mealie/tests/integration_tests/admin_tests/test_admin_user_actions.py

import json

from fastapi.testclient import TestClient

from tests.app_routes import AppRoutes
from tests.utils.fixture_schemas import TestUser


def test_init_superuser(api_client: TestClient, api_routes: AppRoutes, admin_token, admin_user: TestUser):
    response = api_client.get(api_routes.users_id(1), headers=admin_token)
    assert response.status_code == 200

    admin_data = response.json()

    assert admin_data["id"] == admin_user.user_id
    assert admin_data["groupId"] == admin_user.group_id

    assert admin_data["fullName"] == "Change Me"
    assert admin_data["email"] == "changeme@email.com"


def test_create_user(api_client: TestClient, api_routes: AppRoutes, admin_token):
    create_data = {
        "fullName": "My New User",
        "email": "newuser@email.com",
        "password": "MyStrongPassword",
        "group": "Home",
        "admin": False,
        "tokens": [],
    }

    response = api_client.post(api_routes.users, json=create_data, headers=admin_token)

    assert response.status_code == 201

    user_data = response.json()

    assert user_data["fullName"] == create_data["fullName"]
    assert user_data["email"] == create_data["email"]
    assert user_data["group"] == create_data["group"]
    assert user_data["admin"] == create_data["admin"]


def test_create_user_as_non_admin(api_client: TestClient, api_routes: AppRoutes, user_token):
    create_data = {
        "fullName": "My New User",
        "email": "newuser@email.com",
        "password": "MyStrongPassword",
        "group": "Home",
        "admin": False,
        "tokens": [],
    }

    response = api_client.post(api_routes.users, json=create_data, headers=user_token)

    assert response.status_code == 403


def test_update_user(api_client: TestClient, api_routes: AppRoutes, admin_token):
    update_data = {"id": 1, "fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": True}
    response = api_client.put(api_routes.users_id(1), headers=admin_token, json=update_data)

    assert response.status_code == 200
    assert json.loads(response.text).get("access_token")


def test_update_other_user_as_not_admin(api_client: TestClient, api_routes: AppRoutes, unique_user: TestUser):
    update_data = {"id": 1, "fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": True}
    response = api_client.put(api_routes.users_id(1), headers=unique_user.token, json=update_data)

    assert response.status_code == 403


def test_self_demote_admin(api_client: TestClient, api_routes: AppRoutes, admin_token):
    update_data = {"fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": False}
    response = api_client.put(api_routes.users_id(1), headers=admin_token, json=update_data)

    assert response.status_code == 403


def test_self_promote_admin(api_client: TestClient, api_routes: AppRoutes, user_token):
    update_data = {"id": 3, "fullName": "Updated Name", "email": "user@email.com", "group": "Home", "admin": True}
    response = api_client.put(api_routes.users_id(2), headers=user_token, json=update_data)

    assert response.status_code == 403


def test_delete_user(api_client: TestClient, api_routes: AppRoutes, admin_token):
    response = api_client.delete(api_routes.users_id(2), headers=admin_token)

    assert response.status_code == 200
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00			`import json`

			`from fastapi.testclient import TestClient`

			`from tests.app_routes import AppRoutes`
			`from tests.utils.fixture_schemas import TestUser`


			`def test_init_superuser(api_client: TestClient, api_routes: AppRoutes, admin_token, admin_user: TestUser):`
			`response = api_client.get(api_routes.users_id(1), headers=admin_token)`
			`assert response.status_code == 200`

			`admin_data = response.json()`

			`assert admin_data["id"] == admin_user.user_id`
			`assert admin_data["groupId"] == admin_user.group_id`

			`assert admin_data["fullName"] == "Change Me"`
			`assert admin_data["email"] == "changeme@email.com"`


			`def test_create_user(api_client: TestClient, api_routes: AppRoutes, admin_token):`
			`create_data = {`
			`"fullName": "My New User",`
			`"email": "newuser@email.com",`
			`"password": "MyStrongPassword",`
			`"group": "Home",`
			`"admin": False,`
			`"tokens": [],`
			`}`

			`response = api_client.post(api_routes.users, json=create_data, headers=admin_token)`

			`assert response.status_code == 201`

			`user_data = response.json()`

			`assert user_data["fullName"] == create_data["fullName"]`
			`assert user_data["email"] == create_data["email"]`
			`assert user_data["group"] == create_data["group"]`
			`assert user_data["admin"] == create_data["admin"]`


			`def test_create_user_as_non_admin(api_client: TestClient, api_routes: AppRoutes, user_token):`
			`create_data = {`
			`"fullName": "My New User",`
			`"email": "newuser@email.com",`
			`"password": "MyStrongPassword",`
			`"group": "Home",`
			`"admin": False,`
			`"tokens": [],`
			`}`

			`response = api_client.post(api_routes.users, json=create_data, headers=user_token)`

			`assert response.status_code == 403`


			`def test_update_user(api_client: TestClient, api_routes: AppRoutes, admin_token):`
			`update_data = {"id": 1, "fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": True}`
			`response = api_client.put(api_routes.users_id(1), headers=admin_token, json=update_data)`

			`assert response.status_code == 200`
			`assert json.loads(response.text).get("access_token")`


			`def test_update_other_user_as_not_admin(api_client: TestClient, api_routes: AppRoutes, unique_user: TestUser):`
			`update_data = {"id": 1, "fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": True}`
			`response = api_client.put(api_routes.users_id(1), headers=unique_user.token, json=update_data)`

			`assert response.status_code == 403`


			`def test_self_demote_admin(api_client: TestClient, api_routes: AppRoutes, admin_token):`
			`update_data = {"fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": False}`
			`response = api_client.put(api_routes.users_id(1), headers=admin_token, json=update_data)`

			`assert response.status_code == 403`


			`def test_self_promote_admin(api_client: TestClient, api_routes: AppRoutes, user_token):`
			`update_data = {"id": 3, "fullName": "Updated Name", "email": "user@email.com", "group": "Home", "admin": True}`
			`response = api_client.put(api_routes.users_id(2), headers=user_token, json=update_data)`

			`assert response.status_code == 403`


			`def test_delete_user(api_client: TestClient, api_routes: AppRoutes, admin_token):`
			`response = api_client.delete(api_routes.users_id(2), headers=admin_token)`

			`assert response.status_code == 200`