21 extend the test suite

main.py

@@ -255,7 +255,10 @@ async def read_organization(
     params: dict = Depends(common_authenticated_parameters)
 ):
     # Get the organization only if the user is a member of it
-    org: Organization = params["user"].organizations.get(org_id)
+    org = next(
+        (org for org in params["user"].organizations if org.id == org_id),
+        None
+    )
     if not org:
         raise organization.OrganizationNotFoundError()
 

tests/test_organization.py

@@ -0,0 +1,68 @@
+# test_organization.py
+
+from utils.models import Organization, Role
+from sqlmodel import select
+
+def test_create_organization_success(auth_client, session, test_user):
+    """Test successful organization creation"""
+    response = auth_client.post(
+        "/organizations/create",
+        data={"name": "New Test Organization"},
+        follow_redirects=False
+    )
+
+    # Check response
+    assert response.status_code == 303  # Redirect status code
+    assert "/organizations/" in response.headers["location"]
+
+    # Verify database state
+    org = session.exec(
+        select(Organization)
+        .where(Organization.name == "New Test Organization")
+    ).first()
+
+    assert org is not None
+    assert org.name == "New Test Organization"
+
+    # Verify default roles were created
+    roles = session.exec(
+        select(Role)
+        .where(Role.organization_id == org.id)
+    ).all()
+
+    assert len(roles) > 0
+    assert any(role.name == "Owner" for role in roles)
+
+    # Verify test_user was assigned as owner
+    owner_role = next(role for role in roles if role.name == "Owner")
+    assert test_user in owner_role.users
+
+def test_create_organization_empty_name(auth_client):
+    """Test organization creation with empty name"""
+    response = auth_client.post(
+        "/organizations/create",
+        data={"name": "   "}  # Empty or whitespace name
+    )
+
+    assert response.status_code == 400
+    assert "Organization name cannot be empty" in response.text
+
+def test_create_organization_duplicate_name(auth_client, test_organization):
+    """Test organization creation with duplicate name"""
+    response = auth_client.post(
+        "/organizations/create",
+        data={"name": test_organization.name}
+    )
+
+    assert response.status_code == 400
+    assert "Organization name already taken" in response.text
+
+def test_create_organization_unauthenticated(unauth_client):
+    """Test organization creation without authentication"""
+    response = unauth_client.post(
+        "/organizations/create",
+        data={"name": "Unauthorized Org"},
+        follow_redirects=False
+    )
+
+    assert response.status_code == 303  # Unauthorized

tests/test_role.py

@@ -0,0 +1,111 @@
+# test_role.py
+
+import pytest
+from utils.models import Role, Permission, ValidPermissions, User
+from sqlmodel import Session, select
+
+
+@pytest.fixture
+def admin_user(session: Session, test_user: User, test_organization):
+    """Create an admin user with CREATE_ROLE permission"""
+    admin_role: Role = Role(
+        name="Admin",
+        organization_id=test_organization.id
+    )
+
+    create_role_permission: Permission | None = session.exec(
+        select(Permission).where(Permission.name == ValidPermissions.CREATE_ROLE)
+    ).first()
+
+    if create_role_permission is None:
+        raise ValueError("Error during test setup: CREATE_ROLE permission not found")
+
+    admin_role.permissions.append(create_role_permission)
+    session.add(admin_role)
+
+    test_user.roles.append(admin_role)
+    session.commit()
+
+    return test_user
+
+
+def test_create_role_success(auth_client, admin_user, test_organization, session: Session):
+    """Test successful role creation"""
+    response = auth_client.post(
+        "/roles/create",
+        data={
+            "name": "Test Role",
+            "organization_id": test_organization.id,
+            "permissions": [ValidPermissions.EDIT_ROLE.value]
+        },
+        follow_redirects=False
+    )
+
+    assert response.status_code == 303
+
+    # Verify role was created in database
+    created_role = session.exec(
+        select(Role).where(
+            Role.name == "Test Role",
+            Role.organization_id == test_organization.id
+        )
+    ).first()
+
+    assert created_role is not None
+    assert created_role.name == "Test Role"
+    assert len(created_role.permissions) == 1
+    assert created_role.permissions[0].name == ValidPermissions.EDIT_ROLE
+
+
+def test_create_role_unauthorized(auth_client, test_user, test_organization):
+    """Test role creation without proper permissions"""
+    response = auth_client.post(
+        "/roles/create",
+        data={
+            "name": "Test Role",
+            "organization_id": test_organization.id,
+            "permissions": [ValidPermissions.EDIT_ROLE.value]
+        },
+        follow_redirects=False
+    )
+
+    assert response.status_code == 403
+
+
+def test_create_duplicate_role(auth_client, admin_user, test_organization, session: Session):
+    """Test creating a role with a name that already exists in the organization"""
+    # Create initial role
+    existing_role = Role(
+        name="Existing Role",
+        organization_id=test_organization.id
+    )
+    session.add(existing_role)
+    session.commit()
+
+    # Attempt to create role with same name
+    response = auth_client.post(
+        "/roles/create",
+        data={
+            "name": "Existing Role",
+            "organization_id": test_organization.id,
+            "permissions": [ValidPermissions.EDIT_ROLE.value]
+        },
+        follow_redirects=False
+    )
+
+    assert response.status_code == 400
+
+
+def test_create_role_unauthenticated(unauth_client, test_organization):
+    """Test role creation without authentication"""
+    response = unauth_client.post(
+        "/roles/create",
+        data={
+            "name": "Test Role",
+            "organization_id": test_organization.id,
+            "permissions": [ValidPermissions.EDIT_ROLE.value]
+        },
+        follow_redirects=False
+    )
+
+    assert response.status_code == 303