Skip to content

Cleanup testing and small parts of vetting details #338

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
brianhelba merged 1 commit into from
Feb 11, 2026
Merged

Cleanup testing and small parts of vetting details #338

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 4 additions & 35 deletions bats_ai/core/tests/conftest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
from django.contrib.auth.models import User
from django.test import Client
from ninja.testing import TestClient
import pytest

from bats_ai.core.models import VettingDetails

from .factories import SuperuserFactory, UserFactory, VettingDetailsFactory
from bats_ai.api import api


@pytest.fixture
Expand All @@ -13,34 +11,5 @@ def client() -> Client:


@pytest.fixture
def user() -> User:
return UserFactory()


@pytest.fixture
def superuser() -> User:
return SuperuserFactory()


@pytest.fixture
def authenticated_client(user: User) -> Client:
client = Client()
client.force_login(user=user)
return client


@pytest.fixture
def authorized_client(superuser: User) -> Client:
client = Client()
client.force_login(user=superuser)
return client


@pytest.fixture
def vetting_details(user: User) -> VettingDetails:
return VettingDetailsFactory(user=user)


@pytest.fixture
def random_user_vetting_details() -> VettingDetails:
return VettingDetailsFactory(user=UserFactory())
def api_client() -> TestClient:
return TestClient(api)
15 changes: 1 addition & 14 deletions bats_ai/core/tests/factories.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,23 +14,10 @@ class Meta:
last_name = factory.Faker('last_name')


class SuperuserFactory(factory.django.DjangoModelFactory[User]):
class Meta:
model = User
django_get_or_create = ('email',)

username = factory.SelfAttribute('email')
email = factory.Faker('safe_email')
first_name = factory.Faker('first_name')
last_name = factory.Faker('last_name')
class SuperuserFactory(UserFactory):
is_superuser = True
is_staff = True

@classmethod
def _create(cls, model_class, *args, **kwargs):
manager = cls._get_manager(model_class)
return manager.create_superuser(*args, **kwargs)


class VettingDetailsFactory(factory.django.DjangoModelFactory[VettingDetails]):

Expand Down
34 changes: 20 additions & 14 deletions bats_ai/core/tests/test_admin.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,24 @@
from ninja.testing import TestClient
import pytest

from bats_ai.core.tests.factories import SuperuserFactory, UserFactory


@pytest.mark.django_db
def test_check_is_admin_authenticated(api_client: TestClient):
user = UserFactory.create()

resp = api_client.get('configuration/is_admin/', user=user)

assert resp.status_code == 200
assert resp.data['is_admin'] is False


@pytest.mark.parametrize(
'client_fixture,status_code,is_admin',
[
('client', 401, None),
('authenticated_client', 200, False),
('authorized_client', 200, True),
],
)
@pytest.mark.django_db
def test_is_admin(client_fixture, status_code, is_admin, request):
api_client = request.getfixturevalue(client_fixture)
resp = api_client.get('/api/v1/configuration/is_admin/')
assert resp.status_code == status_code
if is_admin is not None:
assert resp.json()['is_admin'] == is_admin
def test_check_is_admin_superuser(api_client: TestClient):
user = SuperuserFactory.create()

resp = api_client.get('configuration/is_admin/', user=user)

assert resp.status_code == 200
assert resp.data['is_admin'] is True
15 changes: 15 additions & 0 deletions bats_ai/core/tests/test_auth.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
from django.test import Client
import pytest


@pytest.mark.parametrize(
'url_suffix',
[
'configuration/is_admin/',
],
)
@pytest.mark.django_db
def test_auth_anonymous_deny(url_suffix: str, client: Client):
Comment on lines +5 to +12
Copy link
Collaborator

@naglepuff naglepuff Feb 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this test parametrized? Is the intent to use this single test to make sure all of our endpoints that require auth are locked down correctly?

Copy link
Member Author

@brianhelba brianhelba Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. If that never happens, we should just remove the parametrization.

resp = client.get(f'/api/v1/{url_suffix}')

assert resp.status_code == 401
175 changes: 96 additions & 79 deletions bats_ai/core/tests/test_vetting_details.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,114 +1,131 @@
from ninja.testing import TestClient
import pytest

from .factories import UserFactory, VettingDetailsFactory
from bats_ai.core.models import VettingDetails

from .factories import SuperuserFactory, UserFactory, VettingDetailsFactory


@pytest.mark.parametrize(
'client_fixture,status_code',
[
('client', 401),
('authenticated_client', 200),
('authorized_client', 200),
],
)
@pytest.mark.django_db
def test_get_vetting_details(client_fixture, status_code, user, vetting_details, request):
api_client = request.getfixturevalue(client_fixture)
resp = api_client.get(f'/api/v1/vetting/user/{user.id}')
assert resp.status_code == status_code
if status_code == 200:
assert resp.json()['reference_materials'] == vetting_details.reference_materials
def test_get_vetting_details(api_client: TestClient):
vetting_details = VettingDetailsFactory.create()

resp = api_client.get(f'vetting/user/{vetting_details.user.id}', user=vetting_details.user)

assert resp.status_code == 200
assert resp.data['reference_materials'] == vetting_details.reference_materials


@pytest.mark.django_db
def test_get_vetting_details_other_user(authenticated_client):
other_user = UserFactory()
VettingDetailsFactory(user=other_user)
resp = authenticated_client.get(f'/api/v1/vetting/user/{other_user.id}')
def test_get_vetting_details_other_user(api_client: TestClient):
vetting_details = VettingDetailsFactory.create()
other_user = UserFactory.create()

resp = api_client.get(f'vetting/user/{vetting_details.user.id}', user=other_user)

assert resp.status_code == 404


@pytest.mark.django_db
def test_create_vetting_details(client):
test_text = 'foo'
data = {'reference_materials': test_text}
test_user = UserFactory()
client.force_login(user=test_user)
resp = client.post(
f'/api/v1/vetting/user/{test_user.id}', data=data, content_type='application/json'
def test_create_vetting_details(api_client: TestClient):
user = UserFactory.create()

resp = api_client.post(
f'vetting/user/{user.id}',
json={'reference_materials': 'foo'},
user=user,
)

assert resp.status_code == 200
assert resp.json()['user_id'] == test_user.id
assert resp.data['user_id'] == user.id
assert resp.data['reference_materials'] == 'foo'
assert VettingDetails.objects.filter(user=user, reference_materials='foo').exists()


@pytest.mark.parametrize(
'client_fixture,status_code',
[
('authenticated_client', 404),
('authorized_client', 200),
],
)
@pytest.mark.django_db
def test_create_vetting_details_other_user(client_fixture, status_code, request):
api_client = request.getfixturevalue(client_fixture)
test_text = 'foo'
data = {'reference_materials': test_text}
other_user = UserFactory()
def test_create_vetting_details_other_user(api_client: TestClient):
user = UserFactory.create()
other_user = UserFactory.create()

resp = api_client.post(
f'/api/v1/vetting/user/{other_user.id}', data=data, content_type='application/json'
f'vetting/user/{user.id}',
json={'reference_materials': 'foo'},
user=other_user,
)
assert resp.status_code == status_code
if status_code == 200:
assert resp.json()['reference_materials'] == test_text

assert resp.status_code == 404


@pytest.mark.django_db
def test_update_vetting_details(client):
test_text = 'bar'
data = {'reference_materials': 'bar'}
test_user = UserFactory()
VettingDetailsFactory(user=test_user, reference_materials='foo')
client.force_login(test_user)

initial_resp = client.get(f'/api/v1/vetting/user/{test_user.id}')
assert initial_resp.status_code == 200

resp = client.post(
f'/api/v1/vetting/user/{test_user.id}', data=data, content_type='application/json'
def test_create_vetting_details_other_superuser(api_client: TestClient):
user = UserFactory.create()
other_superuser = SuperuserFactory.create()

resp = api_client.post(
f'vetting/user/{user.id}',
json={'reference_materials': 'foo'},
user=other_superuser,
)

assert resp.status_code == 200
assert resp.data['reference_materials'] == 'foo'
assert VettingDetails.objects.filter(user=user, reference_materials='foo').exists()

new_details_response = client.get(f'/api/v1/vetting/user/{test_user.id}')
assert new_details_response.status_code == 200
assert new_details_response.json()['reference_materials'] == test_text

@pytest.mark.django_db
def test_update_vetting_details(api_client: TestClient):
vetting_details = VettingDetailsFactory.create()

resp = api_client.post(
f'vetting/user/{vetting_details.user.id}',
json={'reference_materials': 'foo'},
user=vetting_details.user,
)

assert resp.status_code == 200
assert resp.data['reference_materials'] == 'foo'
vetting_details.refresh_from_db()
assert vetting_details.reference_materials == 'foo'


@pytest.mark.parametrize(
'client_fixture,status_code',
[
('authenticated_client', 404),
('authorized_client', 200),
],
)
@pytest.mark.django_db
def test_update_vetting_details_other_user(
client_fixture, status_code, random_user_vetting_details, request
):
api_client = request.getfixturevalue(client_fixture)
def test_update_vetting_details_other_user(api_client: TestClient):
vetting_details = VettingDetailsFactory.create()
other_user = UserFactory.create()

resp = api_client.post(
f'/api/v1/vetting/user/{random_user_vetting_details.user.id}',
data={'reference_materials': 'foo'},
content_type='application/json',
f'vetting/user/{vetting_details.user.id}',
json={'reference_materials': 'foo'},
user=other_user,
)
assert resp.status_code == status_code
assert resp.status_code == 404


@pytest.mark.django_db
def test_update_vetting_details_length_constraint(authorized_client, random_user_vetting_details):
data = {'reference_materials': 'a' * 2001}
resp = authorized_client.post(
f'/api/v1/vetting/user/{random_user_vetting_details.user.id}',
data=data,
content_type='application/json',
def test_update_vetting_details_other_superuser(api_client: TestClient):
vetting_details = VettingDetailsFactory.create()
other_superuser = SuperuserFactory.create()

resp = api_client.post(
f'vetting/user/{vetting_details.user.id}',
json={'reference_materials': 'foo'},
user=other_superuser,
)

assert resp.status_code == 200
assert resp.data['reference_materials'] == 'foo'
vetting_details.refresh_from_db()
assert vetting_details.reference_materials == 'foo'


@pytest.mark.django_db
def test_update_vetting_details_length_constraint(api_client: TestClient):
vetting_details = VettingDetailsFactory.create()

resp = api_client.post(
f'vetting/user/{vetting_details.user.id}',
json={'reference_materials': 'a' * 2001},
user=vetting_details.user,
)

assert resp.status_code == 400
Loading
Loading