feat(backend): ✨ refactor/fix group management for admins (#838)

* fix(frontend): 🐛 update dialog implementation to simplify state management * test(backend): ✅ refactor test fixtures + admin group tests * chore(backend): 🔨 add launcher.json for python debugging (tests) * fix typing * feat(backend): ✨ refactor/fix group management for admins * feat(frontend): ✨ add/fix admin group management * add LDAP checker Co-authored-by: hay-kot <hay-kot@pm.me>
2025-08-04 13:05:21 +02:00 · 2021-11-25 14:17:02 -09:00 · 2021-11-25 14:17:02 -09:00 · 791aa8c610
commit 791aa8c610
parent 0db8a58963
52 changed files with 881 additions and 331 deletions
--- a/tests/integration_tests/admin_tests/test_group_admin_actions.py
+++ b/tests/integration_tests/admin_tests/test_group_admin_actions.py
@ -1,8 +1,7 @@
-import json
-
 from fastapi.testclient import TestClient

-from tests.utils.factories import random_string
+from tests.utils.assertion_helpers import assert_ignore_keys
+from tests.utils.factories import random_bool, random_string
 from tests.utils.fixture_schemas import TestUser


@ -12,35 +11,69 @@ class Routes:
    def item(id: str) -> str:
        return f"{Routes.base}/{id}"

-
-def test_create_group(api_client: TestClient, admin_token):
-    response = api_client.post(Routes.base, json={"name": random_string()}, headers=admin_token)
-    assert response.status_code == 201
+    def user(id: str) -> str:
+        return f"api/admin/users/{id}"


-def test_user_cant_create_group(api_client: TestClient, unique_user: TestUser):
-    response = api_client.post(Routes.base, json={"name": random_string()}, headers=unique_user.token)
-    assert response.status_code == 403
-
-
-def test_home_group_not_deletable(api_client: TestClient, admin_token):
-    response = api_client.delete(Routes.item(1), headers=admin_token)
-
+def test_home_group_not_deletable(api_client: TestClient, admin_user: TestUser):
+    response = api_client.delete(Routes.item(1), headers=admin_user.token)
    assert response.status_code == 400


-def test_delete_group(api_client: TestClient, admin_token):
-    response = api_client.post(Routes.base, json={"name": random_string()}, headers=admin_token)
+def test_admin_group_routes_are_restricted(api_client: TestClient, unique_user: TestUser):
+    response = api_client.get(Routes.base, headers=unique_user.token)
+    assert response.status_code == 403
+
+    response = api_client.post(Routes.base, json={}, headers=unique_user.token)
+    assert response.status_code == 403
+
+    response = api_client.get(Routes.item(1), headers=unique_user.token)
+    assert response.status_code == 403
+
+    response = api_client.get(Routes.user(1), headers=unique_user.token)
+    assert response.status_code == 403
+
+
+def test_admin_create_group(api_client: TestClient, admin_user: TestUser):
+    response = api_client.post(Routes.base, json={"name": random_string()}, headers=admin_user.token)
    assert response.status_code == 201

-    group_id = json.loads(response.text)["id"]

-    response = api_client.delete(Routes.item(group_id), headers=admin_token)
+def test_admin_update_group(api_client: TestClient, admin_user: TestUser, unique_user: TestUser):
+    update_payload = {
+        "id": unique_user.group_id,
+        "name": "New Name",
+        "preferences": {
+            "privateGroup": random_bool(),
+            "firstDayOfWeek": 2,
+            "recipePublic": random_bool(),
+            "recipeShowNutrition": random_bool(),
+            "recipeShowAssets": random_bool(),
+            "recipeLandscapeView": random_bool(),
+            "recipeDisableComments": random_bool(),
+            "recipeDisableAmount": random_bool(),
+        },
+    }
+
+    response = api_client.put(Routes.item(unique_user.group_id), json=update_payload, headers=admin_user.token)

    assert response.status_code == 200

-    # Ensure Group is Deleted
-    response = api_client.get(Routes.base, headers=admin_token)
+    as_json = response.json()

-    for g in response.json():
-        assert g["id"] != group_id
+    assert as_json["name"] == update_payload["name"]
+    assert_ignore_keys(as_json["preferences"], update_payload["preferences"])
+
+
+def test_admin_delete_group(api_client: TestClient, admin_user: TestUser, unique_user: TestUser):
+    # Delete User
+    response = api_client.delete(Routes.user(unique_user.user_id), headers=admin_user.token)
+    assert response.status_code == 200
+
+    # Delete Group
+    response = api_client.delete(Routes.item(unique_user.group_id), headers=admin_user.token)
+    assert response.status_code == 200
+
+    # Ensure Group is Deleted
+    response = api_client.get(Routes.item(unique_user.user_id), headers=admin_user.token)
+    assert response.status_code == 404