Samir Boulahtit
6161d69ba2
Align loyalty pages across admin, merchant, and store personas so each sees the same page set scoped to their access level. Admin acts as a superset of merchant with "on behalf" capabilities. New pages: - Store: Staff PINs management (CRUD) - Merchant: Cards, Card Detail, Transactions, Staff PINs (CRUD), Settings (read-only) - Admin: Merchant Cards, Card Detail, Transactions, PINs (read-only) Architecture: - 4 shared Jinja2 partials (cards-list, card-detail, transactions, pins) - 4 shared JS factory modules parameterized by apiPrefix/scope - Persona templates are thin wrappers including shared partials - PinDetailResponse schema for cross-store PIN listings API: 17 new endpoints (11 merchant, 6 admin on-behalf) Tests: 38 new integration tests, arch-check green i18n: ~130 new keys across en/fr/de/lb Docs: pages-and-navigation.md with full page matrix Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
334 lines
11 KiB
Python
334 lines
11 KiB
Python
# app/modules/loyalty/tests/integration/test_admin_pages.py
|
|
"""
|
|
Integration tests for admin loyalty page routes (HTML rendering).
|
|
|
|
Tests the admin page routes at:
|
|
/loyalty/programs
|
|
/loyalty/analytics
|
|
/loyalty/merchants/{merchant_id}
|
|
/loyalty/merchants/{merchant_id}/program
|
|
/loyalty/merchants/{merchant_id}/settings
|
|
|
|
Authentication: Uses super_admin_headers fixture (real JWT login).
|
|
"""
|
|
|
|
import uuid
|
|
|
|
import pytest
|
|
|
|
from app.modules.tenancy.models import Merchant, User
|
|
|
|
BASE = "/admin/loyalty"
|
|
|
|
|
|
# ============================================================================
|
|
# Fixtures
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.fixture
|
|
def admin_merchant(db):
|
|
"""Create a merchant for admin page tests."""
|
|
from middleware.auth import AuthManager
|
|
|
|
auth = AuthManager()
|
|
uid = uuid.uuid4().hex[:8]
|
|
|
|
owner = User(
|
|
email=f"pagemerchowner_{uid}@test.com",
|
|
username=f"pagemerchowner_{uid}",
|
|
hashed_password=auth.hash_password("testpass123"),
|
|
role="merchant_owner",
|
|
is_active=True,
|
|
is_email_verified=True,
|
|
)
|
|
db.add(owner)
|
|
db.commit()
|
|
db.refresh(owner)
|
|
|
|
merchant = Merchant(
|
|
name=f"Page Test Merchant {uid}",
|
|
owner_user_id=owner.id,
|
|
contact_email=owner.email,
|
|
is_active=True,
|
|
is_verified=True,
|
|
)
|
|
db.add(merchant)
|
|
db.commit()
|
|
db.refresh(merchant)
|
|
|
|
return merchant
|
|
|
|
|
|
# ============================================================================
|
|
# Programs Dashboard Page
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminProgramsPage:
|
|
"""Tests for GET /loyalty/programs."""
|
|
|
|
def test_programs_page_renders(self, client, super_admin_headers):
|
|
"""Programs dashboard returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/programs",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_programs_page_requires_auth(self, client):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(f"{BASE}/programs")
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Analytics Page
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminAnalyticsPage:
|
|
"""Tests for GET /loyalty/analytics."""
|
|
|
|
def test_analytics_page_renders(self, client, super_admin_headers):
|
|
"""Analytics page returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/analytics",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_analytics_page_requires_auth(self, client):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(f"{BASE}/analytics")
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Merchant Detail Page
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminMerchantDetailPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}."""
|
|
|
|
def test_merchant_detail_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Merchant detail page returns HTML with valid merchant."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_merchant_detail_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(f"{BASE}/merchants/{admin_merchant.id}")
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Program Edit Page (NEW — the uncommitted route)
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminProgramEditPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}/program."""
|
|
|
|
def test_program_edit_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Program edit page returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/program",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_program_edit_page_passes_merchant_id(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Page response contains the merchant_id for the Alpine component."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/program",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
# Template should include merchant_id so JS can use it
|
|
assert str(admin_merchant.id) in response.text
|
|
|
|
def test_program_edit_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/program"
|
|
)
|
|
assert response.status_code in [401, 403]
|
|
|
|
def test_program_edit_page_without_existing_program(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Page renders even when merchant has no program yet (create mode)."""
|
|
# admin_merchant has no program — page should still render
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/program",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
|
|
# ============================================================================
|
|
# Merchant Settings Page
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminMerchantSettingsPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}/settings."""
|
|
|
|
def test_settings_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Merchant settings page returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/settings",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_settings_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/settings"
|
|
)
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Merchant Cards Page (On Behalf)
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminMerchantCardsPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}/cards."""
|
|
|
|
def test_merchant_cards_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Merchant cards page returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/cards",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_merchant_cards_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(f"{BASE}/merchants/{admin_merchant.id}/cards")
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Merchant Card Detail Page (On Behalf)
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminMerchantCardDetailPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}/cards/{card_id}."""
|
|
|
|
def test_merchant_card_detail_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Card detail page returns HTML (even with non-existent card_id)."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/cards/99999",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_merchant_card_detail_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/cards/99999"
|
|
)
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Merchant Transactions Page (On Behalf)
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminMerchantTransactionsPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}/transactions."""
|
|
|
|
def test_merchant_transactions_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""Transactions page returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/transactions",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_merchant_transactions_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/transactions"
|
|
)
|
|
assert response.status_code in [401, 403]
|
|
|
|
|
|
# ============================================================================
|
|
# Merchant PINs Page (On Behalf, Read-Only)
|
|
# ============================================================================
|
|
|
|
|
|
@pytest.mark.integration
|
|
@pytest.mark.loyalty
|
|
class TestAdminMerchantPinsPage:
|
|
"""Tests for GET /loyalty/merchants/{merchant_id}/pins."""
|
|
|
|
def test_merchant_pins_page_renders(
|
|
self, client, super_admin_headers, admin_merchant
|
|
):
|
|
"""PINs page returns HTML."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/pins",
|
|
headers=super_admin_headers,
|
|
)
|
|
assert response.status_code == 200
|
|
assert "text/html" in response.headers["content-type"]
|
|
|
|
def test_merchant_pins_page_requires_auth(self, client, admin_merchant):
|
|
"""Unauthenticated request is rejected."""
|
|
response = client.get(
|
|
f"{BASE}/merchants/{admin_merchant.id}/pins"
|
|
)
|
|
assert response.status_code in [401, 403]
|