scripte/timemaster
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1fedd683e0748f219ca614e7017ac68959bef2d3
timemaster/backend/tests/test_personnel_number.py
T
sysops 1fedd683e0 Initial commit – TimeMaster Zeiterfassung & HR-Tool 
Stand: agent-06 (Audit-Log), agent-05 (Krankmeldung), agent-07 Phase 1 (Personalnummer),
Busylight-Pull-Integration, TOTP/2FA, Abwesenheiten, Zeiterfassung, Kiosk-Grundgerüst.
Migrations 0001–0023 deployed auf 192.168.1.137 + .164.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-23 20:03:27 +02:00

133 lines
5.3 KiB
Python
Raw Blame History

"""Tests for personnel_number feature (agent-07)."""
import asyncio
import pytest
from httpx import AsyncClient
pytestmark = pytest.mark.asyncio
USERS_URL = "/api/v1/users"
INVITE_URL = "/api/v1/users/invite"
COMPANIES_URL = "/api/v1/companies"
NEXT_URL = "/api/v1/users/next-personnel-number"
def auth(tokens):
return {"Authorization": f"Bearer {tokens['access_token']}"}
# ── Format-Validierung ───────────────────────────────────────────────────────
async def test_invite_with_letters_in_personnel_number_rejected(client: AsyncClient, registered_user):
resp = await client.post(INVITE_URL, headers=auth(registered_user["tokens"]), json={
"email": "letter@test.de",
"first_name": "L", "last_name": "L",
"personnel_number": "ABC123",
})
assert resp.status_code == 422
async def test_invite_with_numeric_personnel_number_ok(client: AsyncClient, registered_user):
resp = await client.post(INVITE_URL, headers=auth(registered_user["tokens"]), json={
"email": "num1@test.de",
"first_name": "N", "last_name": "N",
"personnel_number": "1001",
})
assert resp.status_code == 201
assert resp.json()["personnel_number"] == "1001"
# ── Eindeutigkeit + Reservierung ─────────────────────────────────────────────
async def test_duplicate_personnel_number_rejected(client: AsyncClient, registered_user):
h = auth(registered_user["tokens"])
r1 = await client.post(INVITE_URL, headers=h, json={
"email": "dup1@test.de", "first_name": "D", "last_name": "1",
"personnel_number": "2001",
})
assert r1.status_code == 201
r2 = await client.post(INVITE_URL, headers=h, json={
"email": "dup2@test.de", "first_name": "D", "last_name": "2",
"personnel_number": "2001",
})
assert r2.status_code == 409
async def test_personnel_number_reserved_after_deactivation(client: AsyncClient, registered_user):
h = auth(registered_user["tokens"])
# User mit Nummer anlegen
r = await client.post(INVITE_URL, headers=h, json={
"email": "reserve@test.de", "first_name": "R", "last_name": "R",
"personnel_number": "3001",
})
user_id = r.json()["id"]
# Deaktivieren
await client.patch(f"{USERS_URL}/{user_id}", headers=h, json={"is_active": False})
# Andere User darf 3001 nicht bekommen
r2 = await client.post(INVITE_URL, headers=h, json={
"email": "other@test.de", "first_name": "O", "last_name": "O",
"personnel_number": "3001",
})
assert r2.status_code == 409
# ── Auto-Vergabe & Counter ───────────────────────────────────────────────────
async def test_next_personnel_number_endpoint(client: AsyncClient, registered_user):
r = await client.get(NEXT_URL, headers=auth(registered_user["tokens"]))
assert r.status_code == 200
assert r.json()["next"].isdigit()
async def test_auto_mode_assigns_personnel_number(client: AsyncClient, registered_user):
h = auth(registered_user["tokens"])
cid = registered_user["user"]["company_id"]
# Modus auf auto setzen
upd = await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
"personnel_number_mode": "auto",
})
assert upd.status_code == 200
# Invite ohne explizite Nr.
r = await client.post(INVITE_URL, headers=h, json={
"email": "auto@test.de", "first_name": "A", "last_name": "A",
})
assert r.status_code == 201
nr = r.json()["personnel_number"]
assert nr is not None and nr.isdigit()
# zurück auf manual
await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
"personnel_number_mode": "manual",
})
async def test_required_flag_blocks_invite_without_number(client: AsyncClient, registered_user):
h = auth(registered_user["tokens"])
cid = registered_user["user"]["company_id"]
# Pflicht aktivieren
await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
"personnel_number_required": True,
})
r = await client.post(INVITE_URL, headers=h, json={
"email": "noreq@test.de", "first_name": "X", "last_name": "X",
})
assert r.status_code == 400
# Cleanup
await client.patch(f"{COMPANIES_URL}/{cid}", headers=h, json={
"personnel_number_required": False,
})
# ── Lookup ───────────────────────────────────────────────────────────────────
async def test_get_by_personnel_number(client: AsyncClient, registered_user):
h = auth(registered_user["tokens"])
r = await client.post(INVITE_URL, headers=h, json={
"email": "lookup@test.de", "first_name": "L", "last_name": "U",
"personnel_number": "4001",
})
assert r.status_code == 201
g = await client.get(f"{USERS_URL}/by-personnel/4001", headers=h)
assert g.status_code == 200
assert g.json()["email"] == "lookup@test.de"
nf = await client.get(f"{USERS_URL}/by-personnel/9999999", headers=h)
assert nf.status_code == 404
Reference in New Issue View Git Blame Copy Permalink