feat(5.12): modal editare + cont obligatoriu la import; design.md + PRD 5.13 revizuit (/autoplan)

5.12 (livrat): editare in modal a randurilor de preview, cont obligatoriu inainte de
import, formular editare extras (_form_editare, _editare_preview_modal), plus suita de
teste aferenta (preview edit/compact, mapare op, form editare, signup, admin panel).

Design + planificare:
- docs/design.md: sistem de design (tokeni, breakpoints, scara control, componente, a11y).
- docs/prd/prd-5.12-* si prd-5.13-* (5.13 cu raport /autoplan: CEO+Design+Eng, audit trail).

Curatare: sterse PNG-urile de test/mockup temporare din radacina.

Nota: implementarea CSS 5.13 (responsive compact + sistem butoane) NU e inca facuta —
planul revizuit cere refactorul testelor fragile din test_web_responsive.py INAINTE de CSS.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Claude Agent
2026-06-27 18:52:20 +00:00
parent 283299ff20
commit b26dbb79e1
44 changed files with 4852 additions and 305 deletions

View File

@@ -55,9 +55,11 @@ def _get_csrf(client: TestClient, url: str) -> str:
def _signup(client: TestClient, name: str, email: str, password: str = "parola_test_001") -> int:
"""Creeaza cont via POST /signup si intoarce account_id."""
from tests.conftest import make_test_cui
token = _get_csrf(client, "/signup")
resp = client.post("/signup", data={
"name": name,
"cui": make_test_cui(email),
"email": email,
"parola": password,
"csrf_token": token,
@@ -211,3 +213,51 @@ def test_activate_fara_csrf_403(client):
assert resp.status_code == 403, (
f"POST fara CSRF trebuia 403, got {resp.status_code}"
)
def test_activare_cont_incomplet_refuzata(client):
"""Admin nu poate activa un cont incomplet (fara email/CUI) — contul ramane pending.
Gate pe account_is_complete: un cont fara companie+email+CUI nu poate fi activat
de admin (buton dezactivat in UI + server refuza activarea).
"""
# Cream cont pending INCOMPLET direct prin create_account (fara email/CUI)
from app.accounts import create_account
from app.users import create_user
from app.db import get_connection
conn = get_connection()
try:
incomplete_id = create_account(conn, "Firma Incompleta SRL", active=False)
create_user(conn, incomplete_id, "incompleta@test.ro", "parola_test_001")
finally:
conn.close()
# Admin
admin_id = _signup(client, "Admin Gate SA", "admin_gate@test.ro")
_make_admin(admin_id)
_login(client, "admin_gate@test.ro")
# Obtine CSRF din /admin
resp = client.get("/admin")
assert resp.status_code == 200
m = re.search(r'name="csrf_token"\s+value="([^"]+)"', resp.text)
if not m:
m = re.search(r'value="([^"]+)"\s+name="csrf_token"', resp.text)
assert m, "csrf_token negasit in /admin"
csrf = m.group(1)
# Incearca sa activeze contul incomplet
resp2 = client.post("/admin/activate", data={
"account_id": str(incomplete_id),
"csrf_token": csrf,
})
# Fie 303 redirect, fie pagina cu eroare — important: contul NU e activat
assert resp2.status_code in (200, 303, 422), (
f"Raspuns neasteptat: {resp2.status_code}"
)
# Verifica in DB: contul ramane pending (neactivat)
assert not _get_account_active(incomplete_id), (
"Contul incomplet (fara email/CUI) a fost activat — gate pe account_is_complete nu functioneaza"
)