196 lines
7.3 KiB
Python
196 lines
7.3 KiB
Python
# tests/integration/api/v1/test_admin_endpoints.py
|
|
import pytest
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.api
|
|
@pytest.mark.admin
|
|
class TestAdminAPI:
|
|
def test_get_all_users_admin(self, client, admin_headers, test_user):
|
|
"""Test admin getting all users"""
|
|
response = client.get("/api/v1/admin/users", headers=admin_headers)
|
|
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert len(data) >= 2 # test_user + admin user
|
|
|
|
# Check that test_user is in the response
|
|
user_ids = [user["id"] for user in data if "id" in user]
|
|
assert test_user.id in user_ids
|
|
|
|
def test_get_all_users_non_admin(self, client, auth_headers):
|
|
"""Test non-admin trying to access admin endpoint"""
|
|
response = client.get("/api/v1/admin/users", headers=auth_headers)
|
|
|
|
assert response.status_code == 403
|
|
assert (
|
|
"Access denied" in response.json()["detail"]
|
|
or "admin" in response.json()["detail"].lower()
|
|
)
|
|
|
|
def test_toggle_user_status_admin(self, client, admin_headers, test_user):
|
|
"""Test admin toggling user status"""
|
|
response = client.put(
|
|
f"/api/v1/admin/users/{test_user.id}/status", headers=admin_headers
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
message = response.json()["message"]
|
|
assert "deactivated" in message or "activated" in message
|
|
# Verify the username is in the message
|
|
assert test_user.username in message
|
|
|
|
def test_toggle_user_status_user_not_found(self, client, admin_headers):
|
|
"""Test admin toggling status for non-existent user"""
|
|
response = client.put("/api/v1/admin/users/99999/status", headers=admin_headers)
|
|
|
|
assert response.status_code == 404
|
|
assert "User not found" in response.json()["detail"]
|
|
|
|
def test_toggle_user_status_cannot_deactivate_self(
|
|
self, client, admin_headers, test_admin
|
|
):
|
|
"""Test that admin cannot deactivate their own account"""
|
|
response = client.put(
|
|
f"/api/v1/admin/users/{test_admin.id}/status", headers=admin_headers
|
|
)
|
|
|
|
assert response.status_code == 400
|
|
assert "Cannot deactivate your own account" in response.json()["detail"]
|
|
|
|
def test_get_all_shops_admin(self, client, admin_headers, test_shop):
|
|
"""Test admin getting all shops"""
|
|
response = client.get("/api/v1/admin/shops", headers=admin_headers)
|
|
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert data["total"] >= 1
|
|
assert len(data["shops"]) >= 1
|
|
|
|
# Check that test_shop is in the response
|
|
shop_codes = [
|
|
shop["shop_code"] for shop in data["shops"] if "shop_code" in shop
|
|
]
|
|
assert test_shop.shop_code in shop_codes
|
|
|
|
def test_get_all_shops_non_admin(self, client, auth_headers):
|
|
"""Test non-admin trying to access admin shop endpoint"""
|
|
response = client.get("/api/v1/admin/shops", headers=auth_headers)
|
|
|
|
assert response.status_code == 403
|
|
assert (
|
|
"Access denied" in response.json()["detail"]
|
|
or "admin" in response.json()["detail"].lower()
|
|
)
|
|
|
|
def test_verify_shop_admin(self, client, admin_headers, test_shop):
|
|
"""Test admin verifying/unverifying shop"""
|
|
response = client.put(
|
|
f"/api/v1/admin/shops/{test_shop.id}/verify", headers=admin_headers
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
message = response.json()["message"]
|
|
assert "verified" in message or "unverified" in message
|
|
assert test_shop.shop_code in message
|
|
|
|
def test_verify_shop_not_found(self, client, admin_headers):
|
|
"""Test admin verifying non-existent shop"""
|
|
response = client.put("/api/v1/admin/shops/99999/verify", headers=admin_headers)
|
|
|
|
assert response.status_code == 404
|
|
assert "Shop not found" in response.json()["detail"]
|
|
|
|
def test_toggle_shop_status_admin(self, client, admin_headers, test_shop):
|
|
"""Test admin toggling shop status"""
|
|
response = client.put(
|
|
f"/api/v1/admin/shops/{test_shop.id}/status", headers=admin_headers
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
message = response.json()["message"]
|
|
assert "activated" in message or "deactivated" in message
|
|
assert test_shop.shop_code in message
|
|
|
|
def test_toggle_shop_status_not_found(self, client, admin_headers):
|
|
"""Test admin toggling status for non-existent shop"""
|
|
response = client.put("/api/v1/admin/shops/99999/status", headers=admin_headers)
|
|
|
|
assert response.status_code == 404
|
|
assert "Shop not found" in response.json()["detail"]
|
|
|
|
def test_get_marketplace_import_jobs_admin(
|
|
self, client, admin_headers, test_marketplace_job
|
|
):
|
|
"""Test admin getting marketplace import jobs"""
|
|
response = client.get(
|
|
"/api/v1/admin/marketplace-import-jobs", headers=admin_headers
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert len(data) >= 1
|
|
|
|
# Check that test_marketplace_job is in the response
|
|
job_ids = [job["job_id"] for job in data if "job_id" in job]
|
|
assert test_marketplace_job.id in job_ids
|
|
|
|
def test_get_marketplace_import_jobs_with_filters(
|
|
self, client, admin_headers, test_marketplace_job
|
|
):
|
|
"""Test admin getting marketplace import jobs with filters"""
|
|
response = client.get(
|
|
"/api/v1/admin/marketplace-import-jobs",
|
|
params={"marketplace": test_marketplace_job.marketplace},
|
|
headers=admin_headers,
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert len(data) >= 1
|
|
assert all(
|
|
job["marketplace"] == test_marketplace_job.marketplace for job in data
|
|
)
|
|
|
|
def test_get_marketplace_import_jobs_non_admin(self, client, auth_headers):
|
|
"""Test non-admin trying to access marketplace import jobs"""
|
|
response = client.get(
|
|
"/api/v1/admin/marketplace-import-jobs", headers=auth_headers
|
|
)
|
|
|
|
assert response.status_code == 403
|
|
assert (
|
|
"Access denied" in response.json()["detail"]
|
|
or "admin" in response.json()["detail"].lower()
|
|
)
|
|
|
|
def test_admin_pagination_users(self, client, admin_headers, test_user, test_admin):
|
|
"""Test user pagination works correctly"""
|
|
# Test first page
|
|
response = client.get(
|
|
"/api/v1/admin/users?skip=0&limit=1", headers=admin_headers
|
|
)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert len(data) == 1
|
|
|
|
# Test second page
|
|
response = client.get(
|
|
"/api/v1/admin/users?skip=1&limit=1", headers=admin_headers
|
|
)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert len(data) >= 0 # Could be 1 or 0 depending on total users
|
|
|
|
def test_admin_pagination_shops(self, client, admin_headers, test_shop):
|
|
"""Test shop pagination works correctly"""
|
|
response = client.get(
|
|
"/api/v1/admin/shops?skip=0&limit=1", headers=admin_headers
|
|
)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert data["total"] >= 1
|
|
assert len(data["shops"]) >= 0
|
|
assert "skip" in data
|
|
assert "limit" in data
|