kitos/Aegis
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(tests): patch REPORT_OUTPUT_DIR in report router tests to satisfy path traversal check
Aegis CI / lint-and-test (push) Has been cancelled
Details
Snyk Security Scan / Python vulnerabilities (backend) (push) Has been cancelled
Details
Snyk Security Scan / npm vulnerabilities (frontend) (push) Has been cancelled
Details
Snyk Security Scan / Docker image vulnerabilities (backend) (push) Has been cancelled
Details

Browse Source
This commit is contained in:
kitos
2026-06-12 14:27:59 +02:00
parent 443a04befb
commit f8824291a2
1 changed files with 28 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/tests/test_professional_reports_router.py
+15 -9
View File
@@ -1,14 +1,22 @@
"""Professional reports router tests (FASE-2.4).""" """Professional reports router tests (FASE-2.4)."""
import os
import tempfile
from unittest.mock import patch from unittest.mock import patch
from app.models.campaign import Campaign from app.models.campaign import Campaign
from app.config import settings
@patch("app.services.report_generation_service.generate_purple_campaign_report") @patch("app.services.report_generation_service.generate_purple_campaign_report")
def test_purple_campaign_pdf_download(mock_gen, client, auth_headers, db): def test_purple_campaign_pdf_download(mock_gen, client, auth_headers, db):
mock_gen.return_value = __file__ # existing file for FileResponse with tempfile.TemporaryDirectory() as tmpdir:
fake_pdf = os.path.join(tmpdir, "report.pdf")
with open(fake_pdf, "wb") as f:
f.write(b"%PDF-1.4 fake")
mock_gen.return_value = fake_pdf
with patch.object(settings, "REPORT_OUTPUT_DIR", tmpdir):
campaign = Campaign(name="Export Camp", status="active") campaign = Campaign(name="Export Camp", status="active")
db.add(campaign) db.add(campaign)
db.commit() db.commit()
@@ -24,14 +32,13 @@ def test_purple_campaign_pdf_download(mock_gen, client, auth_headers, db):
@patch("app.services.report_generation_service.generate_coverage_report") @patch("app.services.report_generation_service.generate_coverage_report")
def test_coverage_summary_html(mock_gen, client, auth_headers): def test_coverage_summary_html(mock_gen, client, auth_headers):
import tempfile with tempfile.TemporaryDirectory() as tmpdir:
import os fake_html = os.path.join(tmpdir, "report.html")
with open(fake_html, "w") as f:
fd, path = tempfile.mkstemp(suffix=".html") f.write("<html><body>ok</body></html>")
os.write(fd, b"<html><body>ok</body></html>") mock_gen.return_value = fake_html
os.close(fd)
mock_gen.return_value = path
with patch.object(settings, "REPORT_OUTPUT_DIR", tmpdir):
r = client.get( r = client.get(
"/api/v1/reports/generate/coverage-summary", "/api/v1/reports/generate/coverage-summary",
params={"format": "html"}, params={"format": "html"},
@@ -39,4 +46,3 @@ def test_coverage_summary_html(mock_gen, client, auth_headers):
) )
assert r.status_code == 200 assert r.status_code == 200
assert "text/html" in r.headers["content-type"] assert "text/html" in r.headers["content-type"]
os.unlink(path)