kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
Files
283f75a5e21fe0fec4725a122c6be4c5f53e2b8c
consentos/apps/api/tests/test_dependencies.py
James Cottrill fbf26453f2 feat: initial public release 
ConsentOS — a privacy-first cookie consent management platform.

Self-hosted, source-available alternative to OneTrust, Cookiebot, and
CookieYes. Full standards coverage (IAB TCF v2.2, GPP v1, Google
Consent Mode v2, GPC, Shopify Customer Privacy API), multi-tenant
architecture with role-based access, configuration cascade
(system → org → group → site → region), dark-pattern detection in
the scanner, and a tamper-evident consent record audit trail.

This is the initial public release. Prior development history is
retained internally.

See README.md for the feature list, architecture overview, and
quick-start instructions. Licensed under the Elastic Licence 2.0 —
self-host freely; do not resell as a managed service.
2026-04-14 09:18:18 +00:00

89 lines
2.6 KiB
Python
Raw Blame History

"""Unit tests for auth dependencies."""
import uuid
from src.schemas.auth import CurrentUser
from src.services.auth import create_access_token, create_refresh_token, decode_token
class TestCurrentUser:
def test_has_role_matching(self):
user = CurrentUser(
id=uuid.uuid4(),
organisation_id=uuid.uuid4(),
email="test@test.com",
role="admin",
)
assert user.has_role("admin", "owner") is True
def test_has_role_not_matching(self):
user = CurrentUser(
id=uuid.uuid4(),
organisation_id=uuid.uuid4(),
email="test@test.com",
role="viewer",
)
assert user.has_role("admin", "owner") is False
def test_is_admin_property(self):
user = CurrentUser(
id=uuid.uuid4(),
organisation_id=uuid.uuid4(),
email="test@test.com",
role="admin",
)
assert user.is_admin is True
def test_is_admin_owner(self):
user = CurrentUser(
id=uuid.uuid4(),
organisation_id=uuid.uuid4(),
email="test@test.com",
role="owner",
)
assert user.is_admin is True
def test_is_admin_viewer(self):
user = CurrentUser(
id=uuid.uuid4(),
organisation_id=uuid.uuid4(),
email="test@test.com",
role="viewer",
)
assert user.is_admin is False
class TestTokenCreation:
def test_access_token_roundtrip(self):
user_id = uuid.uuid4()
org_id = uuid.uuid4()
token = create_access_token(
user_id=user_id,
organisation_id=org_id,
role="editor",
email="test@test.com",
)
payload = decode_token(token)
assert payload["sub"] == str(user_id)
assert payload["org_id"] == str(org_id)
assert payload["role"] == "editor"
assert payload["type"] == "access"
def test_refresh_token_roundtrip(self):
user_id = uuid.uuid4()
org_id = uuid.uuid4()
token = create_refresh_token(user_id=user_id, organisation_id=org_id)
payload = decode_token(token)
assert payload["sub"] == str(user_id)
assert payload["type"] == "refresh"
def test_access_token_is_not_refresh(self):
token = create_access_token(
user_id=uuid.uuid4(),
organisation_id=uuid.uuid4(),
role="viewer",
email="test@test.com",
)
payload = decode_token(token)
assert payload["type"] != "refresh"
Reference in New Issue View Git Blame Copy Permalink