From 52fb856307765091cd26256ad9bd0771d2d3fdec Mon Sep 17 00:00:00 2001 From: "MH.Dmitrii" Date: Sun, 12 Oct 2025 18:17:20 +0300 Subject: [PATCH] pytest 1.3 --- server/testing/tests/Permissions_test.py | 93 +++++++++++++++++++----- 1 file changed, 74 insertions(+), 19 deletions(-) diff --git a/server/testing/tests/Permissions_test.py b/server/testing/tests/Permissions_test.py index 03d64ee..e35a1f5 100644 --- a/server/testing/tests/Permissions_test.py +++ b/server/testing/tests/Permissions_test.py @@ -6,30 +6,85 @@ from server.backend import JWT # твой JWT модуль from server.backend.endpoints import api from server.testing.conftest import client from server.database import db + +@pytest.fixture(scope="session") +def global_email(): + """Один и тот же email для всех тестов в сессии""" + return f"user_{uuid.uuid4().hex[:8]}@d.d" + @pytest.mark.asyncio -async def test_is_admin(client, monkeypatch): - '''Проверка: Может ли человек без админки менять права''' +@pytest.mark.parametrize("email,password,expected_status", [ + ("valid", "123qwe!@#", 200), + ("invalidemail.com", "123qwe!@#", 422), + ("invalidpassword", "1234", 422), + ("invalidall", "1234", 422) +]) +async def test_create_user(client, email, password, expected_status, global_email): + '''Проверка: Создание пользователя''' - random_email = f"user_{uuid.uuid4().hex[:8]}@test.local" - async def fake_user(): - class FakeUser: - email = random_email - permissions = [{"is_admin": False}] - password = "123qwe!@#" - description = "test_user" - activated = True - return FakeUser() - async def fake_current_user(): #фейковая зависимость (fake_current_user) — функция, которая имитирует поведение настоящего JWT.current_user, но просто возвращает строку "test_user". - user_email = await fake_user() - return user_email.email + if email == "valid": + email = global_email #Подставка глобальной фикстуры под конкретный вариант - user = await fake_user() #Создаем экземпляр для добавления в бд - await db.create_user(user) + user_data = { + "email": email, + "description": "test_user", + "activated": "True", + "password": password + } + response = await client.post(f"/user_create", json=user_data) + assert response.status_code == expected_status + + +@pytest.mark.asyncio +@pytest.mark.parametrize("is_admin,expected_status", [ + (False, 403), + (True, 200) +]) +async def test_is_admin(client, monkeypatch, global_email, is_admin, expected_status): + """Проверка: Прав пользователя""" + + + class FakePerm: + def __init__(self, is_admin): #Подменяем права пользователя + self.is_admin = is_admin + self.can_edit = False + self.can_delete = False + self.can_view = False + class FakeUser: + def __init__(self, is_admin): + self.email = global_email + self.permissions = [FakePerm(is_admin)] + self.description = "test_user" + self.activated = True + self.password = "123qwe!@#" + + async def fake_get_user_by_email(email): #Подмена функции get_user_by_email + return FakeUser(is_admin) + monkeypatch.setattr(db, "get_user_by_email", fake_get_user_by_email) + + async def fake_current_user(): + return global_email api.dependency_overrides[JWT.current_user] = fake_current_user - response = await client.put(f"/user_update/{fake_current_user}", headers={"Authorization": "Bearer faketoken"}, data={"can_edit":True}) - assert response.status_code == status.HTTP_403_FORBIDDEN - await db.delete_user(user.email) #удаляется юзер из бд после теста + response = await client.put( + f"/user_update/{global_email}", + headers={"Authorization": "Bearer faketoken"}, + json={"can_edit": True}, + ) + + assert response.status_code == expected_status api.dependency_overrides.clear() + + +@pytest.mark.asyncio +async def test_delete_user(client,global_email): + '''Проверка: Удаление пользователя''' + + async def fake_current_user(): #фейковая зависимость (fake_current_user) — функция, которая имитирует поведение настоящего JWT.current_user, но просто возвращает строку "test_user". + return "daun2@example.com" + api.dependency_overrides[JWT.current_user] = fake_current_user + + response = await client.delete(f"/user_delete/{global_email}") + assert response.status_code == status.HTTP_200_OK \ No newline at end of file