mirror of
https://github.com/Rarebuffalo/securelens-backend.git
synced 2026-06-19 07:00:30 +00:00
91 lines
2.9 KiB
Python
91 lines
2.9 KiB
Python
import pytest
|
|
from sqlalchemy.ext.asyncio import AsyncSession
|
|
|
|
from app.models.scan import ScanResult
|
|
|
|
|
|
async def _create_scan(user_id: str) -> None:
|
|
from tests.conftest import TestSessionLocal
|
|
async with TestSessionLocal() as session:
|
|
scan = ScanResult(
|
|
user_id=user_id,
|
|
url="https://example.com",
|
|
security_score=85,
|
|
layers={"Transport Layer": {"issues": 1, "status": "yellow"}},
|
|
issues=[{"issue": "Missing HSTS", "severity": "Warning", "layer": "Transport Layer", "fix": "Add HSTS"}],
|
|
)
|
|
session.add(scan)
|
|
await session.commit()
|
|
await session.refresh(scan)
|
|
return scan
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_list_scans_empty(async_client, test_user, auth_headers):
|
|
response = await async_client.get("/scans", headers=auth_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert data["scans"] == []
|
|
assert data["total"] == 0
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_list_scans_with_results(async_client, test_user, auth_headers):
|
|
scan = await _create_scan(test_user.id)
|
|
|
|
response = await async_client.get("/scans", headers=auth_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert data["total"] == 1
|
|
assert len(data["scans"]) == 1
|
|
assert data["scans"][0]["url"] == "https://example.com"
|
|
assert data["scans"][0]["security_score"] == 85
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_list_scans_pagination(async_client, test_user, auth_headers):
|
|
for _ in range(5):
|
|
await _create_scan(test_user.id)
|
|
|
|
response = await async_client.get("/scans?page=1&per_page=2", headers=auth_headers)
|
|
data = response.json()
|
|
assert data["total"] == 5
|
|
assert len(data["scans"]) == 2
|
|
assert data["page"] == 1
|
|
assert data["per_page"] == 2
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_get_scan_by_id(async_client, test_user, auth_headers):
|
|
scan = await _create_scan(test_user.id)
|
|
|
|
response = await async_client.get(f"/scans/{scan.id}", headers=auth_headers)
|
|
assert response.status_code == 200
|
|
data = response.json()
|
|
assert data["url"] == "https://example.com"
|
|
assert data["security_score"] == 85
|
|
assert len(data["issues"]) == 1
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_get_scan_not_found(async_client, test_user, auth_headers):
|
|
response = await async_client.get("/scans/nonexistent", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_delete_scan(async_client, test_user, auth_headers):
|
|
scan = await _create_scan(test_user.id)
|
|
|
|
response = await async_client.delete(f"/scans/{scan.id}", headers=auth_headers)
|
|
assert response.status_code == 204
|
|
|
|
response = await async_client.get(f"/scans/{scan.id}", headers=auth_headers)
|
|
assert response.status_code == 404
|
|
|
|
|
|
@pytest.mark.asyncio
|
|
async def test_list_scans_unauthorized(async_client):
|
|
response = await async_client.get("/scans")
|
|
assert response.status_code == 401
|