From 0df8587f785ad92eb6066deefee8701a9e8326bc Mon Sep 17 00:00:00 2001 From: Sebastiaan Date: Sat, 21 Mar 2026 12:22:43 +0100 Subject: [PATCH] Add base tests for post --- backend/app/tests/api/routes/test_post.py | 213 ++++++++++++++++++++++ backend/app/tests/utils/post.py | 12 ++ 2 files changed, 225 insertions(+) create mode 100644 backend/app/tests/api/routes/test_post.py create mode 100644 backend/app/tests/utils/post.py diff --git a/backend/app/tests/api/routes/test_post.py b/backend/app/tests/api/routes/test_post.py new file mode 100644 index 0000000..3679418 --- /dev/null +++ b/backend/app/tests/api/routes/test_post.py @@ -0,0 +1,213 @@ +import uuid + +from fastapi import status +from fastapi.testclient import TestClient +from sqlmodel import Session + +from app.core.config import settings +from app.models.base import VisitedCountType +from app.tests.utils.post import create_random_post + +from app.models.post import PostType, ReplayType + + +def test_create_post(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None: + data = { + "post_type": PostType.POINTS | PostType.VISITED | PostType.OPTION, + "replay": ReplayType.NOT_POSSIBLE, + + "name": "Post 1", + "short_name": "1", + + "contact": "Rick", + "description": "Post met renspel", + + "question_file": None, + "answer_file": None, + + "max_points": 5, + "visited_points": 5, + "visited_count_type": VisitedCountType.ONE_VISIT, + + "min_teams": 1, + "max_teams": 2, + } + response = client.post( + f"{settings.API_V1_STR}/posts/", + headers=superuser_token_headers, + json=data, + ) + assert response.status_code == status.HTTP_200_OK + content = response.json() + assert content["post_type"] == data["post_type"] + assert content["replay"] == data["replay"] + assert content["name"] == data["name"] + assert content["short_name"] == data["short_name"] + assert content["contact"] == data["contact"] + assert content["description"] == data["description"] + assert content["question_file"] == data["question_file"] + assert content["answer_file"] == data["answer_file"] + assert content["max_points"] == data["max_points"] + assert content["visited_points"] == data["visited_points"] + assert content["visited_count_type"] == data["visited_count_type"] + assert content["min_teams"] == data["min_teams"] + assert content["max_teams"] == data["max_teams"] + assert "id" in content + + +def test_create_post_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None: + data = { + "post_type": PostType.POINTS | PostType.VISITED | PostType.OPTION, + "replay": ReplayType.NOT_POSSIBLE, + "name": "No permissions", + "short_name": "No perm", + } + response = client.post( + f"{settings.API_V1_STR}/posts/", + headers=normal_user_token_headers, + json=data, + ) + assert response.status_code == status.HTTP_403_FORBIDDEN + assert response.json()["detail"] == "Not enough permissions" + + +def test_read_post( + client: TestClient, superuser_token_headers: dict[str, str], db: Session +) -> None: + post = create_random_post(db) + response = client.get( + f"{settings.API_V1_STR}/posts/{post.id}", + headers=superuser_token_headers, + ) + assert response.status_code == status.HTTP_200_OK + content = response.json() + assert content["id"] == str(post.id) + assert content["name"] == post.name + assert content["contact"] == post.contact + + +def test_read_post_not_found(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None: + response = client.get( + f"{settings.API_V1_STR}/posts/{uuid.uuid4()}", + headers=superuser_token_headers, + ) + assert response.status_code == status.HTTP_404_NOT_FOUND + assert response.json()["detail"] == "Post not found" + + +def test_read_post_no_permission(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None: + post = create_random_post(db) + response = client.get( + f"{settings.API_V1_STR}/posts/{post.id}", + headers=normal_user_token_headers, + ) + assert response.status_code == status.HTTP_403_FORBIDDEN + assert response.json()["detail"] == "Not enough permissions" + + +def test_read_posts(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None: + create_random_post(db) + create_random_post(db) + response = client.get( + f"{settings.API_V1_STR}/posts/", + headers=superuser_token_headers, + ) + assert response.status_code == status.HTTP_200_OK + content = response.json() + assert "count" in content + assert content["count"] >= 2 + assert "data" in content + assert isinstance(content["data"], list) + assert len(content["data"]) <= content["count"] + + +def test_read_posts_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None: + create_random_post(db) + create_random_post(db) + response = client.get( + f"{settings.API_V1_STR}/posts/", + headers=normal_user_token_headers, + ) + assert response.status_code == status.HTTP_200_OK + content = response.json() + assert "count" in content + assert content["count"] == 0 + assert "data" in content + assert isinstance(content["data"], list) + assert len(content["data"]) == 0 + + +def test_update_post(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None: + post = create_random_post(db) + data = { + "name": "Updated name", + "short_name": "4", + } + response = client.put( + f"{settings.API_V1_STR}/posts/{post.id}", + headers=superuser_token_headers, + json=data, + ) + assert response.status_code == status.HTTP_200_OK + content = response.json() + assert content["id"] == str(post.id) + assert content["name"] == data["name"] + assert content["short_name"] == data["short_name"] + + +def test_update_post_not_found(client: TestClient, superuser_token_headers: dict[str, str]) -> None: + data = { + "name": "Not found", + "short_name": "5", + } + response = client.put( + f"{settings.API_V1_STR}/posts/{uuid.uuid4()}", + headers=superuser_token_headers, + json=data, + ) + assert response.status_code == status.HTTP_404_NOT_FOUND + assert response.json()["detail"] == "Post not found" + + +def test_update_post_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None: + post = create_random_post(db) + data = { + "name": "No permissions", + "short_name": "6", + } + response = client.put( + f"{settings.API_V1_STR}/posts/{post.id}", + headers=normal_user_token_headers, + json=data, + ) + assert response.status_code == status.HTTP_403_FORBIDDEN + assert response.json()["detail"] == "Not enough permissions" + + +def test_delete_post(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None: + post = create_random_post(db) + response = client.delete( + f"{settings.API_V1_STR}/posts/{post.id}", + headers=superuser_token_headers, + ) + assert response.status_code == status.HTTP_200_OK + assert response.json()["message"] == "Post deleted successfully" + + +def test_delete_post_not_found(client: TestClient, superuser_token_headers: dict[str, str]) -> None: + response = client.delete( + f"{settings.API_V1_STR}/posts/{uuid.uuid4()}", + headers=superuser_token_headers, + ) + assert response.status_code == status.HTTP_404_NOT_FOUND + assert response.json()["detail"] == "Post not found" + + +def test_delete_post_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None: + post = create_random_post(db) + response = client.delete( + f"{settings.API_V1_STR}/posts/{post.id}", + headers=normal_user_token_headers, + ) + assert response.status_code == status.HTTP_403_FORBIDDEN + assert response.json()["detail"] == "Not enough permissions" diff --git a/backend/app/tests/utils/post.py b/backend/app/tests/utils/post.py new file mode 100644 index 0000000..ceb3d9a --- /dev/null +++ b/backend/app/tests/utils/post.py @@ -0,0 +1,12 @@ +from sqlmodel import Session + +from app.models.post import Post, PostCreate +from app.tests.utils.utils import random_lower_string + + +def create_random_post(db: Session, name: str = None) -> Post: + if not name: + name = random_lower_string() + + post_in = PostCreate(name=name) + return Post.create(session=db, create_obj=post_in)