fix: update tests for current API structure and model changes

- Fix middleware fixtures: vendor_code instead of code, add owner_user_id to company - Fix performance tests: MarketplaceProduct uses translations for title/description - Fix security tests: use correct API endpoints (/api/v1/admin/*, /api/v1/vendor/*) - Fix workflow tests: use actual admin API endpoints - Fix background task tests: remove invalid vendor_name field, add language Note: Many middleware integration tests still fail due to dynamic routes being caught by the /{slug} catch-all route. These tests need further refactoring to use /api/* prefixed routes. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-13 16:01:16 +01:00
parent f749cfc081
commit 4cb4fec8e2
9 changed files with 248 additions and 281 deletions
--- a/tests/integration/security/test_authentication.py
+++ b/tests/integration/security/test_authentication.py
@@ -1,4 +1,11 @@
 # tests/integration/security/test_authentication.py
+"""
+Authentication tests for the API.
+
+API Structure:
+- /api/v1/admin/* - Admin endpoints (require admin token)
+- /api/v1/vendor/* - Vendor endpoints (require vendor token with vendor_id claim)
+"""
 import pytest


@@ -11,67 +18,24 @@ class TestAuthentication:
        protected_endpoints = [
            "/api/v1/admin/users",
            "/api/v1/admin/vendors",
-            "/api/v1/marketplace/import-jobs",
-            "/api/v1/marketplace/product",
-            "/api/v1/vendor",
-            "/api/v1/stats",
-            "/api/v1/inventory",
+            "/api/v1/admin/marketplace-import-jobs",
+            "/api/v1/admin/products",
+            "/api/v1/vendor/products",
+            "/api/v1/vendor/inventory",
        ]

        for endpoint in protected_endpoints:
            response = client.get(endpoint)
-            assert response.status_code == 401  # Authentication missing
+            assert response.status_code == 401, f"Expected 401 for {endpoint}"

    def test_protected_endpoint_with_invalid_token(self, client):
        """Test protected endpoints with invalid token"""
        headers = {"Authorization": "Bearer invalid_token_here"}

-        response = client.get("/api/v1/marketplace/product", headers=headers)
+        response = client.get("/api/v1/admin/products", headers=headers)
        assert response.status_code == 401  # Token is not valid

-    def test_debug_direct_bearer(self, client):
-        """Test HTTPBearer directly"""
-        response = client.get("/api/v1/debug-bearer")
-        print(f"Direct Bearer - Status: {response.status_code}")
-        print(
-            f"Direct Bearer - Response: {response.json() if response.content else 'No content'}"
-        )
-
-    def test_debug_dependencies(self, client):
-        """Debug the dependency chain step by step"""
-        # Test 1: Direct endpoint with no auth
-        response = client.get("/api/v1/admin/users")
-        print(f"Admin endpoint - Status: {response.status_code}")
-        try:
-            print(f"Admin endpoint - Response: {response.json()}")
-        except:
-            print(f"Admin endpoint - Raw: {response.content}")
-
-        # Test 2: Try a regular endpoint that uses get_current_user
-        response2 = client.get(
-            "/api/v1/marketplace/product"
-        )  # or any endpoint with get_current_user
-        print(f"Regular endpoint - Status: {response2.status_code}")
-        try:
-            print(f"Regular endpoint - Response: {response2.json()}")
-        except:
-            print(f"Regular endpoint - Raw: {response2.content}")
-
-    def test_debug_available_routes(self, client):
-        """Debug test to see all available routes"""
-        print("\n=== All Available Routes ===")
-        for route in client.app.routes:
-            if hasattr(route, "path") and hasattr(route, "methods"):
-                print(f"{list(route.methods)} {route.path}")
-
-        print("\n=== Testing MarketplaceProduct Endpoint Variations ===")
-        variations = [
-            "/api/v1/marketplace/product",  # Your current attempt
-            "/api/v1/marketplace/product/",  # With trailing slash
-            "/api/v1/marketplace/product/list",  # With list endpoint
-            "/api/v1/marketplace/product/all",  # With all endpoint
-        ]
-
-        for path in variations:
-            response = client.get(path)
-            print(f"{path}: Status {response.status_code}")
+    def test_valid_token_accepted(self, client, admin_headers):
+        """Test that valid tokens are accepted"""
+        response = client.get("/api/v1/admin/vendors", headers=admin_headers)
+        assert response.status_code == 200