import pytest import random from backend.models.permission.constants import DefaultRoleEnum from tests.base.authentication_web import AuthenticationWeb class TestAssignRolesToUser: @pytest.mark.asyncio async def test_assign_roles_success_by_admin(self, authentication_web: AuthenticationWeb): """Test assigning roles to a user successfully by admin user.""" # Create a temporary user temp_user = authentication_web.create_temporary_user() # Create a new role suffix = str(random.randint(10000, 99999)) role_resp = await authentication_web.create_role({ "role_key": f"assignrole_role_{suffix}", "role_name": f"AssignRole Role {suffix}", "role_description": "desc", "role_level": 1 }) role_id = role_resp.json()["id"] # Assign role to user resp = await authentication_web.assign_roles_to_user({ "user_id": temp_user["user_id"], "role_ids": [role_id] }) assert resp.status_code == 200 json = resp.json() assert json["user_id"] == temp_user["user_id"] assert json["role_ids"] == [role_id] @pytest.mark.asyncio async def test_assign_roles_fail_by_non_admin(self, authentication_web_of_temp_user1: AuthenticationWeb): """Test assigning roles to a user fails by non-admin user (no permission).""" # Create another temporary user temp_user = authentication_web_of_temp_user1.create_temporary_user() # Query default admin role resp = await authentication_web_of_temp_user1.query_roles({"role_key": DefaultRoleEnum.ADMIN.value.role_key}) admin_role_id = resp.json()["items"][0]["id"] # Try to assign admin role to another user resp = await authentication_web_of_temp_user1.assign_roles_to_user({ "user_id": temp_user["user_id"], "role_ids": [admin_role_id] }) assert resp.status_code == 403 or resp.status_code == 401 @pytest.mark.asyncio async def test_assign_roles_fail_role_not_found(self, authentication_web: AuthenticationWeb): """Test assigning roles fails when role_id does not exist.""" # Create a temporary user temp_user = authentication_web.create_temporary_user() # Try to assign non-existent role resp = await authentication_web.assign_roles_to_user({ "user_id": temp_user["user_id"], "role_ids": ["000000000000000000000000"] }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_assign_roles_fail_empty_role_ids(self, authentication_web: AuthenticationWeb): """Test assigning roles fails when role_ids is empty.""" # Create a temporary user temp_user = authentication_web.create_temporary_user() resp = await authentication_web.assign_roles_to_user({ "user_id": temp_user["user_id"], "role_ids": [] }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_assign_roles_fail_empty_user_id(self, authentication_web: AuthenticationWeb): """Test assigning roles fails when user_id is empty.""" # Query default admin role resp = await authentication_web.query_roles({"role_key": DefaultRoleEnum.ADMIN.value.role_key}) admin_role_id = resp.json()["items"][0]["id"] resp = await authentication_web.assign_roles_to_user({ "user_id": "", "role_ids": [admin_role_id] }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_assign_roles_remove_duplicates(self, authentication_web: AuthenticationWeb): """Test assigning roles with duplicate role_ids removes duplicates.""" # Create a temporary user temp_user = authentication_web.create_temporary_user() # Create a new role suffix = str(random.randint(10000, 99999)) role_resp = await authentication_web.create_role({ "role_key": f"assignrole_role_dup_{suffix}", "role_name": f"AssignRole RoleDup {suffix}", "role_description": "desc", "role_level": 1 }) role_id = role_resp.json()["id"] # Assign duplicate role_ids resp = await authentication_web.assign_roles_to_user({ "user_id": temp_user["user_id"], "role_ids": [role_id, role_id, role_id] }) assert resp.status_code == 200 json = resp.json() assert json["role_ids"] == [role_id] if __name__ == '__main__': pytest.main([__file__])