feat(sofiia-console): protect audit endpoint with admin token
Made-with: Cursor
This commit is contained in:
Apple
12
tests/test_sofiia_audit_auth.py
Normal file
12
tests/test_sofiia_audit_auth.py
Normal file
@@ -0,0 +1,12 @@
|
||||
from __future__ import annotations
|
||||
|
||||
|
||||
def test_audit_requires_key_when_not_configured(sofiia_client):
|
||||
r = sofiia_client.get("/api/audit")
|
||||
assert r.status_code == 401, r.text
|
||||
|
||||
|
||||
def test_audit_accepts_valid_x_api_key_when_configured(sofiia_client, monkeypatch):
|
||||
monkeypatch.setenv("SOFIIA_CONSOLE_API_KEY", "audit-secret")
|
||||
r = sofiia_client.get("/api/audit", headers={"X-API-Key": "audit-secret"})
|
||||
assert r.status_code == 200, r.text
|
||||
@@ -19,19 +19,21 @@ def _append(event: str, *, chat_id: str, operator_id: str = "op-a", status: str
|
||||
)
|
||||
|
||||
|
||||
def test_audit_read_cursor_pagination(sofiia_client):
|
||||
def test_audit_read_cursor_pagination(sofiia_client, monkeypatch):
|
||||
monkeypatch.setenv("SOFIIA_CONSOLE_API_KEY", "audit-secret")
|
||||
headers = {"X-API-Key": "audit-secret"}
|
||||
chat_id = "chat:NODA2:sofiia:web:audit-read"
|
||||
for i in range(5):
|
||||
_append("chat.send.result", chat_id=chat_id, operator_id=f"op-{i}")
|
||||
|
||||
r1 = sofiia_client.get(f"/api/audit?chat_id={chat_id}&limit=2")
|
||||
r1 = sofiia_client.get(f"/api/audit?chat_id={chat_id}&limit=2", headers=headers)
|
||||
assert r1.status_code == 200, r1.text
|
||||
j1 = r1.json()
|
||||
assert len(j1["items"]) == 2
|
||||
assert j1["has_more"] is True
|
||||
assert j1["next_cursor"]
|
||||
|
||||
r2 = sofiia_client.get(f"/api/audit?chat_id={chat_id}&limit=2&cursor={j1['next_cursor']}")
|
||||
r2 = sofiia_client.get(f"/api/audit?chat_id={chat_id}&limit=2&cursor={j1['next_cursor']}", headers=headers)
|
||||
assert r2.status_code == 200, r2.text
|
||||
j2 = r2.json()
|
||||
assert len(j2["items"]) >= 1
|
||||
@@ -40,13 +42,15 @@ def test_audit_read_cursor_pagination(sofiia_client):
|
||||
assert ids_1.isdisjoint(ids_2)
|
||||
|
||||
|
||||
def test_audit_read_filter_by_event(sofiia_client):
|
||||
def test_audit_read_filter_by_event(sofiia_client, monkeypatch):
|
||||
monkeypatch.setenv("SOFIIA_CONSOLE_API_KEY", "audit-secret")
|
||||
headers = {"X-API-Key": "audit-secret"}
|
||||
chat_id = "chat:NODA2:sofiia:web:audit-filter"
|
||||
_append("chat.send.error", chat_id=chat_id, status="error")
|
||||
_append("chat.send.result", chat_id=chat_id, status="ok")
|
||||
_append("chat.create", chat_id=chat_id, status="ok")
|
||||
|
||||
r = sofiia_client.get("/api/audit?event=chat.send.error&limit=50")
|
||||
r = sofiia_client.get("/api/audit?event=chat.send.error&limit=50", headers=headers)
|
||||
assert r.status_code == 200, r.text
|
||||
items = r.json()["items"]
|
||||
assert items, "Expected at least one audit item for event filter"
|
||||
|
||||
Reference in New Issue
Block a user