From 01f7add8dd41fe72120ca7c5c8fc5c877f2c754f Mon Sep 17 00:00:00 2001
From: Samir Boulahtit <samir.boulahtit@wizard.lu>
Date: Sun, 29 Mar 2026 21:47:10 +0200
Subject: [PATCH] test(tenancy): add integration tests for resend invitation

2 new tests in TestResendInvitation:
- test_resend_invitation_for_pending_member: verifies token regeneration
  and invitation_sent_at update
- test_resend_invitation_nonexistent_user: verifies 404

Total: 17 store team member integration tests.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .../test_store_team_members_api.py            | 79 +++++++++++++++++++
 1 file changed, 79 insertions(+)

diff --git a/app/modules/tenancy/tests/integration/test_store_team_members_api.py b/app/modules/tenancy/tests/integration/test_store_team_members_api.py
index b09b593a..fc8d049d 100644
--- a/app/modules/tenancy/tests/integration/test_store_team_members_api.py
+++ b/app/modules/tenancy/tests/integration/test_store_team_members_api.py
@@ -432,3 +432,82 @@ class TestInviteMember:
         )
         # May succeed as reactivation or fail as duplicate
         assert response.status_code in (200, 400, 409, 422)
+
+
+# ============================================================================
+# POST /team/members/{user_id}/resend
+# ============================================================================
+
+
+@pytest.mark.integration
+@pytest.mark.tenancy
+class TestResendInvitation:
+    """Tests for POST /api/v1/store/team/members/{user_id}/resend."""
+
+    def test_resend_invitation_for_pending_member(
+        self, client, member_auth, member_store, db
+    ):
+        """POST /members/{user_id}/resend works for pending members."""
+        from unittest.mock import patch
+
+        from middleware.auth import AuthManager
+
+        auth = AuthManager()
+        uid = uuid.uuid4().hex[:8]
+        # Create a pending user (is_active=False, has invitation_token)
+        pending_user = User(
+            email=f"pending_{uid}@test.com",
+            username=f"pending_{uid}",
+            hashed_password=auth.hash_password("pass123"),
+            role="store_member",
+            is_active=False,
+        )
+        db.add(pending_user)
+        db.commit()
+
+        from app.modules.tenancy.models import Role
+
+        role = db.query(Role).filter(Role.store_id == member_store.id).first()
+        if not role:
+            role = Role(store_id=member_store.id, name="staff", permissions=[])
+            db.add(role)
+            db.commit()
+
+        pending_su = StoreUser(
+            store_id=member_store.id,
+            user_id=pending_user.id,
+            role_id=role.id,
+            is_active=False,
+            invitation_token=f"old_token_{uid}",
+            invitation_sent_at=None,
+        )
+        db.add(pending_su)
+        db.commit()
+
+        with patch("app.modules.tenancy.services.store_team_service.StoreTeamService._send_invitation_email"):
+            response = client.post(
+                f"{BASE}/members/{pending_user.id}/resend",
+                headers=member_auth,
+            )
+        assert response.status_code == 200
+        data = response.json()
+        assert data["invitation_sent"] is True
+
+        # Verify token was regenerated
+        db.expire_all()
+        updated_su = (
+            db.query(StoreUser)
+            .execution_options(include_deleted=True)
+            .filter(StoreUser.id == pending_su.id)
+            .first()
+        )
+        assert updated_su.invitation_token != f"old_token_{uid}"
+        assert updated_su.invitation_sent_at is not None
+
+    def test_resend_invitation_nonexistent_user(self, client, member_auth):
+        """POST /members/{user_id}/resend returns 404 for nonexistent user."""
+        response = client.post(
+            f"{BASE}/members/99999/resend",
+            headers=member_auth,
+        )
+        assert response.status_code == 404