cardosofelipe/fast-next-template
Template
1
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Add extensive CRUD tests for session and user management; enhance cleanup logic

Browse Source 
- Introduced new unit tests for session CRUD operations, including `update_refresh_token`, `cleanup_expired`, and multi-user session handling.
- Added comprehensive tests for `CRUDBase` methods, covering edge cases, error handling, and UUID validation.
- Reduced default test session creation from 5 to 2 for performance optimization.
- Enhanced pagination, filtering, and sorting validations in `get_multi_with_total`.
- Improved error handling with descriptive assertions for database exceptions.
- Introduced tests for eager-loaded relationships in user sessions for comprehensive coverage.
This commit is contained in:
Felipe Cardoso
2025-11-01 12:18:29 +01:00
parent 293fbcb27e
commit 976fd1d4ad
6 changed files with 1502 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

759
backend/tests/crud/test_base.py Normal file
View File

@@ -0,0 +1,759 @@
# tests/crud/test_base.py
"""
Comprehensive tests for CRUDBase class covering all error paths and edge cases.
"""
import pytest
from uuid import uuid4, UUID
from sqlalchemy.exc import IntegrityError, OperationalError, DataError
from sqlalchemy.orm import joinedload
from unittest.mock import AsyncMock, patch, MagicMock
from app.crud.user import user as user_crud
from app.models.user import User
from app.schemas.users import UserCreate, UserUpdate
class TestCRUDBaseGet:
"""Tests for get method covering UUID validation and options."""
@pytest.mark.asyncio
async def test_get_with_invalid_uuid_string(self, async_test_db):
"""Test get with invalid UUID string returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.get(session, id="invalid-uuid")
assert result is None
@pytest.mark.asyncio
async def test_get_with_invalid_uuid_type(self, async_test_db):
"""Test get with invalid UUID type returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.get(session, id=12345) # int instead of UUID
assert result is None
@pytest.mark.asyncio
async def test_get_with_uuid_object(self, async_test_db, async_test_user):
"""Test get with UUID object instead of string."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Pass UUID object directly
result = await user_crud.get(session, id=async_test_user.id)
assert result is not None
assert result.id == async_test_user.id
@pytest.mark.asyncio
async def test_get_with_options(self, async_test_db, async_test_user):
"""Test get with eager loading options (tests lines 76-78)."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Test that options parameter is accepted and doesn't error
# We pass an empty list which still tests the code path
result = await user_crud.get(
session,
id=str(async_test_user.id),
options=[]
)
assert result is not None
@pytest.mark.asyncio
async def test_get_database_error(self, async_test_db):
"""Test get handles database errors properly."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Mock execute to raise an exception
with patch.object(session, 'execute', side_effect=Exception("DB error")):
with pytest.raises(Exception, match="DB error"):
await user_crud.get(session, id=str(uuid4()))
class TestCRUDBaseGetMulti:
"""Tests for get_multi method covering pagination validation and options."""
@pytest.mark.asyncio
async def test_get_multi_negative_skip(self, async_test_db):
"""Test get_multi with negative skip raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with pytest.raises(ValueError, match="skip must be non-negative"):
await user_crud.get_multi(session, skip=-1)
@pytest.mark.asyncio
async def test_get_multi_negative_limit(self, async_test_db):
"""Test get_multi with negative limit raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with pytest.raises(ValueError, match="limit must be non-negative"):
await user_crud.get_multi(session, limit=-1)
@pytest.mark.asyncio
async def test_get_multi_limit_too_large(self, async_test_db):
"""Test get_multi with limit > 1000 raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with pytest.raises(ValueError, match="Maximum limit is 1000"):
await user_crud.get_multi(session, limit=1001)
@pytest.mark.asyncio
async def test_get_multi_with_options(self, async_test_db, async_test_user):
"""Test get_multi with eager loading options (tests lines 118-120)."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Test that options parameter is accepted
results = await user_crud.get_multi(
session,
skip=0,
limit=10,
options=[]
)
assert isinstance(results, list)
@pytest.mark.asyncio
async def test_get_multi_database_error(self, async_test_db):
"""Test get_multi handles database errors."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with patch.object(session, 'execute', side_effect=Exception("DB error")):
with pytest.raises(Exception, match="DB error"):
await user_crud.get_multi(session)
class TestCRUDBaseCreate:
"""Tests for create method covering various error conditions."""
@pytest.mark.asyncio
async def test_create_duplicate_unique_field(self, async_test_db, async_test_user):
"""Test create with duplicate unique field raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Try to create user with duplicate email
user_data = UserCreate(
email=async_test_user.email, # Duplicate!
password="TestPassword123!",
first_name="Test",
last_name="Duplicate"
)
with pytest.raises(ValueError, match="already exists"):
await user_crud.create(session, obj_in=user_data)
@pytest.mark.asyncio
async def test_create_integrity_error_non_duplicate(self, async_test_db):
"""Test create with non-duplicate IntegrityError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Mock commit to raise IntegrityError without "unique" in message
original_commit = session.commit
async def mock_commit():
error = IntegrityError("statement", {}, Exception("foreign key violation"))
raise error
with patch.object(session, 'commit', side_effect=mock_commit):
user_data = UserCreate(
email="test@example.com",
password="TestPassword123!",
first_name="Test",
last_name="User"
)
with pytest.raises(ValueError, match="Database integrity error"):
await user_crud.create(session, obj_in=user_data)
@pytest.mark.asyncio
async def test_create_operational_error(self, async_test_db):
"""Test create with OperationalError (user CRUD catches as generic Exception)."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with patch.object(session, 'commit', side_effect=OperationalError("statement", {}, Exception("connection lost"))):
user_data = UserCreate(
email="test@example.com",
password="TestPassword123!",
first_name="Test",
last_name="User"
)
# User CRUD catches this as generic Exception and re-raises
with pytest.raises(OperationalError):
await user_crud.create(session, obj_in=user_data)
@pytest.mark.asyncio
async def test_create_data_error(self, async_test_db):
"""Test create with DataError (user CRUD catches as generic Exception)."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with patch.object(session, 'commit', side_effect=DataError("statement", {}, Exception("invalid data"))):
user_data = UserCreate(
email="test@example.com",
password="TestPassword123!",
first_name="Test",
last_name="User"
)
# User CRUD catches this as generic Exception and re-raises
with pytest.raises(DataError):
await user_crud.create(session, obj_in=user_data)
@pytest.mark.asyncio
async def test_create_unexpected_error(self, async_test_db):
"""Test create with unexpected exception."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with patch.object(session, 'commit', side_effect=RuntimeError("Unexpected error")):
user_data = UserCreate(
email="test@example.com",
password="TestPassword123!",
first_name="Test",
last_name="User"
)
with pytest.raises(RuntimeError, match="Unexpected error"):
await user_crud.create(session, obj_in=user_data)
class TestCRUDBaseUpdate:
"""Tests for update method covering error conditions."""
@pytest.mark.asyncio
async def test_update_duplicate_unique_field(self, async_test_db, async_test_user):
"""Test update with duplicate unique field raises ValueError."""
test_engine, SessionLocal = async_test_db
# Create another user
async with SessionLocal() as session:
from app.crud.user import user as user_crud
user2_data = UserCreate(
email="user2@example.com",
password="TestPassword123!",
first_name="User",
last_name="Two"
)
user2 = await user_crud.create(session, obj_in=user2_data)
await session.commit()
# Try to update user2 with user1's email
async with SessionLocal() as session:
user2_obj = await user_crud.get(session, id=str(user2.id))
with patch.object(session, 'commit', side_effect=IntegrityError("statement", {}, Exception("UNIQUE constraint failed"))):
update_data = UserUpdate(email=async_test_user.email)
with pytest.raises(ValueError, match="already exists"):
await user_crud.update(session, db_obj=user2_obj, obj_in=update_data)
@pytest.mark.asyncio
async def test_update_with_dict(self, async_test_db, async_test_user):
"""Test update with dict instead of schema."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
user = await user_crud.get(session, id=str(async_test_user.id))
# Update with dict (tests lines 164-165)
updated = await user_crud.update(
session,
db_obj=user,
obj_in={"first_name": "UpdatedName"}
)
assert updated.first_name == "UpdatedName"
@pytest.mark.asyncio
async def test_update_integrity_error(self, async_test_db, async_test_user):
"""Test update with IntegrityError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
user = await user_crud.get(session, id=str(async_test_user.id))
with patch.object(session, 'commit', side_effect=IntegrityError("statement", {}, Exception("constraint failed"))):
with pytest.raises(ValueError, match="Database integrity error"):
await user_crud.update(session, db_obj=user, obj_in={"first_name": "Test"})
@pytest.mark.asyncio
async def test_update_operational_error(self, async_test_db, async_test_user):
"""Test update with OperationalError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
user = await user_crud.get(session, id=str(async_test_user.id))
with patch.object(session, 'commit', side_effect=OperationalError("statement", {}, Exception("connection error"))):
with pytest.raises(ValueError, match="Database operation failed"):
await user_crud.update(session, db_obj=user, obj_in={"first_name": "Test"})
@pytest.mark.asyncio
async def test_update_unexpected_error(self, async_test_db, async_test_user):
"""Test update with unexpected error."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
user = await user_crud.get(session, id=str(async_test_user.id))
with patch.object(session, 'commit', side_effect=RuntimeError("Unexpected")):
with pytest.raises(RuntimeError):
await user_crud.update(session, db_obj=user, obj_in={"first_name": "Test"})
class TestCRUDBaseRemove:
"""Tests for remove method covering UUID validation and error conditions."""
@pytest.mark.asyncio
async def test_remove_invalid_uuid(self, async_test_db):
"""Test remove with invalid UUID returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.remove(session, id="invalid-uuid")
assert result is None
@pytest.mark.asyncio
async def test_remove_with_uuid_object(self, async_test_db, async_test_user):
"""Test remove with UUID object."""
test_engine, SessionLocal = async_test_db
# Create a user to delete
async with SessionLocal() as session:
user_data = UserCreate(
email="todelete@example.com",
password="TestPassword123!",
first_name="To",
last_name="Delete"
)
user = await user_crud.create(session, obj_in=user_data)
user_id = user.id
await session.commit()
# Delete with UUID object
async with SessionLocal() as session:
result = await user_crud.remove(session, id=user_id) # UUID object
assert result is not None
assert result.id == user_id
@pytest.mark.asyncio
async def test_remove_nonexistent(self, async_test_db):
"""Test remove of nonexistent record returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.remove(session, id=str(uuid4()))
assert result is None
@pytest.mark.asyncio
async def test_remove_integrity_error(self, async_test_db, async_test_user):
"""Test remove with IntegrityError (foreign key constraint)."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Mock delete to raise IntegrityError
with patch.object(session, 'commit', side_effect=IntegrityError("statement", {}, Exception("FOREIGN KEY constraint"))):
with pytest.raises(ValueError, match="Cannot delete.*referenced by other records"):
await user_crud.remove(session, id=str(async_test_user.id))
@pytest.mark.asyncio
async def test_remove_unexpected_error(self, async_test_db, async_test_user):
"""Test remove with unexpected error."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with patch.object(session, 'commit', side_effect=RuntimeError("Unexpected")):
with pytest.raises(RuntimeError):
await user_crud.remove(session, id=str(async_test_user.id))
class TestCRUDBaseGetMultiWithTotal:
"""Tests for get_multi_with_total method covering pagination, filtering, sorting."""
@pytest.mark.asyncio
async def test_get_multi_with_total_basic(self, async_test_db, async_test_user):
"""Test get_multi_with_total basic functionality."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
items, total = await user_crud.get_multi_with_total(session, skip=0, limit=10)
assert isinstance(items, list)
assert isinstance(total, int)
assert total >= 1 # At least the test user
@pytest.mark.asyncio
async def test_get_multi_with_total_negative_skip(self, async_test_db):
"""Test get_multi_with_total with negative skip raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with pytest.raises(ValueError, match="skip must be non-negative"):
await user_crud.get_multi_with_total(session, skip=-1)
@pytest.mark.asyncio
async def test_get_multi_with_total_negative_limit(self, async_test_db):
"""Test get_multi_with_total with negative limit raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with pytest.raises(ValueError, match="limit must be non-negative"):
await user_crud.get_multi_with_total(session, limit=-1)
@pytest.mark.asyncio
async def test_get_multi_with_total_limit_too_large(self, async_test_db):
"""Test get_multi_with_total with limit > 1000 raises ValueError."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with pytest.raises(ValueError, match="Maximum limit is 1000"):
await user_crud.get_multi_with_total(session, limit=1001)
@pytest.mark.asyncio
async def test_get_multi_with_total_with_filters(self, async_test_db, async_test_user):
"""Test get_multi_with_total with filters."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
filters = {"email": async_test_user.email}
items, total = await user_crud.get_multi_with_total(session, filters=filters)
assert total == 1
assert len(items) == 1
assert items[0].email == async_test_user.email
@pytest.mark.asyncio
async def test_get_multi_with_total_with_sorting_asc(self, async_test_db, async_test_user):
"""Test get_multi_with_total with ascending sort."""
test_engine, SessionLocal = async_test_db
# Create additional users
async with SessionLocal() as session:
user_data1 = UserCreate(
email="aaa@example.com",
password="TestPassword123!",
first_name="AAA",
last_name="User"
)
user_data2 = UserCreate(
email="zzz@example.com",
password="TestPassword123!",
first_name="ZZZ",
last_name="User"
)
await user_crud.create(session, obj_in=user_data1)
await user_crud.create(session, obj_in=user_data2)
await session.commit()
async with SessionLocal() as session:
items, total = await user_crud.get_multi_with_total(
session, sort_by="email", sort_order="asc"
)
assert total >= 3
# Check first email is alphabetically first
assert items[0].email == "aaa@example.com"
@pytest.mark.asyncio
async def test_get_multi_with_total_with_sorting_desc(self, async_test_db, async_test_user):
"""Test get_multi_with_total with descending sort."""
test_engine, SessionLocal = async_test_db
# Create additional users
async with SessionLocal() as session:
user_data1 = UserCreate(
email="bbb@example.com",
password="TestPassword123!",
first_name="BBB",
last_name="User"
)
user_data2 = UserCreate(
email="ccc@example.com",
password="TestPassword123!",
first_name="CCC",
last_name="User"
)
await user_crud.create(session, obj_in=user_data1)
await user_crud.create(session, obj_in=user_data2)
await session.commit()
async with SessionLocal() as session:
items, total = await user_crud.get_multi_with_total(
session, sort_by="email", sort_order="desc", limit=1
)
assert len(items) == 1
# First item should have higher email alphabetically
@pytest.mark.asyncio
async def test_get_multi_with_total_with_pagination(self, async_test_db):
"""Test get_multi_with_total pagination works correctly."""
test_engine, SessionLocal = async_test_db
# Create minimal users for pagination test (3 instead of 5)
async with SessionLocal() as session:
for i in range(3):
user_data = UserCreate(
email=f"user{i}@example.com",
password="TestPassword123!",
first_name=f"User{i}",
last_name="Test"
)
await user_crud.create(session, obj_in=user_data)
await session.commit()
async with SessionLocal() as session:
# Get first page
items1, total = await user_crud.get_multi_with_total(session, skip=0, limit=2)
assert len(items1) == 2
assert total >= 3
# Get second page
items2, total2 = await user_crud.get_multi_with_total(session, skip=2, limit=2)
assert len(items2) >= 1
assert total2 == total
# Ensure no overlap
ids1 = {item.id for item in items1}
ids2 = {item.id for item in items2}
assert ids1.isdisjoint(ids2)
class TestCRUDBaseCount:
"""Tests for count method."""
@pytest.mark.asyncio
async def test_count_basic(self, async_test_db, async_test_user):
"""Test count returns correct number."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
count = await user_crud.count(session)
assert isinstance(count, int)
assert count >= 1 # At least the test user
@pytest.mark.asyncio
async def test_count_multiple_users(self, async_test_db, async_test_user):
"""Test count with multiple users."""
test_engine, SessionLocal = async_test_db
# Create additional users
async with SessionLocal() as session:
initial_count = await user_crud.count(session)
user_data1 = UserCreate(
email="count1@example.com",
password="TestPassword123!",
first_name="Count",
last_name="One"
)
user_data2 = UserCreate(
email="count2@example.com",
password="TestPassword123!",
first_name="Count",
last_name="Two"
)
await user_crud.create(session, obj_in=user_data1)
await user_crud.create(session, obj_in=user_data2)
await session.commit()
async with SessionLocal() as session:
new_count = await user_crud.count(session)
assert new_count == initial_count + 2
@pytest.mark.asyncio
async def test_count_database_error(self, async_test_db):
"""Test count handles database errors."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
with patch.object(session, 'execute', side_effect=Exception("DB error")):
with pytest.raises(Exception, match="DB error"):
await user_crud.count(session)
class TestCRUDBaseExists:
"""Tests for exists method."""
@pytest.mark.asyncio
async def test_exists_true(self, async_test_db, async_test_user):
"""Test exists returns True for existing record."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.exists(session, id=str(async_test_user.id))
assert result is True
@pytest.mark.asyncio
async def test_exists_false(self, async_test_db):
"""Test exists returns False for non-existent record."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.exists(session, id=str(uuid4()))
assert result is False
@pytest.mark.asyncio
async def test_exists_invalid_uuid(self, async_test_db):
"""Test exists returns False for invalid UUID."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.exists(session, id="invalid-uuid")
assert result is False
class TestCRUDBaseSoftDelete:
"""Tests for soft_delete method."""
@pytest.mark.asyncio
async def test_soft_delete_success(self, async_test_db):
"""Test soft delete sets deleted_at timestamp."""
test_engine, SessionLocal = async_test_db
# Create a user to soft delete
async with SessionLocal() as session:
user_data = UserCreate(
email="softdelete@example.com",
password="TestPassword123!",
first_name="Soft",
last_name="Delete"
)
user = await user_crud.create(session, obj_in=user_data)
user_id = user.id
await session.commit()
# Soft delete the user
async with SessionLocal() as session:
deleted = await user_crud.soft_delete(session, id=str(user_id))
assert deleted is not None
assert deleted.deleted_at is not None
@pytest.mark.asyncio
async def test_soft_delete_invalid_uuid(self, async_test_db):
"""Test soft delete with invalid UUID returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.soft_delete(session, id="invalid-uuid")
assert result is None
@pytest.mark.asyncio
async def test_soft_delete_nonexistent(self, async_test_db):
"""Test soft delete of nonexistent record returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.soft_delete(session, id=str(uuid4()))
assert result is None
@pytest.mark.asyncio
async def test_soft_delete_with_uuid_object(self, async_test_db):
"""Test soft delete with UUID object."""
test_engine, SessionLocal = async_test_db
# Create a user to soft delete
async with SessionLocal() as session:
user_data = UserCreate(
email="softdelete2@example.com",
password="TestPassword123!",
first_name="Soft",
last_name="Delete2"
)
user = await user_crud.create(session, obj_in=user_data)
user_id = user.id
await session.commit()
# Soft delete with UUID object
async with SessionLocal() as session:
deleted = await user_crud.soft_delete(session, id=user_id) # UUID object
assert deleted is not None
assert deleted.deleted_at is not None
class TestCRUDBaseRestore:
"""Tests for restore method."""
@pytest.mark.asyncio
async def test_restore_success(self, async_test_db):
"""Test restore clears deleted_at timestamp."""
test_engine, SessionLocal = async_test_db
# Create and soft delete a user
async with SessionLocal() as session:
user_data = UserCreate(
email="restore@example.com",
password="TestPassword123!",
first_name="Restore",
last_name="Test"
)
user = await user_crud.create(session, obj_in=user_data)
user_id = user.id
await session.commit()
async with SessionLocal() as session:
await user_crud.soft_delete(session, id=str(user_id))
# Restore the user
async with SessionLocal() as session:
restored = await user_crud.restore(session, id=str(user_id))
assert restored is not None
assert restored.deleted_at is None
@pytest.mark.asyncio
async def test_restore_invalid_uuid(self, async_test_db):
"""Test restore with invalid UUID returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.restore(session, id="invalid-uuid")
assert result is None
@pytest.mark.asyncio
async def test_restore_nonexistent(self, async_test_db):
"""Test restore of nonexistent record returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
result = await user_crud.restore(session, id=str(uuid4()))
assert result is None
@pytest.mark.asyncio
async def test_restore_not_deleted(self, async_test_db, async_test_user):
"""Test restore of non-deleted record returns None."""
test_engine, SessionLocal = async_test_db
async with SessionLocal() as session:
# Try to restore a user that's not deleted
result = await user_crud.restore(session, id=str(async_test_user.id))
assert result is None
@pytest.mark.asyncio
async def test_restore_with_uuid_object(self, async_test_db):
"""Test restore with UUID object."""
test_engine, SessionLocal = async_test_db
# Create and soft delete a user
async with SessionLocal() as session:
user_data = UserCreate(
email="restore2@example.com",
password="TestPassword123!",
first_name="Restore",
last_name="Test2"
)
user = await user_crud.create(session, obj_in=user_data)
user_id = user.id
await session.commit()
async with SessionLocal() as session:
await user_crud.soft_delete(session, id=str(user_id))
# Restore with UUID object
async with SessionLocal() as session:
restored = await user_crud.restore(session, id=user_id) # UUID object
assert restored is not None
assert restored.deleted_at is None

229
backend/tests/crud/test_session.py
View File

@@ -245,7 +245,8 @@ class TestDeactivateAllUserSessions:
test_engine, AsyncTestingSessionLocal = async_test_db
async with AsyncTestingSessionLocal() as session:
for i in range(5):
# Create minimal sessions for test (2 instead of 5)
for i in range(2):
sess = UserSession(
user_id=async_test_user.id,
refresh_token_jti=f"bulk_{i}",
@@ -264,7 +265,7 @@ class TestDeactivateAllUserSessions:
session,
user_id=str(async_test_user.id)
)
assert count == 5
assert count == 2
class TestUpdateLastUsed:
@@ -337,3 +338,227 @@ class TestGetUserSessionCount:
user_id=str(uuid4())
)
assert count == 0
class TestUpdateRefreshToken:
"""Tests for update_refresh_token method."""
@pytest.mark.asyncio
async def test_update_refresh_token_success(self, async_test_db, async_test_user):
"""Test updating refresh token JTI and expiration."""
test_engine, AsyncTestingSessionLocal = async_test_db
async with AsyncTestingSessionLocal() as session:
user_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="old_jti",
device_name="Test Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=True,
expires_at=datetime.now(timezone.utc) + timedelta(days=7),
last_used_at=datetime.now(timezone.utc) - timedelta(hours=1)
)
session.add(user_session)
await session.commit()
await session.refresh(user_session)
new_jti = "new_jti_123"
new_expires = datetime.now(timezone.utc) + timedelta(days=14)
result = await session_crud.update_refresh_token(
session,
session=user_session,
new_jti=new_jti,
new_expires_at=new_expires
)
assert result.refresh_token_jti == new_jti
# Compare timestamps ignoring timezone info
assert abs((result.expires_at.replace(tzinfo=None) - new_expires.replace(tzinfo=None)).total_seconds()) < 1
class TestCleanupExpired:
"""Tests for cleanup_expired method."""
@pytest.mark.asyncio
async def test_cleanup_expired_success(self, async_test_db, async_test_user):
"""Test cleaning up old expired inactive sessions."""
test_engine, AsyncTestingSessionLocal = async_test_db
# Create old expired inactive session
async with AsyncTestingSessionLocal() as session:
old_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="old_expired",
device_name="Old Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=False,
expires_at=datetime.now(timezone.utc) - timedelta(days=5),
last_used_at=datetime.now(timezone.utc) - timedelta(days=35),
created_at=datetime.now(timezone.utc) - timedelta(days=35)
)
session.add(old_session)
await session.commit()
# Cleanup
async with AsyncTestingSessionLocal() as session:
count = await session_crud.cleanup_expired(session, keep_days=30)
assert count == 1
@pytest.mark.asyncio
async def test_cleanup_expired_keeps_recent(self, async_test_db, async_test_user):
"""Test that cleanup keeps recent expired sessions."""
test_engine, AsyncTestingSessionLocal = async_test_db
# Create recent expired inactive session (less than keep_days old)
async with AsyncTestingSessionLocal() as session:
recent_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="recent_expired",
device_name="Recent Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=False,
expires_at=datetime.now(timezone.utc) - timedelta(hours=1),
last_used_at=datetime.now(timezone.utc) - timedelta(hours=2),
created_at=datetime.now(timezone.utc) - timedelta(days=1)
)
session.add(recent_session)
await session.commit()
# Cleanup
async with AsyncTestingSessionLocal() as session:
count = await session_crud.cleanup_expired(session, keep_days=30)
assert count == 0 # Should not delete recent sessions
@pytest.mark.asyncio
async def test_cleanup_expired_keeps_active(self, async_test_db, async_test_user):
"""Test that cleanup does not delete active sessions."""
test_engine, AsyncTestingSessionLocal = async_test_db
# Create old expired but ACTIVE session
async with AsyncTestingSessionLocal() as session:
active_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="active_expired",
device_name="Active Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=True, # Active
expires_at=datetime.now(timezone.utc) - timedelta(days=5),
last_used_at=datetime.now(timezone.utc) - timedelta(days=35),
created_at=datetime.now(timezone.utc) - timedelta(days=35)
)
session.add(active_session)
await session.commit()
# Cleanup
async with AsyncTestingSessionLocal() as session:
count = await session_crud.cleanup_expired(session, keep_days=30)
assert count == 0 # Should not delete active sessions
class TestCleanupExpiredForUser:
"""Tests for cleanup_expired_for_user method."""
@pytest.mark.asyncio
async def test_cleanup_expired_for_user_success(self, async_test_db, async_test_user):
"""Test cleaning up expired sessions for specific user."""
test_engine, AsyncTestingSessionLocal = async_test_db
# Create expired inactive session for user
async with AsyncTestingSessionLocal() as session:
expired_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="user_expired",
device_name="Expired Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=False,
expires_at=datetime.now(timezone.utc) - timedelta(days=1),
last_used_at=datetime.now(timezone.utc) - timedelta(days=2)
)
session.add(expired_session)
await session.commit()
# Cleanup for user
async with AsyncTestingSessionLocal() as session:
count = await session_crud.cleanup_expired_for_user(
session,
user_id=str(async_test_user.id)
)
assert count == 1
@pytest.mark.asyncio
async def test_cleanup_expired_for_user_invalid_uuid(self, async_test_db):
"""Test cleanup with invalid user UUID."""
test_engine, AsyncTestingSessionLocal = async_test_db
async with AsyncTestingSessionLocal() as session:
with pytest.raises(ValueError, match="Invalid user ID format"):
await session_crud.cleanup_expired_for_user(
session,
user_id="not-a-valid-uuid"
)
@pytest.mark.asyncio
async def test_cleanup_expired_for_user_keeps_active(self, async_test_db, async_test_user):
"""Test that cleanup for user keeps active sessions."""
test_engine, AsyncTestingSessionLocal = async_test_db
# Create expired but active session
async with AsyncTestingSessionLocal() as session:
active_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="active_user_expired",
device_name="Active Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=True, # Active
expires_at=datetime.now(timezone.utc) - timedelta(days=1),
last_used_at=datetime.now(timezone.utc) - timedelta(days=2)
)
session.add(active_session)
await session.commit()
# Cleanup
async with AsyncTestingSessionLocal() as session:
count = await session_crud.cleanup_expired_for_user(
session,
user_id=str(async_test_user.id)
)
assert count == 0 # Should not delete active sessions
class TestGetUserSessionsWithUser:
"""Tests for get_user_sessions with eager loading."""
@pytest.mark.asyncio
async def test_get_user_sessions_with_user_relationship(self, async_test_db, async_test_user):
"""Test getting sessions with user relationship loaded."""
test_engine, AsyncTestingSessionLocal = async_test_db
async with AsyncTestingSessionLocal() as session:
user_session = UserSession(
user_id=async_test_user.id,
refresh_token_jti="with_user",
device_name="Test Device",
ip_address="192.168.1.1",
user_agent="Mozilla/5.0",
is_active=True,
expires_at=datetime.now(timezone.utc) + timedelta(days=7),
last_used_at=datetime.now(timezone.utc)
)
session.add(user_session)
await session.commit()
# Get with user relationship
async with AsyncTestingSessionLocal() as session:
results = await session_crud.get_user_sessions(
session,
user_id=str(async_test_user.id),
with_user=True
)
assert len(results) >= 1