romfast/rar-autopass
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c05fa00007a759da084c10d9cda42c2542641d6d
rar-autopass/tests/test_web_mapari_salvate.py
Claude Agent d7ba1195d4 feat(web): dashboard compact — import pe Acasa, status cu bife, Trimiteri lizibile, Mapari complete (3.5) 
Acasa = ecran de import (tab Import scos, ?tab=import->Acasa). Bara status
compacta pe 2 randuri cu bife accesibile (glife + text) + data formatata.
'Coada'->'Trimiteri': coloane RO, stare umana, detaliu la click in panou
dedicat. Mapari pe 3 sectiuni (de rezolvat / op salvate / formate coloane),
Cont doar cheie+creds. Filtrare Trimiteri, corectie inline needs_data cu
re-enqueue + detectie coliziune idempotency, badge contoare pe tab-uri.
Helper pur partajat payload_view.py (web + GET /v1/prezentari).
Backend trimitere (worker/idempotenta/mapping/schema) neatins. 483 teste.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-19 08:56:45 +00:00

220 lines
7.4 KiB
Python
Raw Blame History

"""Teste US-005 (PRD 3.5): listare + editare/stergere mapari operatii salvate.
Scoped pe cont (fara leak cross-account). Editarea respinge cod inexistent in
nomenclator si re-rezolva submission-urile blocate pe acel cod_op_service.
"""
from __future__ import annotations
import os
import re
import tempfile
import pytest
from starlette.testclient import TestClient
def _create_account_user(email: str, name: str = "Service", password: str = "parolasecreta10"):
from app.accounts import create_account
from app.users import create_user
from app.db import get_connection
conn = get_connection()
try:
acct_id = create_account(conn, name, active=True)
create_user(conn, acct_id, email, password)
return acct_id
finally:
conn.close()
def _login(client, email: str, password: str = "parolasecreta10") -> None:
resp = client.get("/login")
m = re.search(r'name="csrf_token"\s+value="([^"]+)"', resp.text) or \
re.search(r'value="([^"]+)"\s+name="csrf_token"', resp.text)
assert m
resp = client.post("/login", data={"email": email, "parola": password, "csrf_token": m.group(1)})
assert resp.status_code == 303
def _csrf(client) -> str:
resp = client.get("/?tab=mapari")
m = re.search(r'name="csrf_token"\s+value="([^"]+)"', resp.text) or \
re.search(r'value="([^"]+)"\s+name="csrf_token"', resp.text)
assert m, "csrf_token negasit"
return m.group(1)
def _seed_nomenclator(cod: str, nume: str = "Test prestatie") -> None:
from app.db import get_connection
conn = get_connection()
try:
conn.execute(
"INSERT OR REPLACE INTO nomenclator_rar (cod_prestatie, nume_prestatie) VALUES (?, ?)",
(cod, nume),
)
conn.commit()
finally:
conn.close()
def _seed_op_mapping(acct: int, op: str, cod: str, auto_send: int = 1) -> None:
from app.db import get_connection
conn = get_connection()
try:
conn.execute(
"INSERT INTO operations_mapping (account_id, cod_op_service, cod_prestatie, auto_send) "
"VALUES (?, ?, ?, ?)",
(acct, op, cod, auto_send),
)
conn.commit()
finally:
conn.close()
def _seed_needs_mapping(acct: int, op: str) -> int:
"""Submission needs_mapping pe canal API (batch_id NULL) cu o operatie nemapata."""
from app.db import get_connection
import json
conn = get_connection()
try:
cur = conn.execute(
"INSERT INTO submissions (idempotency_key, account_id, status, payload_json) "
"VALUES (?, ?, 'needs_mapping', ?)",
(
f"k-{op}-{os.urandom(4).hex()}",
acct,
json.dumps({
"vin": "WVWZZZ1JZXW000111",
"nr_inmatriculare": "B11AAA",
"data_prestatie": "2026-06-18",
"odometru_final": "12345",
"prestatii": [{"cod_op_service": op, "denumire": "ceva"}],
}),
),
)
conn.commit()
return cur.lastrowid
finally:
conn.close()
def _status_of(sid: int) -> str:
from app.db import get_connection
conn = get_connection()
try:
return conn.execute("SELECT status FROM submissions WHERE id=?", (sid,)).fetchone()["status"]
finally:
conn.close()
@pytest.fixture()
def client(monkeypatch):
tmp = tempfile.mkdtemp()
monkeypatch.setenv("AUTOPASS_DB_PATH", os.path.join(tmp, "mapari_salvate.db"))
monkeypatch.setenv("AUTOPASS_WEB_AUTH_REQUIRED", "true")
from app.config import get_settings
get_settings.cache_clear()
from app.web import ratelimit
ratelimit._hits.clear()
from app.main import app
with TestClient(app, follow_redirects=False) as c:
yield c
ratelimit._hits.clear()
get_settings.cache_clear()
def test_lista_mapari_salvate(client):
"""Listarea intoarce randurile operations_mapping ale contului cu nume_prestatie."""
acct = _create_account_user("lista@test.com")
_seed_nomenclator("R-FRANE", "Reparatie frane")
_seed_op_mapping(acct, "OP-100", "R-FRANE")
from app.db import get_connection
from app.web.routes import _load_saved_op_mappings
conn = get_connection()
try:
rows = _load_saved_op_mappings(conn, acct)
finally:
conn.close()
assert len(rows) == 1
assert rows[0]["cod_op_service"] == "OP-100"
assert rows[0]["cod_prestatie"] == "R-FRANE"
assert rows[0]["nume_prestatie"] == "Reparatie frane"
assert rows[0]["auto_send"] is True
def test_editeaza_mapare_salvata(client):
"""POST schimba cod_prestatie; respinge cod inexistent; scoped pe cont."""
acct = _create_account_user("edit@test.com")
_seed_nomenclator("R-FRANE", "Reparatie frane")
_seed_nomenclator("R-MOTOR", "Reparatie motor")
_seed_op_mapping(acct, "OP-100", "R-FRANE")
_login(client, "edit@test.com")
csrf = _csrf(client)
# Cod inexistent -> respins
resp = client.post("/mapari/salvate", data={
"cod_op_service": "OP-100", "cod_prestatie": "NU-EXISTA", "csrf_token": csrf,
})
assert resp.status_code == 200
assert "necunoscut" in resp.text.lower()
# Cod valid -> actualizat
resp = client.post("/mapari/salvate", data={
"cod_op_service": "OP-100", "cod_prestatie": "R-MOTOR", "auto_send": "true", "csrf_token": csrf,
})
assert resp.status_code == 200
from app.db import get_connection
conn = get_connection()
try:
row = conn.execute(
"SELECT cod_prestatie FROM operations_mapping WHERE account_id=? AND cod_op_service=?",
(acct, "OP-100"),
).fetchone()
finally:
conn.close()
assert row["cod_prestatie"] == "R-MOTOR"
def test_editeaza_deblocheaza_submissions(client):
"""La editarea unui cod, submission-urile needs_mapping pe acel op se deblocheaza."""
acct = _create_account_user("debloc@test.com")
_seed_nomenclator("R-FRANE", "Reparatie frane")
sid = _seed_needs_mapping(acct, "OP-200")
assert _status_of(sid) == "needs_mapping"
_login(client, "debloc@test.com")
csrf = _csrf(client)
resp = client.post("/mapari/salvate", data={
"cod_op_service": "OP-200", "cod_prestatie": "R-FRANE", "auto_send": "true", "csrf_token": csrf,
})
assert resp.status_code == 200
assert _status_of(sid) != "needs_mapping" # deblocat (queued sau needs_data)
def test_sterge_mapare_salvata_scoped(client):
"""DELETE scoped pe cont: maparea altui cont ramane neatinsa."""
acct1 = _create_account_user("st1@test.com", name="Cont1")
acct2 = _create_account_user("st2@test.com", name="Cont2")
_seed_nomenclator("R-FRANE")
_seed_op_mapping(acct1, "OP-X", "R-FRANE")
_seed_op_mapping(acct2, "OP-X", "R-FRANE")
_login(client, "st1@test.com")
csrf = _csrf(client)
resp = client.post("/mapari/salvate/sterge", data={"cod_op_service": "OP-X", "csrf_token": csrf})
assert resp.status_code == 200
from app.db import get_connection
conn = get_connection()
try:
r1 = conn.execute("SELECT 1 FROM operations_mapping WHERE account_id=? AND cod_op_service='OP-X'", (acct1,)).fetchone()
r2 = conn.execute("SELECT 1 FROM operations_mapping WHERE account_id=? AND cod_op_service='OP-X'", (acct2,)).fetchone()
finally:
conn.close()
assert r1 is None, "maparea contului propriu trebuia stearsa"
assert r2 is not None, "maparea altui cont NU trebuia atinsa (leak)"
Reference in New Issue View Git Blame Copy Permalink