366 lines
13 KiB
Python
366 lines
13 KiB
Python
"""Tests for FastAPI endpoints."""
|
|
|
|
import os
|
|
import pytest
|
|
from fastapi.testclient import TestClient
|
|
|
|
|
|
@pytest.fixture
|
|
def app_client(tmp_path, monkeypatch):
|
|
monkeypatch.setenv("DATA_DIR", str(tmp_path))
|
|
monkeypatch.setenv("JWT_SECRET_KEY", "test-secret")
|
|
from app.main import create_app
|
|
app = create_app()
|
|
return TestClient(app)
|
|
|
|
|
|
@pytest.fixture
|
|
def seeded_client(tmp_path, monkeypatch):
|
|
"""Client with a pre-created admin user and JWT token."""
|
|
monkeypatch.setenv("DATA_DIR", str(tmp_path))
|
|
monkeypatch.setenv("JWT_SECRET_KEY", "test-secret")
|
|
from app.main import create_app
|
|
from src.db import get_system_db
|
|
from src.repositories.users import UserRepository
|
|
from app.auth.jwt import create_access_token
|
|
|
|
from argon2 import PasswordHasher
|
|
ph = PasswordHasher()
|
|
|
|
conn = get_system_db()
|
|
repo = UserRepository(conn)
|
|
repo.create(id="admin1", email="admin@acme.com", name="Admin", role="admin",
|
|
password_hash=ph.hash("adminpass"))
|
|
repo.create(id="analyst1", email="analyst@acme.com", name="Analyst", role="analyst",
|
|
password_hash=ph.hash("analystpass"))
|
|
conn.close()
|
|
|
|
app = create_app()
|
|
client = TestClient(app)
|
|
|
|
admin_token = create_access_token("admin1", "admin@acme.com", "admin")
|
|
analyst_token = create_access_token("analyst1", "analyst@acme.com", "analyst")
|
|
|
|
return client, admin_token, analyst_token
|
|
|
|
|
|
# ---- Health ----
|
|
|
|
class TestHealth:
|
|
def test_health_no_auth(self, app_client):
|
|
resp = app_client.get("/api/health")
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert data["status"] in ("healthy", "degraded", "unhealthy")
|
|
assert "services" in data
|
|
|
|
def test_health_has_duckdb_check(self, app_client):
|
|
resp = app_client.get("/api/health")
|
|
data = resp.json()
|
|
assert "duckdb_state" in data["services"]
|
|
assert data["services"]["duckdb_state"]["status"] == "ok"
|
|
|
|
|
|
# ---- Auth ----
|
|
|
|
class TestAuth:
|
|
def test_token_for_existing_user(self, seeded_client):
|
|
client, _, _ = seeded_client
|
|
resp = client.post("/auth/token", json={"email": "admin@acme.com", "password": "adminpass"})
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert "access_token" in data
|
|
assert data["role"] == "admin"
|
|
|
|
def test_token_for_unknown_user(self, seeded_client):
|
|
client, _, _ = seeded_client
|
|
resp = client.post("/auth/token", json={"email": "nobody@acme.com"})
|
|
assert resp.status_code == 401
|
|
|
|
def test_protected_endpoint_without_token(self, seeded_client):
|
|
client, _, _ = seeded_client
|
|
resp = client.get("/api/users")
|
|
assert resp.status_code == 401
|
|
|
|
def test_protected_endpoint_with_token(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.get("/api/users", headers={"Authorization": f"Bearer {admin_token}"})
|
|
assert resp.status_code == 200
|
|
|
|
|
|
# ---- RBAC ----
|
|
|
|
class TestRBAC:
|
|
def test_admin_can_list_users(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.get("/api/users", headers={"Authorization": f"Bearer {admin_token}"})
|
|
assert resp.status_code == 200
|
|
assert len(resp.json()) == 2
|
|
|
|
def test_analyst_cannot_list_users(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
resp = client.get("/api/users", headers={"Authorization": f"Bearer {analyst_token}"})
|
|
assert resp.status_code == 403
|
|
|
|
def test_analyst_cannot_trigger_sync(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
resp = client.post("/api/sync/trigger", headers={"Authorization": f"Bearer {analyst_token}"})
|
|
assert resp.status_code == 403
|
|
|
|
|
|
# ---- Sync Manifest ----
|
|
|
|
class TestSyncManifest:
|
|
def test_manifest_returns_tables(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
# Seed some sync state
|
|
from src.db import get_system_db
|
|
from src.repositories.sync_state import SyncStateRepository
|
|
conn = get_system_db()
|
|
repo = SyncStateRepository(conn)
|
|
repo.update_sync(table_id="orders", rows=1000, file_size_bytes=5000, hash="abc")
|
|
conn.close()
|
|
|
|
resp = client.get("/api/sync/manifest", headers={"Authorization": f"Bearer {admin_token}"})
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert "tables" in data
|
|
assert "orders" in data["tables"]
|
|
assert data["tables"]["orders"]["rows"] == 1000
|
|
|
|
|
|
# ---- Users CRUD ----
|
|
|
|
class TestUsersCRUD:
|
|
def test_create_user(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.post(
|
|
"/api/users",
|
|
json={"email": "new@acme.com", "name": "New User"},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert resp.status_code == 201
|
|
assert resp.json()["email"] == "new@acme.com"
|
|
|
|
def test_create_duplicate_user(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.post(
|
|
"/api/users",
|
|
json={"email": "admin@acme.com", "name": "Duplicate"},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert resp.status_code == 409
|
|
|
|
def test_delete_user(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.delete(
|
|
"/api/users/analyst1",
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert resp.status_code == 204
|
|
|
|
|
|
# ---- Knowledge / Memory ----
|
|
|
|
class TestMemory:
|
|
def test_create_and_list(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
headers = {"Authorization": f"Bearer {analyst_token}"}
|
|
|
|
# Create
|
|
resp = client.post("/api/memory", json={
|
|
"title": "MRR Definition",
|
|
"content": "Monthly recurring revenue",
|
|
"category": "metrics",
|
|
}, headers=headers)
|
|
assert resp.status_code == 201
|
|
item_id = resp.json()["id"]
|
|
|
|
# List
|
|
resp = client.get("/api/memory", headers=headers)
|
|
assert resp.status_code == 200
|
|
assert resp.json()["count"] == 1
|
|
|
|
def test_vote(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
headers = {"Authorization": f"Bearer {analyst_token}"}
|
|
|
|
resp = client.post("/api/memory", json={
|
|
"title": "Test", "content": "test", "category": "test",
|
|
}, headers=headers)
|
|
item_id = resp.json()["id"]
|
|
|
|
resp = client.post(f"/api/memory/{item_id}/vote", json={"vote": 1}, headers=headers)
|
|
assert resp.status_code == 200
|
|
assert resp.json()["upvotes"] == 1
|
|
|
|
def test_search(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
headers = {"Authorization": f"Bearer {analyst_token}"}
|
|
|
|
client.post("/api/memory", json={
|
|
"title": "Revenue report", "content": "MRR trends", "category": "finance",
|
|
}, headers=headers)
|
|
client.post("/api/memory", json={
|
|
"title": "Support SLA", "content": "Response times", "category": "support",
|
|
}, headers=headers)
|
|
|
|
resp = client.get("/api/memory?search=revenue", headers=headers)
|
|
assert resp.json()["count"] == 1
|
|
|
|
|
|
# ---- Upload ----
|
|
|
|
class TestUpload:
|
|
def test_upload_session(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
headers = {"Authorization": f"Bearer {analyst_token}"}
|
|
resp = client.post(
|
|
"/api/upload/sessions",
|
|
files={"file": ("session.jsonl", b'{"role":"user","content":"hello"}', "application/jsonl")},
|
|
headers=headers,
|
|
)
|
|
assert resp.status_code == 200
|
|
assert resp.json()["size"] > 0
|
|
|
|
def test_upload_local_md(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
headers = {"Authorization": f"Bearer {analyst_token}"}
|
|
resp = client.post(
|
|
"/api/upload/local-md",
|
|
json={"content": "# My knowledge\n\nMRR = Monthly Recurring Revenue"},
|
|
headers=headers,
|
|
)
|
|
assert resp.status_code == 200
|
|
assert resp.json()["user"] == "analyst@acme.com"
|
|
|
|
|
|
# ---- Metrics API ----
|
|
|
|
SAMPLE_METRIC = {
|
|
"id": "finance/mrr",
|
|
"name": "mrr",
|
|
"display_name": "Monthly Recurring Revenue",
|
|
"category": "finance",
|
|
"sql": "SELECT SUM(amount) FROM subscriptions WHERE active = true",
|
|
}
|
|
|
|
|
|
class TestMetricsAPI:
|
|
def test_list_metrics_empty(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
headers = {"Authorization": f"Bearer {admin_token}"}
|
|
resp = client.get("/api/metrics", headers=headers)
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert data["count"] == 0
|
|
assert data["metrics"] == []
|
|
|
|
def test_create_and_list_metric(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
headers = {"Authorization": f"Bearer {admin_token}"}
|
|
|
|
resp = client.post("/api/admin/metrics", json=SAMPLE_METRIC, headers=headers)
|
|
assert resp.status_code == 201
|
|
|
|
resp = client.get("/api/metrics", headers=headers)
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert data["count"] == 1
|
|
assert data["metrics"][0]["id"] == "finance/mrr"
|
|
|
|
def test_get_metric_detail(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
headers = {"Authorization": f"Bearer {admin_token}"}
|
|
|
|
client.post("/api/admin/metrics", json=SAMPLE_METRIC, headers=headers)
|
|
|
|
resp = client.get("/api/metrics/finance/mrr", headers=headers)
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert data["id"] == "finance/mrr"
|
|
assert data["display_name"] == "Monthly Recurring Revenue"
|
|
assert data["category"] == "finance"
|
|
|
|
def test_get_metric_not_found(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
headers = {"Authorization": f"Bearer {admin_token}"}
|
|
|
|
resp = client.get("/api/metrics/nonexistent/metric", headers=headers)
|
|
assert resp.status_code == 404
|
|
|
|
def test_delete_metric(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
headers = {"Authorization": f"Bearer {admin_token}"}
|
|
|
|
client.post("/api/admin/metrics", json=SAMPLE_METRIC, headers=headers)
|
|
|
|
resp = client.delete("/api/admin/metrics/finance/mrr", headers=headers)
|
|
assert resp.status_code == 200
|
|
assert resp.json()["status"] == "deleted"
|
|
|
|
resp = client.get("/api/metrics/finance/mrr", headers=headers)
|
|
assert resp.status_code == 404
|
|
|
|
def test_analyst_cannot_create_metric(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
headers = {"Authorization": f"Bearer {analyst_token}"}
|
|
|
|
resp = client.post("/api/admin/metrics", json=SAMPLE_METRIC, headers=headers)
|
|
assert resp.status_code == 403
|
|
|
|
def test_list_metrics_filter_by_category(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
headers = {"Authorization": f"Bearer {admin_token}"}
|
|
|
|
finance_metric = {**SAMPLE_METRIC}
|
|
support_metric = {
|
|
"id": "support/tickets",
|
|
"name": "tickets",
|
|
"display_name": "Open Tickets",
|
|
"category": "support",
|
|
"sql": "SELECT COUNT(*) FROM tickets WHERE status = 'open'",
|
|
}
|
|
client.post("/api/admin/metrics", json=finance_metric, headers=headers)
|
|
client.post("/api/admin/metrics", json=support_metric, headers=headers)
|
|
|
|
resp = client.get("/api/metrics?category=finance", headers=headers)
|
|
assert resp.status_code == 200
|
|
data = resp.json()
|
|
assert data["count"] == 1
|
|
assert data["metrics"][0]["category"] == "finance"
|
|
|
|
|
|
class TestMetadataAPI:
|
|
def test_get_metadata_empty(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.get("/api/admin/metadata/orders", headers={"Authorization": f"Bearer {admin_token}"})
|
|
assert resp.status_code == 200
|
|
assert resp.json()["columns"] == []
|
|
|
|
def test_save_and_get_metadata(self, seeded_client):
|
|
client, admin_token, _ = seeded_client
|
|
resp = client.post(
|
|
"/api/admin/metadata/orders",
|
|
json={"columns": [
|
|
{"column_name": "id", "basetype": "STRING", "description": "Order ID"},
|
|
{"column_name": "total", "basetype": "NUMERIC", "description": "Total"},
|
|
]},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert resp.status_code == 200
|
|
assert resp.json()["status"] == "ok"
|
|
assert resp.json()["count"] == 2
|
|
|
|
resp = client.get("/api/admin/metadata/orders", headers={"Authorization": f"Bearer {admin_token}"})
|
|
assert resp.status_code == 200
|
|
assert len(resp.json()["columns"]) == 2
|
|
|
|
def test_analyst_cannot_save_metadata(self, seeded_client):
|
|
client, _, analyst_token = seeded_client
|
|
resp = client.post(
|
|
"/api/admin/metadata/orders",
|
|
json={"columns": [{"column_name": "id", "basetype": "STRING"}]},
|
|
headers={"Authorization": f"Bearer {analyst_token}"},
|
|
)
|
|
assert resp.status_code == 403
|