cardosofelipe/fast-next-template
Template
1
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Refactor tests for improved readability and fixture consistency

Browse Source 
- Reformatted headers in E2E tests to improve readability and ensure consistent style.
- Updated confidential client fixture to use bcrypt for secret hashing, enhancing security and testing backward compatibility with legacy SHA-256 hashes.
- Added new test cases for PKCE verification, rejecting insecure 'plain' methods, and improved error handling.
- Refined session workflows and user agent handling in E2E tests for session management.
- Consolidated schema operation tests and fixed minor formatting inconsistencies.
This commit is contained in:
Felipe Cardoso
2025-11-26 00:13:53 +01:00
parent 400d6f6f75
commit 0ea428b718
6 changed files with 112 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
backend/tests/e2e/test_admin_superuser_workflows.py
View File

@@ -429,6 +429,7 @@ class TestAdminSessionManagement:
data = response.json()
assert "data" in data
class TestAdminDeleteOperations:
"""Test admin delete operations."""
@@ -645,5 +646,3 @@ class TestAdminSearchAndFilter:
assert response.status_code == 200
data = response.json()
assert len(data["data"]) >= 1

8
backend/tests/e2e/test_api_contracts.py
View File

@@ -160,7 +160,9 @@ if SCHEMATHESIS_AVAILABLE:
def test_schema_has_user_operations(self):
"""Verify user-related operations exist."""
user_ops = list(schema.include(path_regex=r".*users.*").get_all_operations())
user_ops = list(
schema.include(path_regex=r".*users.*").get_all_operations()
)
assert len(user_ops) > 0, "No user operations found"
def test_schema_has_organization_operations(self):
@@ -172,7 +174,9 @@ if SCHEMATHESIS_AVAILABLE:
def test_schema_has_admin_operations(self):
"""Verify admin-related operations exist."""
admin_ops = list(schema.include(path_regex=r".*admin.*").get_all_operations())
admin_ops = list(
schema.include(path_regex=r".*admin.*").get_all_operations()
)
assert len(admin_ops) > 0, "No admin operations found"
def test_schema_has_session_operations(self):

48
backend/tests/e2e/test_organization_workflows.py
View File

@@ -165,7 +165,9 @@ class TestOrganizationWithMembers:
org = e2e_org_with_members
response = await e2e_client.get(
f"/api/v1/organizations/{org['org_id']}",
headers={"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"
},
)
assert response.status_code == 200
@@ -178,7 +180,9 @@ class TestOrganizationWithMembers:
org = e2e_org_with_members
response = await e2e_client.get(
f"/api/v1/organizations/{org['org_id']}",
headers={"Authorization": f"Bearer {org['member']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['member']['tokens']['access_token']}"
},
)
assert response.status_code == 200
@@ -190,7 +194,9 @@ class TestOrganizationWithMembers:
org = e2e_org_with_members
response = await e2e_client.get(
f"/api/v1/organizations/{org['org_id']}/members",
headers={"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"
},
)
assert response.status_code == 200
@@ -203,17 +209,23 @@ class TestOrganizationWithMembers:
org = e2e_org_with_members
response = await e2e_client.get(
f"/api/v1/organizations/{org['org_id']}/members",
headers={"Authorization": f"Bearer {org['member']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['member']['tokens']['access_token']}"
},
)
assert response.status_code == 200
async def test_owner_appears_in_my_organizations(self, e2e_client, e2e_org_with_members):
async def test_owner_appears_in_my_organizations(
self, e2e_client, e2e_org_with_members
):
"""Owner sees organization in their organizations list."""
org = e2e_org_with_members
response = await e2e_client.get(
"/api/v1/organizations/me",
headers={"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"
},
)
assert response.status_code == 200
@@ -221,12 +233,16 @@ class TestOrganizationWithMembers:
org_ids = [o["id"] for o in data]
assert org["org_id"] in org_ids
async def test_member_appears_in_my_organizations(self, e2e_client, e2e_org_with_members):
async def test_member_appears_in_my_organizations(
self, e2e_client, e2e_org_with_members
):
"""Member sees organization in their organizations list."""
org = e2e_org_with_members
response = await e2e_client.get(
"/api/v1/organizations/me",
headers={"Authorization": f"Bearer {org['member']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['member']['tokens']['access_token']}"
},
)
assert response.status_code == 200
@@ -234,14 +250,18 @@ class TestOrganizationWithMembers:
org_ids = [o["id"] for o in data]
assert org["org_id"] in org_ids
async def test_owner_can_update_organization(self, e2e_client, e2e_org_with_members):
async def test_owner_can_update_organization(
self, e2e_client, e2e_org_with_members
):
"""Organization owner can update organization details."""
org = e2e_org_with_members
new_description = f"Updated at {uuid4().hex[:8]}"
response = await e2e_client.put(
f"/api/v1/organizations/{org['org_id']}",
headers={"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['owner']['tokens']['access_token']}"
},
json={"description": new_description},
)
@@ -249,13 +269,17 @@ class TestOrganizationWithMembers:
data = response.json()
assert data["description"] == new_description
async def test_member_cannot_update_organization(self, e2e_client, e2e_org_with_members):
async def test_member_cannot_update_organization(
self, e2e_client, e2e_org_with_members
):
"""Regular member cannot update organization details."""
org = e2e_org_with_members
response = await e2e_client.put(
f"/api/v1/organizations/{org['org_id']}",
headers={"Authorization": f"Bearer {org['member']['tokens']['access_token']}"},
headers={
"Authorization": f"Bearer {org['member']['tokens']['access_token']}"
},
json={"description": "Should fail"},
)

29
backend/tests/e2e/test_session_workflows.py
View File

@@ -23,7 +23,10 @@ pytestmark = [
async def register_and_login(
client, email: str, password: str = "SecurePassword123!", user_agent: str = None
client,
email: str,
password: str = "SecurePassword123!", # noqa: S107
user_agent: str | None = None,
):
"""Helper to register a user and get tokens."""
await client.post(
@@ -117,13 +120,12 @@ class TestSessionListingWorkflows:
)
).json()
tokens2 = (
await e2e_client.post(
"/api/v1/auth/login",
json={"email": email, "password": password},
headers={"User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_0)"},
)
).json()
# Second login to create another session
await e2e_client.post(
"/api/v1/auth/login",
json={"email": email, "password": password},
headers={"User-Agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 15_0)"},
)
# Check sessions using first token
response = await e2e_client.get(
@@ -162,12 +164,11 @@ class TestSessionRevocationWorkflows:
)
).json()
tokens2 = (
await e2e_client.post(
"/api/v1/auth/login",
json={"email": email, "password": password},
)
).json()
# Second login to create another session
await e2e_client.post(
"/api/v1/auth/login",
json={"email": email, "password": password},
)
# Get sessions
sessions_resp = await e2e_client.get(

2
backend/tests/e2e/test_user_workflows.py
View File

@@ -21,7 +21,7 @@ pytestmark = [
]
async def register_and_login(client, email: str, password: str = "SecurePassword123!"):
async def register_and_login(client, email: str, password: str = "SecurePassword123!"): # noqa: S107
"""Helper to register a user and get tokens."""
await client.post(
"/api/v1/auth/register",