anti/DECNET
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
f20e86826db7d04d4aee947e841bfb237becb74d
DECNET/tests/api/stats/test_get_stats.py
anti d15c106b44 test: fix async fixture isolation, add fuzz marks, parallelize with xdist 
- Rebuild repo.engine and repo.session_factory per-test using unique
  in-memory SQLite URIs — fixes KeyError: 'access_token' caused by
  stale session_factory pointing at production DB
- Add @pytest.mark.fuzz to all Hypothesis and Schemathesis tests;
  default run excludes them (addopts = -m 'not fuzz')
- Add missing fuzz tests to bounty, fleet, histogram, and repository
- Use tmp_path for state file in patch_state_file/mock_state_file to
  eliminate file-path race conditions under xdist parallelism
- Set default addopts: -v -q -x -n logical (26 tests in ~7s)
2026-04-09 18:32:46 -04:00

50 lines
1.8 KiB
Python
Raw Blame History

import pytest
import httpx
from typing import Any
from decnet.env import DECNET_ADMIN_USER, DECNET_ADMIN_PASSWORD
from ..conftest import _FUZZ_SETTINGS
from hypothesis import given, strategies as st, settings
@pytest.mark.anyio
async def test_get_stats_unauthorized(client: httpx.AsyncClient) -> None:
response = await client.get("/api/v1/stats")
assert response.status_code == 401
@pytest.mark.anyio
async def test_get_stats_success(client: httpx.AsyncClient, auth_token: str) -> None:
response = await client.get(
"/api/v1/stats",
headers={"Authorization": f"Bearer {auth_token}"}
)
assert response.status_code == 200
data = response.json()
assert "total_logs" in data
assert "unique_attackers" in data
assert "active_deckies" in data
@pytest.mark.anyio
async def test_stats_includes_deployed_count(mock_state_file, client: httpx.AsyncClient, auth_token: str):
_response = await client.get("/api/v1/stats", headers={"Authorization": f"Bearer {auth_token}"})
assert _response.status_code == 200
_data = _response.json()
assert "deployed_deckies" in _data
assert _data["deployed_deckies"] == 2
@pytest.mark.fuzz
@pytest.mark.anyio
@settings(**_FUZZ_SETTINGS)
@given(
token=st.text(min_size=0, max_size=4096)
)
async def test_fuzz_auth_header(client: httpx.AsyncClient, token: str) -> None:
"""Fuzz the Authorization header with full unicode noise."""
try:
_response: httpx.Response = await client.get(
"/api/v1/stats",
headers={"Authorization": f"Bearer {token}"}
)
assert _response.status_code in (401, 422)
except (UnicodeEncodeError, httpx.InvalidURL, httpx.CookieConflict):
# Expected client-side rejection of invalid header characters
pass
Reference in New Issue View Git Blame Copy Permalink