Samir Boulahtit
9920430b9e
- Remove |safe from |tojson in HTML attributes (x-data) - quotes must become " for browsers to parse correctly - Update LANG-002 and LANG-003 architecture rules to document correct |tojson usage patterns: - HTML attributes: |tojson (no |safe) - Script blocks: |tojson|safe - Fix validator to warn when |tojson|safe is used in x-data (breaks HTML attribute parsing) - Improve code quality across services, APIs, and tests 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
183 lines
5.2 KiB
Python
183 lines
5.2 KiB
Python
# tests/unit/models/database/test_team.py
|
|
"""Unit tests for VendorUser and Role database models."""
|
|
|
|
import pytest
|
|
|
|
from models.database.vendor import Role, Vendor, VendorUser
|
|
|
|
|
|
@pytest.mark.unit
|
|
@pytest.mark.database
|
|
class TestRoleModel:
|
|
"""Test Role model."""
|
|
|
|
def test_role_creation(self, db, test_vendor):
|
|
"""Test Role model creation."""
|
|
role = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Manager",
|
|
permissions=["products.create", "orders.view"],
|
|
)
|
|
db.add(role)
|
|
db.commit()
|
|
db.refresh(role)
|
|
|
|
assert role.id is not None
|
|
assert role.vendor_id == test_vendor.id
|
|
assert role.name == "Manager"
|
|
assert "products.create" in role.permissions
|
|
assert "orders.view" in role.permissions
|
|
|
|
def test_role_default_permissions(self, db, test_vendor):
|
|
"""Test Role model with default empty permissions."""
|
|
role = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Viewer",
|
|
)
|
|
db.add(role)
|
|
db.commit()
|
|
db.refresh(role)
|
|
|
|
assert role.permissions == [] or role.permissions is None
|
|
|
|
def test_role_vendor_relationship(self, db, test_vendor):
|
|
"""Test Role-Vendor relationship."""
|
|
role = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Admin",
|
|
permissions=["*"],
|
|
)
|
|
db.add(role)
|
|
db.commit()
|
|
db.refresh(role)
|
|
|
|
assert role.vendor is not None
|
|
assert role.vendor.id == test_vendor.id
|
|
|
|
|
|
@pytest.mark.unit
|
|
@pytest.mark.database
|
|
class TestVendorUserModel:
|
|
"""Test VendorUser model."""
|
|
|
|
def test_vendor_user_creation(self, db, test_vendor, test_user):
|
|
"""Test VendorUser model for team management."""
|
|
# Create a role
|
|
role = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Manager",
|
|
permissions=["products.create", "orders.view"],
|
|
)
|
|
db.add(role)
|
|
db.commit()
|
|
|
|
# Create vendor user
|
|
vendor_user = VendorUser(
|
|
vendor_id=test_vendor.id,
|
|
user_id=test_user.id,
|
|
role_id=role.id,
|
|
is_active=True,
|
|
)
|
|
db.add(vendor_user)
|
|
db.commit()
|
|
db.refresh(vendor_user)
|
|
|
|
assert vendor_user.id is not None
|
|
assert vendor_user.vendor_id == test_vendor.id
|
|
assert vendor_user.user_id == test_user.id
|
|
assert vendor_user.role.name == "Manager"
|
|
assert "products.create" in vendor_user.role.permissions
|
|
|
|
def test_vendor_user_multiple_vendors(
|
|
self, db, test_vendor, test_user, other_company
|
|
):
|
|
"""Test same user can be added to multiple vendors."""
|
|
# Create another vendor
|
|
other_vendor = Vendor(
|
|
company_id=other_company.id,
|
|
vendor_code="OTHER_VENDOR",
|
|
subdomain="othervendor",
|
|
name="Other Vendor",
|
|
)
|
|
db.add(other_vendor)
|
|
db.commit()
|
|
|
|
role1 = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Editor1",
|
|
permissions=["products.view"],
|
|
)
|
|
role2 = Role(
|
|
vendor_id=other_vendor.id,
|
|
name="Editor2",
|
|
permissions=["products.view"],
|
|
)
|
|
db.add_all([role1, role2])
|
|
db.commit()
|
|
|
|
# Same user can be added to different vendors
|
|
vendor_user1 = VendorUser(
|
|
vendor_id=test_vendor.id,
|
|
user_id=test_user.id,
|
|
role_id=role1.id,
|
|
)
|
|
vendor_user2 = VendorUser(
|
|
vendor_id=other_vendor.id,
|
|
user_id=test_user.id,
|
|
role_id=role2.id,
|
|
)
|
|
db.add_all([vendor_user1, vendor_user2])
|
|
db.commit()
|
|
|
|
assert vendor_user1.vendor_id != vendor_user2.vendor_id
|
|
assert vendor_user1.user_id == vendor_user2.user_id
|
|
|
|
def test_vendor_user_relationships(self, db, test_vendor, test_user):
|
|
"""Test VendorUser relationships."""
|
|
role = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Staff",
|
|
permissions=["orders.view"],
|
|
)
|
|
db.add(role)
|
|
db.commit()
|
|
|
|
vendor_user = VendorUser(
|
|
vendor_id=test_vendor.id,
|
|
user_id=test_user.id,
|
|
role_id=role.id,
|
|
is_active=True,
|
|
)
|
|
db.add(vendor_user)
|
|
db.commit()
|
|
db.refresh(vendor_user)
|
|
|
|
assert vendor_user.vendor is not None
|
|
assert vendor_user.user is not None
|
|
assert vendor_user.role is not None
|
|
assert vendor_user.vendor.vendor_code == test_vendor.vendor_code
|
|
assert vendor_user.user.email == test_user.email
|
|
|
|
def test_vendor_user_with_active_flag(self, db, test_vendor, test_user):
|
|
"""Test VendorUser is_active field."""
|
|
role = Role(
|
|
vendor_id=test_vendor.id,
|
|
name="Default",
|
|
permissions=[],
|
|
)
|
|
db.add(role)
|
|
db.commit()
|
|
|
|
# Create with explicit is_active=True
|
|
vendor_user = VendorUser(
|
|
vendor_id=test_vendor.id,
|
|
user_id=test_user.id,
|
|
role_id=role.id,
|
|
is_active=True,
|
|
)
|
|
db.add(vendor_user)
|
|
db.commit()
|
|
db.refresh(vendor_user)
|
|
|
|
assert vendor_user.is_active is True
|