sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
74bbf847024bc0f26bd6ec637d2bd7e4eafa7267
orion/tests/fixtures/auth_fixtures.py
Samir Boulahtit d7a0ff8818 refactor: complete module-driven architecture migration 
This commit completes the migration to a fully module-driven architecture:

## Models Migration
- Moved all domain models from models/database/ to their respective modules:
  - tenancy: User, Admin, Vendor, Company, Platform, VendorDomain, etc.
  - cms: MediaFile, VendorTheme
  - messaging: Email, VendorEmailSettings, VendorEmailTemplate
  - core: AdminMenuConfig
- models/database/ now only contains Base and TimestampMixin (infrastructure)

## Schemas Migration
- Moved all domain schemas from models/schema/ to their respective modules:
  - tenancy: company, vendor, admin, team, vendor_domain
  - cms: media, image, vendor_theme
  - messaging: email
- models/schema/ now only contains base.py and auth.py (infrastructure)

## Routes Migration
- Moved admin routes from app/api/v1/admin/ to modules:
  - menu_config.py -> core module
  - modules.py -> tenancy module
  - module_config.py -> tenancy module
- app/api/v1/admin/ now only aggregates auto-discovered module routes

## Menu System
- Implemented module-driven menu system with MenuDiscoveryService
- Extended FrontendType enum: PLATFORM, ADMIN, VENDOR, STOREFRONT
- Added MenuItemDefinition and MenuSectionDefinition dataclasses
- Each module now defines its own menu items in definition.py
- MenuService integrates with MenuDiscoveryService for template rendering

## Documentation
- Updated docs/architecture/models-structure.md
- Updated docs/architecture/menu-management.md
- Updated architecture validation rules for new exceptions

## Architecture Validation
- Updated MOD-019 rule to allow base.py in models/schema/
- Created core module exceptions.py and schemas/ directory
- All validation errors resolved (only warnings remain)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 21:02:56 +01:00

216 lines
6.6 KiB
Python
Raw Blame History

# tests/fixtures/auth_fixtures.py
"""
Authentication-related test fixtures.
Note: Fixtures should NOT use db.expunge() as it breaks lazy loading.
See tests/conftest.py for details on fixture best practices.
"""
import uuid
import pytest
from middleware.auth import AuthManager
from app.modules.tenancy.models import User
@pytest.fixture(scope="session")
def auth_manager():
"""Create auth manager instance (session scope since it's stateless)."""
return AuthManager()
@pytest.fixture
def test_user(db, auth_manager):
"""Create a test user with unique username."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("testpass123")
user = User(
email=f"test_{unique_id}@example.com",
username=f"testuser_{unique_id}",
hashed_password=hashed_password,
role="user",
is_active=True,
)
db.add(user)
db.commit()
db.refresh(user)
return user
@pytest.fixture
def test_admin(db, auth_manager):
"""Create a test admin user with unique username (super admin by default)."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("adminpass123")
admin = User(
email=f"admin_{unique_id}@example.com",
username=f"admin_{unique_id}",
hashed_password=hashed_password,
role="admin",
is_active=True,
is_super_admin=True, # Default to super admin for backward compatibility
)
db.add(admin)
db.commit()
db.refresh(admin)
return admin
@pytest.fixture
def test_super_admin(db, auth_manager):
"""Create a test super admin user with unique username."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("superadminpass123")
admin = User(
email=f"superadmin_{unique_id}@example.com",
username=f"superadmin_{unique_id}",
hashed_password=hashed_password,
role="admin",
is_active=True,
is_super_admin=True,
)
db.add(admin)
db.commit()
db.refresh(admin)
return admin
@pytest.fixture
def test_platform_admin(db, auth_manager):
"""Create a test platform admin user (not super admin)."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("platformadminpass123")
admin = User(
email=f"platformadmin_{unique_id}@example.com",
username=f"platformadmin_{unique_id}",
hashed_password=hashed_password,
role="admin",
is_active=True,
is_super_admin=False, # Platform admin, not super admin
)
db.add(admin)
db.commit()
db.refresh(admin)
return admin
@pytest.fixture
def super_admin_headers(client, test_super_admin):
"""Get authentication headers for super admin user."""
response = client.post(
"/api/v1/admin/auth/login",
json={"email_or_username": test_super_admin.username, "password": "superadminpass123"},
)
assert response.status_code == 200, f"Super admin login failed: {response.text}"
token = response.json()["access_token"]
return {"Authorization": f"Bearer {token}"}
@pytest.fixture
def platform_admin_headers(client, test_platform_admin):
"""Get authentication headers for platform admin user (no platform context yet)."""
response = client.post(
"/api/v1/admin/auth/login",
json={"email_or_username": test_platform_admin.username, "password": "platformadminpass123"},
)
assert response.status_code == 200, f"Platform admin login failed: {response.text}"
token = response.json()["access_token"]
return {"Authorization": f"Bearer {token}"}
@pytest.fixture
def another_admin(db, auth_manager):
"""Create another test admin user for testing admin-to-admin interactions."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("anotheradminpass123")
admin = User(
email=f"another_admin_{unique_id}@example.com",
username=f"another_admin_{unique_id}",
hashed_password=hashed_password,
role="admin",
is_active=True,
is_super_admin=True, # Super admin for backward compatibility
)
db.add(admin)
db.commit()
db.refresh(admin)
return admin
@pytest.fixture
def other_user(db, auth_manager):
"""Create a different user for testing access controls."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("otherpass123")
user = User(
email=f"other_{unique_id}@example.com",
username=f"otheruser_{unique_id}",
hashed_password=hashed_password,
role="user",
is_active=True,
)
db.add(user)
db.commit()
db.refresh(user)
return user
@pytest.fixture
def auth_headers(test_user, auth_manager):
"""Get authentication headers for test user (non-admin).
Uses direct JWT generation to avoid vendor context requirement of shop login.
This is used for testing non-admin access to admin endpoints.
"""
token_data = auth_manager.create_access_token(user=test_user)
return {"Authorization": f"Bearer {token_data['access_token']}"}
@pytest.fixture
def admin_headers(client, test_admin):
"""Get authentication headers for admin user"""
response = client.post(
"/api/v1/admin/auth/login",
json={"email_or_username": test_admin.username, "password": "adminpass123"},
)
assert response.status_code == 200, f"Admin login failed: {response.text}"
token = response.json()["access_token"]
return {"Authorization": f"Bearer {token}"}
@pytest.fixture
def test_vendor_user(db, auth_manager):
"""Create a test vendor user with unique username."""
unique_id = str(uuid.uuid4())[:8]
hashed_password = auth_manager.hash_password("vendorpass123")
user = User(
email=f"vendor_{unique_id}@example.com",
username=f"vendoruser_{unique_id}",
hashed_password=hashed_password,
role="vendor",
is_active=True,
)
db.add(user)
db.commit()
db.refresh(user)
return user
@pytest.fixture
def vendor_user_headers(client, test_vendor_user, test_vendor_with_vendor_user):
"""Get authentication headers for vendor user (uses get_current_vendor_api).
Depends on test_vendor_with_vendor_user to ensure VendorUser association exists.
"""
response = client.post(
"/api/v1/vendor/auth/login",
json={
"email_or_username": test_vendor_user.username,
"password": "vendorpass123",
},
)
assert response.status_code == 200, f"Vendor login failed: {response.text}"
token = response.json()["access_token"]
return {"Authorization": f"Bearer {token}"}
Reference in New Issue View Git Blame Copy Permalink