From 2cec60cce3d91ea19dd3b295f972f12ee1a66010 Mon Sep 17 00:00:00 2001 From: Sebastiaan Date: Tue, 10 Jun 2025 19:19:38 +0200 Subject: [PATCH] Implement team create tests --- backend/app/api/routes/teams.py | 6 +-- backend/app/tests/api/routes/test_teams.py | 54 ++++++++++++++++++++++ 2 files changed, 57 insertions(+), 3 deletions(-) diff --git a/backend/app/api/routes/teams.py b/backend/app/api/routes/teams.py index ca3b808..6eb0cb0 100644 --- a/backend/app/api/routes/teams.py +++ b/backend/app/api/routes/teams.py @@ -89,7 +89,7 @@ def read_team(session: SessionDep, current_user: CurrentUser, id: RowId) -> Any: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Team not found") event = session.get(Event, team.event_id) - if not event: + if not event: # pragma: no cover raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Event not found") if not current_user.has_permissions( @@ -138,7 +138,7 @@ def update_team( # Check user's permissions for the existing event event = session.get(Event, team.event_id) - if not event: + if not event: # pragma: no cover raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Event not found") if not current_user.has_permissions( @@ -176,7 +176,7 @@ def delete_team(session: SessionDep,current_user: CurrentUser, id: RowId) -> Mes raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Team not found") event = session.get(Event, team.event_id) - if not event: + if not event: # pragma: no cover raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Event not found") if not current_user.has_permissions( diff --git a/backend/app/tests/api/routes/test_teams.py b/backend/app/tests/api/routes/test_teams.py index 7caf37b..46d5165 100644 --- a/backend/app/tests/api/routes/test_teams.py +++ b/backend/app/tests/api/routes/test_teams.py @@ -56,6 +56,60 @@ def test_create_team_with_incorrect_event(client: TestClient, superuser_token_he assert response.status_code == status.HTTP_404_NOT_FOUND assert response.json()["detail"] == "Event not found" + +def test_create_team_with_normal_user( + client: TestClient, normal_user_token_headers: dict[str, str], db: Session, +) -> None: + event = create_random_event(db) + data = { + "theme_name": "Normal user", + "event_id": str(event.id), + } + response = client.post( + f"{settings.API_V1_STR}/teams/", + headers=normal_user_token_headers, + json=data, + ) + assert response.status_code == status.HTTP_403_FORBIDDEN + assert response.json()["detail"] == "Not enough permissions" + + +def test_create_team_with_event_user( + client: TestClient, event_user_token_headers: EventUserHeader, db: Session, +) -> None: + event = event_user_token_headers.event + data = { + "theme_name": "Event user", + "event_id": str(event.id), + } + response = client.post( + f"{settings.API_V1_STR}/teams/", + headers=event_user_token_headers.headers, + json=data, + ) + assert response.status_code == status.HTTP_200_OK + content = response.json() + assert content["theme_name"] == data["theme_name"] + assert content["event_id"] == str(event.id) + + +def test_create_team_for_event_user( + client: TestClient, event_user_token_headers: EventUserHeader, db: Session, +) -> None: + event = create_random_event(db) + data = { + "theme_name": "Other event user", + "event_id": str(event.id), + } + response = client.post( + f"{settings.API_V1_STR}/teams/", + headers=event_user_token_headers.headers, + json=data, + ) + assert response.status_code == status.HTTP_403_FORBIDDEN + assert response.json()["detail"] == "Not enough permissions" + + def test_read_team(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None: team = create_random_team(db) response = client.get(