Yuerchu/disknext
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
a99091ea7acc39550665dc34e56e6dcab0c233a9
disknext/tests/integration/api/test_admin.py
于小丘 209cb24ab4 feat: add models for physical files, policies, and user management 
- Implement PhysicalFile model to manage physical file references and reference counting.
- Create Policy model with associated options and group links for storage policies.
- Introduce Redeem and Report models for handling redeem codes and reports.
- Add Settings model for site configuration and user settings management.
- Develop Share model for sharing objects with unique codes and associated metadata.
- Implement SourceLink model for managing download links associated with objects.
- Create StoragePack model for managing user storage packages.
- Add Tag model for user-defined tags with manual and automatic types.
- Implement Task model for managing background tasks with status tracking.
- Develop User model with comprehensive user management features including authentication.
- Introduce UserAuthn model for managing WebAuthn credentials.
- Create WebDAV model for managing WebDAV accounts associated with users.
2026-02-10 19:07:48 +08:00

264 lines
7.3 KiB
Python
Raw Blame History

"""
管理员端点集成测试
"""
import pytest
from httpx import AsyncClient
# ==================== 认证测试 ====================
@pytest.mark.asyncio
async def test_admin_requires_auth(async_client: AsyncClient):
"""测试管理员接口需要认证"""
response = await async_client.get("/api/admin/summary")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_requires_admin_role(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户访问管理员接口返回 403"""
response = await async_client.get(
"/api/admin/summary",
headers=auth_headers
)
assert response.status_code == 403
# ==================== 站点概况测试 ====================
@pytest.mark.asyncio
async def test_admin_get_summary_success(
async_client: AsyncClient,
admin_headers: dict[str, str]
):
"""测试管理员可以获取站点概况"""
response = await async_client.get(
"/api/admin/summary",
headers=admin_headers
)
# 端点存在但未实现,可能返回 200 或其他状态
assert response.status_code in [200, 404, 501]
# ==================== 用户管理测试 ====================
@pytest.mark.asyncio
async def test_admin_get_user_info_requires_auth(async_client: AsyncClient):
"""测试获取用户信息需要认证"""
response = await async_client.get("/api/admin/user/info/1")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_get_user_info_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法获取用户信息"""
response = await async_client.get(
"/api/admin/user/info/1",
headers=auth_headers
)
assert response.status_code == 403
@pytest.mark.asyncio
async def test_admin_get_user_list_requires_auth(async_client: AsyncClient):
"""测试获取用户列表需要认证"""
response = await async_client.get("/api/admin/user/list")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_get_user_list_success(
async_client: AsyncClient,
admin_headers: dict[str, str]
):
"""测试管理员可以获取用户列表"""
response = await async_client.get(
"/api/admin/user/list",
headers=admin_headers
)
assert response.status_code == 200
data = response.json()
assert "data" in data
assert isinstance(data["data"], list)
@pytest.mark.asyncio
async def test_admin_get_user_list_pagination(
async_client: AsyncClient,
admin_headers: dict[str, str]
):
"""测试用户列表分页"""
response = await async_client.get(
"/api/admin/user/list?page=1&page_size=10",
headers=admin_headers
)
assert response.status_code == 200
data = response.json()
assert "data" in data
# 应该返回不超过 page_size 的数量
assert len(data["data"]) <= 10
@pytest.mark.asyncio
async def test_admin_get_user_list_contains_user_data(
async_client: AsyncClient,
admin_headers: dict[str, str]
):
"""测试用户列表包含用户数据"""
response = await async_client.get(
"/api/admin/user/list",
headers=admin_headers
)
assert response.status_code == 200
data = response.json()
users = data["data"]
if len(users) > 0:
user = users[0]
assert "id" in user
assert "email" in user
@pytest.mark.asyncio
async def test_admin_create_user_requires_auth(async_client: AsyncClient):
"""测试创建用户需要认证"""
response = await async_client.post(
"/api/admin/user/create",
json={"email": "newadminuser@test.local", "password": "pass123"}
)
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_create_user_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法创建用户"""
response = await async_client.post(
"/api/admin/user/create",
headers=auth_headers,
json={"email": "newadminuser@test.local", "password": "pass123"}
)
assert response.status_code == 403
# ==================== 用户组管理测试 ====================
@pytest.mark.asyncio
async def test_admin_get_groups_requires_auth(async_client: AsyncClient):
"""测试获取用户组列表需要认证"""
response = await async_client.get("/api/admin/group/")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_get_groups_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法获取用户组列表"""
response = await async_client.get(
"/api/admin/group/",
headers=auth_headers
)
assert response.status_code == 403
# ==================== 文件管理测试 ====================
@pytest.mark.asyncio
async def test_admin_get_file_list_requires_auth(async_client: AsyncClient):
"""测试获取文件列表需要认证"""
response = await async_client.get("/api/admin/file/list")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_get_file_list_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法获取文件列表"""
response = await async_client.get(
"/api/admin/file/list",
headers=auth_headers
)
assert response.status_code == 403
# ==================== 设置管理测试 ====================
@pytest.mark.asyncio
async def test_admin_get_settings_requires_auth(async_client: AsyncClient):
"""测试获取设置需要认证"""
response = await async_client.get("/api/admin/settings")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_get_settings_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法获取设置"""
response = await async_client.get(
"/api/admin/settings",
headers=auth_headers
)
assert response.status_code == 403
@pytest.mark.asyncio
async def test_admin_update_settings_requires_auth(async_client: AsyncClient):
"""测试更新设置需要认证"""
response = await async_client.patch(
"/api/admin/settings",
json={"siteName": "New Site Name"}
)
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_update_settings_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法更新设置"""
response = await async_client.patch(
"/api/admin/settings",
headers=auth_headers,
json={"siteName": "New Site Name"}
)
assert response.status_code == 403
# ==================== 存储策略管理测试 ====================
@pytest.mark.asyncio
async def test_admin_policy_list_requires_auth(async_client: AsyncClient):
"""测试获取存储策略列表需要认证"""
response = await async_client.get("/api/admin/policy/list")
assert response.status_code == 401
@pytest.mark.asyncio
async def test_admin_policy_list_requires_admin(
async_client: AsyncClient,
auth_headers: dict[str, str]
):
"""测试普通用户无法获取存储策略列表"""
response = await async_client.get(
"/api/admin/policy/list",
headers=auth_headers
)
assert response.status_code == 403
Reference in New Issue View Git Blame Copy Permalink