🚢 test: admin auth

Author: Zerohertz

app/schemas/auth.py

@@ -22,7 +22,7 @@ class PasswordOAuthRequest(OAuthRequest):
         str,
         Form(
             min_length=5,
-            max_length=30,
+            max_length=50,
             pattern=r"^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$",
         ),
     ]

app/tests/api/v1/admin/__init__.py

@@ -0,0 +1,116 @@
+import pytest
+from faker import Faker
+from fastapi import status
+from fastapi.testclient import TestClient
+from loguru import logger
+
+from app.core.configs import configs
+from app.schemas.auth import PasswordOAuthReigsterRequest
+from app.schemas.users import UserPatchRequest, UserRequest
+from app.tests.api.v1.test_auth import MockUser, register_and_log_in
+
+fake = Faker()
+
+
+def log_in_admin(sync_client: TestClient) -> tuple[MockUser, str]:
+    admin_user = MockUser(
+        sync_client=sync_client,
+        request=PasswordOAuthReigsterRequest(
+            grant_type="password",
+            username=configs.ADMIN_EMAIL,
+            password=configs.ADMIN_PASSWORD,
+            name=configs.ADMIN_NAME,
+        ),
+    )
+    access_token = admin_user.log_in()
+    return admin_user, access_token
+
+
+def test_get_user_name(sync_client: TestClient) -> None:
+    admin_user, admin_access_token = log_in_admin(sync_client)
+    mock_user, user_access_token = register_and_log_in(sync_client)
+    response = sync_client.get(
+        f"{configs.PREFIX}/v1/user/",
+        headers={"Authorization": f"Bearer {admin_access_token}"},
+    )
+    logger.warning(response)
+    assert response.status_code == status.HTTP_200_OK
+    data = response.json()["data"]
+    assert isinstance(data, list)
+    assert 1 < len(data)
+    response = sync_client.get(
+        f"{configs.PREFIX}/v1/user/",
+        headers={"Authorization": f"Bearer {user_access_token}"},
+    )
+    logger.warning(response)
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    response = sync_client.get(
+        f"{configs.PREFIX}/v1/user/1",
+        headers={"Authorization": f"Bearer {admin_access_token}"},
+    )
+    logger.warning(response)
+    data = response.json()["data"]
+    assert data["id"] == 1
+    assert data["name"] == configs.ADMIN_NAME
+    assert data["email"] == configs.ADMIN_EMAIL
+    assert data["oauth"] == "password"
+    assert response.status_code == status.HTTP_200_OK
+    response = sync_client.get(
+        f"{configs.PREFIX}/v1/user/1",
+        headers={"Authorization": f"Bearer {user_access_token}"},
+    )
+    logger.warning(response)
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+
+
+def test_patch_user_password(sync_client: TestClient) -> None:
+    admin_user, admin_access_token = log_in_admin(sync_client)
+    mock_user, user_access_token = register_and_log_in(sync_client)
+    request = UserPatchRequest(password=fake.password())
+    response = sync_client.patch(
+        f"{configs.PREFIX}/v1/user/{mock_user.get_me(user_access_token)}",
+        headers={"Authorization": f"Bearer {admin_access_token}"},
+        json=request.model_dump(),
+    )
+    logger.warning(response)
+    assert response.status_code == status.HTTP_200_OK
+    with pytest.raises(AssertionError):
+        mock_user.log_in()
+    if request.password is None:
+        raise ValueError
+    mock_user.request.password = request.password
+    mock_user.log_in()
+
+
+def test_put_user(sync_client: TestClient) -> None:
+    admin_user, admin_access_token = log_in_admin(sync_client)
+    mock_user, user_access_token = register_and_log_in(sync_client)
+    request = UserRequest(name=fake.name(), email=fake.email())
+    response = sync_client.put(
+        f"{configs.PREFIX}/v1/user/{mock_user.get_me(user_access_token)}",
+        headers={"Authorization": f"Bearer {admin_access_token}"},
+        json=request.model_dump(),
+    )
+    logger.warning(response)
+    assert response.status_code == status.HTTP_200_OK
+    data = response.json()["data"]
+    assert data["name"] != mock_user.request.name
+    assert data["email"] != mock_user.request.username
+    assert data["name"] == request.name
+    assert data["email"] == request.email
+
+
+def test_delete_user(sync_client: TestClient) -> None:
+    admin_user, admin_access_token = log_in_admin(sync_client)
+    mock_user, user_access_token = register_and_log_in(sync_client)
+    response = sync_client.delete(
+        f"{configs.PREFIX}/v1/user/{mock_user.get_me(user_access_token)}",
+        headers={"Authorization": f"Bearer {admin_access_token}"},
+    )
+    logger.warning(response)
+    assert response.status_code == status.HTTP_200_OK
+    data = response.json()["data"]
+    assert data["name"] == mock_user.request.name
+    assert data["email"] == mock_user.request.username
+    with pytest.raises(AssertionError):
+        mock_user.log_in()

app/tests/api/v1/admin/test_users.py

@@ -1,75 +1,102 @@
+from typing import Optional
+
 from faker import Faker
 from fastapi import status
 from fastapi.testclient import TestClient
 from loguru import logger
 
 from app.core.configs import configs
 from app.models.enums import OAuthProvider, Role
-from app.schemas.users import UserPasswordRequest, UserRegisterRequest
+from app.schemas.auth import PasswordOAuthReigsterRequest, PasswordOAuthRequest
 
 fake = Faker()
 
 
-def test_register_and_login(sync_client: TestClient):
-    for _ in range(5):
-        request, access_token = register_and_login(sync_client)
-        get_me(sync_client, request, access_token)
-    response = sync_client.post(
-        f"{configs.PREFIX}/v1/auth/register/",
-        json=request.model_dump(),
+def get_mock_request() -> PasswordOAuthReigsterRequest:
+    return PasswordOAuthReigsterRequest(
+        grant_type="password",
+        username=fake.email(),
+        password=fake.password(),
+        name=fake.name(),
     )
-    assert response.status_code == 409
 
 
-def get_mock_request() -> UserRegisterRequest:
-    return UserRegisterRequest(
-        name=fake.name(), email=fake.email(), password=fake.password()
-    )
-
+class MockUser:
+    def __init__(
+        self,
+        sync_client: TestClient,
+        request: Optional[PasswordOAuthReigsterRequest] = None,
+    ) -> None:
+        self.client = sync_client
+        self.headers = {
+            "Content-Type": "application/x-www-form-urlencoded",
+            "Accept": "application/json",
+        }
+        if request:
+            self.request = request
+        else:
+            self.request = get_mock_request()
 
-def register_and_login(sync_client: TestClient) -> tuple[UserRegisterRequest, str]:
-    request = get_mock_request()
-    register(sync_client, request)
-    access_token = log_in(
-        sync_client, UserPasswordRequest.model_validate(request.model_dump())
-    )
-    return request, access_token
+    def register(self) -> None:
+        response = self.client.post(
+            f"{configs.PREFIX}/v1/auth/register/password/",
+            headers=self.headers,
+            data=self.request.model_dump(),
+        )
+        logger.warning(response)
+        assert response.status_code == status.HTTP_201_CREATED
+        data = response.json()["data"]
+        assert data["name"] == self.request.name
+        assert data["email"] == self.request.username
 
+    def log_in(self) -> str:
+        request = PasswordOAuthRequest.model_validate(self.request.model_dump())
+        response = self.client.post(
+            f"{configs.PREFIX}/v1/auth/token/password/",
+            headers=self.headers,
+            data=request.model_dump(),
+        )
+        logger.warning(response)
+        assert response.status_code == status.HTTP_200_OK
+        data = response.json()
+        assert "access_token" in data
+        assert "refresh_token" in data
+        assert "token_type" in data
+        assert "expires_in" in data
+        return data["access_token"]
 
-def register(sync_client: TestClient, request: UserRegisterRequest) -> None:
-    response = sync_client.post(
-        f"{configs.PREFIX}/v1/auth/register/",
-        json=request.model_dump(),
-    )
-    logger.warning(response)
-    assert response.status_code == status.HTTP_201_CREATED
-    data = response.json()["data"]
-    assert request.name == data["name"]
-    assert request.email == data["email"]
+    def get_me(self, access_token: str) -> int:
+        logger.warning(access_token)
+        response = self.client.get(
+            f"{configs.PREFIX}/v1/auth/me/",
+            headers={"Authorization": f"Bearer {access_token}"},
+        )
+        logger.warning(response)
+        logger.warning(response.json())
+        assert response.status_code == status.HTTP_200_OK
+        data = response.json()["data"]
+        assert data["oauth"] == OAuthProvider.PASSWORD.value
+        assert data["role"] == Role.USER.value
+        assert data["name"] == self.request.name
+        assert data["email"] == self.request.username
+        assert data["password"] != self.request.password
+        return data["id"]
 
 
-def log_in(sync_client: TestClient, request: UserPasswordRequest) -> str:
-    response = sync_client.post(
-        f"{configs.PREFIX}/v1/auth/login/", json=request.model_dump()
-    )
-    logger.warning(response)
-    assert response.status_code == status.HTTP_200_OK
-    data = response.json()["data"]
-    return data["access_token"]
+def register_and_log_in(sync_client: TestClient) -> tuple[MockUser, str]:
+    mock_user = MockUser(sync_client=sync_client)
+    mock_user.register()
+    access_token = mock_user.log_in()
+    return mock_user, access_token
 
 
-def get_me(sync_client: TestClient, request: UserRegisterRequest, access_token: str):
-    logger.warning(access_token)
-    response = sync_client.get(
-        f"{configs.PREFIX}/v1/auth/me/",
-        headers={"Authorization": f"Bearer {access_token}"},
+def test_register_and_log_in(sync_client: TestClient):
+    for _ in range(5):
+        mock_user, access_token = register_and_log_in(sync_client)
+        mock_user.get_me(access_token)
+    response = sync_client.post(
+        f"{configs.PREFIX}/v1/auth/register/password/",
+        headers=mock_user.headers,
+        data=mock_user.request.model_dump(),
     )
-    logger.warning(response)
-    logger.warning(response.json())
-    assert response.status_code == status.HTTP_200_OK
-    data = response.json()["data"]
-    assert data["oauth"] == OAuthProvider.PASSWORD.value
-    assert data["role"] == Role.USER.value
-    assert data["name"] == request.name
-    assert data["email"] == request.email
-    assert data["password"] != request.password
+    assert response.status_code == 409

app/tests/api/v1/test_auth.py

@@ -5,14 +5,14 @@
 from loguru import logger
 
 from app.core.configs import configs
-from app.schemas.users import UserPasswordRequest, UserPatchRequest, UserRequest
-from app.tests.api.v1.test_auth import log_in, register_and_login
+from app.schemas.users import UserPatchRequest, UserRequest
+from app.tests.api.v1.test_auth import register_and_log_in
 
 fake = Faker()
 
 
 def test_patch_user_name(sync_client: TestClient) -> None:
-    schema, access_token = register_and_login(sync_client)
+    mock_user, access_token = register_and_log_in(sync_client)
     request = UserPatchRequest(name=fake.name())
     response = sync_client.patch(
         f"{configs.PREFIX}/v1/user/",
@@ -22,12 +22,12 @@ def test_patch_user_name(sync_client: TestClient) -> None:
     logger.warning(response)
     assert response.status_code == status.HTTP_200_OK
     data = response.json()["data"]
-    assert data["name"] != schema.name
+    assert data["name"] != mock_user.request.name
     assert data["name"] == request.name
 
 
 def test_patch_user_password(sync_client: TestClient) -> None:
-    schema, access_token = register_and_login(sync_client)
+    mock_user, access_token = register_and_log_in(sync_client)
     request = UserPatchRequest(password=fake.password())
     response = sync_client.patch(
         f"{configs.PREFIX}/v1/user/",
@@ -37,16 +37,15 @@ def test_patch_user_password(sync_client: TestClient) -> None:
     logger.warning(response)
     assert response.status_code == status.HTTP_200_OK
     with pytest.raises(AssertionError):
-        log_in(sync_client, UserPasswordRequest.model_validate(schema.model_dump()))
+        mock_user.log_in()
     if request.password is None:
         raise ValueError
-    log_in(
-        sync_client, UserPasswordRequest(email=schema.email, password=request.password)
-    )
+    mock_user.request.password = request.password
+    mock_user.log_in()
 
 
 def test_put_user(sync_client: TestClient) -> None:
-    schema, access_token = register_and_login(sync_client)
+    mock_user, access_token = register_and_log_in(sync_client)
     request = UserRequest(name=fake.name(), email=fake.email())
     response = sync_client.put(
         f"{configs.PREFIX}/v1/user/",
@@ -56,20 +55,20 @@ def test_put_user(sync_client: TestClient) -> None:
     logger.warning(response)
     assert response.status_code == status.HTTP_200_OK
     data = response.json()["data"]
-    assert data["name"] != schema.name
-    assert data["email"] != schema.email
+    assert data["name"] != mock_user.request.name
+    assert data["email"] != mock_user.request.username
     assert data["name"] == request.name
     assert data["email"] == request.email
 
 
 def test_delete_user(sync_client: TestClient) -> None:
-    schema, access_token = register_and_login(sync_client)
+    mock_user, access_token = register_and_log_in(sync_client)
     response = sync_client.delete(
         f"{configs.PREFIX}/v1/user/",
         headers={"Authorization": f"Bearer {access_token}"},
     )
     logger.warning(response)
     assert response.status_code == status.HTTP_200_OK
     data = response.json()["data"]
-    assert data["name"] == schema.name
-    assert data["email"] == schema.email
+    assert data["name"] == mock_user.request.name
+    assert data["email"] == mock_user.request.username