mirror of
https://github.com/mealie-recipes/mealie.git
synced 2025-05-24 01:12:54 -04:00
68f7efc177
* fix #1144 * fix type checks * refactor test routes package * fix #1208 * unify test routes into module
134 lines
4.4 KiB
Python
134 lines
4.4 KiB
Python
from fastapi.testclient import TestClient
|
|
|
|
from mealie.core.config import get_app_settings
|
|
from tests import utils
|
|
from tests.utils import routes
|
|
from tests.utils.app_routes import AppRoutes
|
|
from tests.utils.factories import random_email, random_string
|
|
from tests.utils.fixture_schemas import TestUser
|
|
|
|
|
|
def generate_create_data() -> dict:
|
|
return {
|
|
"username": random_string(),
|
|
"fullName": random_string(),
|
|
"email": random_email(),
|
|
"admin": False,
|
|
"group": "Home",
|
|
"advanced": False,
|
|
"favoriteRecipes": [],
|
|
"canInvite": False,
|
|
"canManage": False,
|
|
"canOrganize": False,
|
|
"password": random_string(),
|
|
}
|
|
|
|
|
|
def test_init_superuser(api_client: TestClient, admin_user: TestUser):
|
|
settings = get_app_settings()
|
|
|
|
response = api_client.get(routes.admin.AdminUsers.item(admin_user.user_id), headers=admin_user.token)
|
|
assert response.status_code == 200
|
|
|
|
admin_data = response.json()
|
|
|
|
assert admin_data["id"] == admin_user.user_id
|
|
assert admin_data["groupId"] == admin_user.group_id
|
|
|
|
assert admin_data["fullName"] == "Change Me"
|
|
assert admin_data["email"] == settings.DEFAULT_EMAIL
|
|
|
|
|
|
def test_create_user(api_client: TestClient, api_routes: AppRoutes, admin_token):
|
|
create_data = generate_create_data()
|
|
response = api_client.post(routes.admin.AdminUsers.base, json=create_data, headers=admin_token)
|
|
assert response.status_code == 201
|
|
|
|
form_data = {"username": create_data["email"], "password": create_data["password"]}
|
|
header = utils.login(form_data=form_data, api_client=api_client, api_routes=api_routes)
|
|
|
|
response = api_client.get(routes.user.Users.self, headers=header)
|
|
assert response.status_code == 200
|
|
|
|
user_data = response.json()
|
|
|
|
assert user_data["fullName"] == create_data["fullName"]
|
|
assert user_data["email"] == create_data["email"]
|
|
assert user_data["group"] == create_data["group"]
|
|
assert user_data["admin"] == create_data["admin"]
|
|
|
|
|
|
def test_create_user_as_non_admin(api_client: TestClient, user_token):
|
|
create_data = generate_create_data()
|
|
response = api_client.post(routes.admin.AdminUsers.base, json=create_data, headers=user_token)
|
|
assert response.status_code == 403
|
|
|
|
|
|
def test_update_user(api_client: TestClient, admin_user: TestUser):
|
|
# Create a new user
|
|
create_data = generate_create_data()
|
|
response = api_client.post(routes.admin.AdminUsers.base, json=create_data, headers=admin_user.token)
|
|
assert response.status_code == 201
|
|
update_data = response.json()
|
|
|
|
# Change data
|
|
update_data["fullName"] = random_string()
|
|
update_data["email"] = random_email()
|
|
|
|
response = api_client.put(
|
|
routes.admin.AdminUsers.item(update_data["id"]), headers=admin_user.token, json=update_data
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
|
|
|
|
def test_update_other_user_as_not_admin(api_client: TestClient, unique_user: TestUser, g2_user: TestUser):
|
|
settings = get_app_settings()
|
|
|
|
update_data = {
|
|
"id": unique_user.user_id,
|
|
"fullName": "Updated Name",
|
|
"email": settings.DEFAULT_EMAIL,
|
|
"group": "Home",
|
|
"admin": True,
|
|
}
|
|
response = api_client.put(
|
|
routes.admin.AdminUsers.item(g2_user.user_id), headers=unique_user.token, json=update_data
|
|
)
|
|
|
|
assert response.status_code == 403
|
|
|
|
|
|
def test_self_demote_admin(api_client: TestClient, admin_user: TestUser):
|
|
response = api_client.get(routes.user.Users.self, headers=admin_user.token)
|
|
assert response.status_code == 200
|
|
|
|
user_data = response.json()
|
|
user_data["admin"] = False
|
|
|
|
response = api_client.put(
|
|
routes.admin.AdminUsers.item(admin_user.user_id), headers=admin_user.token, json=user_data
|
|
)
|
|
|
|
assert response.status_code == 403
|
|
|
|
|
|
def test_self_promote_admin(api_client: TestClient, unique_user: TestUser):
|
|
update_data = {
|
|
"id": unique_user.user_id,
|
|
"fullName": "Updated Name",
|
|
"email": "user@email.com",
|
|
"group": "Home",
|
|
"admin": True,
|
|
}
|
|
response = api_client.put(
|
|
routes.admin.AdminUsers.item(unique_user.user_id), headers=unique_user.token, json=update_data
|
|
)
|
|
|
|
assert response.status_code == 403
|
|
|
|
|
|
def test_delete_user(api_client: TestClient, admin_token, unique_user: TestUser):
|
|
response = api_client.delete(routes.admin.AdminUsers.item(unique_user.user_id), headers=admin_token)
|
|
assert response.status_code == 200
|