Add tests to test_login and test_items

.env

@@ -42,4 +42,4 @@ SENTRY_DSN=
 
 # Configure these with your own Docker registry images
 DOCKER_IMAGE_BACKEND=backend
-DOCKER_IMAGE_FRONTEND=frontend
+DOCKER_IMAGE_FRONTEND=frontend

backend/app/tests/api/routes/test_items.py

@@ -4,6 +4,7 @@
 from sqlmodel import Session
 
 from app.core.config import settings
+from app.models import User
 from app.tests.utils.item import create_random_item
 
 
@@ -79,6 +80,22 @@ def test_read_items(
     assert len(content["data"]) >= 2
 
 
+def test_read_items_by_normal_user(
+    client: TestClient, normal_user_token_headers: dict[str, str], db: Session
+) -> None:
+    r = client.get(f"{settings.API_V1_STR}/users/me", headers=normal_user_token_headers)
+    user = User(**r.json())
+    create_random_item(db, user)
+    create_random_item(db, user)
+    response = client.get(
+        f"{settings.API_V1_STR}/items/",
+        headers=normal_user_token_headers,
+    )
+    assert response.status_code == 200
+    content = response.json()
+    assert len(content["data"]) >= 2
+
+
 def test_update_item(
     client: TestClient, superuser_token_headers: dict[str, str], db: Session
 ) -> None:

backend/app/tests/api/routes/test_login.py

@@ -5,7 +5,9 @@
 
 from app.core.config import settings
 from app.core.security import verify_password
-from app.models import User
+from app.crud import update_user
+from app.models import User, UserUpdate
+from app.tests.utils.user import create_user
 from app.utils import generate_password_reset_token
 
 
@@ -21,6 +23,20 @@ def test_get_access_token(client: TestClient) -> None:
     assert tokens["access_token"]
 
 
+def test_get_access_token_inactive_user(client: TestClient, db: Session) -> None:
+    password = "secretpassword"
+    user = create_user(db, password=password)
+    update_user(session=db, db_user=user, user_in=UserUpdate(is_active=False))
+
+    login_data = {
+        "username": user.email,
+        "password": password,
+    }
+    r = client.post(f"{settings.API_V1_STR}/login/access-token", data=login_data)
+    assert r.status_code == 400
+    assert r.json() == {"detail": "Inactive user"}
+
+
 def test_get_access_token_incorrect_password(client: TestClient) -> None:
     login_data = {
         "username": settings.FIRST_SUPERUSER,
@@ -88,6 +104,39 @@ def test_reset_password(
     assert verify_password(data["new_password"], user.hashed_password)
 
 
+def test_reset_password_no_such_user_email(
+    client: TestClient, superuser_token_headers: dict[str, str]
+) -> None:
+    token = generate_password_reset_token(email="[email protected]")
+    data = {"new_password": "changethis", "token": token}
+    r = client.post(
+        f"{settings.API_V1_STR}/reset-password/",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert r.status_code == 404
+    assert r.json() == {
+        "detail": "The user with this email does not exist in the system."
+    }
+
+
+def test_reset_password_inactive_user(
+    client: TestClient, superuser_token_headers: dict[str, str], db: Session
+) -> None:
+    email = "[email protected]"
+    user = create_user(db, email=email)
+    update_user(session=db, db_user=user, user_in=UserUpdate(is_active=False))
+    token = generate_password_reset_token(email=email)
+    data = {"new_password": "changethis", "token": token}
+    r = client.post(
+        f"{settings.API_V1_STR}/reset-password/",
+        headers=superuser_token_headers,
+        json=data,
+    )
+    assert r.status_code == 400
+    assert r.json() == {"detail": "Inactive user"}
+
+
 def test_reset_password_invalid_token(
     client: TestClient, superuser_token_headers: dict[str, str]
 ) -> None:

backend/app/tests/utils/item.py

@@ -1,13 +1,14 @@
 from sqlmodel import Session
 
 from app import crud
-from app.models import Item, ItemCreate
+from app.models import Item, ItemCreate, User
 from app.tests.utils.user import create_random_user
 from app.tests.utils.utils import random_lower_string
 
 
-def create_random_item(db: Session) -> Item:
-    user = create_random_user(db)
+def create_random_item(db: Session, user: User | None = None) -> Item:
+    if user is None:
+        user = create_random_user(db)
     owner_id = user.id
     assert owner_id is not None
     title = random_lower_string()

backend/app/tests/utils/user.py

@@ -19,6 +19,18 @@ def user_authentication_headers(
     return headers
 
 
+def create_user(
+    db: Session, *, email: str | None = None, password: str | None = None
+) -> User:
+    if email is None:
+        email = random_email()
+    if password is None:
+        password = random_lower_string()
+    user_in = UserCreate(email=email, password=password)
+    user = crud.create_user(session=db, user_create=user_in)
+    return user
+
+
 def create_random_user(db: Session) -> User:
     email = random_email()
     password = random_lower_string()