import pytest import random from backend.models.permission.constants import DefaultRoleEnum from tests.base.authentication_web import AuthenticationWeb class TestUpdateRole: @pytest.mark.asyncio async def test_update_role_success(self, authentication_web: AuthenticationWeb): """Test updating a role successfully with valid and unique fields.""" suffix = str(random.randint(10000, 99999)) # create firstly role_data = { "role_key": f"update_role_key_{suffix}", "role_name": f"Update Role {suffix}", "role_description": "desc", "role_level": 1 } create_resp = await authentication_web.create_role(role_data) role_id = create_resp.json()["id"] # update update_data = { "role_id": role_id, "role_key": f"update_role_key_{suffix}_new", "role_name": f"Update Role {suffix} New", "role_description": "desc new", "role_level": 2 } resp = await authentication_web.update_role(role_data=update_data) assert resp.status_code == 200 json = resp.json() assert json["role_key"] == update_data["role_key"] assert json["role_name"] == update_data["role_name"] assert json["role_description"] == update_data["role_description"] assert json["role_level"] == update_data["role_level"] @pytest.mark.asyncio async def test_update_role_fail_not_found(self, authentication_web: AuthenticationWeb): """Test updating a role fails when role_id does not exist.""" suffix = str(random.randint(10000, 99999)) update_data = { "role_id": "000000000000000000000000", # 不存在的ObjectId "role_key": f"notfound_key_{suffix}", "role_name": f"NotFound Role {suffix}", "role_description": "desc", "role_level": 1 } resp = await authentication_web.update_role(role_data=update_data) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_update_role_fail_duplicate_key(self, authentication_web: AuthenticationWeb): """Test updating a role fails when role_key is duplicated.""" suffix = str(random.randint(10000, 99999)) # create two roles role1 = await authentication_web.create_role({ "role_key": f"dupkey1_{suffix}", "role_name": f"dupkey1_{suffix}", "role_description": "desc", "role_level": 1 }) role2 = await authentication_web.create_role({ "role_key": f"dupkey2_{suffix}", "role_name": f"dupkey2_{suffix}", "role_description": "desc", "role_level": 1 }) role2_id = role2.json()["id"] # modify role_key update_data = { "role_id": role2_id, "role_key": f"dupkey1_{suffix}", "role_name": f"dupkey2_{suffix}_new", "role_description": "desc", "role_level": 2 } resp = await authentication_web.update_role(role_data=update_data) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_update_role_fail_duplicate_name(self, authentication_web: AuthenticationWeb): """Test updating a role fails when role_name is duplicated.""" suffix = str(random.randint(10000, 99999)) # create two roles role1 = await authentication_web.create_role({ "role_key": f"dupname1_{suffix}", "role_name": f"dupname1_{suffix}", "role_description": "desc", "role_level": 1 }) role2 = await authentication_web.create_role({ "role_key": f"dupname2_{suffix}", "role_name": f"dupname2_{suffix}", "role_description": "desc", "role_level": 1 }) role2_id = role2.json()["id"] # modify role name update_data = { "role_id": role2_id, "role_key": f"dupname2_{suffix}_new", "role_name": f"dupname1_{suffix}", "role_description": "desc", "role_level": 2 } resp = await authentication_web.update_role(role_data=update_data) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_update_role_fail_empty_key(self, authentication_web: AuthenticationWeb): """Test updating a role fails when role_key is empty.""" suffix = str(random.randint(10000, 99999)) role = await authentication_web.create_role({ "role_key": f"emptykey_{suffix}", "role_name": f"emptykey_{suffix}", "role_description": "desc", "role_level": 1 }) role_id = role.json()["id"] update_data = { "role_id": role_id, "role_key": "", "role_name": f"emptykey_{suffix}_new", "role_description": "desc", "role_level": 2 } resp = await authentication_web.update_role(role_data=update_data) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_update_role_fail_empty_name(self, authentication_web: AuthenticationWeb): """Test updating a role fails when role_name is empty.""" suffix = str(random.randint(10000, 99999)) role = await authentication_web.create_role({ "role_key": f"emptyname_{suffix}", "role_name": f"emptyname_{suffix}", "role_description": "desc", "role_level": 1 }) role_id = role.json()["id"] update_data = { "role_id": role_id, "role_key": f"emptyname_{suffix}_new", "role_name": "", "role_description": "desc", "role_level": 2 } resp = await authentication_web.update_role(role_data=update_data) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_update_default_role_fail(self, authentication_web: AuthenticationWeb): """Test updating a default role fails. Default role cannot be updated.""" suffix = str(random.randint(10000, 99999)) # Query a default role resp = await authentication_web.query_roles( params={"page": 1, "page_size": 2, "role_key": DefaultRoleEnum.ADMIN.value.role_key}) json = resp.json() default_role = json["items"][0] resp = await authentication_web.update_role(role_data={ "role_id": default_role["id"], "role_key": f"{default_role['role_key']}_{suffix}_update", "role_name": f"{default_role['role_name']}_{suffix}_update", "role_description": "desc", "role_level": 2 }) assert resp.status_code == 422 or resp.status_code == 400 @pytest.mark.asyncio async def test_update_role_fail_by_non_admin(self, authentication_web: AuthenticationWeb, authentication_web_of_temp_user1: AuthenticationWeb): """Test updating a role fails by non-admin user (no permission).""" # Create a role as admin suffix = str(random.randint(10000, 99999)) role = await authentication_web.create_role({ "role_key": f"updaterole_nonadmin_{suffix}", "role_name": f"updaterole_nonadmin_{suffix}", "role_description": "desc", "role_level": 1 }) role_id = role.json()["id"] update_data = { "role_id": role_id, "role_key": f"updaterole_nonadmin_{suffix}_new", "role_name": f"updaterole_nonadmin_{suffix}_new", "role_description": "desc new", "role_level": 2 } resp = await authentication_web_of_temp_user1.update_role(role_data=update_data) assert resp.status_code == 403 or resp.status_code == 401 @pytest.mark.asyncio async def test_update_role_success_after_grant_admin(self, authentication_web: AuthenticationWeb): """Test updating a role succeeds after granting admin role to a temporary user and re-login.""" # Create a temp user user = authentication_web.create_temporary_user() temp_authentication_web = AuthenticationWeb(user_email=user["email"], password=user["password"]) temp_authentication_web.user_id = user["user_id"] temp_authentication_web.login() # Create a role as admin suffix = str(random.randint(10000, 99999)) role = await authentication_web.create_role({ "role_key": f"updaterole_tempadmin_{suffix}", "role_name": f"updaterole_tempadmin_{suffix}", "role_description": "desc", "role_level": 1 }) role_id = role.json()["id"] # Grant admin role to temp user resp = await authentication_web.query_roles({"role_key": "admin"}) admin_role_id = resp.json()["items"][0]["id"] await authentication_web.assign_roles_to_user({ "user_id": temp_authentication_web.user_id, "role_ids": [admin_role_id] }) # Re-login as temp user temp_authentication_web.login() # Try to update as temp user update_data = { "role_id": role_id, "role_key": f"updaterole_tempadmin_{suffix}_new", "role_name": f"updaterole_tempadmin_{suffix}_new", "role_description": "desc new", "role_level": 2 } resp = await temp_authentication_web.update_role(role_data=update_data) assert resp.status_code == 200 if __name__ == '__main__': pytest.main([__file__])