Lars/shinkan-jinkendo
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 3 Wiki Activity
9dbd3cbd5f
shinkan-jinkendo/backend/tests/test_access_layer.py
Lars e0ecfe927f
Some checks failed
Deploy Development / deploy (push) Successful in 35s
Details
Test Suite / lint-backend (push) Successful in 1s
Details
Test Suite / build-frontend (push) Successful in 6s
Details
Test Suite / playwright-tests (push) Failing after 37s
Details
feat: update access layer governance and visibility checks 
- Enhanced ACCESS_LAYER_AND_GOVERNANCE_PLAN.md with additional details on heuristic checks and testing procedures for cross-tenant scenarios.
- Updated club_tenancy.py to recommend using `library_content_visible_to_profile` for exercise visibility checks.
- Refactored multiple routers to utilize `library_content_visible_to_profile`, improving consistency in access control across exercises and training planning.
- Bumped application version to 0.8.28 and updated changelog to reflect these changes.
2026-05-05 22:11:05 +02:00

77 lines
2.1 KiB
Python
Raw Blame History

"""Unit tests ohne Datenbank für die Zugriffsschicht (Visibility-SQL, Header-Parsing)."""
import pytest
from fastapi import HTTPException
from tenant_context import library_content_visibility_sql, parse_active_club_header
def test_library_visibility_sql_platform_admin_no_filter():
sql, params = library_content_visibility_sql(
alias="e",
profile_id=1,
role="admin",
effective_club_id=None,
)
assert sql == "TRUE"
assert params == []
def test_library_visibility_sql_superadmin():
sql, params = library_content_visibility_sql(
alias="fp",
profile_id=2,
role="superadmin",
effective_club_id=100,
)
assert sql == "TRUE"
assert params == []
def test_library_visibility_sql_trainer_without_active_club_no_shared_club_branch():
sql, params = library_content_visibility_sql(
alias="g",
profile_id=42,
role="trainer",
effective_club_id=None,
)
assert "official" in sql
assert "private" in sql
assert "visibility = 'club'" not in sql
assert params == [42]
def test_library_visibility_sql_user_with_active_club_includes_club_branch():
sql, params = library_content_visibility_sql(
alias="t",
profile_id=7,
role="user",
effective_club_id=99,
)
assert "visibility = 'club'" in sql
assert "club_members" in sql
assert params[0] == 7 # private branch created_by
assert 99 in params
assert params.count(7) >= 2 # private + EXISTS membership
def test_parse_active_club_header_none_and_empty():
assert parse_active_club_header(None) is None
assert parse_active_club_header("") is None
assert parse_active_club_header(" ") is None
def test_parse_active_club_header_valid():
assert parse_active_club_header("12") == 12
def test_parse_active_club_header_invalid():
with pytest.raises(HTTPException) as exc:
parse_active_club_header("not-int")
assert exc.value.status_code == 400
def test_parse_active_club_header_non_positive():
with pytest.raises(HTTPException) as exc:
parse_active_club_header("0")
assert exc.value.status_code == 400
Reference in New Issue View Git Blame Copy Permalink