sr2/cloud-api
6
0
Fork 1
Code Issues 9 Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions

tests: get_testable_routes finds auth level
All checks were successful
ci / ruff (push) Successful in 4s
Details
ci / ty (push) Successful in 4s
Details
ci / tests (push) Successful in 16s
Details
ci / build (push) Successful in 34s
Details

Browse source 
Checks all dependencies used on each endpoint and determines the highest level of auth applied to each endpoint.

API Key>SU>Root>User>None
This commit is contained in:
Chris Milne 2026-06-22 16:45:50 +01:00
parent bee0dcd4fe
commit 7dad2e920e
1 changed files with 30 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

36
test/conftest.py
View file

@ -1,3 +1,4 @@
from fastapi.dependencies.models import Dependant
import pytest import pytest
from typing import AsyncGenerator from typing import AsyncGenerator
@ -265,6 +266,33 @@ def get_testable_routes():
continue continue
if not isinstance(route.route, APIRoute): if not isinstance(route.route, APIRoute):
continue continue
dep_func_names = set()
unchecked = []
unchecked.append(route.route.dependant)
while unchecked:
dependant = unchecked.pop(0)
ck = dependant.cache_key[0]
if hasattr(ck, "__name__"):
dep_func_names.add(ck.__name__)
unchecked += [
dep for dep in dependant.dependencies if isinstance(dep, Dependant)
]
auth_level = None
if "get_current_user" in dep_func_names:
auth_level = "User"
if (
"org_body_root_claims" in dep_func_names
or "org_query_root_claims" in dep_func_names
):
auth_level = "Root User"
if "user_model_super_admin" in dep_func_names:
auth_level = "Super Admin"
if "valid_service_key" in dep_func_names:
auth_level = "API Key"
for method in route.methods: for method in route.methods:
if method in {"HEAD", "OPTIONS"}: if method in {"HEAD", "OPTIONS"}:
continue continue
@ -276,18 +304,14 @@ def get_testable_routes():
route.route.status_code, route.route.status_code,
route.route.response_model, route.route.response_model,
route.route.summary, route.route.summary,
auth_level,
) )
) )
return routes return routes
# with open("endpoints.txt", "w") as f:
# for ep in get_testable_routes():
# f.write(f"[{ep[0]}]({ep[1]}) -> {ep[2]}: {ep[3]}\n")
#
#
### Docstring formatted output ### ### Docstring formatted output ###
with open("endpoints.txt", "w") as f: with open("endpoints.txt", "w") as f:
for ep in get_testable_routes(): for ep in get_testable_routes():
f.write(f"- [{ep[0]}]({ep[1]}): []: {ep[4]}\n") f.write(f"- [{ep[0]}]({ep[1]}): [{ep[5]}]: {ep[4]}\n")