fix: resolve schemathesis and live test failures

- Add 403 response to all RBAC-gated endpoints (schemathesis UndefinedStatusCode) - Add 400 response to all endpoints accepting JSON bodies (malformed input) - Add required 'title' field to schemathesis.toml for schemathesis 4.15+ - Add xdist_group markers to live tests with module-scoped fixtures to prevent xdist from distributing them across workers (fixture isolation)
2026-04-16 01:39:04 -04:00
parent 29578d9d99
commit 89099b903d
16 changed files with 26 additions and 5 deletions
--- a/decnet/web/router/config/api_manage_users.py
+++ b/decnet/web/router/config/api_manage_users.py
@@ -19,6 +19,7 @@ router = APIRouter()
    "/config/users",
    tags=["Configuration"],
    responses={
+        400: {"description": "Bad Request (e.g. malformed JSON)"},
        401: {"description": "Could not validate credentials"},
        403: {"description": "Admin access required"},
        409: {"description": "Username already exists"},
@@ -77,6 +78,7 @@ async def api_delete_user(
    "/config/users/{user_uuid}/role",
    tags=["Configuration"],
    responses={
+        400: {"description": "Bad Request (e.g. malformed JSON)"},
        401: {"description": "Could not validate credentials"},
        403: {"description": "Admin access required / cannot change own role"},
        404: {"description": "User not found"},
@@ -104,6 +106,7 @@ async def api_update_user_role(
    "/config/users/{user_uuid}/reset-password",
    tags=["Configuration"],
    responses={
+        400: {"description": "Bad Request (e.g. malformed JSON)"},
        401: {"description": "Could not validate credentials"},
        403: {"description": "Admin access required"},
        404: {"description": "User not found"},