egg/OCR
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add admin dashboard, audit logs, token expiry check and test suite

Browse Source 
Frontend Features:
- Add ProtectedRoute component with token expiry validation
- Create AdminDashboardPage with system statistics and user management
- Create AuditLogsPage with filtering and pagination
- Add admin-only navigation (Shield icon) for ymirliu@panjit.com.tw
- Add admin API methods to apiV2 service
- Add admin type definitions (SystemStats, AuditLog, etc.)

Token Management:
- Auto-redirect to login on token expiry
- Check authentication on route change
- Show loading state during auth check
- Admin privilege verification

Backend Testing:
- Add pytest configuration (pytest.ini)
- Create test fixtures (conftest.py)
- Add unit tests for auth, tasks, and admin endpoints
- Add integration tests for complete workflows
- Test user isolation and admin access control

Documentation:
- Add TESTING.md with comprehensive testing guide
- Include test running instructions
- Document fixtures and best practices

Routes:
- /admin - Admin dashboard (admin only)
- /admin/audit-logs - Audit logs viewer (admin only)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
egg
2025-11-16 18:01:50 +08:00
parent fd98018ddd
commit 8f94191914
13 changed files with 1554 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

161
backend/tests/test_integration.py Normal file
View File

@@ -0,0 +1,161 @@
"""
Integration tests for Tool_OCR
Tests the complete flow of authentication, task creation, and file operations
"""
import pytest
from unittest.mock import patch
class TestIntegration:
"""Integration tests for end-to-end workflows"""
def test_complete_auth_and_task_flow(self, client, db):
"""Test complete flow: login -> create task -> get task -> delete task"""
# Step 1: Login
with patch('app.routers.auth.external_auth_service.authenticate_user') as mock_auth:
mock_auth.return_value = (True, {
'access_token': 'test-token',
'expires_in': 3600,
'user_info': {
'email': 'integration@example.com',
'name': 'Integration Test User'
}
}, None)
login_response = client.post('/api/v2/auth/login', json={
'username': 'integration@example.com',
'password': 'password123'
})
assert login_response.status_code == 200
token = login_response.json()['access_token']
headers = {'Authorization': f'Bearer {token}'}
# Step 2: Create task
create_response = client.post(
'/api/v2/tasks/',
headers=headers,
json={
'filename': 'integration_test.pdf',
'file_type': 'application/pdf'
}
)
assert create_response.status_code == 201
task_data = create_response.json()
task_id = task_data['task_id']
# Step 3: Get task
get_response = client.get(
f'/api/v2/tasks/{task_id}',
headers=headers
)
assert get_response.status_code == 200
assert get_response.json()['task_id'] == task_id
# Step 4: List tasks
list_response = client.get(
'/api/v2/tasks/',
headers=headers
)
assert list_response.status_code == 200
assert len(list_response.json()['tasks']) > 0
# Step 5: Get stats
stats_response = client.get(
'/api/v2/tasks/stats',
headers=headers
)
assert stats_response.status_code == 200
stats = stats_response.json()
assert stats['total'] > 0
assert stats['pending'] > 0
# Step 6: Delete task
delete_response = client.delete(
f'/api/v2/tasks/{task_id}',
headers=headers
)
assert delete_response.status_code == 200
# Step 7: Verify deletion
get_after_delete = client.get(
f'/api/v2/tasks/{task_id}',
headers=headers
)
assert get_after_delete.status_code == 404
def test_admin_workflow(self, client, db):
"""Test admin workflow: login as admin -> access admin endpoints"""
# Login as admin
with patch('app.routers.auth.external_auth_service.authenticate_user') as mock_auth:
mock_auth.return_value = (True, {
'access_token': 'admin-token',
'expires_in': 3600,
'user_info': {
'email': 'ymirliu@panjit.com.tw',
'name': 'Admin User'
}
}, None)
login_response = client.post('/api/v2/auth/login', json={
'username': 'ymirliu@panjit.com.tw',
'password': 'adminpass'
})
assert login_response.status_code == 200
token = login_response.json()['access_token']
headers = {'Authorization': f'Bearer {token}'}
# Access admin endpoints
stats_response = client.get('/api/v2/admin/stats', headers=headers)
assert stats_response.status_code == 200
users_response = client.get('/api/v2/admin/users', headers=headers)
assert users_response.status_code == 200
logs_response = client.get('/api/v2/admin/audit-logs', headers=headers)
assert logs_response.status_code == 200
def test_task_lifecycle(self, client, auth_token, test_task, db):
"""Test complete task lifecycle: pending -> processing -> completed"""
headers = {'Authorization': f'Bearer {auth_token}'}
# Check initial status
response = client.get(f'/api/v2/tasks/{test_task.task_id}', headers=headers)
assert response.json()['status'] == 'pending'
# Start task
start_response = client.post(
f'/api/v2/tasks/{test_task.task_id}/start',
headers=headers
)
assert start_response.status_code == 200
assert start_response.json()['status'] == 'processing'
# Update task to completed
update_response = client.patch(
f'/api/v2/tasks/{test_task.task_id}',
headers=headers,
json={
'status': 'completed',
'processing_time_ms': 1500
}
)
assert update_response.status_code == 200
assert update_response.json()['status'] == 'completed'
# Verify final state
final_response = client.get(f'/api/v2/tasks/{test_task.task_id}', headers=headers)
final_data = final_response.json()
assert final_data['status'] == 'completed'
assert final_data['processing_time_ms'] == 1500