MrSphay/odysseus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add tests for open-signup endpoint

Browse Source
This commit is contained in:
Mihail Filippov
2026-06-02 14:42:10 +03:00
committed by GitHub
parent 100772e3c6
commit d92d6b5e67
1 changed files with 77 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
tests/test_auth_regressions.py
View File

@@ -84,6 +84,83 @@ _ensure_stub("src.endpoint_resolver",
from fastapi import HTTPException from fastapi import HTTPException
# ---------------------------------------------------------------------------
# Auth routes -- open signup setter
# ---------------------------------------------------------------------------
def _auth_route_endpoint(path: str, method: str):
from routes.auth_routes import setup_auth_routes
auth_manager = MagicMock()
router = setup_auth_routes(auth_manager)
for route in router.routes:
if getattr(route, "path", "") == path and method in getattr(route, "methods", set()):
return auth_manager, route.endpoint
raise AssertionError(f"{method} {path} route not registered")
def _fake_auth_request(token="session-token"):
from routes.auth_routes import SESSION_COOKIE
req = SimpleNamespace()
req.cookies = {SESSION_COOKIE: token}
req.client = SimpleNamespace(host="127.0.0.1")
return req
def test_set_signup_enabled_true_is_idempotent():
from routes.auth_routes import SetOpenRegistrationRequest
auth, target = _auth_route_endpoint("/api/auth/open-signup", "PUT")
auth.get_username_for_token.return_value = "admin"
auth.is_admin.return_value = True
request = _fake_auth_request()
auth.signup_enabled = False
out = asyncio.run(target(body=SetOpenRegistrationRequest(enabled=True),request=request))
assert out == {"ok": True, "signup_enabled": True}
assert auth.signup_enabled is True
out = asyncio.run(target(body=SetOpenRegistrationRequest(enabled=True), request=request))
assert out == {"ok": True, "signup_enabled": True}
assert auth.signup_enabled is True
def test_set_signup_enabled_false_is_idempotent():
from routes.auth_routes import SetOpenRegistrationRequest
auth, target = _auth_route_endpoint("/api/auth/open-signup", "PUT")
auth.get_username_for_token.return_value = "admin"
auth.is_admin.return_value = True
request = _fake_auth_request()
auth.signup_enabled = True
out = asyncio.run(target(body=SetOpenRegistrationRequest(enabled=False), request=request))
assert out == {"ok": True, "signup_enabled": False}
assert auth.signup_enabled is False
out = asyncio.run(target(body=SetOpenRegistrationRequest(enabled=False), request=request))
assert out == {"ok": True, "signup_enabled": False}
assert auth.signup_enabled is False
def test_set_signup_enabled_requires_admin():
from routes.auth_routes import SetOpenRegistrationRequest
auth, target = _auth_route_endpoint("/api/auth/open-signup", "PUT")
auth.get_username_for_token.return_value = "bob"
auth.is_admin.return_value = False
auth.signup_enabled = False
with pytest.raises(HTTPException) as exc:
asyncio.run(target(body=SetOpenRegistrationRequest(enabled=True), request=_fake_auth_request()))
assert exc.value.status_code == 403
assert auth.signup_enabled is False
# --------------------------------------------------------------------------- # ---------------------------------------------------------------------------
# Research endpoints — `_require_user` rejects anonymous # Research endpoints — `_require_user` rejects anonymous