irl/cloud-api
1
0
Fork 0
forked from sr2/cloud-api
Code Pull requests Activity

minor: ruff formatter

Browse source 
All changes are either:
- Correcting tabs
- Adding/removing line breaks
- Adding trailing commas
This commit is contained in:
Chris Milne 2026-06-08 15:31:37 +01:00
parent b2e5dd2ebb
commit c689ac1e10
91 changed files with 1710 additions and 689 deletions
Download patch file Download diff file Expand all files Collapse all files

93
test/test_auth_root.py
View file

@ -2,6 +2,7 @@
This module ensures root user only endpoints do return a correctly formatted 401 when user is not the root user for the org
DELETE endpoints are not tested
"""
import pytest
from httpx import AsyncClient
@ -12,10 +13,26 @@ from src.iam.models import Group
@pytest.fixture(autouse=True)
def add_second_org(db_session):
db_session.add(User(email="admin@test.org", first_name="Admin", last_name="Test", oidc_id="abcd-efgh-ijkl-4321"))
db_session.add(
User(
email="admin@test.org",
first_name="Admin",
last_name="Test",
oidc_id="abcd-efgh-ijkl-4321",
)
)
db_session.flush()
db_session.add(Org(name="Test Org Two", root_user_id=2, billing_contact_id=1, owner_contact_id=2, security_contact_id=3,
status="approved", intake_questionnaire={}))
db_session.add(
Org(
name="Test Org Two",
root_user_id=2,
billing_contact_id=1,
owner_contact_id=2,
security_contact_id=3,
status="approved",
intake_questionnaire={},
)
)
db_session.flush()
@ -29,11 +46,18 @@ async def test_get_org_auth_root(no_su_client: AsyncClient):
@pytest.mark.anyio
async def test_patch_org_questionnaire_auth_root(no_su_client: AsyncClient):
resp = await no_su_client.patch("/org/questionnaire", json={"organisation_id": 2,
"intake_questionnaire": {"question_one": "new answer one",
"question_two": None,
"question_three": None},
"partial": True})
resp = await no_su_client.patch(
"/org/questionnaire",
json={
"organisation_id": 2,
"intake_questionnaire": {
"question_one": "new answer one",
"question_two": None,
"question_three": None,
},
"partial": True,
},
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]
@ -49,10 +73,19 @@ async def test_get_org_users_auth_root(no_su_client: AsyncClient):
@pytest.mark.anyio
async def test_post_org_user_auth_root(no_su_client: AsyncClient, db_session):
db_session.add(User(email="user@test.org", first_name="User", last_name="Test", oidc_id="abcd-efgh-ijkl-1234"))
db_session.add(
User(
email="user@test.org",
first_name="User",
last_name="Test",
oidc_id="abcd-efgh-ijkl-1234",
)
)
db_session.flush()
resp = await no_su_client.post("/org/user", json={"organisation_id": 2, "user_id": 2})
resp = await no_su_client.post(
"/org/user", json={"organisation_id": 2, "user_id": 2}
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]
@ -76,8 +109,14 @@ async def test_get_org_contact_auth_root(no_su_client: AsyncClient):
@pytest.mark.anyio
async def test_patch_org_contact_auth_root(no_su_client: AsyncClient):
resp = await no_su_client.patch("/org/contact",
json={"organisation_id": 2, "contact_type": "billing", "email": "user@example.com"})
resp = await no_su_client.patch(
"/org/contact",
json={
"organisation_id": 2,
"contact_type": "billing",
"email": "user@example.com",
},
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]
@ -109,17 +148,24 @@ async def test_get_iam_group_users_auth_root(no_su_client: AsyncClient):
@pytest.mark.anyio
async def test_post_iam_group_auth_root(no_su_client: AsyncClient):
resp = await no_su_client.post("/iam/group", json={"name": "New Group", "organisation_id": 2})
resp = await no_su_client.post(
"/iam/group", json={"name": "New Group", "organisation_id": 2}
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]
@pytest.mark.anyio
async def test_put_iam_group_permission_auth_root(no_su_client: AsyncClient, db_session):
async def test_put_iam_group_permission_auth_root(
no_su_client: AsyncClient, db_session
):
db_session.add(Group(name="Test Group Two", org_id=2))
db_session.flush()
resp = await no_su_client.put("/iam/group/permission", json={"permission_id": 1, "group_id": 2, "organisation_id": 2})
resp = await no_su_client.put(
"/iam/group/permission",
json={"permission_id": 1, "group_id": 2, "organisation_id": 2},
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]
@ -127,10 +173,19 @@ async def test_put_iam_group_permission_auth_root(no_su_client: AsyncClient, db_
@pytest.mark.anyio
async def test_put_iam_group_user_auth_root(no_su_client: AsyncClient, db_session):
db_session.add(User(email="user@test.org", first_name="User", last_name="Test", oidc_id="abcd-efgh-ijkl-1234"))
db_session.add(
User(
email="user@test.org",
first_name="User",
last_name="Test",
oidc_id="abcd-efgh-ijkl-1234",
)
)
db_session.flush()
resp = await no_su_client.put("/iam/group/user", json={"user_id": 2, "group_id": 1, "organisation_id": 2})
resp = await no_su_client.put(
"/iam/group/user", json={"user_id": 2, "group_id": 1, "organisation_id": 2}
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]
@ -146,7 +201,9 @@ async def test_get_iam_permissions_auth_root(no_su_client: AsyncClient):
@pytest.mark.anyio
async def test_post_iam_permissions_search_auth_root(no_su_client: AsyncClient):
resp = await no_su_client.post("/iam/permissions/search", json={"organisation_id": 2, "action": "read"})
resp = await no_su_client.post(
"/iam/permissions/search", json={"organisation_id": 2, "action": "read"}
)
assert resp.status_code != 422
assert resp.status_code == 401
assert "Must be the org's root user" in resp.json()["detail"]