Add base for route

backend/app/tests/api/routes/test_hike.py

@@ -6,6 +6,7 @@ from sqlmodel import Session
 
 from app.core.config import settings
 from app.tests.utils.hike import create_random_hike
+from app.tests.utils.route import create_random_route
 
 
 def test_create_hike(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None:
@@ -27,8 +28,8 @@ def test_create_hike(client: TestClient, superuser_token_headers: dict[str, str]
 
 def test_create_hike_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None:
     data = {
-        "name": "RSW Maasdelta 2026",
-        "contact": "Sebas",
+        "name": "No permissions",
+        "contact": "No permissions",
     }
     response = client.post(
         f"{settings.API_V1_STR}/hikes/",
@@ -177,3 +178,46 @@ def test_delete_hike_no_permissions(client: TestClient, normal_user_token_header
     )
     assert response.status_code == status.HTTP_403_FORBIDDEN
     assert response.json()["detail"] == "Not enough permissions"
+
+
+def test_read_hike_routes(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    hike = create_random_hike(db)
+    create_random_route(db, hike=hike)
+    create_random_route(db, hike=hike)
+    response = client.get(
+        f"{settings.API_V1_STR}/hikes/{hike.id}/routes",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    content = response.json()
+    assert "count" in content
+    assert content["count"] == 2
+    assert "data" in content
+    assert isinstance(content["data"], list)
+    assert len(content["data"]) <= content["count"]
+
+
+def test_read_hike_routes_not_found(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    response = client.get(
+        f"{settings.API_V1_STR}/hikes/{uuid.uuid4()}/routes",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json()["detail"] == "Hike not found"
+
+
+def test_read_hike_routes_no_permissions(
+    client: TestClient, normal_user_token_headers: dict[str, str], db: Session
+) -> None:
+    hike = create_random_hike(db)
+    create_random_route(db, hike=hike)
+    response = client.get(
+        f"{settings.API_V1_STR}/hikes/{hike.id}/routes",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json()["detail"] == "Not enough permissions"

backend/app/tests/api/routes/test_route.py

@@ -0,0 +1,187 @@
+import uuid
+
+from fastapi import status
+from fastapi.testclient import TestClient
+from sqlmodel import Session
+
+from app.core.config import settings
+from app.tests.utils.hike import create_random_hike
+from app.tests.utils.route import create_random_route
+
+
+def test_create_route(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None:
+    hike = create_random_hike(db)
+
+    data = {
+        "name": "Roete A",
+        "contact": "Sebas",
+        "hike_id": str(hike.id),
+    }
+    response = client.post(
+        f"{settings.API_V1_STR}/routes/",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    content = response.json()
+    assert content["name"] == data["name"]
+    assert content["contact"] == data["contact"]
+    assert content["hike_id"] == data["hike_id"]
+    assert "id" in content
+
+
+def test_create_route_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None:
+    data = {
+        "name": "No permissions",
+        "contact": "No permissions",
+        "hike_id": str(uuid.uuid4()),
+    }
+    response = client.post(
+        f"{settings.API_V1_STR}/routes/",
+        headers=normal_user_token_headers,
+        json=data,
+    )
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json()["detail"] == "Not enough permissions"
+
+
+def test_read_route(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    route = create_random_route(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/routes/{route.id}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    content = response.json()
+    assert content["id"] == str(route.id)
+    assert content["name"] == route.name
+    assert content["contact"] == route.contact
+
+
+def test_read_route_not_found(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None:
+    response = client.get(
+        f"{settings.API_V1_STR}/routes/{uuid.uuid4()}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json()["detail"] == "Route not found"
+
+
+def test_read_route_no_permission(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None:
+    route = create_random_route(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/routes/{route.id}",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json()["detail"] == "Not enough permissions"
+
+
+def test_read_routes(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None:
+    create_random_route(db)
+    create_random_route(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/routes/",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    content = response.json()
+    assert "count" in content
+    assert content["count"] >= 2
+    assert "data" in content
+    assert isinstance(content["data"], list)
+    assert len(content["data"]) <= content["count"]
+
+
+def test_read_routes_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None:
+    create_random_route(db)
+    create_random_route(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/routes/",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    content = response.json()
+    assert "count" in content
+    assert content["count"] == 0
+    assert "data" in content
+    assert isinstance(content["data"], list)
+    assert len(content["data"]) == 0
+
+
+def test_update_route(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None:
+    route = create_random_route(db)
+    data = {
+        "name": "Updated name",
+        "contact": "Updated contact",
+    }
+    response = client.put(
+        f"{settings.API_V1_STR}/routes/{route.id}",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    content = response.json()
+    assert content["id"] == str(route.id)
+    assert content["name"] == data["name"]
+    assert content["contact"] == data["contact"]
+
+
+def test_update_route_not_found(client: TestClient, superuser_token_headers: dict[str, str]) -> None:
+    data = {
+        "name": "Not found",
+        "contact": "Not found",
+    }
+    response = client.put(
+        f"{settings.API_V1_STR}/routes/{uuid.uuid4()}",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json()["detail"] == "Route not found"
+
+
+def test_update_route_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None:
+    route = create_random_route(db)
+    data = {
+        "name": "No permissions",
+        "contact": "No permissions",
+    }
+    response = client.put(
+        f"{settings.API_V1_STR}/routes/{route.id}",
+        headers=normal_user_token_headers,
+        json=data,
+    )
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json()["detail"] == "Not enough permissions"
+
+
+def test_delete_route(client: TestClient, superuser_token_headers: dict[str, str], db: Session) -> None:
+    route = create_random_route(db)
+    response = client.delete(
+        f"{settings.API_V1_STR}/routes/{route.id}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_200_OK
+    assert response.json()["message"] == "Route deleted successfully"
+
+
+def test_delete_route_not_found(client: TestClient, superuser_token_headers: dict[str, str]) -> None:
+    response = client.delete(
+        f"{settings.API_V1_STR}/routes/{uuid.uuid4()}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == status.HTTP_404_NOT_FOUND
+    assert response.json()["detail"] == "Route not found"
+
+
+def test_delete_route_no_permissions(client: TestClient, normal_user_token_headers: dict[str, str], db: Session) -> None:
+    route = create_random_route(db)
+    response = client.delete(
+        f"{settings.API_V1_STR}/routes/{route.id}",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == status.HTTP_403_FORBIDDEN
+    assert response.json()["detail"] == "Not enough permissions"

backend/app/tests/utils/route.py

@@ -0,0 +1,17 @@
+from sqlmodel import Session
+
+from app.models.hike import Hike
+from app.models.route import Route, RouteCreate
+from app.tests.utils.utils import random_lower_string
+from app.tests.utils.hike import create_random_hike
+
+
+def create_random_route(db: Session, name: str = None, hike: Hike = None) -> Hike:
+    if not name:
+        name = random_lower_string()
+
+    if not hike:
+        hike = create_random_hike(db=db)
+
+    route_in = RouteCreate(name=name, hike_id=hike.id)
+    return Route.create(session=db, create_obj=route_in)