test: update existing test suites for refactored codebase

- test_api_attackers.py: update for BaseRepository interface - test_attacker_worker.py: full test suite for worker logic (formerly in module) - test_base_repo.py: repository interface conformance tests - test_cli.py: CLI enhancements (randomize-services, selective deployment) - test_service_isolation.py: isolation validation tests - api/conftest.py: fixture updates for RBAC-gated endpoints - live/test_service_isolation_live.py: live integration tests
2026-04-15 12:51:26 -04:00
parent 7d10b78d50
commit dd4e2aad91
7 changed files with 108 additions and 42 deletions
--- a/tests/api/conftest.py
+++ b/tests/api/conftest.py
@@ -23,6 +23,9 @@ from decnet.web.auth import get_password_hash
 from decnet.env import DECNET_ADMIN_USER, DECNET_ADMIN_PASSWORD
 import decnet.config

+VIEWER_USERNAME = "testviewer"
+VIEWER_PASSWORD = "viewer-pass-123"
+

@pytest.fixture(scope="function", autouse=True)
 async def setup_db(monkeypatch) -> AsyncGenerator[None, None]:
@@ -76,6 +79,30 @@ async def auth_token(client: httpx.AsyncClient) -> str:
    resp2 = await client.post("/api/v1/auth/login", json={"username": DECNET_ADMIN_USER, "password": DECNET_ADMIN_PASSWORD})
    return resp2.json()["access_token"]

+@pytest.fixture
+async def viewer_token(client, setup_db):
+    """Seed a viewer user and return their auth token."""
+    async with repo.session_factory() as session:
+        result = await session.execute(
+            select(User).where(User.username == VIEWER_USERNAME)
+        )
+        if not result.scalar_one_or_none():
+            session.add(User(
+                uuid=str(_uuid.uuid4()),
+                username=VIEWER_USERNAME,
+                password_hash=get_password_hash(VIEWER_PASSWORD),
+                role="viewer",
+                must_change_password=False,
+            ))
+            await session.commit()
+
+    resp = await client.post("/api/v1/auth/login", json={
+        "username": VIEWER_USERNAME,
+        "password": VIEWER_PASSWORD,
+    })
+    return resp.json()["access_token"]
+
+
@pytest.fixture(autouse=True)
 def patch_state_file(monkeypatch, tmp_path) -> Path:
    state_file = tmp_path / "decnet-state.json"