7f3e8a8f53
- Auth: register, login, JWT with refresh tokens, blocklist - Projects/Folders/Documents CRUD with soft deletes - Tags CRUD and assignment - FTS5 search with highlights and tag filtering - ADR-001, ADR-002, ADR-003 compliant - Security fixes applied (JWT_SECRET_KEY, exception handler, cookie secure) - 25 tests passing
137 lines
4.6 KiB
Python
137 lines
4.6 KiB
Python
import pytest
|
|
|
|
|
|
async def setup_project_and_get_token(client):
|
|
await client.post("/api/v1/auth/register", json={"username": "docuser", "password": "pass123"})
|
|
login = await client.post("/api/v1/auth/login", json={"username": "docuser", "password": "pass123"})
|
|
token = login.json()["access_token"]
|
|
proj_resp = await client.post(
|
|
"/api/v1/projects",
|
|
json={"name": "Doc Test Project"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
return token, proj_resp.json()["id"]
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_create_document(client):
|
|
token, proj_id = await setup_project_and_get_token(client)
|
|
response = await client.post(
|
|
f"/api/v1/projects/{proj_id}/documents",
|
|
json={"title": "My Document", "content": "# Hello\n\nWorld"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert response.status_code == 201
|
|
data = response.json()
|
|
assert data["title"] == "My Document"
|
|
assert data["content"] == "# Hello\n\nWorld"
|
|
assert data["project_id"] == proj_id
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_get_document(client):
|
|
token, proj_id = await setup_project_and_get_token(client)
|
|
create_resp = await client.post(
|
|
f"/api/v1/projects/{proj_id}/documents",
|
|
json={"title": "Get Doc Test"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
doc_id = create_resp.json()["id"]
|
|
response = await client.get(
|
|
f"/api/v1/documents/{doc_id}",
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json()["title"] == "Get Doc Test"
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_update_document_content(client):
|
|
token, proj_id = await setup_project_and_get_token(client)
|
|
create_resp = await client.post(
|
|
f"/api/v1/projects/{proj_id}/documents",
|
|
json={"title": "Original Title", "content": "Original Content"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
doc_id = create_resp.json()["id"]
|
|
response = await client.put(
|
|
f"/api/v1/documents/{doc_id}/content",
|
|
json={"content": "Updated Content"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert response.status_code == 200
|
|
assert response.json()["content"] == "Updated Content"
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_soft_delete_document(client):
|
|
token, proj_id = await setup_project_and_get_token(client)
|
|
create_resp = await client.post(
|
|
f"/api/v1/projects/{proj_id}/documents",
|
|
json={"title": "To Delete"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
doc_id = create_resp.json()["id"]
|
|
del_resp = await client.delete(
|
|
f"/api/v1/documents/{doc_id}",
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert del_resp.status_code == 204
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_assign_tag(client):
|
|
token, proj_id = await setup_project_and_get_token(client)
|
|
doc_resp = await client.post(
|
|
f"/api/v1/projects/{proj_id}/documents",
|
|
json={"title": "Tagged Doc"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
doc_id = doc_resp.json()["id"]
|
|
tag_resp = await client.post(
|
|
"/api/v1/tags",
|
|
json={"name": "important", "color": "#ff0000"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
tag_id = tag_resp.json()["id"]
|
|
assign_resp = await client.post(
|
|
f"/api/v1/documents/{doc_id}/tags",
|
|
json={"tag_ids": [tag_id]},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert assign_resp.status_code == 204
|
|
|
|
get_resp = await client.get(
|
|
f"/api/v1/documents/{doc_id}",
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert len(get_resp.json()["tags"]) == 1
|
|
assert get_resp.json()["tags"][0]["name"] == "important"
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_remove_tag(client):
|
|
token, proj_id = await setup_project_and_get_token(client)
|
|
doc_resp = await client.post(
|
|
f"/api/v1/projects/{proj_id}/documents",
|
|
json={"title": "Tagged Doc 2"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
doc_id = doc_resp.json()["id"]
|
|
tag_resp = await client.post(
|
|
"/api/v1/tags",
|
|
json={"name": "temp", "color": "#00ff00"},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
tag_id = tag_resp.json()["id"]
|
|
await client.post(
|
|
f"/api/v1/documents/{doc_id}/tags",
|
|
json={"tag_ids": [tag_id]},
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
remove_resp = await client.delete(
|
|
f"/api/v1/documents/{doc_id}/tags/{tag_id}",
|
|
headers={"Authorization": f"Bearer {token}"}
|
|
)
|
|
assert remove_resp.status_code == 204
|