60 lines
1.8 KiB
Python
60 lines
1.8 KiB
Python
"""API-level validation tests for user creation (SEC-004, SEC-007)."""
|
|
|
|
|
|
def test_create_user_weak_password_rejected(client, admin_user, admin_token):
|
|
response = client.post(
|
|
"/api/v1/users",
|
|
json={
|
|
"username": "newuser",
|
|
"password": "123",
|
|
"email": "new@test.com",
|
|
"role": "viewer",
|
|
},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert response.status_code == 422
|
|
assert "password" in response.text.lower()
|
|
|
|
|
|
def test_create_user_reserved_username(client, admin_user, admin_token):
|
|
response = client.post(
|
|
"/api/v1/users",
|
|
json={
|
|
"username": "system",
|
|
"password": "SecurePass123!@#",
|
|
"email": "sys@test.com",
|
|
"role": "viewer",
|
|
},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert response.status_code == 422
|
|
|
|
|
|
def test_create_user_invalid_username_chars(client, admin_user, admin_token):
|
|
response = client.post(
|
|
"/api/v1/users",
|
|
json={
|
|
"username": "../admin",
|
|
"password": "SecurePass123!@#",
|
|
"email": "bad@test.com",
|
|
"role": "viewer",
|
|
},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert response.status_code == 422
|
|
|
|
|
|
def test_create_user_valid_password_accepted(client, admin_user, admin_token):
|
|
response = client.post(
|
|
"/api/v1/users",
|
|
json={
|
|
"username": "validuser99",
|
|
"password": "ValidPass123!@#",
|
|
"email": "valid@test.com",
|
|
"role": "viewer",
|
|
},
|
|
headers={"Authorization": f"Bearer {admin_token}"},
|
|
)
|
|
assert response.status_code == 201
|
|
assert response.json()["username"] == "validuser99"
|