From 38807700649b77c1d811309a68ea6f228edc1bbd Mon Sep 17 00:00:00 2001 From: Jason Q Date: Mon, 22 Jul 2024 15:09:27 +1000 Subject: [PATCH] autocommit 22-07-2024-15-09 --- py-kivy/poetry.lock | 91 +++++++++++++++++++++- py-kivy/pos_system/models.py | 23 +----- py-kivy/pos_system/routers/users.py | 32 ++++---- py-kivy/pyproject.toml | 2 + py-kivy/tests/test_orders.py | 113 ++++++++++++++++++---------- 5 files changed, 182 insertions(+), 79 deletions(-) diff --git a/py-kivy/poetry.lock b/py-kivy/poetry.lock index dfe724e..fc4a513 100644 --- a/py-kivy/poetry.lock +++ b/py-kivy/poetry.lock @@ -79,6 +79,46 @@ tests = ["attrs[tests-no-zope]", "zope-interface"] tests-mypy = ["mypy (>=1.6)", "pytest-mypy-plugins"] tests-no-zope = ["attrs[tests-mypy]", "cloudpickle", "hypothesis", "pympler", "pytest (>=4.3.0)", "pytest-xdist[psutil]"] +[[package]] +name = "bcrypt" +version = "4.1.3" +description = "Modern password hashing for your software and your servers" +optional = false +python-versions = ">=3.7" +files = [ + {file = "bcrypt-4.1.3-cp37-abi3-macosx_10_12_universal2.whl", hash = "sha256:48429c83292b57bf4af6ab75809f8f4daf52aa5d480632e53707805cc1ce9b74"}, + {file = "bcrypt-4.1.3-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4a8bea4c152b91fd8319fef4c6a790da5c07840421c2b785084989bf8bbb7455"}, + {file = "bcrypt-4.1.3-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3d3b317050a9a711a5c7214bf04e28333cf528e0ed0ec9a4e55ba628d0f07c1a"}, + {file = "bcrypt-4.1.3-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:094fd31e08c2b102a14880ee5b3d09913ecf334cd604af27e1013c76831f7b05"}, + {file = "bcrypt-4.1.3-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:4fb253d65da30d9269e0a6f4b0de32bd657a0208a6f4e43d3e645774fb5457f3"}, + {file = "bcrypt-4.1.3-cp37-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:193bb49eeeb9c1e2db9ba65d09dc6384edd5608d9d672b4125e9320af9153a15"}, + {file = "bcrypt-4.1.3-cp37-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:8cbb119267068c2581ae38790e0d1fbae65d0725247a930fc9900c285d95725d"}, + {file = "bcrypt-4.1.3-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:6cac78a8d42f9d120b3987f82252bdbeb7e6e900a5e1ba37f6be6fe4e3848286"}, + {file = "bcrypt-4.1.3-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:01746eb2c4299dd0ae1670234bf77704f581dd72cc180f444bfe74eb80495b64"}, + {file = "bcrypt-4.1.3-cp37-abi3-win32.whl", hash = "sha256:037c5bf7c196a63dcce75545c8874610c600809d5d82c305dd327cd4969995bf"}, + {file = "bcrypt-4.1.3-cp37-abi3-win_amd64.whl", hash = "sha256:8a893d192dfb7c8e883c4576813bf18bb9d59e2cfd88b68b725990f033f1b978"}, + {file = "bcrypt-4.1.3-cp39-abi3-macosx_10_12_universal2.whl", hash = "sha256:0d4cf6ef1525f79255ef048b3489602868c47aea61f375377f0d00514fe4a78c"}, + {file = "bcrypt-4.1.3-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f5698ce5292a4e4b9e5861f7e53b1d89242ad39d54c3da451a93cac17b61921a"}, + {file = "bcrypt-4.1.3-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec3c2e1ca3e5c4b9edb94290b356d082b721f3f50758bce7cce11d8a7c89ce84"}, + {file = "bcrypt-4.1.3-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:3a5be252fef513363fe281bafc596c31b552cf81d04c5085bc5dac29670faa08"}, + {file = "bcrypt-4.1.3-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:5f7cd3399fbc4ec290378b541b0cf3d4398e4737a65d0f938c7c0f9d5e686611"}, + {file = "bcrypt-4.1.3-cp39-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:c4c8d9b3e97209dd7111bf726e79f638ad9224b4691d1c7cfefa571a09b1b2d6"}, + {file = "bcrypt-4.1.3-cp39-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:31adb9cbb8737a581a843e13df22ffb7c84638342de3708a98d5c986770f2834"}, + {file = "bcrypt-4.1.3-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:551b320396e1d05e49cc18dd77d970accd52b322441628aca04801bbd1d52a73"}, + {file = "bcrypt-4.1.3-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:6717543d2c110a155e6821ce5670c1f512f602eabb77dba95717ca76af79867d"}, + {file = "bcrypt-4.1.3-cp39-abi3-win32.whl", hash = "sha256:6004f5229b50f8493c49232b8e75726b568535fd300e5039e255d919fc3a07f2"}, + {file = "bcrypt-4.1.3-cp39-abi3-win_amd64.whl", hash = "sha256:2505b54afb074627111b5a8dc9b6ae69d0f01fea65c2fcaea403448c503d3991"}, + {file = "bcrypt-4.1.3-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:cb9c707c10bddaf9e5ba7cdb769f3e889e60b7d4fea22834b261f51ca2b89fed"}, + {file = "bcrypt-4.1.3-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:9f8ea645eb94fb6e7bea0cf4ba121c07a3a182ac52876493870033141aa687bc"}, + {file = "bcrypt-4.1.3-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:f44a97780677e7ac0ca393bd7982b19dbbd8d7228c1afe10b128fd9550eef5f1"}, + {file = "bcrypt-4.1.3-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:d84702adb8f2798d813b17d8187d27076cca3cd52fe3686bb07a9083930ce650"}, + {file = "bcrypt-4.1.3.tar.gz", hash = "sha256:2ee15dd749f5952fe3f0430d0ff6b74082e159c50332a1413d51b5689cf06623"}, +] + +[package.extras] +tests = ["pytest (>=3.2.1,!=3.3.0)"] +typecheck = ["mypy"] + [[package]] name = "certifi" version = "2024.7.4" @@ -295,6 +335,55 @@ traitlets = ">=4" [package.extras] test = ["pytest"] +[[package]] +name = "cryptography" +version = "43.0.0" +description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." +optional = false +python-versions = ">=3.7" +files = [ + {file = "cryptography-43.0.0-cp37-abi3-macosx_10_9_universal2.whl", hash = "sha256:64c3f16e2a4fc51c0d06af28441881f98c5d91009b8caaff40cf3548089e9c74"}, + {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3dcdedae5c7710b9f97ac6bba7e1052b95c7083c9d0e9df96e02a1932e777895"}, + {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3d9a1eca329405219b605fac09ecfc09ac09e595d6def650a437523fcd08dd22"}, + {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:ea9e57f8ea880eeea38ab5abf9fbe39f923544d7884228ec67d666abd60f5a47"}, + {file = "cryptography-43.0.0-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:9a8d6802e0825767476f62aafed40532bd435e8a5f7d23bd8b4f5fd04cc80ecf"}, + {file = "cryptography-43.0.0-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:cc70b4b581f28d0a254d006f26949245e3657d40d8857066c2ae22a61222ef55"}, + {file = "cryptography-43.0.0-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:4a997df8c1c2aae1e1e5ac49c2e4f610ad037fc5a3aadc7b64e39dea42249431"}, + {file = "cryptography-43.0.0-cp37-abi3-win32.whl", hash = "sha256:6e2b11c55d260d03a8cf29ac9b5e0608d35f08077d8c087be96287f43af3ccdc"}, + {file = "cryptography-43.0.0-cp37-abi3-win_amd64.whl", hash = "sha256:31e44a986ceccec3d0498e16f3d27b2ee5fdf69ce2ab89b52eaad1d2f33d8778"}, + {file = "cryptography-43.0.0-cp39-abi3-macosx_10_9_universal2.whl", hash = "sha256:7b3f5fe74a5ca32d4d0f302ffe6680fcc5c28f8ef0dc0ae8f40c0f3a1b4fca66"}, + {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ac1955ce000cb29ab40def14fd1bbfa7af2017cca696ee696925615cafd0dce5"}, + {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:299d3da8e00b7e2b54bb02ef58d73cd5f55fb31f33ebbf33bd00d9aa6807df7e"}, + {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:ee0c405832ade84d4de74b9029bedb7b31200600fa524d218fc29bfa371e97f5"}, + {file = "cryptography-43.0.0-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:cb013933d4c127349b3948aa8aaf2f12c0353ad0eccd715ca789c8a0f671646f"}, + {file = "cryptography-43.0.0-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:fdcb265de28585de5b859ae13e3846a8e805268a823a12a4da2597f1f5afc9f0"}, + {file = "cryptography-43.0.0-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:2905ccf93a8a2a416f3ec01b1a7911c3fe4073ef35640e7ee5296754e30b762b"}, + {file = "cryptography-43.0.0-cp39-abi3-win32.whl", hash = "sha256:47ca71115e545954e6c1d207dd13461ab81f4eccfcb1345eac874828b5e3eaaf"}, + {file = "cryptography-43.0.0-cp39-abi3-win_amd64.whl", hash = "sha256:0663585d02f76929792470451a5ba64424acc3cd5227b03921dab0e2f27b1709"}, + {file = "cryptography-43.0.0-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:2c6d112bf61c5ef44042c253e4859b3cbbb50df2f78fa8fae6747a7814484a70"}, + {file = "cryptography-43.0.0-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:844b6d608374e7d08f4f6e6f9f7b951f9256db41421917dfb2d003dde4cd6b66"}, + {file = "cryptography-43.0.0-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:51956cf8730665e2bdf8ddb8da0056f699c1a5715648c1b0144670c1ba00b48f"}, + {file = "cryptography-43.0.0-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:aae4d918f6b180a8ab8bf6511a419473d107df4dbb4225c7b48c5c9602c38c7f"}, + {file = "cryptography-43.0.0-pp39-pypy39_pp73-macosx_10_9_x86_64.whl", hash = "sha256:232ce02943a579095a339ac4b390fbbe97f5b5d5d107f8a08260ea2768be8cc2"}, + {file = "cryptography-43.0.0-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:5bcb8a5620008a8034d39bce21dc3e23735dfdb6a33a06974739bfa04f853947"}, + {file = "cryptography-43.0.0-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:08a24a7070b2b6804c1940ff0f910ff728932a9d0e80e7814234269f9d46d069"}, + {file = "cryptography-43.0.0-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:e9c5266c432a1e23738d178e51c2c7a5e2ddf790f248be939448c0ba2021f9d1"}, + {file = "cryptography-43.0.0.tar.gz", hash = "sha256:b88075ada2d51aa9f18283532c9f60e72170041bba88d7f37e49cbb10275299e"}, +] + +[package.dependencies] +cffi = {version = ">=1.12", markers = "platform_python_implementation != \"PyPy\""} + +[package.extras] +docs = ["sphinx (>=5.3.0)", "sphinx-rtd-theme (>=1.1.1)"] +docstest = ["pyenchant (>=1.6.11)", "readme-renderer", "sphinxcontrib-spelling (>=4.0.1)"] +nox = ["nox"] +pep8test = ["check-sdist", "click", "mypy", "ruff"] +sdist = ["build"] +ssh = ["bcrypt (>=3.1.5)"] +test = ["certifi", "cryptography-vectors (==43.0.0)", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"] +test-randomorder = ["pytest-randomly"] + [[package]] name = "debugpy" version = "1.8.2" @@ -2342,4 +2431,4 @@ files = [ [metadata] lock-version = "2.0" python-versions = "^3.12" -content-hash = "0d6489d261e19e3bffaafb61a05fdc436dae4801beefcaf640e9abc4b7bad8fd" +content-hash = "f55c38562e6c2289c61f522e174db9c3e531fb9a2a4f8c7317fd976b339c5e5a" diff --git a/py-kivy/pos_system/models.py b/py-kivy/pos_system/models.py index c2e00b5..d44eff9 100644 --- a/py-kivy/pos_system/models.py +++ b/py-kivy/pos_system/models.py @@ -34,7 +34,7 @@ class OrderItem(BaseModel): item_id: str quantity: int price_at_order: float - + @field_validator("item_id") def validate_id(cls, v): if isinstance(v, ObjectId): @@ -54,27 +54,6 @@ class Order(MongoBaseModel): discount_applied: Optional[float] = None notes: Optional[str] = None - # @field_validator("user_id") - # def validate_user_id(cls, v): - # return validate_object_id(v) - - # @validator("order_status") - # def valid_order_status(cls, v): - # allowed_statuses = ["created", "processing", - # "shipped", "delivered", "cancelled"] - # if v not in allowed_statuses: - # raise ValueError(f"Invalid order status. Must be one of: { - # ', '.join(allowed_statuses)}") - # return v - - # @validator("payment_status") - # def valid_payment_status(cls, v): - # allowed_statuses = ["pending", "paid", "refunded", "failed"] - # if v not in allowed_statuses: - # raise ValueError(f"Invalid payment status. Must be one of: { - # ', '.join(allowed_statuses)}") - # return v - class UserBase(BaseModel): username: str diff --git a/py-kivy/pos_system/routers/users.py b/py-kivy/pos_system/routers/users.py index d5b2123..7a60a82 100644 --- a/py-kivy/pos_system/routers/users.py +++ b/py-kivy/pos_system/routers/users.py @@ -1,8 +1,8 @@ from fastapi import APIRouter, HTTPException, Depends, status from fastapi.security import OAuth2PasswordRequestForm -from ..models import User, UserInDB +from ..models import User, UserCreate, UserInDB from ..database import get_db -from ..auth import get_password_hash, verify_password, create_access_token, oauth2_scheme +from ..auth import get_password_hash, verify_password, create_access_token, oauth2_scheme, create_user from bson import ObjectId from typing import List @@ -12,6 +12,19 @@ router = APIRouter( ) +@router.post("/register", response_model=User) +async def register_user(user: UserCreate): + db = get_db() + existing_user = db.users.find_one({"username": user.username}) + if existing_user: + raise HTTPException(status_code=400, detail="Username already registered") + hashed_password = get_password_hash(user.password) + user_in_db = UserInDB( + **user.model_dump(exclude={"password"}), hashed_password=hashed_password) + created_user = create_user(db, user_in_db) + return User(**created_user.model_dump(exclude={"hashed_password"})) + + def get_user(username: str): db = get_db() user_dict = db.users.find_one({"username": username}) @@ -34,21 +47,6 @@ async def get_current_user(token: str = Depends(oauth2_scheme)): return user -@router.post("/register", response_model=User) -async def create_user(user: UserInDB): - db = get_db() - existing_user = db.users.find_one({"username": user.username}) - if existing_user: - raise HTTPException(status_code=400, detail="Username already registered") - hashed_password = get_password_hash(user.password) - user_dict = user.dict() - user_dict["hashed_password"] = hashed_password - del user_dict["password"] - result = db.users.insert_one(user_dict) - created_user = db.users.find_one({"_id": result.inserted_id}) - return User(**created_user) - - @router.post("/token") async def login(form_data: OAuth2PasswordRequestForm = Depends()): user = get_user(form_data.username) diff --git a/py-kivy/pyproject.toml b/py-kivy/pyproject.toml index 2039b63..0ed227b 100644 --- a/py-kivy/pyproject.toml +++ b/py-kivy/pyproject.toml @@ -18,6 +18,8 @@ passlib = "^1.7.4" pydantic = "^2.8.2" pytest-xdist = "^3.6.1" +cryptography = "^43.0.0" +bcrypt = "^4.1.3" [tool.poetry.group.dev.dependencies] ipykernel = "^6.29.5" diff --git a/py-kivy/tests/test_orders.py b/py-kivy/tests/test_orders.py index db1866c..e89f3f8 100644 --- a/py-kivy/tests/test_orders.py +++ b/py-kivy/tests/test_orders.py @@ -15,6 +15,7 @@ def clear_db(): db = get_db() db.orders.delete_many({}) db.items.delete_many({}) + db.users.delete_many({}) @pytest.fixture(autouse=True) @@ -24,41 +25,73 @@ def run_around_tests(): clear_db() -def create_test_item(): +def create_test_user(): + user_data = { + "username": "testuser", + "email": "testuser@example.com", + "password": "testpassword", + "full_name": "Test User", + "is_active": True, + "is_superuser": False + } + response = client.post("/users/register", json=user_data) + assert response.status_code == 200, f"Failed to create user: {response.text}" + return response.json() + + +def login_test_user(): + login_data = { + "username": "testuser", + "password": "testpassword" + } + response = client.post("/token", data=login_data) + assert response.status_code == 200 + return response.json()["access_token"] + + +def create_test_item(token): + headers = {"Authorization": f"Bearer {token}"} response = client.post( "/items/", + headers=headers, json={"name": "Test Item", "price": 10.99, "quantity": 100, "unit": "piece"} ) + assert response.status_code == 200 return response.json()["_id"] -def test_create_order(): +@pytest.fixture +def auth_headers(): + create_test_user() + token = login_test_user() + return {"Authorization": f"Bearer {token}"} + + +def test_create_order(auth_headers): logger.info("Testing create order") - item_id = create_test_item() + item_id = create_test_item(auth_headers["Authorization"].split()[1]) order_data = { - "user_id": str(ObjectId()), "items": [{"item_id": item_id, "quantity": 2}], "total_amount": 21.98, "payment_method": "credit_card" } - response = client.post("/orders/", json=order_data) + response = client.post("/orders/", json=order_data, headers=auth_headers) assert response.status_code == 200 assert "_id" in response.json() logger.info(f"Created order with ID: {response.json()['_id']}") -def test_read_orders(): +def test_read_orders(auth_headers): logger.info("Testing read orders") - item_id = create_test_item() + item_id = create_test_item(auth_headers["Authorization"].split()[1]) order_data = { - "user_id": str(ObjectId()), "items": [{"item_id": item_id, "quantity": 2}], "total_amount": 21.98, "payment_method": "credit_card" } - client.post("/orders/", json=order_data) - response = client.get("/orders/") + client.post("/orders/", json=order_data, headers=auth_headers) + response = client.get("/orders/", headers=auth_headers) assert response.status_code == 200 orders = response.json() assert len(orders) == 1 @@ -66,61 +99,62 @@ def test_read_orders(): logger.info(f"Retrieved {len(orders)} orders") -def test_read_order(): +def test_read_order(auth_headers): logger.info("Testing read single order") - item_id = create_test_item() + item_id = create_test_item(auth_headers["Authorization"].split()[1]) order_data = { - "user_id": str(ObjectId()), "items": [{"item_id": item_id, "quantity": 2}], "total_amount": 21.98, "payment_method": "credit_card" } - create_response = client.post("/orders/", json=order_data) + create_response = client.post( + "/orders/", json=order_data, headers=auth_headers) order_id = create_response.json()["_id"] - response = client.get(f"/orders/{order_id}") + response = client.get(f"/orders/{order_id}", headers=auth_headers) assert response.status_code == 200 assert response.json()["total_amount"] == 21.98 logger.info(f"Retrieved order with ID: {order_id}") -def test_update_order(): +def test_update_order(auth_headers): logger.info("Testing update order") - item_id = create_test_item() + item_id = create_test_item(auth_headers["Authorization"].split()[1]) order_data = { - "user_id": str(ObjectId()), "items": [{"item_id": item_id, "quantity": 2}], "total_amount": 21.98, "payment_method": "credit_card" } - create_response = client.post("/orders/", json=order_data) + create_response = client.post( + "/orders/", json=order_data, headers=auth_headers) order_id = create_response.json()["_id"] update_data = { "items": [{"item_id": item_id, "quantity": 3}], "total_amount": 32.97, "payment_method": "cash" } - response = client.put(f"/orders/{order_id}", json=update_data) + response = client.put(f"/orders/{order_id}", + json=update_data, headers=auth_headers) assert response.status_code == 200 assert response.json()["total_amount"] == 32.97 assert response.json()["payment_method"] == "cash" logger.info(f"Updated order with ID: {order_id}") -def test_delete_order(): +def test_delete_order(auth_headers): logger.info("Testing delete order") - item_id = create_test_item() + item_id = create_test_item(auth_headers["Authorization"].split()[1]) order_data = { - "user_id": str(ObjectId()), "items": [{"item_id": item_id, "quantity": 2}], "total_amount": 21.98, "payment_method": "credit_card" } - create_response = client.post("/orders/", json=order_data) + create_response = client.post( + "/orders/", json=order_data, headers=auth_headers) order_id = create_response.json()["_id"] - response = client.delete(f"/orders/{order_id}") + response = client.delete(f"/orders/{order_id}", headers=auth_headers) assert response.status_code == 200 assert response.json()["message"] == "Order deleted successfully" - get_response = client.get(f"/orders/{order_id}") + get_response = client.get(f"/orders/{order_id}", headers=auth_headers) assert get_response.status_code == 404 logger.info(f"Deleted order with ID: {order_id}") @@ -128,7 +162,6 @@ def test_delete_order(): @given( st.lists( st.fixed_dictionaries({ - "item_id": st.text(min_size=24, max_size=24), "quantity": st.integers(min_value=1, max_value=10) }), min_size=1, @@ -139,22 +172,24 @@ def test_delete_order(): st.sampled_from(["credit_card", "cash", "paypal"]) ) @settings(max_examples=50) -def test_create_order_property(items, total_amount, payment_method): +def test_create_order_property(auth_headers, items, total_amount, payment_method): clear_db() - item_id = create_test_item() + create_test_user() + token = login_test_user() + auth_headers = {"Authorization": f"Bearer {token}"} + item_id = create_test_item(token) for item in items: item["item_id"] = item_id # Use the same item_id for all items order_data = { - "user_id": str(ObjectId()), "items": items, "total_amount": total_amount, "payment_method": payment_method } - response = client.post("/orders/", json=order_data) + response = client.post("/orders/", json=order_data, headers=auth_headers) assert response.status_code == 200 assert "_id" in response.json() order_id = response.json()["_id"] - get_response = client.get(f"/orders/{order_id}") + get_response = client.get(f"/orders/{order_id}", headers=auth_headers) assert get_response.status_code == 200 retrieved_order = get_response.json() assert retrieved_order["total_amount"] == total_amount @@ -165,7 +200,6 @@ def test_create_order_property(items, total_amount, payment_method): @given( st.lists( st.fixed_dictionaries({ - "user_id": st.text(min_size=24, max_size=24), "total_amount": st.floats(min_value=0.01, max_value=1000, allow_nan=False, allow_infinity=False), "payment_method": st.sampled_from(["credit_card", "cash", "paypal"]) }), @@ -174,23 +208,24 @@ def test_create_order_property(items, total_amount, payment_method): ) ) @settings(max_examples=20) -def test_read_orders_property(orders): +def test_read_orders_property(auth_headers, orders): clear_db() - item_id = create_test_item() + create_test_user() + token = login_test_user() + auth_headers = {"Authorization": f"Bearer {token}"} + item_id = create_test_item(token) for order in orders: order_data = { - "user_id": order["user_id"], "items": [{"item_id": item_id, "quantity": 1}], "total_amount": order["total_amount"], "payment_method": order["payment_method"] } - client.post("/orders/", json=order_data) - response = client.get("/orders/") + client.post("/orders/", json=order_data, headers=auth_headers) + response = client.get("/orders/", headers=auth_headers) assert response.status_code == 200 retrieved_orders = response.json() assert len(retrieved_orders) == len(orders) for retrieved_order in retrieved_orders: - assert "user_id" in retrieved_order assert "total_amount" in retrieved_order assert "payment_method" in retrieved_order