Phase 1 MVP - Complete implementation

- Auth: register, login, JWT with refresh tokens, blocklist
- Projects/Folders/Documents CRUD with soft deletes
- Tags CRUD and assignment
- FTS5 search with highlights and tag filtering
- ADR-001, ADR-002, ADR-003 compliant
- Security fixes applied (JWT_SECRET_KEY, exception handler, cookie secure)
- 25 tests passing
This commit is contained in:
Motoko
2026-03-30 15:17:27 +00:00
parent 33f19e02f8
commit 7f3e8a8f53
41 changed files with 2858 additions and 0 deletions

90
tests/test_folders.py Normal file
View File

@@ -0,0 +1,90 @@
import pytest
async def setup_project(client, token):
resp = await client.post(
"/api/v1/projects",
json={"name": "Test Project"},
headers={"Authorization": f"Bearer {token}"}
)
return resp.json()["id"]
async def get_token(client):
await client.post("/api/v1/auth/register", json={"username": "folderuser", "password": "pass123"})
login = await client.post("/api/v1/auth/login", json={"username": "folderuser", "password": "pass123"})
return login.json()["access_token"]
@pytest.mark.asyncio
async def test_create_folder(client):
token = await get_token(client)
proj_id = await setup_project(client, token)
response = await client.post(
f"/api/v1/projects/{proj_id}/folders",
json={"name": "Architecture"},
headers={"Authorization": f"Bearer {token}"}
)
assert response.status_code == 201
data = response.json()
assert data["name"] == "Architecture"
assert data["project_id"] == proj_id
assert data["parent_id"] is None
@pytest.mark.asyncio
async def test_create_subfolder(client):
token = await get_token(client)
proj_id = await setup_project(client, token)
parent_resp = await client.post(
f"/api/v1/projects/{proj_id}/folders",
json={"name": "Parent"},
headers={"Authorization": f"Bearer {token}"}
)
parent_id = parent_resp.json()["id"]
child_resp = await client.post(
f"/api/v1/projects/{proj_id}/folders",
json={"name": "Child", "parent_id": parent_id},
headers={"Authorization": f"Bearer {token}"}
)
assert child_resp.status_code == 201
assert child_resp.json()["parent_id"] == parent_id
@pytest.mark.asyncio
async def test_list_folders(client):
token = await get_token(client)
proj_id = await setup_project(client, token)
await client.post(
f"/api/v1/projects/{proj_id}/folders",
json={"name": "Folder 1"},
headers={"Authorization": f"Bearer {token}"}
)
await client.post(
f"/api/v1/projects/{proj_id}/folders",
json={"name": "Folder 2"},
headers={"Authorization": f"Bearer {token}"}
)
response = await client.get(
f"/api/v1/projects/{proj_id}/folders",
headers={"Authorization": f"Bearer {token}"}
)
assert response.status_code == 200
assert len(response.json()["folders"]) == 2
@pytest.mark.asyncio
async def test_soft_delete_folder(client):
token = await get_token(client)
proj_id = await setup_project(client, token)
folder_resp = await client.post(
f"/api/v1/projects/{proj_id}/folders",
json={"name": "To Delete"},
headers={"Authorization": f"Bearer {token}"}
)
folder_id = folder_resp.json()["id"]
del_resp = await client.delete(
f"/api/v1/folders/{folder_id}",
headers={"Authorization": f"Bearer {token}"}
)
assert del_resp.status_code == 204