project initialization
Some checks failed
System Monitoring / Health Checks (push) Has been cancelled
System Monitoring / Performance Monitoring (push) Has been cancelled
System Monitoring / Database Monitoring (push) Has been cancelled
System Monitoring / Cache Monitoring (push) Has been cancelled
System Monitoring / Log Monitoring (push) Has been cancelled
System Monitoring / Resource Monitoring (push) Has been cancelled
System Monitoring / Uptime Monitoring (push) Has been cancelled
System Monitoring / Backup Monitoring (push) Has been cancelled
System Monitoring / Security Monitoring (push) Has been cancelled
System Monitoring / Monitoring Dashboard (push) Has been cancelled
System Monitoring / Alerting (push) Has been cancelled
Security Scanning / Dependency Scanning (push) Has been cancelled
Security Scanning / Code Security Scanning (push) Has been cancelled
Security Scanning / Secrets Scanning (push) Has been cancelled
Security Scanning / Container Security Scanning (push) Has been cancelled
Security Scanning / Compliance Checking (push) Has been cancelled
Security Scanning / Security Dashboard (push) Has been cancelled
Security Scanning / Security Remediation (push) Has been cancelled
Some checks failed
System Monitoring / Health Checks (push) Has been cancelled
System Monitoring / Performance Monitoring (push) Has been cancelled
System Monitoring / Database Monitoring (push) Has been cancelled
System Monitoring / Cache Monitoring (push) Has been cancelled
System Monitoring / Log Monitoring (push) Has been cancelled
System Monitoring / Resource Monitoring (push) Has been cancelled
System Monitoring / Uptime Monitoring (push) Has been cancelled
System Monitoring / Backup Monitoring (push) Has been cancelled
System Monitoring / Security Monitoring (push) Has been cancelled
System Monitoring / Monitoring Dashboard (push) Has been cancelled
System Monitoring / Alerting (push) Has been cancelled
Security Scanning / Dependency Scanning (push) Has been cancelled
Security Scanning / Code Security Scanning (push) Has been cancelled
Security Scanning / Secrets Scanning (push) Has been cancelled
Security Scanning / Container Security Scanning (push) Has been cancelled
Security Scanning / Compliance Checking (push) Has been cancelled
Security Scanning / Security Dashboard (push) Has been cancelled
Security Scanning / Security Remediation (push) Has been cancelled
This commit is contained in:
182
backend/tests/contract/test_tenants_post.py
Normal file
182
backend/tests/contract/test_tenants_post.py
Normal file
@@ -0,0 +1,182 @@
|
||||
"""
|
||||
Contract test for POST /tenants endpoint.
|
||||
This test MUST fail before implementation.
|
||||
"""
|
||||
|
||||
import pytest
|
||||
from django.test import TestCase
|
||||
from django.urls import reverse
|
||||
from rest_framework.test import APIClient
|
||||
from rest_framework import status
|
||||
import json
|
||||
|
||||
|
||||
class TenantsPostContractTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = APIClient()
|
||||
self.tenants_url = '/api/v1/tenants/'
|
||||
|
||||
# Admin authentication header
|
||||
self.admin_auth = {'HTTP_AUTHORIZATION': 'Bearer admin_token'}
|
||||
|
||||
# Valid tenant data
|
||||
self.tenant_data = {
|
||||
'name': 'Test Business Sdn Bhd',
|
||||
'email': 'business@test.com',
|
||||
'phone': '+60123456789',
|
||||
'address': {
|
||||
'street': '123 Business Street',
|
||||
'city': 'Kuala Lumpur',
|
||||
'state': 'Wilayah Persekutuan',
|
||||
'postal_code': '50000',
|
||||
'country': 'Malaysia'
|
||||
},
|
||||
'business_type': 'RETAIL',
|
||||
'subscription_plan': 'STARTER',
|
||||
'pricing_model': 'SUBSCRIPTION'
|
||||
}
|
||||
|
||||
def test_create_tenant_success(self):
|
||||
"""Test successful tenant creation."""
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(self.tenant_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
# This should fail before implementation
|
||||
assert response.status_code == status.HTTP_201_CREATED
|
||||
|
||||
data = response.json()
|
||||
assert 'id' in data
|
||||
assert data['name'] == self.tenant_data['name']
|
||||
assert data['email'] == self.tenant_data['email']
|
||||
assert data['business_type'] == self.tenant_data['business_type']
|
||||
assert data['subscription_plan'] == self.tenant_data['subscription_plan']
|
||||
assert data['pricing_model'] == self.tenant_data['pricing_model']
|
||||
assert data['status'] == 'PENDING' # Default status
|
||||
|
||||
# Should have generated slug
|
||||
assert 'slug' in data
|
||||
assert data['slug'] == 'test-business-sdn-bhd'
|
||||
|
||||
# Should have timestamps
|
||||
assert 'created_at' in data
|
||||
assert 'updated_at' in data
|
||||
|
||||
def test_create_tenant_unauthorized(self):
|
||||
"""Test tenant creation without authentication."""
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(self.tenant_data),
|
||||
content_type='application/json'
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_401_UNAUTHORIZED
|
||||
|
||||
def test_create_tenant_forbidden(self):
|
||||
"""Test tenant creation by non-admin user."""
|
||||
non_admin_auth = {'HTTP_AUTHORIZATION': 'Bearer user_token'}
|
||||
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(self.tenant_data),
|
||||
content_type='application/json',
|
||||
**non_admin_auth
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_403_FORBIDDEN
|
||||
|
||||
def test_create_tenant_missing_required_fields(self):
|
||||
"""Test tenant creation with missing required fields."""
|
||||
incomplete_data = self.tenant_data.copy()
|
||||
del incomplete_data['name']
|
||||
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(incomplete_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
||||
|
||||
data = response.json()
|
||||
assert 'name' in data.get('errors', {})
|
||||
|
||||
def test_create_tenant_invalid_email(self):
|
||||
"""Test tenant creation with invalid email format."""
|
||||
invalid_data = self.tenant_data.copy()
|
||||
invalid_data['email'] = 'invalid-email'
|
||||
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(invalid_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
||||
|
||||
def test_create_tenant_invalid_business_type(self):
|
||||
"""Test tenant creation with invalid business type."""
|
||||
invalid_data = self.tenant_data.copy()
|
||||
invalid_data['business_type'] = 'INVALID_TYPE'
|
||||
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(invalid_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
||||
|
||||
def test_create_tenant_duplicate_email(self):
|
||||
"""Test tenant creation with duplicate email."""
|
||||
# First request should succeed (if implemented)
|
||||
first_response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(self.tenant_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
if first_response.status_code == status.HTTP_201_CREATED:
|
||||
# Second request with same email should fail
|
||||
second_response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(self.tenant_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
assert second_response.status_code == status.HTTP_400_BAD_REQUEST
|
||||
|
||||
def test_create_tenant_invalid_address(self):
|
||||
"""Test tenant creation with invalid address format."""
|
||||
invalid_data = self.tenant_data.copy()
|
||||
invalid_data['address'] = 'invalid address format'
|
||||
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(invalid_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
||||
|
||||
def test_create_tenant_malformed_address(self):
|
||||
"""Test tenant creation with malformed address JSON."""
|
||||
invalid_data = self.tenant_data.copy()
|
||||
invalid_data['address'] = {'street': '123 Street'} # Missing required fields
|
||||
|
||||
response = self.client.post(
|
||||
self.tenants_url,
|
||||
data=json.dumps(invalid_data),
|
||||
content_type='application/json',
|
||||
**self.admin_auth
|
||||
)
|
||||
|
||||
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
||||
Reference in New Issue
Block a user