mealie/tests/integration_tests/admin_tests/test_admin_user_actions.py

import json

from fastapi.testclient import TestClient

from tests.utils.app_routes import AppRoutes
from tests.utils.fixture_schemas import TestUser


def test_init_superuser(api_client: TestClient, api_routes: AppRoutes, admin_user: TestUser):
    response = api_client.get(api_routes.users_id(admin_user.user_id), headers=admin_user.token)
    assert response.status_code == 200

    admin_data = response.json()

    assert admin_data["id"] == admin_user.user_id
    assert admin_data["groupId"] == admin_user.group_id

    assert admin_data["fullName"] == "Change Me"
    assert admin_data["email"] == "changeme@email.com"


def test_create_user(api_client: TestClient, api_routes: AppRoutes, admin_token):
    create_data = {
        "fullName": "My New User",
        "email": "newuser@email.com",
        "password": "MyStrongPassword",
        "group": "Home",
        "admin": False,
        "tokens": [],
    }

    response = api_client.post(api_routes.users, json=create_data, headers=admin_token)

    assert response.status_code == 201

    user_data = response.json()

    assert user_data["fullName"] == create_data["fullName"]
    assert user_data["email"] == create_data["email"]
    assert user_data["group"] == create_data["group"]
    assert user_data["admin"] == create_data["admin"]


def test_create_user_as_non_admin(api_client: TestClient, api_routes: AppRoutes, user_token):
    create_data = {
        "fullName": "My New User",
        "email": "newuser@email.com",
        "password": "MyStrongPassword",
        "group": "Home",
        "admin": False,
        "tokens": [],
    }

    response = api_client.post(api_routes.users, json=create_data, headers=user_token)

    assert response.status_code == 403


def test_update_user(api_client: TestClient, api_routes: AppRoutes, admin_user: TestUser):
    update_data = {
        "id": admin_user.user_id,
        "fullName": "Updated Name",
        "email": "changeme@email.com",
        "group": "Home",
        "admin": True,
    }
    response = api_client.put(api_routes.users_id(admin_user.user_id), headers=admin_user.token, json=update_data)

    assert response.status_code == 200
    assert json.loads(response.text).get("access_token")


def test_update_other_user_as_not_admin(
    api_client: TestClient, api_routes: AppRoutes, unique_user: TestUser, g2_user: TestUser
):
    update_data = {
        "id": unique_user.user_id,
        "fullName": "Updated Name",
        "email": "changeme@email.com",
        "group": "Home",
        "admin": True,
    }
    response = api_client.put(api_routes.users_id(g2_user.user_id), headers=unique_user.token, json=update_data)

    assert response.status_code == 403


def test_self_demote_admin(api_client: TestClient, api_routes: AppRoutes, admin_user: TestUser):
    update_data = {"fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": False}
    response = api_client.put(api_routes.users_id(admin_user.user_id), headers=admin_user.token, json=update_data)

    assert response.status_code == 403


def test_self_promote_admin(api_client: TestClient, api_routes: AppRoutes, unique_user: TestUser):
    update_data = {
        "id": unique_user.user_id,
        "fullName": "Updated Name",
        "email": "user@email.com",
        "group": "Home",
        "admin": True,
    }
    response = api_client.put(api_routes.users_id(unique_user.user_id), headers=unique_user.token, json=update_data)

    assert response.status_code == 403


def test_delete_user(api_client: TestClient, api_routes: AppRoutes, admin_token, unique_user: TestUser):
    response = api_client.delete(api_routes.users_id(unique_user.user_id), headers=admin_token)

    assert response.status_code == 200
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00			`import json`

			`from fastapi.testclient import TestClient`

feat(backend): ✨ refactor/fix group management for admins (#838) * fix(frontend): :bug: update dialog implementation to simplify state management * test(backend): :white_check_mark: refactor test fixtures + admin group tests * chore(backend): :hammer: add launcher.json for python debugging (tests) * fix typing * feat(backend): :sparkles: refactor/fix group management for admins * feat(frontend): :sparkles: add/fix admin group management * add LDAP checker Co-authored-by: hay-kot <hay-kot@pm.me> 2021-11-25 14:17:02 -09:00			`from tests.utils.app_routes import AppRoutes`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00			`from tests.utils.fixture_schemas import TestUser`


Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`def test_init_superuser(api_client: TestClient, api_routes: AppRoutes, admin_user: TestUser):`
			`response = api_client.get(api_routes.users_id(admin_user.user_id), headers=admin_user.token)`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00			`assert response.status_code == 200`

			`admin_data = response.json()`

			`assert admin_data["id"] == admin_user.user_id`
			`assert admin_data["groupId"] == admin_user.group_id`

			`assert admin_data["fullName"] == "Change Me"`
			`assert admin_data["email"] == "changeme@email.com"`


			`def test_create_user(api_client: TestClient, api_routes: AppRoutes, admin_token):`
			`create_data = {`
			`"fullName": "My New User",`
			`"email": "newuser@email.com",`
			`"password": "MyStrongPassword",`
			`"group": "Home",`
			`"admin": False,`
			`"tokens": [],`
			`}`

			`response = api_client.post(api_routes.users, json=create_data, headers=admin_token)`

			`assert response.status_code == 201`

			`user_data = response.json()`

			`assert user_data["fullName"] == create_data["fullName"]`
			`assert user_data["email"] == create_data["email"]`
			`assert user_data["group"] == create_data["group"]`
			`assert user_data["admin"] == create_data["admin"]`


			`def test_create_user_as_non_admin(api_client: TestClient, api_routes: AppRoutes, user_token):`
			`create_data = {`
			`"fullName": "My New User",`
			`"email": "newuser@email.com",`
			`"password": "MyStrongPassword",`
			`"group": "Home",`
			`"admin": False,`
			`"tokens": [],`
			`}`

			`response = api_client.post(api_routes.users, json=create_data, headers=user_token)`

			`assert response.status_code == 403`


Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`def test_update_user(api_client: TestClient, api_routes: AppRoutes, admin_user: TestUser):`
			`update_data = {`
			`"id": admin_user.user_id,`
			`"fullName": "Updated Name",`
			`"email": "changeme@email.com",`
			`"group": "Home",`
			`"admin": True,`
			`}`
			`response = api_client.put(api_routes.users_id(admin_user.user_id), headers=admin_user.token, json=update_data)`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00
			`assert response.status_code == 200`
			`assert json.loads(response.text).get("access_token")`


Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`def test_update_other_user_as_not_admin(`
			`api_client: TestClient, api_routes: AppRoutes, unique_user: TestUser, g2_user: TestUser`
			`):`
			`update_data = {`
			`"id": unique_user.user_id,`
			`"fullName": "Updated Name",`
			`"email": "changeme@email.com",`
			`"group": "Home",`
			`"admin": True,`
			`}`
			`response = api_client.put(api_routes.users_id(g2_user.user_id), headers=unique_user.token, json=update_data)`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00
			`assert response.status_code == 403`


Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`def test_self_demote_admin(api_client: TestClient, api_routes: AppRoutes, admin_user: TestUser):`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00			`update_data = {"fullName": "Updated Name", "email": "changeme@email.com", "group": "Home", "admin": False}`
Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`response = api_client.put(api_routes.users_id(admin_user.user_id), headers=admin_user.token, json=update_data)`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00
			`assert response.status_code == 403`


Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`def test_self_promote_admin(api_client: TestClient, api_routes: AppRoutes, unique_user: TestUser):`
			`update_data = {`
			`"id": unique_user.user_id,`
			`"fullName": "Updated Name",`
			`"email": "user@email.com",`
			`"group": "Home",`
			`"admin": True,`
			`}`
			`response = api_client.put(api_routes.users_id(unique_user.user_id), headers=unique_user.token, json=update_data)`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00
			`assert response.status_code == 403`


Feature/user photo storage (#877) * add default assets for user profile * add recipe avatar * change user_id to UUID * add profile image upload * setup image cache keys * cleanup tests and add image tests * purge user data on delete * new user repository tests * add user_id validator for int -> UUID conversion * delete depreciated route * force set content type * refactor tests to use temp directory * validate parent exists before createing * set user_id to correct type * update instruction id * reset primary key on migration 2021-12-18 19:04:36 -09:00			`def test_delete_user(api_client: TestClient, api_routes: AppRoutes, admin_token, unique_user: TestUser):`
			`response = api_client.delete(api_routes.users_id(unique_user.user_id), headers=admin_token)`
feat(backend): ✨ start multi-tenant support (WIP) (#680) * fix ts types * feat(code-generation): :recycle: update code-generation formats * new scope * add step button * fix linter error * update code-generation tags * feat(backend): :sparkles: start multi-tenant support * feat(backend): :sparkles: group invitation token generation and signup * refactor(backend): :recycle: move group admin actions to admin router * set url base to include `/admin` * feat(frontend): :sparkles: generate user sign-up links * test(backend): :white_check_mark: refactor test-suite to further decouple tests (WIP) * feat(backend): :bug: assign owner on backup import for recipes * fix(backend): :bug: assign recipe owner on migration from other service Co-authored-by: hay-kot <hay-kot@pm.me> 2021-09-09 08:51:29 -08:00
			`assert response.status_code == 200`