romfast/rar-autopass
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
rar-autopass/tests/test_get_scope_audit.py
Claude Agent c9f9a1ca0e feat(5.16+5.17): tipografie/antet branded + tipuri cont, planuri si enforcement 
PRD 5.16 — propagare design finalizata (system font stack, fara IBM Plex self-hostat):
- US-001/002/008: tokeni --font-ui/--font-mono (system stack) + scala --fs-*; zero
  @font-face si zero /static/fonts/; landing aliniat la acelasi stack
- US-003: RAR online = dot compact in antet + meniu burger; banda rosie DOAR pe blocat
  (invariant zero-silent-failures pastrat)
- US-010: antet "ROMFAST AUTOPASS" + nume service + /login brandeit 2 coloane + badge plan;
  meniu burger cu separatoare; gate strict pe is_authenticated
- US-011: selector tema pill icon+eticheta (reuse THEMES)
- US-004/005/006/007: bug-fix editor prestatii (picker cod+denumire, add_extra in mod
  operatii, cod ales se salveaza fara "+", Renunta inchide via closest)
- US-012/013: landing Autentificare->/login; wizard import colapsat + 4 pasi pe tokeni
- fix VERIFY E2E: contoare duplicate pe 390px (inline display:flex batea @media) -> CSS + test-lock

PRD 5.17 — tipuri de cont + trial Pro 30z + enforcement DUR:
- US-001/002/008: accounts.tier + trial_until (migrare aditiva defensiva); app/plans.py
  sursa unica (PLANS, FREE_MONTHLY_LIMIT=60, effective_tier(now injectabil), monthly_usage,
  CONSUMED_STATUSES); create_account trial Pro 30z; CLI set-tier (protejat id=1, audit)
- US-003/004/005: enforce volum 60/luna INAINTE de build_key pe ambele canale
  (PLAN_LIMITA_LUNARA, 3 niveluri + log_event); gate API Pro+ (PLAN_FARA_API 403 actionabil);
  valideaza/nomenclator raman permise; downgrade lazy; flag AUTOPASS_ENFORCE_PLANS (kill-switch)
- US-006: badge plan antet + linie burger + consum N/60 + warn>=80% + 6 stari + copy RO
  pluralizat + banner one-time trial->Gratuit + pagina Cont

Regresie: 1380 passed, 0 failed, 1 deselected (live). E2E browser pe 390/1280 confirmat.
Backend trimitere (worker/masina stari/idempotenta/contract RAR) NEATINS. Lucrul 5.18
(corpus kNN) ramane separat, necomis.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-29 06:02:40 +00:00

130 lines
4.4 KiB
Python
Raw Permalink Blame History

"""Teste scope cont pe GET /v1/audit/export (US-003, PRD 3.2)."""
from __future__ import annotations
import csv
import io
import json
import os
import tempfile
import pytest
from fastapi.testclient import TestClient
@pytest.fixture()
def env(monkeypatch):
tmp = tempfile.mkdtemp()
monkeypatch.setenv("AUTOPASS_DB_PATH", os.path.join(tmp, "t.db"))
from app.config import get_settings
get_settings.cache_clear()
yield monkeypatch
get_settings.cache_clear()
def _client():
from app.main import app
return TestClient(app)
def _body(**over):
prez = {
"vin": "WVWZZZ1KZAW000123",
"nr_inmatriculare": "B999TST",
"data_prestatie": "2026-06-15",
"odometru_final": "123456",
"prestatii": [{"cod_prestatie": "OE-1"}],
}
prez.update(over)
return {"rar_credentials": {"email": "x@y.ro", "password": "s"}, "prezentari": [prez]}
def _csv_vins(content: bytes) -> list[str]:
reader = csv.DictReader(io.StringIO(content.decode("utf-8")))
return [r["vin"] for r in reader if r.get("vin")]
def test_export_doar_contul_cheii(env):
"""Exportul CSV contine doar randurile contului asociat cheii."""
with _client() as c:
from app.auth import create_api_key
from app.db import get_connection
conn = get_connection()
try:
# tier='pro' ca sa treaca gate-ul API (T4 PRD 5.17); testul masoara scoping, nu planuri.
conn.execute("INSERT INTO accounts (id, name, tier) VALUES (2, 'al-doilea', 'pro')")
k1 = create_api_key(conn, 1)
k2 = create_api_key(conn, 2)
finally:
conn.close()
c.post("/v1/prezentari", json=_body(), headers={"X-API-Key": k1})
c.post("/v1/prezentari", json=_body(vin="WVWZZZ1KZAW000456"), headers={"X-API-Key": k2})
# Marcheaza ca sent pentru ca audit/export default e status=sent
conn2 = get_connection()
try:
conn2.execute("UPDATE submissions SET status='sent'")
finally:
conn2.close()
resp1 = c.get("/v1/audit/export", headers={"X-API-Key": k1})
assert resp1.status_code == 200
vins1 = _csv_vins(resp1.content)
assert "WVWZZZ1KZAW000123" in vins1
assert "WVWZZZ1KZAW000456" not in vins1
resp2 = c.get("/v1/audit/export", headers={"X-API-Key": k2})
vins2 = _csv_vins(resp2.content)
assert "WVWZZZ1KZAW000456" in vins2
assert "WVWZZZ1KZAW000123" not in vins2
def test_export_legacy_null_pentru_cont_1(env):
"""Randuri cu account_id=NULL apartin contului 1 in exportul de audit; contul 2 nu le vede."""
with _client() as c:
from app.auth import create_api_key
from app.db import get_connection
conn = get_connection()
try:
conn.execute("INSERT INTO accounts (id, name) VALUES (2, 'al-doilea')")
k1 = create_api_key(conn, 1)
k2 = create_api_key(conn, 2)
payload = json.dumps({"vin": "LEGACYVIN12345678", "prestatii": []})
conn.execute(
"INSERT INTO submissions (idempotency_key, account_id, status, payload_json) "
"VALUES ('legacy_audit_key', NULL, 'sent', ?)", (payload,)
)
finally:
conn.close()
resp1 = c.get("/v1/audit/export", headers={"X-API-Key": k1})
vins1 = _csv_vins(resp1.content)
assert "LEGACYVIN12345678" in vins1
resp2 = c.get("/v1/audit/export", headers={"X-API-Key": k2})
vins2 = _csv_vins(resp2.content)
assert "LEGACYVIN12345678" not in vins2
def test_export_status_all_tot_scoped(env):
"""status=all ramane scoped pe cont (nu exporta global)."""
with _client() as c:
from app.auth import create_api_key
from app.db import get_connection
conn = get_connection()
try:
conn.execute("INSERT INTO accounts (id, name) VALUES (2, 'al-doilea')")
k1 = create_api_key(conn, 1)
k2 = create_api_key(conn, 2)
finally:
conn.close()
c.post("/v1/prezentari", json=_body(), headers={"X-API-Key": k1})
c.post("/v1/prezentari", json=_body(vin="WVWZZZ1KZAW000456"), headers={"X-API-Key": k2})
resp1 = c.get("/v1/audit/export?status=all", headers={"X-API-Key": k1})
vins1 = _csv_vins(resp1.content)
assert "WVWZZZ1KZAW000123" in vins1
assert "WVWZZZ1KZAW000456" not in vins1
Reference in New Issue View Git Blame Copy Permalink