1fbd894329
Aduce toate suprafetele dashboard-ului la grila tabelului Trimiteri, muta
navigarea intr-un meniu de cont (hamburger) si da panoului admin actiuni
reale de ciclu de viata. 9 stories, 3 valuri. UI pur (reskin + reasezare)
cu O SINGURA exceptie backend: modelul de stare a contului.
- US-001 sectiunea "Ajutor" eliminata din Acasa (wayfinding redundant).
- US-002 Nomenclator la grila standard (_submissions.html ca referinta).
- US-003 macro autosend compact (Manual<->Auto). Semantica de PREZENTA
`auto_send` (bifat->true, absent->false) NEALTERATA — compatibil cu ambele
parsere (Form(bool) la /mapari, bool(form.get()) la import). Zero backend.
- US-004 accounts.status (pending/active/blocked/archived/deleted), migrare
defensiva idempotenta derivata din `active`, gate worker claim_one pe
status='active' (echivalenta active=1 <=> status='active' pastrata).
- US-005 tabel Mapari compact + panou Ajutor (<details>, proza o singura data),
coloana "In coada".
- US-006 meniu hamburger dropdown (Cont/Integrare/Nomenclator/Admin/logout) +
context is_authenticated/is_admin/csrf_token defensiv in base.html.
- US-007 tab-bar redus la Acasa+Mapari; rutele /_fragments/{cont,integrare,
nomenclator} + deep-link ?tab= raman valide.
- US-008 rute admin block/archive/delete + bulk pe lista account_id,
require_admin + CSRF + PRG, dev id=1 sarit in bulk.
- US-009 admin UI: selectie bife + master + bara bulk + kebab per-rand,
grupare pe stare (bloc nou blocate/arhivate), nota "cont dev implicit" scoasa.
Stergere = SOFT: tombstone (status='deleted'), dar PII purjata IMEDIAT
(rar_creds_enc + chei API revocate + CUI eliberat pentru re-inregistrare),
GDPR/L.142.
VERIFY: 671 teste pass (+40). E2E browser (Playwright) a prins 2 bug-uri
invizibile la TestClient: bara bulk cu display:flex inline invingea [hidden]
(mutat in CSS .bulk-bar[hidden]); conturi arhivate cadeau sub "in asteptare"
(grupare pe status). /code-review high a prins 2 bug-uri reale: soft delete
pastra creds RAR + CUI la nesfarsit fara purjare accounts (GDPR neonorat);
apostrof in numele firmei rupea confirm() inline din kebab — ambele reparate,
plus cleanup boilerplate rute (_lifecycle_route).
Backend trimitere (worker masina stari/idempotenta/mapping) neatins, cu
exceptia gate-ului de cont. Design: docs/design/5.5-uniformizare-ui.md.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
129 lines
4.3 KiB
Python
129 lines
4.3 KiB
Python
"""Teste US-009 (PRD 5.5): panou admin UI — selectie cu bife + master, bara de actiuni bulk
|
|
(Activeaza/Blocheaza/Arhiveaza/Sterge), actiuni per-rand, fara nota 'cont dev implicit',
|
|
grila standard.
|
|
"""
|
|
|
|
from __future__ import annotations
|
|
|
|
import os
|
|
import re
|
|
import tempfile
|
|
|
|
import pytest
|
|
from starlette.testclient import TestClient
|
|
|
|
|
|
@pytest.fixture()
|
|
def client(monkeypatch):
|
|
tmp = tempfile.mkdtemp()
|
|
monkeypatch.setenv("AUTOPASS_DB_PATH", os.path.join(tmp, "test_web_admin.db"))
|
|
monkeypatch.setenv("AUTOPASS_WEB_AUTH_REQUIRED", "true")
|
|
monkeypatch.setenv("AUTOPASS_SIGNUP_RATE_MAX", "100")
|
|
from app.config import get_settings
|
|
get_settings.cache_clear()
|
|
from app.web import ratelimit
|
|
ratelimit._hits.clear()
|
|
from app.main import app
|
|
with TestClient(app, follow_redirects=False) as c:
|
|
yield c
|
|
get_settings.cache_clear()
|
|
|
|
|
|
def _csrf(client, url):
|
|
resp = client.get(url, follow_redirects=True)
|
|
m = re.search(r'name="csrf_token"\s+value="([^"]+)"', resp.text)
|
|
assert m
|
|
return m.group(1)
|
|
|
|
|
|
def _signup(client, name, email, password="parola_test_001"):
|
|
tok = _csrf(client, "/signup")
|
|
client.post("/signup", data={"name": name, "email": email, "parola": password,
|
|
"csrf_token": tok}, follow_redirects=True)
|
|
from app.db import get_connection
|
|
conn = get_connection()
|
|
try:
|
|
row = conn.execute("SELECT account_id FROM users WHERE email=? COLLATE NOCASE",
|
|
(email,)).fetchone()
|
|
return int(row["account_id"])
|
|
finally:
|
|
conn.close()
|
|
|
|
|
|
def _admin_login(client):
|
|
target = _signup(client, "Pending SRL", "pending@test.ro") # cont in asteptare
|
|
admin_id = _signup(client, "Admin SA", "admin@test.ro")
|
|
from app.db import get_connection
|
|
from app.users import set_admin
|
|
conn = get_connection()
|
|
try:
|
|
set_admin(conn, admin_id, is_admin=True)
|
|
conn.commit()
|
|
finally:
|
|
conn.close()
|
|
tok = _csrf(client, "/login")
|
|
resp = client.post("/login", data={"email": "admin@test.ro", "parola": "parola_test_001",
|
|
"csrf_token": tok})
|
|
assert resp.status_code == 303
|
|
return target
|
|
|
|
|
|
def test_admin_coloana_selectie_si_master(client):
|
|
_admin_login(client)
|
|
html = client.get("/admin").text
|
|
# checkbox de selectie pe rand + master
|
|
assert 'name="account_id"' in html
|
|
assert 'type="checkbox"' in html
|
|
assert "Selecteaza tot" in html or 'data-master' in html
|
|
|
|
|
|
def test_bara_bulk_cu_cele_4_verbe(client):
|
|
_admin_login(client)
|
|
html = client.get("/admin").text
|
|
assert 'formaction="/admin/activate"' in html
|
|
assert 'formaction="/admin/block"' in html
|
|
assert 'formaction="/admin/archive"' in html
|
|
assert 'formaction="/admin/delete"' in html
|
|
# bara e ascunsa initial (hidden), fara display inline care ar invinge [hidden]
|
|
assert re.search(r'class="bulk-bar"\s+hidden', html) or re.search(r'hidden[^>]*class="bulk-bar"', html)
|
|
assert "bulk-bar" in html and ".bulk-bar[hidden]" in html # CSS care face hidden eficient
|
|
|
|
|
|
def test_actiuni_per_rand(client):
|
|
_admin_login(client)
|
|
html = client.get("/admin").text
|
|
# forme per-rand catre rutele de lifecycle (kebab)
|
|
assert 'action="/admin/block"' in html
|
|
assert 'action="/admin/archive"' in html
|
|
assert 'action="/admin/delete"' in html
|
|
|
|
|
|
def test_fara_nota_cont_dev(client):
|
|
_admin_login(client)
|
|
html = client.get("/admin").text
|
|
assert "cont dev implicit" not in html.lower()
|
|
assert "Cont dev implicit" not in html
|
|
|
|
|
|
def test_grila_standard(client):
|
|
_admin_login(client)
|
|
html = client.get("/admin").text
|
|
assert "tablewrap" in html
|
|
|
|
|
|
def test_cont_arhivat_in_blocul_suspendate(client):
|
|
"""Gruparea pe STARE: un cont arhivat apare in blocul blocate/arhivate, nu in 'in asteptare'."""
|
|
target = _admin_login(client) # cont pending seedat
|
|
from app.db import get_connection
|
|
from app.accounts import set_status
|
|
conn = get_connection()
|
|
try:
|
|
set_status(conn, target, "archived")
|
|
conn.commit()
|
|
finally:
|
|
conn.close()
|
|
html = client.get("/admin").text
|
|
# contul arhivat ajunge in blocul suspendate (1 cont), nu in "in asteptare"
|
|
assert re.search(r"Conturi blocate / arhivate \(1\)", html)
|
|
assert ">archived<" in html
|