9b220523ff
## Critical Issues (CRIT-001~003) - All Fixed
- JWT secret key validation with pydantic field_validator
- Login audit logging for success/failure attempts
- Frontend API path prefix removal
## High Priority Issues (HIGH-001~008) - All Fixed
- Project soft delete using is_active flag
- Redis session token bytes handling
- Rate limiting with slowapi (5 req/min for login)
- Attachment API permission checks
- Kanban view with drag-and-drop
- Workload heatmap UI (WorkloadPage, WorkloadHeatmap)
- TaskDetailModal integrating Comments/Attachments
- UserSelect component for task assignment
## Medium Priority Issues (MED-001~012) - All Fixed
- MED-001~005: DB commits, N+1 queries, datetime, error format, blocker flag
- MED-006: Project health dashboard (HealthService, ProjectHealthPage)
- MED-007: Capacity update API (PUT /api/users/{id}/capacity)
- MED-008: Schedule triggers (cron parsing, deadline reminders)
- MED-009: Watermark feature (image/PDF watermarking)
- MED-010~012: useEffect deps, DOM operations, PDF export
## New Files
- backend/app/api/health/ - Project health API
- backend/app/services/health_service.py
- backend/app/services/trigger_scheduler.py
- backend/app/services/watermark_service.py
- backend/app/core/rate_limiter.py
- frontend/src/pages/ProjectHealthPage.tsx
- frontend/src/components/ProjectHealthCard.tsx
- frontend/src/components/KanbanBoard.tsx
- frontend/src/components/WorkloadHeatmap.tsx
## Tests
- 113 new tests passing (health: 32, users: 14, triggers: 35, watermark: 32)
## OpenSpec Archives
- add-project-health-dashboard
- add-capacity-update-api
- add-schedule-triggers
- add-watermark-feature
- add-rate-limiting
- enhance-frontend-ux
- add-resource-management-ui
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
160 lines
4.2 KiB
Python
160 lines
4.2 KiB
Python
import os
|
|
|
|
# Set testing environment before importing app modules
|
|
os.environ["TESTING"] = "true"
|
|
|
|
import pytest
|
|
from fastapi.testclient import TestClient
|
|
from sqlalchemy import create_engine
|
|
from sqlalchemy.orm import sessionmaker
|
|
from sqlalchemy.pool import StaticPool
|
|
|
|
from app.main import app
|
|
from app.core.database import Base, get_db
|
|
from app.core.redis import get_redis
|
|
from app.models import User, Role, Department
|
|
|
|
# Use in-memory SQLite for testing
|
|
SQLALCHEMY_DATABASE_URL = "sqlite:///:memory:"
|
|
|
|
engine = create_engine(
|
|
SQLALCHEMY_DATABASE_URL,
|
|
connect_args={"check_same_thread": False},
|
|
poolclass=StaticPool,
|
|
)
|
|
TestingSessionLocal = sessionmaker(autocommit=False, autoflush=False, bind=engine)
|
|
|
|
|
|
class MockRedis:
|
|
"""Mock Redis client for testing."""
|
|
|
|
def __init__(self):
|
|
self.store = {}
|
|
|
|
def get(self, key):
|
|
return self.store.get(key)
|
|
|
|
def set(self, key, value):
|
|
self.store[key] = value
|
|
|
|
def setex(self, key, seconds, value):
|
|
self.store[key] = value
|
|
|
|
def delete(self, key):
|
|
if key in self.store:
|
|
del self.store[key]
|
|
|
|
def scan_iter(self, match=None):
|
|
"""Iterate over keys matching a pattern."""
|
|
import fnmatch
|
|
if match is None:
|
|
yield from self.store.keys()
|
|
else:
|
|
pattern = match.replace("*", "**")
|
|
for key in self.store.keys():
|
|
if fnmatch.fnmatch(key, match):
|
|
yield key
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def db():
|
|
"""Create a fresh database for each test."""
|
|
Base.metadata.create_all(bind=engine)
|
|
db = TestingSessionLocal()
|
|
|
|
# Create default role
|
|
admin_role = Role(
|
|
id="00000000-0000-0000-0000-000000000001",
|
|
name="super_admin",
|
|
permissions={"all": True},
|
|
is_system_role=True,
|
|
)
|
|
db.add(admin_role)
|
|
|
|
engineer_role = Role(
|
|
id="00000000-0000-0000-0000-000000000003",
|
|
name="engineer",
|
|
permissions={"projects.read": True, "tasks.read": True, "tasks.write": True},
|
|
is_system_role=False,
|
|
)
|
|
db.add(engineer_role)
|
|
|
|
# Create system admin user
|
|
admin_user = User(
|
|
id="00000000-0000-0000-0000-000000000001",
|
|
email="ymirliu@panjit.com.tw",
|
|
name="System Administrator",
|
|
role_id="00000000-0000-0000-0000-000000000001",
|
|
is_active=True,
|
|
is_system_admin=True,
|
|
)
|
|
db.add(admin_user)
|
|
|
|
db.commit()
|
|
|
|
try:
|
|
yield db
|
|
finally:
|
|
db.close()
|
|
Base.metadata.drop_all(bind=engine)
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def mock_redis():
|
|
"""Create mock Redis for testing."""
|
|
return MockRedis()
|
|
|
|
|
|
@pytest.fixture(scope="function")
|
|
def client(db, mock_redis):
|
|
"""Create test client with overridden dependencies."""
|
|
# Reset rate limiter storage before each test
|
|
from app.core.rate_limiter import limiter
|
|
if hasattr(limiter, '_storage') and limiter._storage:
|
|
try:
|
|
limiter._storage.reset()
|
|
except Exception:
|
|
pass # Memory storage might not have reset method
|
|
# For memory storage, clear internal state
|
|
if hasattr(limiter, '_limiter') and hasattr(limiter._limiter, '_storage'):
|
|
storage = limiter._limiter._storage
|
|
if hasattr(storage, 'storage'):
|
|
storage.storage.clear()
|
|
|
|
def override_get_db():
|
|
try:
|
|
yield db
|
|
finally:
|
|
pass
|
|
|
|
def override_get_redis():
|
|
return mock_redis
|
|
|
|
app.dependency_overrides[get_db] = override_get_db
|
|
app.dependency_overrides[get_redis] = override_get_redis
|
|
|
|
with TestClient(app) as test_client:
|
|
yield test_client
|
|
|
|
app.dependency_overrides.clear()
|
|
|
|
|
|
@pytest.fixture
|
|
def admin_token(client, mock_redis):
|
|
"""Get an admin token for testing."""
|
|
from app.core.security import create_access_token, create_token_payload
|
|
|
|
token_data = create_token_payload(
|
|
user_id="00000000-0000-0000-0000-000000000001",
|
|
email="ymirliu@panjit.com.tw",
|
|
role="super_admin",
|
|
department_id=None,
|
|
is_system_admin=True,
|
|
)
|
|
token = create_access_token(token_data)
|
|
|
|
# Store in mock Redis
|
|
mock_redis.setex("session:00000000-0000-0000-0000-000000000001", 900, token)
|
|
|
|
return token
|