99 lines
3.6 KiB
Markdown
99 lines
3.6 KiB
Markdown
# Role API Test Report
|
|
|
|
## How to Run the Tests
|
|
|
|
**Run all role API tests:**
|
|
```bash
|
|
pytest --tb=short tests/api_tests/role/
|
|
```
|
|
|
|
---
|
|
|
|
## Test Results Summary
|
|
|
|
- **Total tests collected:** 33
|
|
- **All tests passed.**
|
|
- **Warnings:**
|
|
- Deprecation warnings from Pydantic/Beanie (upgrade recommended for future compatibility).
|
|
|
|
---
|
|
|
|
## Test Case Explanations
|
|
|
|
### test_assign_permissions.py
|
|
- **test_assign_permissions_success**
|
|
Assign multiple permissions to a role successfully.
|
|
- **test_assign_permissions_fail_role_not_found**
|
|
Assigning permissions to a non-existent role fails.
|
|
- **test_assign_permissions_fail_permission_not_found**
|
|
Assigning a non-existent permission to a role fails.
|
|
- **test_assign_permissions_fail_empty_permission_ids**
|
|
Assigning with an empty permission list fails.
|
|
- **test_assign_permissions_fail_empty_role_id**
|
|
Assigning with an empty role ID fails.
|
|
- **test_assign_permissions_remove_duplicates**
|
|
Assigning duplicate permission IDs results in de-duplication.
|
|
- **test_assign_permissions_to_default_role**
|
|
Assigning permissions to a default role (should succeed if not restricted).
|
|
|
|
### test_create_role.py
|
|
- **test_create_role_success**
|
|
Admin user can create a role with valid and unique data.
|
|
- **test_create_role_fail_duplicate_role_key/name**
|
|
Creating a role with duplicate key or name fails.
|
|
- **test_create_role_fail_empty_role_key/name**
|
|
Creating a role with empty key or name fails.
|
|
- **test_create_role_success_empty_description**
|
|
Description is optional.
|
|
- **test_create_role_fail_by_non_admin**
|
|
Non-admin user cannot create roles.
|
|
- **test_create_role_success_after_grant_admin**
|
|
After admin grants admin role to a temp user and the user re-logs in, the user can create roles.
|
|
|
|
### test_delete_role.py
|
|
- **test_delete_role_success**
|
|
Admin user can delete a role.
|
|
- **test_delete_role_fail_not_found**
|
|
Deleting a non-existent role fails.
|
|
- **test_delete_default_role_fail**
|
|
Default roles cannot be deleted.
|
|
- **test_delete_role_fail_by_non_admin**
|
|
Non-admin user cannot delete roles.
|
|
- **test_delete_role_success_after_grant_admin**
|
|
After admin grants admin role to a temp user and the user re-logs in, the user can delete roles.
|
|
|
|
### test_query_role.py
|
|
- **test_query_all_roles**
|
|
Query all roles, expect a list.
|
|
- **test_query_roles_by_key/name**
|
|
Query roles by key or name (fuzzy search).
|
|
- **test_query_roles_pagination**
|
|
Query roles with pagination.
|
|
|
|
### test_update_role.py
|
|
- **test_update_role_success**
|
|
Admin user can update a role with valid and unique data.
|
|
- **test_update_role_fail_not_found**
|
|
Updating a non-existent role fails.
|
|
- **test_update_role_fail_duplicate_key/name**
|
|
Updating to a duplicate key or name fails.
|
|
- **test_update_role_fail_empty_key/name**
|
|
Updating with empty key or name fails.
|
|
- **test_update_default_role_fail**
|
|
Default roles cannot be updated.
|
|
- **test_update_role_fail_by_non_admin**
|
|
Non-admin user cannot update roles.
|
|
- **test_update_role_success_after_grant_admin**
|
|
After admin grants admin role to a temp user and the user re-logs in, the user can update roles.
|
|
|
|
---
|
|
|
|
## Summary
|
|
|
|
- These tests ensure that only admin users can manage roles, and that permission can be delegated by granting the admin role to other users.
|
|
- Each test case is designed to verify both positive and negative scenarios, including permission escalation and proper error handling.
|
|
- **Coverage reporting is not included in this report.**
|
|
|
|
---
|
|
|
|
If you need a more detailed, markdown-formatted report with actual coverage numbers, please enable coverage and re-run the tests. |