freeleaps-service-hub/apps/authentication/tests/api_tests/permission/test_create_permission.py

import pytest
import random
from tests.base.authentication_web import AuthenticationWeb


class TestCreatePermission:
    @pytest.mark.asyncio
    async def test_create_permission_success(self, authentication_web: AuthenticationWeb):
        """Test creating a permission successfully with valid and unique permission_key and permission_name."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_success_{suffix}",
            "permission_name": f"Test Permission Success {suffix}",
            "description": "Permission for testing success"
        }
        response = await authentication_web.create_permission(perm_data)
        assert response.status_code == 200
        json = response.json()
        assert json["permission_key"] == perm_data["permission_key"]
        assert json["permission_name"] == perm_data["permission_name"]
        assert json["description"] == perm_data["description"]
        assert json["id"] is not None
        assert json["created_at"] is not None
        assert json["updated_at"] is not None

    @pytest.mark.asyncio
    async def test_create_permission_fail_duplicate_key(self, authentication_web: AuthenticationWeb):
        """Test creating a permission fails when permission_key is duplicated."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_dup_{suffix}",
            "permission_name": f"Test Permission DupKey {suffix}",
            "description": "desc"
        }
        await authentication_web.create_permission(perm_data)
        perm_data2 = {
            "permission_key": f"test_perm_key_dup_{suffix}",
            "permission_name": f"Test Permission DupKey2 {suffix}",
            "description": "desc2"
        }
        response = await authentication_web.create_permission(perm_data2)
        assert response.status_code == 422 or response.status_code == 400

    @pytest.mark.asyncio
    async def test_create_permission_fail_duplicate_name(self, authentication_web: AuthenticationWeb):
        """Test creating a permission fails when permission_name is duplicated."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_dupname1_{suffix}",
            "permission_name": f"Test Permission DupName {suffix}",
            "description": "desc"
        }
        await authentication_web.create_permission(perm_data)
        perm_data2 = {
            "permission_key": f"test_perm_key_dupname2_{suffix}",
            "permission_name": f"Test Permission DupName {suffix}",
            "description": "desc2"
        }
        response = await authentication_web.create_permission(perm_data2)
        assert response.status_code == 422 or response.status_code == 400

    @pytest.mark.asyncio
    async def test_create_permission_fail_empty_key(self, authentication_web: AuthenticationWeb):
        """Test creating a permission fails when permission_key is empty."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": "",
            "permission_name": f"Test Permission EmptyKey {suffix}",
            "description": "desc"
        }
        response = await authentication_web.create_permission(perm_data)
        assert response.status_code == 422 or response.status_code == 400

    @pytest.mark.asyncio
    async def test_create_permission_fail_empty_name(self, authentication_web: AuthenticationWeb):
        """Test creating a permission fails when permission_name is empty."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_emptyname_{suffix}",
            "permission_name": "",
            "description": "desc"
        }
        response = await authentication_web.create_permission(perm_data)
        assert response.status_code == 422 or response.status_code == 400

    @pytest.mark.asyncio
    async def test_create_permission_success_empty_description(self, authentication_web: AuthenticationWeb):
        """Test creating a permission successfully when description is None (optional field)."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_emptydesc_{suffix}",
            "permission_name": f"Test Permission EmptyDesc {suffix}",
            "description": None
        }
        response = await authentication_web.create_permission(perm_data)
        assert response.status_code == 200
        json = response.json()
        assert json["permission_key"] == perm_data["permission_key"]
        assert json["permission_name"] == perm_data["permission_name"]
        assert json["description"] is None or json["description"] == ""

    @pytest.mark.asyncio
    async def test_create_permission_fail_by_non_admin(self, authentication_web_of_temp_user1: AuthenticationWeb):
        """Test creating a permission fails by non-admin user (no permission)."""
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_nonadmin_{suffix}",
            "permission_name": f"Test Permission NonAdmin {suffix}",
            "description": "desc"
        }
        response = await authentication_web_of_temp_user1.create_permission(perm_data)
        assert response.status_code == 403 or response.status_code == 401

    @pytest.mark.asyncio
    async def test_create_permission_success_after_grant_admin(self, authentication_web: AuthenticationWeb):
        """Test creating a permission succeeds after granting admin role to a new temporary user and re-login."""
        # Create a new temp user
        user = authentication_web.create_temporary_user()
        temp_authentication_web = AuthenticationWeb(user_email=user["email"], password=user["password"])
        temp_authentication_web.user_id = user["user_id"]
        temp_authentication_web.login()
        # Grant admin role to temp user
        resp = await authentication_web.query_roles({"role_key": "admin"})
        admin_role_id = resp.json()["items"][0]["id"]
        await authentication_web.assign_roles_to_user({
            "user_id": temp_authentication_web.user_id,
            "role_ids": [admin_role_id]
        })
        # Re-login as temp user
        temp_authentication_web.login()
        # Try to create permission
        suffix = str(random.randint(10000, 99999))
        perm_data = {
            "permission_key": f"test_perm_key_tempadmin_{suffix}",
            "permission_name": f"Test Permission TempAdmin {suffix}",
            "description": "desc"
        }
        response = await temp_authentication_web.create_permission(perm_data)
        assert response.status_code == 200


if __name__ == '__main__':
    pytest.main([__file__])