aa.id}", headers=auth_headers) assert response.status_code == 200 assert "deleted successfully" in response.json()["message"].lower() # Verify AA is deleted response = client.get(f"/aa/{test_aa.id}", headers=auth_headers) assert response.status_code == 404 def test_delete_nonexistent_access_auth(client, auth_headers): """Test deleting a non-existent access authorization.""" response = client.delete("/aa/99999", headers=auth_headers) assert response.status_code == 404 def test_aa_operations_by_non_admin(client, test_aa, user_auth_headers): """Test that non-admin users cannot perform AA operations.""" # Try to create an AA response = client.post( "/aa/", json={"name": "test", "is_active": True, "timetables": []}, headers=user_auth_headers ) assert response.status_code == 403 # Try to get all AAs response = client.get("/aa/", headers=user_auth_headers) assert response.status_code == 403 # Try to assign AA response = client.put(f"/aa/assign/1/{test_aa.id}", headers=user_auth_headers) assert response.status_code == 403