AHMET YILMAZ
b3fff546e9
Some checks failed
System Monitoring / Health Checks (push) Has been cancelled
System Monitoring / Performance Monitoring (push) Has been cancelled
System Monitoring / Database Monitoring (push) Has been cancelled
System Monitoring / Cache Monitoring (push) Has been cancelled
System Monitoring / Log Monitoring (push) Has been cancelled
System Monitoring / Resource Monitoring (push) Has been cancelled
System Monitoring / Uptime Monitoring (push) Has been cancelled
System Monitoring / Backup Monitoring (push) Has been cancelled
System Monitoring / Security Monitoring (push) Has been cancelled
System Monitoring / Monitoring Dashboard (push) Has been cancelled
System Monitoring / Alerting (push) Has been cancelled
Security Scanning / Dependency Scanning (push) Has been cancelled
Security Scanning / Code Security Scanning (push) Has been cancelled
Security Scanning / Secrets Scanning (push) Has been cancelled
Security Scanning / Container Security Scanning (push) Has been cancelled
Security Scanning / Compliance Checking (push) Has been cancelled
Security Scanning / Security Dashboard (push) Has been cancelled
Security Scanning / Security Remediation (push) Has been cancelled
182 lines
6.1 KiB
Python
182 lines
6.1 KiB
Python
"""
|
|
Contract test for POST /tenants endpoint.
|
|
This test MUST fail before implementation.
|
|
"""
|
|
|
|
import pytest
|
|
from django.test import TestCase
|
|
from django.urls import reverse
|
|
from rest_framework.test import APIClient
|
|
from rest_framework import status
|
|
import json
|
|
|
|
|
|
class TenantsPostContractTest(TestCase):
|
|
def setUp(self):
|
|
self.client = APIClient()
|
|
self.tenants_url = '/api/v1/tenants/'
|
|
|
|
# Admin authentication header
|
|
self.admin_auth = {'HTTP_AUTHORIZATION': 'Bearer admin_token'}
|
|
|
|
# Valid tenant data
|
|
self.tenant_data = {
|
|
'name': 'Test Business Sdn Bhd',
|
|
'email': 'business@test.com',
|
|
'phone': '+60123456789',
|
|
'address': {
|
|
'street': '123 Business Street',
|
|
'city': 'Kuala Lumpur',
|
|
'state': 'Wilayah Persekutuan',
|
|
'postal_code': '50000',
|
|
'country': 'Malaysia'
|
|
},
|
|
'business_type': 'RETAIL',
|
|
'subscription_plan': 'STARTER',
|
|
'pricing_model': 'SUBSCRIPTION'
|
|
}
|
|
|
|
def test_create_tenant_success(self):
|
|
"""Test successful tenant creation."""
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(self.tenant_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
# This should fail before implementation
|
|
assert response.status_code == status.HTTP_201_CREATED
|
|
|
|
data = response.json()
|
|
assert 'id' in data
|
|
assert data['name'] == self.tenant_data['name']
|
|
assert data['email'] == self.tenant_data['email']
|
|
assert data['business_type'] == self.tenant_data['business_type']
|
|
assert data['subscription_plan'] == self.tenant_data['subscription_plan']
|
|
assert data['pricing_model'] == self.tenant_data['pricing_model']
|
|
assert data['status'] == 'PENDING' # Default status
|
|
|
|
# Should have generated slug
|
|
assert 'slug' in data
|
|
assert data['slug'] == 'test-business-sdn-bhd'
|
|
|
|
# Should have timestamps
|
|
assert 'created_at' in data
|
|
assert 'updated_at' in data
|
|
|
|
def test_create_tenant_unauthorized(self):
|
|
"""Test tenant creation without authentication."""
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(self.tenant_data),
|
|
content_type='application/json'
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_401_UNAUTHORIZED
|
|
|
|
def test_create_tenant_forbidden(self):
|
|
"""Test tenant creation by non-admin user."""
|
|
non_admin_auth = {'HTTP_AUTHORIZATION': 'Bearer user_token'}
|
|
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(self.tenant_data),
|
|
content_type='application/json',
|
|
**non_admin_auth
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_403_FORBIDDEN
|
|
|
|
def test_create_tenant_missing_required_fields(self):
|
|
"""Test tenant creation with missing required fields."""
|
|
incomplete_data = self.tenant_data.copy()
|
|
del incomplete_data['name']
|
|
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(incomplete_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
|
|
|
data = response.json()
|
|
assert 'name' in data.get('errors', {})
|
|
|
|
def test_create_tenant_invalid_email(self):
|
|
"""Test tenant creation with invalid email format."""
|
|
invalid_data = self.tenant_data.copy()
|
|
invalid_data['email'] = 'invalid-email'
|
|
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(invalid_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
|
|
|
def test_create_tenant_invalid_business_type(self):
|
|
"""Test tenant creation with invalid business type."""
|
|
invalid_data = self.tenant_data.copy()
|
|
invalid_data['business_type'] = 'INVALID_TYPE'
|
|
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(invalid_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
|
|
|
def test_create_tenant_duplicate_email(self):
|
|
"""Test tenant creation with duplicate email."""
|
|
# First request should succeed (if implemented)
|
|
first_response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(self.tenant_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
if first_response.status_code == status.HTTP_201_CREATED:
|
|
# Second request with same email should fail
|
|
second_response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(self.tenant_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
assert second_response.status_code == status.HTTP_400_BAD_REQUEST
|
|
|
|
def test_create_tenant_invalid_address(self):
|
|
"""Test tenant creation with invalid address format."""
|
|
invalid_data = self.tenant_data.copy()
|
|
invalid_data['address'] = 'invalid address format'
|
|
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(invalid_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_400_BAD_REQUEST
|
|
|
|
def test_create_tenant_malformed_address(self):
|
|
"""Test tenant creation with malformed address JSON."""
|
|
invalid_data = self.tenant_data.copy()
|
|
invalid_data['address'] = {'street': '123 Street'} # Missing required fields
|
|
|
|
response = self.client.post(
|
|
self.tenants_url,
|
|
data=json.dumps(invalid_data),
|
|
content_type='application/json',
|
|
**self.admin_auth
|
|
)
|
|
|
|
assert response.status_code == status.HTTP_400_BAD_REQUEST |