agent-07 phase 2: fix test isolation + CSV import UI

- Fix conftest.py: commit after each request in override_get_db so preview_csv's rollback no longer wipes the shared registered_user (root cause of 401 cascade across test_user_import + test_personnel_number) - Fix limiter.enabled=False in client fixture (blocks rate-limit 429) - Fix user_import_service: allow reactivation when personnel number belongs to the same user being reactivated - Fix test_personnel_number: use PATCH /companies/me (not /companies/{id}) and add try/finally cleanup for personnel_number_required flag - Frontend UsersPage: add CSV import modal with template download, preview/validation table, and guarded apply button Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-23 21:07:32 +02:00
parent 39a0e370bc
commit fbc04bc2c0
5 changed files with 217 additions and 24 deletions
@@ -80,9 +80,8 @@ async def test_next_personnel_number_endpoint(client: AsyncClient, registered_us

 async def test_auto_mode_assigns_personnel_number(client: AsyncClient, registered_user):
    h = auth(registered_user["tokens"])
-    cid = registered_user["user"]["company_id"]
    # Modus auf auto setzen
-    upd = await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
+    upd = await client.patch(f"{COMPANIES_URL}/me", headers=h, json={
        "personnel_number_mode": "auto",
    })
    assert upd.status_code == 200
@@ -94,26 +93,26 @@ async def test_auto_mode_assigns_personnel_number(client: AsyncClient, registere
    nr = r.json()["personnel_number"]
    assert nr is not None and nr.isdigit()
    # zurück auf manual
-    await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
+    await client.patch(f"{COMPANIES_URL}/me", headers=h, json={
        "personnel_number_mode": "manual",
    })


 async def test_required_flag_blocks_invite_without_number(client: AsyncClient, registered_user):
    h = auth(registered_user["tokens"])
-    cid = registered_user["user"]["company_id"]
-    # Pflicht aktivieren
-    await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
+    upd = await client.patch(f"{COMPANIES_URL}/me", headers=h, json={
        "personnel_number_required": True,
    })
-    r = await client.post(INVITE_URL, headers=h, json={
-        "email": "noreq@test.de", "first_name": "X", "last_name": "X",
-    })
-    assert r.status_code == 400
-    # Cleanup
-    await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
-        "personnel_number_required": False,
-    })
+    assert upd.status_code == 200
+    try:
+        r = await client.post(INVITE_URL, headers=h, json={
+            "email": "noreq2@test.de", "first_name": "X", "last_name": "X",
+        })
+        assert r.status_code == 400
+    finally:
+        await client.patch(f"{COMPANIES_URL}/me", headers=h, json={
+            "personnel_number_required": False,
+        })


 # ── Lookup ───────────────────────────────────────────────────────────────────