introduces group/global usage & permissions, validates in endpoints and tests endpoints

2026-06-12 05:28:34 +03:00 · 2025-02-06 18:41:12 +00:00
parent 2b8c48af1b
commit 5344cc56e7
10 changed files with 252 additions and 52 deletions
--- a/src/tests/endpoints/test_sheet.py
+++ b/src/tests/endpoints/test_sheet.py
@@ -29,8 +29,7 @@ def test_create_sheet_endpoint(app_with_auth, db_session):
    assert response.status_code == 201
    j = response.json()
    assert datetime.fromisoformat(j.pop("created_at"))
-    assert datetime.fromisoformat(j.pop("last_archived_at"))
-    assert j.pop("stats") == {}
+    assert datetime.fromisoformat(j.pop("last_url_archived_at"))
    assert j.pop("author_id") == 'morty@example.com'
    assert j == good_data

@@ -95,16 +94,15 @@ def test_get_user_sheets_endpoint(client_with_auth, db_session):
    assert isinstance(r, list)
    assert len(r) == 2
    assert datetime.fromisoformat(r[0].pop("created_at"))
-    assert datetime.fromisoformat(r[0].pop("last_archived_at"))
+    assert datetime.fromisoformat(r[0].pop("last_url_archived_at"))
    assert datetime.fromisoformat(r[1].pop("created_at"))
-    assert datetime.fromisoformat(r[1].pop("last_archived_at"))
+    assert datetime.fromisoformat(r[1].pop("last_url_archived_at"))
    assert r[0] == {
        'id': '123',
        'author_id': 'morty@example.com',
        'frequency': 'hourly',
        'group_id': 'spaceship',
        'name': 'Test Sheet 1',
-        'stats': {},
    }
    assert r[1] == {
        'id': '456',
@@ -112,7 +110,6 @@ def test_get_user_sheets_endpoint(client_with_auth, db_session):
        'frequency': 'daily',
        'group_id': 'interdimensional',
        'name': 'Test Sheet 2',
-        'stats': {},
    }


--- a/src/tests/endpoints/test_url.py
+++ b/src/tests/endpoints/test_url.py
@@ -7,36 +7,67 @@ def test_archive_url_unauthenticated(client, test_no_auth):
    test_no_auth(client.post, "/url/archive")


+@patch("endpoints.url.UserState")
@patch("worker.main.create_archive_task.delay", return_value=TaskResult(id="123-456-789", status="PENDING", result=""))
-def test_archive_url(m1, client_with_auth):
+def test_archive_url(m1, m2, client_with_auth):
+    m_user_state = MagicMock()
+    m2.return_value = m_user_state
+
    # url is too short
    response = client_with_auth.post("/url/archive", json={"url": "bad"})
    assert response.status_code == 422
    assert response.json()["detail"][0]["msg"] == 'String should have at least 5 characters'
    m1.assert_not_called()

+    # url is invalid
+    response = client_with_auth.post("/url/archive", json={"url": "example.com"})
+    assert response.status_code == 400
+    assert response.json()["detail"] == "Invalid URL received."
+
    # valid request
+    m_user_state.has_quota_max_monthly_urls.return_value = True
+    m_user_state.has_quota_max_monthly_mbs.return_value = True
    response = client_with_auth.post("/url/archive", json={"url": "https://example.com"})
    assert response.status_code == 201
    assert response.json() == {'id': '123-456-789'}
-
    m1.assert_called_once()
    called_val = m1.call_args.args[0]
-    assert json.loads(called_val) == {"id": None, "url": "https://example.com", "result": None, "public": True, "author_id": "rick@example.com", "group_id": None, "tags": [], "rearchive": True}
+    assert json.loads(called_val) == {"id": None, "url": "https://example.com", "result": None, "public": True, "author_id": "rick@example.com", "group_id": None, "tags": [], "rearchive": True, "sheet_id":None}
+    m_user_state.has_quota_max_monthly_urls.assert_called_once()
+    m_user_state.has_quota_max_monthly_mbs.assert_called_once()

    # user is not in group
+    m_user_state.in_group.return_value = False
    response = client_with_auth.post("/url/archive", json={"url": "https://example.com", "group_id": "new-group"})
    assert response.status_code == 403
    assert response.json()["detail"] == "User does not have access to this group."
+    m_user_state.in_group.assert_called_once_with("new-group")

    # user is in group
+    m_user_state.in_group.return_value = True
    response = client_with_auth.post("/url/archive", json={"url": "https://example.com", "group_id": "spaceship"})
    assert response.status_code == 201
    assert response.json() == {'id': '123-456-789'}
-
    assert m1.call_count == 2
    called_val = m1.call_args.args[0]
    assert json.loads(called_val)["group_id"] == "spaceship"
+    m_user_state.in_group.assert_called_with("spaceship")
+
+    # user is over monthly URL quota
+    m_user_state.has_quota_max_monthly_urls.return_value = False
+    m_user_state.has_quota_max_monthly_mbs.return_value = True
+    response = client_with_auth.post("/url/archive", json={"url": "https://example.com", "group_id": "spaceship"})
+    assert response.status_code == 429
+    assert response.json()["detail"] == "User has reached their monthly URL quota."
+    m_user_state.has_quota_max_monthly_urls.assert_called_with("spaceship")
+
+    # user is over monthly MB quota
+    m_user_state.has_quota_max_monthly_urls.return_value = True
+    m_user_state.has_quota_max_monthly_mbs.return_value = False
+    response = client_with_auth.post("/url/archive", json={"url": "https://example.com", "group_id": "spacesuit"})
+    assert response.status_code == 429
+    assert response.json()["detail"] == "User has reached their monthly MB quota."
+    m_user_state.has_quota_max_monthly_mbs.assert_called_with("spacesuit")

@patch("endpoints.url.UserState")
 def test_archive_url_quotas(m1, client_with_auth):