199 lines
6.6 KiB
Python
199 lines
6.6 KiB
Python
import pytest
|
|
from fastapi import status
|
|
|
|
|
|
def test_create_access_auth(client, auth_headers):
|
|
"""Test creating a new access authorization."""
|
|
aa_data = {
|
|
"name": "New AA",
|
|
"is_active": True,
|
|
"timetables": [
|
|
{"weekday": 1, "starttime": "08:00", "duration": 60},
|
|
{"weekday": 2, "starttime": "09:00", "duration": 90}
|
|
]
|
|
}
|
|
|
|
response = client.post("/aa/", json=aa_data, headers=auth_headers)
|
|
assert response.status_code == 200
|
|
|
|
data = response.json()
|
|
assert data["name"] == "New AA"
|
|
assert data["is_active"] is True
|
|
assert "id" in data
|
|
assert len(data["timetables"]) == 2
|
|
|
|
|
|
def test_get_all_access_auths(client, auth_headers, test_aa):
|
|
"""Test retrieving all access authorizations."""
|
|
response = client.get("/aa/", headers=auth_headers)
|
|
assert response.status_code == 200
|
|
|
|
aa_list = response.json()
|
|
assert len(aa_list) >= 1
|
|
|
|
aa_names = [aa["name"] for aa in aa_list]
|
|
assert test_aa.name in aa_names
|
|
|
|
|
|
def test_get_access_auth_by_id(client, auth_headers, test_aa):
|
|
"""Test retrieving a specific access authorization by ID."""
|
|
response = client.get(f"/aa/{test_aa.id}", headers=auth_headers)
|
|
assert response.status_code == 200
|
|
|
|
data = response.json()
|
|
assert data["id"] == test_aa.id
|
|
assert data["name"] == test_aa.name
|
|
|
|
|
|
def test_get_nonexistent_access_auth(client, auth_headers):
|
|
"""Test retrieving a non-existent access authorization."""
|
|
response = client.get("/aa/99999", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
def test_assign_access_auth_to_group(client, auth_headers, test_group, test_aa):
|
|
"""Test assigning an access authorization to a group."""
|
|
response = client.put(
|
|
f"/aa/assign/{test_group.id}/{test_aa.id}",
|
|
headers=auth_headers
|
|
)
|
|
assert response.status_code == 200
|
|
|
|
data = response.json()
|
|
assert data["id"] == test_group.id
|
|
# The AA should now be in the group's accessauths
|
|
# Note: The response model might not include the full relationship
|
|
|
|
|
|
def test_assign_already_assigned_access_auth(client, auth_headers, test_group, test_aa):
|
|
"""Test assigning an already assigned access authorization."""
|
|
# First assignment
|
|
client.put(f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers)
|
|
|
|
# Second assignment should indicate it's already assigned
|
|
response = client.put(
|
|
f"/aa/assign/{test_group.id}/{test_aa.id}",
|
|
headers=auth_headers
|
|
)
|
|
# According to the code, this returns 409 with "already assigned" message
|
|
assert response.status_code == 409
|
|
assert "already assigned" in response.json()["detail"].lower()
|
|
|
|
|
|
def test_unassign_access_auth_from_group(client, auth_headers, test_group, test_aa):
|
|
"""Test unassigning an access authorization from a group."""
|
|
# First assign
|
|
client.put(f"/aa/assign/{test_group.id}/{test_aa.id}", headers=auth_headers)
|
|
|
|
# Then unassign
|
|
response = client.put(
|
|
f"/aa/unassign/{test_group.id}/{test_aa.id}",
|
|
headers=auth_headers
|
|
)
|
|
assert response.status_code == 200
|
|
|
|
|
|
def test_unassign_nonexistent_assignment(client, auth_headers, test_group, test_aa):
|
|
"""Test unassigning a non-existent assignment."""
|
|
response = client.put(
|
|
f"/aa/unassign/{test_group.id}/{test_aa.id}",
|
|
headers=auth_headers
|
|
)
|
|
# According to the code, this returns 200 with "not assigned" message
|
|
assert response.status_code == 200
|
|
|
|
|
|
def test_assign_to_nonexistent_group(client, auth_headers, test_aa):
|
|
"""Test assigning an AA to a non-existent group."""
|
|
response = client.put(f"/aa/assign/99999/{test_aa.id}", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
def test_assign_nonexistent_aa(client, auth_headers, test_group):
|
|
"""Test assigning a non-existent AA to a group."""
|
|
response = client.put(f"/aa/assign/{test_group.id}/99999", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
def test_update_access_auth(client, auth_headers, test_aa):
|
|
"""Test updating an access authorization."""
|
|
update_data = {
|
|
"name": "Updated AA",
|
|
"is_active": False
|
|
}
|
|
|
|
response = client.patch(
|
|
f"/aa/{test_aa.id}",
|
|
json=update_data,
|
|
headers=auth_headers
|
|
)
|
|
assert response.status_code == 200
|
|
|
|
data = response.json()
|
|
assert data["name"] == "Updated AA"
|
|
assert data["is_active"] is False
|
|
|
|
|
|
def test_update_access_auth_with_timetables(client, auth_headers, test_aa):
|
|
"""Test updating an access authorization with new timetables."""
|
|
update_data = {
|
|
"timetables": [
|
|
{"weekday": 5, "starttime": "10:00", "duration": 120}
|
|
]
|
|
}
|
|
|
|
response = client.patch(
|
|
f"/aa/{test_aa.id}",
|
|
json=update_data,
|
|
headers=auth_headers
|
|
)
|
|
assert response.status_code == 200
|
|
jresponse = response.json()
|
|
assert len(jresponse["timetables"]) == 1
|
|
assert jresponse["timetables"][0]["weekday"] == 5
|
|
assert jresponse["timetables"][0]["starttime"] == "10:00:00"
|
|
assert jresponse["timetables"][0]["duration"] == 120
|
|
|
|
|
|
def test_update_nonexistent_access_auth(client, auth_headers):
|
|
"""Test updating a non-existent access authorization."""
|
|
update_data = {"name": "Updated"}
|
|
response = client.patch("/aa/99999", json=update_data, headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
def test_delete_access_auth(client, auth_headers, test_aa):
|
|
"""Test deleting an access authorization."""
|
|
response = client.delete(f"/aa/{test_aa.id}", headers=auth_headers)
|
|
assert response.status_code == 200
|
|
assert "deleted successfully" in response.json()["message"].lower()
|
|
|
|
# Verify AA is deleted
|
|
response = client.get(f"/aa/{test_aa.id}", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
def test_delete_nonexistent_access_auth(client, auth_headers):
|
|
"""Test deleting a non-existent access authorization."""
|
|
response = client.delete("/aa/99999", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
def test_aa_operations_by_non_admin(client, test_aa, user_auth_headers):
|
|
"""Test that non-admin users cannot perform AA operations."""
|
|
# Try to create an AA
|
|
response = client.post(
|
|
"/aa/",
|
|
json={"name": "test", "is_active": True, "timetables": []},
|
|
headers=user_auth_headers
|
|
)
|
|
assert response.status_code == 403
|
|
|
|
# Try to get all AAs
|
|
response = client.get("/aa/", headers=user_auth_headers)
|
|
assert response.status_code == 403
|
|
|
|
# Try to assign AA
|
|
response = client.put(f"/aa/assign/1/{test_aa.id}", headers=user_auth_headers)
|
|
assert response.status_code == 403
|