tests/user CRUD routes

mealie/routes/users/crud.py

@@ -2,13 +2,13 @@ from db.database import db
 from db.db_setup import generate_session
 from fastapi import APIRouter, Depends
 from models.user_models import CreateUser, UserResponse
-from routes.deps import manager, query_user
+from routes.deps import manager
 from sqlalchemy.orm.session import Session
 
 router = APIRouter(prefix="/api/users", tags=["Users"])
 
 
-@router.post("/", response_model=UserResponse)
+@router.post("", response_model=UserResponse, status_code=201)
 async def create_user(
     new_user: CreateUser,
     current_user=Depends(manager),
@@ -21,11 +21,15 @@ async def create_user(
     return data
 
 
-@router.get("/", response_model=list[UserResponse])
+@router.get("", response_model=list[UserResponse])
 async def get_all_users(
     current_user=Depends(manager), session: Session = Depends(generate_session)
 ):
-    return db.users.get_all(session)
+
+    if current_user.get("is_superuser"):
+        return db.users.get_all(session)
+    else:
+        return {"details": "user not authorized"}
 
 
 @router.get("/{id}", response_model=UserResponse)

mealie/tests/conftest.py

@@ -1,27 +1,27 @@
-from pathlib import Path
+import json
 
+import requests
 from app import app
 from app_config import SQLITE_DIR
 from db.db_setup import generate_session, sql_global_init
+from db.init_db import init_db
 from fastapi.testclient import TestClient
 from pytest import fixture
-from services.settings_services import default_settings_init
-from services.theme_services import default_theme_init
 
 from tests.test_config import TEST_DATA
 
 SQLITE_FILE = SQLITE_DIR.joinpath("test.db")
 SQLITE_FILE.unlink(missing_ok=True)
+TOKEN_URL = "/api/auth/token"
 
 
 TestSessionLocal = sql_global_init(SQLITE_FILE, check_thread=False)
+init_db(TestSessionLocal())
 
 
 def override_get_db():
     try:
         db = TestSessionLocal()
-        default_theme_init()
-        default_settings_init()
         yield db
     finally:
         db.close()
@@ -31,11 +31,22 @@ def override_get_db():
 def api_client():
 
     app.dependency_overrides[generate_session] = override_get_db
+
     yield TestClient(app)
 
-    SQLITE_FILE.unlink()
+    # SQLITE_FILE.unlink()
 
 
 @fixture(scope="session")
 def test_image():
     return TEST_DATA.joinpath("test_image.jpg")
+
+
+@fixture(scope="session")
+def token(api_client: requests):
+    form_data = {"username": "changeme@email.com", "password": "MyPassword"}
+    response = api_client.post(TOKEN_URL, form_data)
+
+    token = json.loads(response.text).get("access_token")
+
+    return {"Authorization": f"Bearer {token}"}

mealie/tests/test_routes/test_settings_routes.py

@@ -34,8 +34,6 @@ def default_theme(api_client):
         },
     }
 
-    api_client.post(THEMES_CREATE, json=default_theme)
-
     return default_theme
 
 

mealie/tests/test_routes/test_user_routes.py

@@ -0,0 +1,94 @@
+import json
+
+import requests
+from pytest import fixture
+
+BASE = "/api/users"
+TOKEN_URL = "/api/auth/token"
+
+
+
+
+
+@fixture(scope="session")
+def default_user():
+    return {
+        "id": 1,
+        "full_name": "Change Me",
+        "email": "changeme@email.com",
+        "family": "public",
+    }
+
+
+@fixture(scope="session")
+def new_user():
+    return {
+        "id": 2,
+        "full_name": "My New User",
+        "email": "newuser@email.com",
+        "family": "public",
+    }
+
+
+def test_superuser_login(api_client: requests):
+    form_data = {"username": "changeme@email.com", "password": "MyPassword"}
+    response = api_client.post(TOKEN_URL, form_data)
+
+    assert response.status_code == 200
+    token = json.loads(response.text).get("access_token")
+
+    return {"Authorization": f"Bearer {token}"}
+
+
+def test_init_superuser(api_client: requests, token, default_user):
+    response = api_client.get(f"{BASE}/1", headers=token)
+    assert response.status_code == 200
+
+    assert json.loads(response.text) == default_user
+
+
+def test_create_user(api_client: requests, token, new_user):
+    create_data = {
+        "full_name": "My New User",
+        "email": "newuser@email.com",
+        "password": "MyStrongPassword",
+        "family": "public",
+    }
+
+    response = api_client.post(f"{BASE}", json=create_data, headers=token)
+
+    assert response.status_code == 201
+    assert json.loads(response.text) == new_user
+    assert True
+
+
+def test_get_all_users(api_client: requests, token, new_user, default_user):
+    response = api_client.get(f"{BASE}", headers=token)
+
+    assert response.status_code == 200
+
+    assert json.loads(response.text) == [default_user, new_user]
+
+
+def test_update_user(api_client: requests, token):
+    update_data = {
+        "full_name": "Updated Name",
+        "email": "updated@email.com",
+        "password": "MyStrongPassword",
+        "family": "public",
+    }
+    response = api_client.put(f"{BASE}/1", headers=token, json=update_data)
+
+    assert response.status_code == 200
+    assert json.loads(response.text) == {
+        "id": 1,
+        "full_name": "Updated Name",
+        "email": "updated@email.com",
+        "family": "public",
+    }
+
+
+def test_delete_user(api_client: requests, token):
+    response = api_client.delete(f"{BASE}/2", headers=token)
+
+    assert response.status_code == 200