Spaces:
Running
Running
File size: 6,325 Bytes
6f3ae3d | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 | # System Users API Test Scripts
## Overview
This directory contains comprehensive test scripts for the System Users API, aligned with the updated API specification where system users are created ONLY via Employee or Merchant flows.
## Files Created
### 1. `test_system_users_api.py`
**Purpose**: Automated Python test script that tests all system users endpoints
**Features**:
- Tests all list operations (with/without projection, with filters)
- Tests individual user operations (get, suspend, unlock, reset, deactivate)
- Tests role lookup endpoint
- Tests internal endpoints (from-employee, from-merchant)
- Validates projection list functionality
- Validates merchant isolation
- Provides detailed output with success/error indicators
**Usage**:
```bash
python3 test_system_users_api.py
```
### 2. `test_system_users_api.sh`
**Purpose**: Shell script wrapper for easy test execution
**Features**:
- Checks if server is running
- Runs the Python test script
- Provides clear output
**Usage**:
```bash
chmod +x test_system_users_api.sh
./test_system_users_api.sh
```
### 3. `SYSTEM_USERS_API_TESTING.md`
**Purpose**: Comprehensive testing guide and documentation
**Contents**:
- Prerequisites and setup instructions
- Manual testing with cURL commands
- Test scenarios and validation checklist
- Performance benchmarks
- Error cases to test
- Troubleshooting guide
## Quick Start
### Step 1: Start the Server
```bash
cd cuatrolabs-auth-ms
./start_server.sh
```
Wait for the server to start (you should see "Application startup complete")
### Step 2: Run the Tests
```bash
# Option 1: Use the shell script
./test_system_users_api.sh
# Option 2: Run Python script directly
python3 test_system_users_api.py
```
### Step 3: Review Results
The test script will output:
- β
Success indicators for passing tests
- β Error indicators for failing tests
- Detailed response data for each endpoint
- Summary of test execution
## API Endpoints Tested
### Public Endpoints (Require JWT Auth)
1. **POST /system-users** - List users with optional projection
2. **GET /system-users/{system_user_id}** - Get user details
3. **PUT /system-users/{system_user_id}/suspend** - Suspend user
4. **PUT /system-users/{system_user_id}/unlock** - Unlock user
5. **PUT /system-users/{system_user_id}/reset-password** - Reset password
6. **GET /system-users/{system_user_id}/login-attempts** - View login logs
7. **DELETE /system-users/{system_user_id}** - Deactivate user
8. **GET /roles** - Get roles by scope
### Internal Endpoints (Require Service Auth)
1. **POST /internal/system-users/from-employee** - Create from employee
2. **POST /internal/system-users/from-merchant** - Create merchant admin
## Key Features Tested
### Projection List Support
- β
List without projection returns full objects
- β
List with projection returns only specified fields
- β
Projection excludes _id field
- β
Projection returns raw dicts instead of models
- β
MongoDB projection used for performance
### Security & Authorization
- β
JWT authentication required
- β
Merchant isolation enforced
- β
Admin operations require admin role
- β
Cross-merchant access prevented
### User Lifecycle
- β
Users created only via Employee/Merchant flows
- β
Suspend/unlock functionality
- β
Password reset
- β
Soft delete (deactivation)
- β
Login attempt tracking
## Test Configuration
### Default Credentials
- **Email**: superadmin@cuatrolabs.com
- **Password**: Admin@123
### Server Configuration
- **Base URL**: http://localhost:8002
- **Auth Endpoint**: /auth/login
- **System Users Endpoint**: /system-users
## Expected Results
### Successful Test Run
```
================================================================================
SYSTEM USERS API TEST SUITE
================================================================================
Base URL: http://localhost:8002
Testing as: superadmin@cuatrolabs.com
================================================================================
AUTHENTICATION
================================================================================
π§ͺ Login as Admin
β
Logged in successfully
Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
================================================================================
LIST ENDPOINTS
================================================================================
π§ͺ List Users (without projection)
Status: 200
β
Retrieved 5 users
Sample user keys: ['user_id', 'username', 'email', 'status', ...]
π§ͺ List Users (with projection)
Status: 200
β
Retrieved 5 users with projection
Projected fields: ['user_id', 'username', 'email', 'status']
β
_id field correctly excluded
... (more tests)
================================================================================
TEST SUITE COMPLETED
================================================================================
β
All tests executed
```
## Troubleshooting
### Server Not Running
```bash
# Check if server is running
curl http://localhost:8002/health
# If not, start it
cd cuatrolabs-auth-ms
./start_server.sh
```
### Authentication Failures
```bash
# Create initial users if needed
python3 create_initial_users.py
```
### Module Not Found Errors
```bash
# Install dependencies
cd cuatrolabs-auth-ms
source venv/bin/activate
pip install -r requirements.txt
```
### Database Connection Issues
```bash
# Check database status
curl http://localhost:8002/debug/db-status
```
## Notes
- **Admin operations are skipped by default** to avoid modifying data
- Uncomment the admin operation tests in the script to test them
- Internal endpoints may return 401/403 without proper service authentication
- The test script is safe to run multiple times
## Next Steps
1. Run the test script to validate current implementation
2. Review any failing tests
3. Implement missing endpoints or fix issues
4. Update the spec if requirements change
5. Re-run tests to verify fixes
## Related Documentation
- **Spec**: `.kiro/specs/system-users-management/`
- `requirements.md` - API requirements
- `design.md` - API design and architecture
- `tasks.md` - Implementation tasks
- **API Standards**: `cuatrolabs-scm-ms/API_STANDARDS.md`
- **Projection Guide**: `cuatrolabs-scm-ms/PROJECTION_LIST_IMPLEMENTATION.md`
|