Add events to make it posible to do some basic admin and rights

backend/app/tests/api/routes/test_events.py

@@ -0,0 +1,178 @@
+import uuid
+
+from fastapi.testclient import TestClient
+from sqlmodel import Session
+
+from app.core.config import settings
+from app.tests.utils.event import create_random_event
+
+
+def test_event(client: TestClient, superuser_token_headers: dict[str, str]) -> None:
+    data = {"name": "Foo", "contact": "Someone"}
+
+    response = client.post(
+        f"{settings.API_V1_STR}/events/",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert response.status_code == 200
+    content = response.json()
+    assert content["name"] == data["name"]
+    assert content["contact"] == data["contact"]
+    assert "id" in content
+    assert "is_active" in content
+    assert "start_at" in content
+    assert "end_at" in content
+
+
+def test_read_event(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    event = create_random_event(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/events/{event.id}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == 200
+    content = response.json()
+    assert content["name"] == event.name
+    assert content["contact"] == event.contact
+    assert content["id"] == str(event.id)
+    assert content["is_active"] == str(event.is_active)
+    assert content["start_at"] == str(event.start_at)
+    assert content["end_at"] == str(event.end_at)
+
+
+def test_read_event_not_found(
+    client: TestClient, superuser_token_headers: dict[str, str]
+) -> None:
+    response = client.get(
+        f"{settings.API_V1_STR}/events/{uuid.uuid4()}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == 404
+    content = response.json()
+    assert content["detail"] == "Event not found"
+
+
+def test_read_event_not_enough_permissions(
+    client: TestClient, normal_user_token_headers: dict[str, str], db: Session
+) -> None:
+    item = create_random_event(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/events/{item.id}",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == 400
+    content = response.json()
+    assert content["detail"] == "Not enough permissions"
+
+
+def test_read_events(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    create_random_event(db)
+    create_random_event(db)
+    response = client.get(
+        f"{settings.API_V1_STR}/events/",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == 200
+    content = response.json()
+    assert len(content["data"]) >= 2
+
+
+def test_update_event(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    event = create_random_event(db)
+    data = {"name": "Updated name", "contact": "Updated contact"}
+    response = client.put(
+        f"{settings.API_V1_STR}/events/{event.id}",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert response.status_code == 200
+    content = response.json()
+    assert content["name"] == data["name"]
+    assert content["contact"] == data["contact"]
+    assert content["id"] == str(event.id)
+    assert "is_active" == str(event.is_active)
+    assert "start_at" == str(event.start_at)
+    assert "end_at" == str(event.end_at)
+
+
+def test_update_event_not_found(
+    client: TestClient, superuser_token_headers: dict[str, str]
+) -> None:
+    data = {"name": "Updated name", "contact": "Updated contact"}
+    response = client.put(
+        f"{settings.API_V1_STR}/events/{uuid.uuid4()}",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert response.status_code == 404
+    content = response.json()
+    assert content["detail"] == "Event not found"
+
+
+def test_update_event_not_enough_permissions(
+    client: TestClient, normal_user_token_headers: dict[str, str], db: Session
+) -> None:
+    event = create_random_event(db)
+    data = {"name": "Updated name", "contact": "Updated contact"}
+    response = client.put(
+        f"{settings.API_V1_STR}/items/{event.id}",
+        headers=normal_user_token_headers,
+        json=data,
+    )
+    assert response.status_code == 400
+    content = response.json()
+    assert content["detail"] == "Not enough permissions"
+
+
+def test_delete_event(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    event = create_random_event(db)
+    response = client.delete(
+        f"{settings.API_V1_STR}/events/{event.id}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == 200
+    content = response.json()
+    assert content["message"] == "Event deleted successfully"
+
+
+def test_delete_event_not_found(
+    client: TestClient, superuser_token_headers: dict[str, str]
+) -> None:
+    response = client.delete(
+        f"{settings.API_V1_STR}/events/{uuid.uuid4()}",
+        headers=superuser_token_headers,
+    )
+    assert response.status_code == 404
+    content = response.json()
+    assert content["detail"] == "Event not found"
+
+
+def test_delete_event_not_enough_permissions(
+    client: TestClient, normal_user_token_headers: dict[str, str], db: Session
+) -> None:
+    event = create_random_event(db)
+    response = client.delete(
+        f"{settings.API_V1_STR}/events/{event.id}",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == 400
+    content = response.json()
+    assert content["detail"] == "Not enough permissions"
+
+
+# TODO: Add user (super, less rights, own rights, more rights) (*** user without rights)
+# TODO: Edit user rights (super, less rights, own rights, more rights) (*** user without rights)
+# TODO: Remove user (*** user without rights)
+# TODO: Remove own user (is allowed)
+# TODO: Remove not linked user
+# TODO: Remove event when no rights
+# TODO: Remove event when READ rights

backend/app/tests/api/routes/test_login.py

@@ -5,8 +5,8 @@ from sqlmodel import Session
 
 from app.core.config import settings
 from app.core.security import verify_password
-from app.models.user import User, UserCreate
 from app.models.apikey import ApiKey, ApiKeyCreate
+from app.models.user import User, UserCreate
 from app.tests.utils.user import user_authentication_headers
 from app.tests.utils.utils import random_email, random_lower_string
 from app.utils import generate_password_reset_token

backend/app/tests/crud/test_user.py

@@ -3,11 +3,11 @@ from sqlmodel import Session
 
 from app.core.security import verify_password
 from app.models.user import (
+    PermissionModule,
+    PermissionPart,
     User,
     UserCreate,
     UserUpdate,
-    PermissionModule,
-    PermissionPart,
 )
 from app.tests.utils.utils import random_email, random_lower_string
 

backend/app/tests/scripts/test_backend_pre_start.py

@@ -24,10 +24,10 @@ def test_init_successful_connection() -> None:
         except Exception:
             connection_successful = False
 
-        assert (
-            connection_successful
-        ), "The database connection should be successful and not raise an exception."
+        assert connection_successful, (
+            "The database connection should be successful and not raise an exception."
+        )
 
-        assert session_mock.exec.called_once_with(
-            select(1)
-        ), "The session should execute a select statement once."
+        assert session_mock.exec.called_once_with(select(1)), (
+            "The session should execute a select statement once."
+        )

backend/app/tests/scripts/test_test_pre_start.py

@@ -24,10 +24,10 @@ def test_init_successful_connection() -> None:
         except Exception:
             connection_successful = False
 
-        assert (
-            connection_successful
-        ), "The database connection should be successful and not raise an exception."
+        assert connection_successful, (
+            "The database connection should be successful and not raise an exception."
+        )
 
-        assert session_mock.exec.called_once_with(
-            select(1)
-        ), "The session should execute a select statement once."
+        assert session_mock.exec.called_once_with(select(1)), (
+            "The session should execute a select statement once."
+        )

backend/app/tests/utils/event.py

@@ -0,0 +1,11 @@
+from sqlmodel import Session
+
+from app.models.event import Event, EventCreate
+from app.tests.utils.utils import random_email, random_lower_string
+
+
+def create_random_event(db: Session) -> Event:
+    name = random_lower_string()
+    contact = random_email()
+    event_in = EventCreate(name=name, contact=contact)
+    return Event.create(session=db, create_obj=event_in)

backend/app/tests/utils/user.py

@@ -1,8 +1,8 @@
 from fastapi.testclient import TestClient
-from sqlmodel import Session, select
+from sqlmodel import Session
 
 from app.core.config import settings
-from app.models.user import User, UserCreate, UserUpdate, Role
+from app.models.user import User, UserCreate, UserUpdate
 from app.tests.utils.utils import random_email, random_lower_string