cardosofelipe/fast-next-template
Template
1
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Add comprehensive tests for security headers, permissions, CRUD operations, and organizations

Browse Source 
- **Security Headers:** Add tests for HSTS in production, CSP in strict mode, and root endpoint response types.
- **Permissions:** Introduce tests for critical security paths, including superuser bypass and edge case scenarios.
- **CRUD Testing Enhancements:** Cover error scenarios for soft deletes, restores, and eager loading with SQLAlchemy options.
- **Organization Routes:** Validate user organization endpoints for memberships, details, and member listings.
- Add defensive code comments with `# pragma: no cover` for unreachable code sections.
This commit is contained in:
Felipe Cardoso
2025-11-02 06:10:04 +01:00
parent 789a76071d
commit 461d3caf31
5 changed files with 1172 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
backend/app/api/routes/organizations.py
View File

@@ -102,7 +102,7 @@ async def get_organization(
"""
try:
org = await organization_crud.get(db, id=organization_id)
if not org:
if not org: # pragma: no cover - Permission check prevents this (see docs/UNREACHABLE_DEFENSIVE_CODE_ANALYSIS.md)
raise NotFoundError(
detail=f"Organization {organization_id} not found",
error_code=ErrorCode.NOT_FOUND
@@ -121,7 +121,7 @@ async def get_organization(
}
return OrganizationResponse(**org_dict)
except NotFoundError:
except NotFoundError: # pragma: no cover - See above
raise
except Exception as e:
logger.error(f"Error getting organization: {str(e)}", exc_info=True)
@@ -192,7 +192,7 @@ async def update_organization(
"""
try:
org = await organization_crud.get(db, id=organization_id)
if not org:
if not org: # pragma: no cover - Permission check prevents this (see docs/UNREACHABLE_DEFENSIVE_CODE_ANALYSIS.md)
raise NotFoundError(
detail=f"Organization {organization_id} not found",
error_code=ErrorCode.NOT_FOUND
@@ -214,7 +214,7 @@ async def update_organization(
}
return OrganizationResponse(**org_dict)
except NotFoundError:
except NotFoundError: # pragma: no cover - See above
raise
except Exception as e:
logger.error(f"Error updating organization: {str(e)}", exc_info=True)