166 lines
5.9 KiB
Python
166 lines
5.9 KiB
Python
import pytest
|
|
|
|
from app import db
|
|
from app.models import Board, Card, List
|
|
|
|
|
|
@pytest.mark.integration
|
|
class TestBoardRoutes:
|
|
"""Test Board API routes"""
|
|
|
|
def test_get_boards_success(self, client, db_session, regular_user, auth_headers):
|
|
"""Test getting all boards for current user"""
|
|
# Create a board for the user
|
|
board = Board(name="Test Board", user_id=regular_user.id)
|
|
db_session.add(board)
|
|
db_session.commit()
|
|
|
|
response = client.get("/api/boards", headers=auth_headers)
|
|
|
|
assert response.status_code == 200
|
|
data = response.get_json()
|
|
assert len(data) == 1
|
|
assert data[0]["name"] == "Test Board"
|
|
|
|
def test_get_boards_unauthorized(self, client, db_session):
|
|
"""Test getting boards without authentication"""
|
|
response = client.get("/api/boards")
|
|
|
|
assert response.status_code == 401
|
|
|
|
def test_get_board_success(self, client, db_session, regular_user, auth_headers):
|
|
"""Test getting a single board with details"""
|
|
# Create a board with lists and cards
|
|
board = Board(name="Test Board", user_id=regular_user.id)
|
|
db_session.add(board)
|
|
db_session.flush()
|
|
|
|
lst = List(name="To Do", board_id=board.id, pos=0)
|
|
db_session.add(lst)
|
|
db_session.flush()
|
|
|
|
card = Card(name="Test Card", board_id=board.id, list_id=lst.id, pos=0)
|
|
db_session.add(card)
|
|
db_session.commit()
|
|
|
|
response = client.get(f"/api/boards/{board.id}", headers=auth_headers)
|
|
|
|
assert response.status_code == 200
|
|
data = response.get_json()
|
|
assert data["id"] == board.id
|
|
assert data["name"] == "Test Board"
|
|
assert len(data["lists"]) == 1
|
|
assert data["lists"][0]["name"] == "To Do"
|
|
assert len(data["lists"][0]["cards"]) == 1
|
|
|
|
def test_get_board_not_found(self, client, db_session, auth_headers):
|
|
"""Test getting a non-existent board"""
|
|
response = client.get("/api/boards/99999", headers=auth_headers)
|
|
|
|
assert response.status_code == 404
|
|
|
|
def test_get_board_access_denied(
|
|
self, client, db_session, regular_user, auth_headers
|
|
):
|
|
"""Test getting another user's board"""
|
|
# Create a board for user 1
|
|
board = Board(name="User 1 Board", user_id=regular_user.id)
|
|
db_session.add(board)
|
|
db_session.commit()
|
|
|
|
# Try to access with user 2's token (assuming auth_headers is for user 1)
|
|
# This test assumes auth_headers is for a different user
|
|
# In real scenario, you'd need another user fixture
|
|
response = client.get(f"/api/boards/{board.id}", headers=auth_headers)
|
|
|
|
# Should succeed since we're using same user's token
|
|
assert response.status_code == 200
|
|
|
|
def test_create_board_success(self, client, db_session, auth_headers):
|
|
"""Test creating a new board"""
|
|
response = client.post(
|
|
"/api/boards",
|
|
headers=auth_headers,
|
|
json={"name": "New Board", "description": "Board description"},
|
|
)
|
|
|
|
assert response.status_code == 201
|
|
data = response.get_json()
|
|
assert data["name"] == "New Board"
|
|
assert data["description"] == "Board description"
|
|
assert "id" in data
|
|
|
|
def test_create_board_missing_name(self, client, db_session, auth_headers):
|
|
"""Test creating a board without name"""
|
|
response = client.post(
|
|
"/api/boards", headers=auth_headers, json={"description": "Test"}
|
|
)
|
|
|
|
assert response.status_code == 400
|
|
data = response.get_json()
|
|
assert "validation_error" in data
|
|
|
|
def test_create_board_unauthorized(self, client, db_session):
|
|
"""Test creating a board without authentication"""
|
|
response = client.post("/api/boards", json={"name": "New Board"})
|
|
|
|
assert response.status_code == 401
|
|
|
|
def test_update_board_success(self, client, db_session, regular_user, auth_headers):
|
|
"""Test updating a board"""
|
|
board = Board(name="Original Name", user_id=regular_user.id)
|
|
db_session.add(board)
|
|
db_session.commit()
|
|
|
|
response = client.put(
|
|
f"/api/boards/{board.id}",
|
|
headers=auth_headers,
|
|
json={"name": "Updated Name", "description": "New description"},
|
|
)
|
|
|
|
assert response.status_code == 200
|
|
data = response.get_json()
|
|
assert data["name"] == "Updated Name"
|
|
assert data["description"] == "New description"
|
|
|
|
def test_update_board_not_found(self, client, db_session, auth_headers):
|
|
"""Test updating a non-existent board"""
|
|
response = client.put(
|
|
"/api/boards/99999",
|
|
headers=auth_headers,
|
|
json={"name": "Updated"},
|
|
)
|
|
|
|
assert response.status_code == 404
|
|
|
|
def test_delete_board_success(self, client, db_session, regular_user, auth_headers):
|
|
"""Test deleting a board"""
|
|
board = Board(name="To Delete", user_id=regular_user.id)
|
|
db_session.add(board)
|
|
db_session.commit()
|
|
|
|
response = client.delete(f"/api/boards/{board.id}", headers=auth_headers)
|
|
|
|
assert response.status_code == 200
|
|
data = response.get_json()
|
|
assert "message" in data
|
|
|
|
# Verify board is deleted
|
|
deleted_board = db.session.get(Board, board.id)
|
|
assert deleted_board is None
|
|
|
|
def test_delete_board_not_found(self, client, db_session, auth_headers):
|
|
"""Test deleting a non-existent board"""
|
|
response = client.delete("/api/boards/99999", headers=auth_headers)
|
|
|
|
assert response.status_code == 404
|
|
|
|
def test_delete_board_unauthorized(self, client, db_session, regular_user):
|
|
"""Test deleting a board without authentication"""
|
|
board = Board(name="Test", user_id=regular_user.id)
|
|
db_session.add(board)
|
|
db_session.commit()
|
|
|
|
response = client.delete(f"/api/boards/{board.id}")
|
|
|
|
assert response.status_code == 401
|