Restrict event access and add extensive event tests

Updated event API to enforce stricter access controls based on user roles, including creators, managers, superusers, and guests. Added robust test cases for creating, fetching, and handling event access scenarios to ensure consistent behavior across endpoints.
2025-03-09 17:37:48 +01:00
parent 4192911538
commit c5915e57b1
3 changed files with 681 additions and 16 deletions
--- a/backend/tests/conftest.py
+++ b/backend/tests/conftest.py
@@ -78,6 +78,23 @@ def mock_user(db_session):
    db_session.commit()
    return mock_user

+@pytest.fixture
+def mock_superuser(db_session):
+    """Fixture to create and return a mock User instance."""
+    mock_user = User(
+        id=uuid.uuid4(),
+        email="mocksuperuser@example.com",
+        password_hash="mockhashedpassword",
+        first_name="Mock",
+        last_name="SuperUser",
+        phone_number="1234567890",
+        is_active=True,
+        is_superuser=True,
+        preferences=None,
+    )
+    db_session.add(mock_user)
+    db_session.commit()
+    return mock_user

@pytest.fixture
 def mock_event(db_session, mock_user):