juwan/juwan-backend
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'main-merge-base-a'

Browse Source
This commit is contained in:
zetaloop
2026-04-29 23:29:12 +08:00
parent 585417c07a c8b2a986a0
commit 2341284f6c
5 changed files with 307 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy/dev/test_all_apis.py
+208 -3
View File
@@ -50,6 +50,28 @@ def same_id(left, right):
return str(left) == str(right)
def body_text(body):
if not isinstance(body, dict):
return str(body)
if "_raw" in body:
return str(body["_raw"])
if "message" in body:
return str(body["message"])
if "_error" in body:
return str(body["_error"])
return json.dumps(body, ensure_ascii=False)
def has_error_text(body, *parts):
text = body_text(body)
return all(part in text for part in parts)
def report_rejected(name, status_code, body, expect_status=(400, 403, 500)):
report(name, status_code, body, expect_status=expect_status)
report_check(f"{name} returns error body", bool(body_text(body)), body)
def pick_items(body):
if isinstance(body.get("items"), list):
return body["items"]
@@ -572,6 +594,20 @@ def phase3_admin_and_verification(
body,
)
code, body, _ = s_reject.post(
f"{GATEWAY}/api/v1/users/me/switch-role",
json_body={"role": "owner"},
headers=csrf_reject,
)
report_rejected("POST /users/me/switch-role (rejected owner)", code, body)
code, body, _ = s_reject.get(f"{GATEWAY}/api/v1/users/me")
report("GET /users/me (after rejected owner switch)", code, body)
report_check(
"rejected owner switch does not change current role",
body.get("role") == "consumer",
body,
)
code, body, _ = s_user.get(f"{GATEWAY}/api/v1/users/me")
report("GET /users/me (after approval)", code, body)
verified_roles = body.get("verifiedRoles") or []
@@ -791,7 +827,12 @@ def phase6_player(s: Session, game_id):
report(f"GET /players/{player_id}", code, body)
report_check(
f"GET /players/{player_id} returns initialized online player",
code == 200 and same_id(body.get("id"), player_id) and body.get("status") == "online",
code == 200
and same_id(body.get("id"), player_id)
and body.get("status") == "online"
and body.get("gender") is True
and as_int(user_from(body).get("id")) > 0
and isinstance(body.get("services"), list),
body,
)
@@ -860,6 +901,19 @@ def phase6_player(s: Session, game_id):
body,
)
code, body, _ = s.get(f"{GATEWAY}/api/v1/players/{player_id}")
report(f"GET /players/{player_id} (after service update)", code, body)
service = find_item_by_id(body.get("services") or [], service_id)
report_check(
f"GET /players/{player_id} includes updated service",
code == 200
and body.get("gender") is True
and bool(service)
and service.get("title") == "Updated Service"
and as_decimal(service.get("price")) == Decimal("60"),
body,
)
if player_id:
code, body, _ = s.get(f"{GATEWAY}/api/v1/players/{player_id}/services")
report(f"GET /players/{player_id}/services", code, body)
@@ -1076,6 +1130,40 @@ def phase7_shop(
body,
)
code, body, _ = s_invited_player.post(
f"{GATEWAY}/api/v1/shops/{shop_id}/invitations",
json_body={"playerId": invited_player_id},
headers=s_invited_player.csrf_headers(),
)
report_rejected(
f"POST /shops/{shop_id}/invitations (non-owner)",
code,
body,
)
if invitation_id:
code, body, _ = s_owner.post(
f"{GATEWAY}/api/v1/shops/invitations/{invitation_id}/accept",
json_body={},
headers=csrf,
)
report_rejected(
f"POST /shops/invitations/{invitation_id}/accept (wrong player)",
code,
body,
)
code, body, _ = s_owner.get(
f"{GATEWAY}/api/v1/shops/{shop_id}/invitations",
)
report(f"GET /shops/{shop_id}/invitations (after wrong accept)", code, body)
pending_invitation = find_item_by_id(pick_items(body), invitation_id)
report_check(
"wrong invitation accept keeps status pending",
bool(pending_invitation)
and pending_invitation.get("status") == "pending",
body,
)
s_invited_player.post(
f"{GATEWAY}/api/v1/users/me/switch-role",
json_body={"role": "player"},
@@ -1213,7 +1301,7 @@ def phase8_order(s_consumer: Session, s_actor: Session, player_id, service_id, s
and same_id(order_obj.get("playerId"), player_id)
and same_id(order_obj.get("shopId"), shop_id)
and order_obj.get("status") == "pending_payment"
and as_decimal(order_obj.get("totalPrice")) == Decimal("50")
and as_decimal(order_obj.get("totalPrice")) == Decimal("60")
and order_obj.get("note") == "test order",
body,
)
@@ -1248,10 +1336,28 @@ def phase8_order(s_consumer: Session, s_actor: Session, player_id, service_id, s
"created order detail matches participants",
same_id(body.get("consumerId"), consumer_user_id)
and same_id(body.get("playerId"), player_id)
and same_id(body.get("shopId"), shop_id),
and same_id(body.get("shopId"), shop_id)
and as_decimal(body.get("totalPrice")) == Decimal("60")
and body.get("note") == "test order",
body,
)
code, body, _ = s_actor.post(
f"{GATEWAY}/api/v1/orders/{order_id}/accept",
json_body={},
headers=s_actor.csrf_headers(),
)
report_rejected(f"POST /orders/{order_id}/accept (before pay)", code, body)
check_order_status(s_consumer, order_id, "pending_payment", "after early accept")
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order_id}/confirm-close",
json_body={},
headers=csrf,
)
report_rejected(f"POST /orders/{order_id}/confirm-close (before close request)", code, body)
check_order_status(s_consumer, order_id, "pending_payment", "after early confirm-close")
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order_id}/pay",
json_body={},
@@ -1260,6 +1366,22 @@ def phase8_order(s_consumer: Session, s_actor: Session, player_id, service_id, s
report(f"POST /orders/{order_id}/pay", code, body)
check_order_status(s_consumer, order_id, "pending_accept", "after pay")
code, body, _ = s_actor.post(
f"{GATEWAY}/api/v1/orders/{order_id}/request-close",
json_body={},
headers=s_actor.csrf_headers(),
)
report_rejected(f"POST /orders/{order_id}/request-close (before accept)", code, body)
check_order_status(s_consumer, order_id, "pending_accept", "after early request-close")
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order_id}/pay",
json_body={},
headers=csrf,
)
report_rejected(f"POST /orders/{order_id}/pay (second time)", code, body)
check_order_status(s_consumer, order_id, "pending_accept", "after duplicate pay")
code, body, _ = s_actor.post(
f"{GATEWAY}/api/v1/orders/{order_id}/accept",
json_body={},
@@ -1269,6 +1391,14 @@ def phase8_order(s_consumer: Session, s_actor: Session, player_id, service_id, s
body = check_order_status(s_consumer, order_id, "in_progress", "after accept")
report_check("accepted order has acceptedAt", bool(body.get("acceptedAt")), body)
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order_id}/confirm-close",
json_body={},
headers=csrf,
)
report_rejected(f"POST /orders/{order_id}/confirm-close (before request-close)", code, body)
check_order_status(s_consumer, order_id, "in_progress", "after early confirm-close")
code, body, _ = s_actor.post(
f"{GATEWAY}/api/v1/orders/{order_id}/request-close",
json_body={},
@@ -1302,6 +1432,15 @@ def phase8_order(s_consumer: Session, s_actor: Session, player_id, service_id, s
body,
)
if order2_id:
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order2_id}/review",
json_body={"rating": 5, "content": "too early"},
headers=csrf,
)
report_rejected(f"POST /orders/{order2_id}/review (before completion)", code, body)
check_order_status(s_consumer, order2_id, "pending_payment", "after early review")
if order_id:
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order_id}/reorder",
@@ -1336,6 +1475,14 @@ def phase8_order(s_consumer: Session, s_actor: Session, player_id, service_id, s
report(f"POST /orders/{order2_id}/cancel", code, body)
check_order_status(s_consumer, order2_id, "cancelled", "second order after cancel")
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/{order2_id}/pay",
json_body={},
headers=csrf,
)
report_rejected(f"POST /orders/{order2_id}/pay (after cancel)", code, body)
check_order_status(s_consumer, order2_id, "cancelled", "after cancelled pay")
code, body, _ = s_consumer.post(
f"{GATEWAY}/api/v1/orders/paid",
json_body={
@@ -1673,6 +1820,26 @@ def phase8e_search_and_favorites(s: Session, user_id, player_id, shop_id):
skip("Favorites mutation flow", "Missing user or player id")
return
code, body, _ = s.post(
f"{GATEWAY}/api/v1/favorites",
json_body={"targetType": "player", "targetId": "not-a-snowflake"},
headers=s.csrf_headers(),
)
report_rejected("POST /favorites (invalid targetId)", code, body)
code, body, _ = s.get(f"{GATEWAY}/api/v1/favorites")
report("GET /favorites (after invalid targetId)", code, body)
report_check(
"invalid favorite target is absent",
not bool(
find_item(
pick_items(body),
lambda item: item.get("targetType") == "player"
and same_id(item.get("targetId"), "not-a-snowflake"),
)
),
body,
)
code, body, _ = s.post(
f"{GATEWAY}/api/v1/favorites",
json_body={"targetType": "player", "targetId": str(player_id)},
@@ -1777,6 +1944,35 @@ def phase9_wallet(s: Session):
body,
)
code, body, _ = s.post(
f"{GATEWAY}/api/v1/wallet/withdraw",
json_body={"amount": "0", "method": "alipay"},
headers=csrf,
)
report_rejected("POST /wallet/withdraw (zero amount)", code, body)
code, body, _ = s.get(f"{GATEWAY}/api/v1/wallet/balance")
report("GET /wallet/balance (after zero withdraw)", code, body)
report_check(
"zero withdraw keeps balance unchanged",
as_decimal(body.get("balance")) == initial_balance,
body,
)
excessive_amount = initial_balance + Decimal("999999")
code, body, _ = s.post(
f"{GATEWAY}/api/v1/wallet/withdraw",
json_body={"amount": str(excessive_amount), "method": "alipay"},
headers=csrf,
)
report_rejected("POST /wallet/withdraw (insufficient balance)", code, body)
code, body, _ = s.get(f"{GATEWAY}/api/v1/wallet/balance")
report("GET /wallet/balance (after insufficient withdraw)", code, body)
report_check(
"insufficient withdraw keeps balance unchanged",
as_decimal(body.get("balance")) == initial_balance,
body,
)
code, body, _ = s.post(
f"{GATEWAY}/api/v1/wallet/topup",
json_body={"amount": "100.00", "method": "alipay"},
@@ -1993,6 +2189,15 @@ def phase10_community(s: Session, user_id):
def phase11_objectstory(s: Session):
print("\n=== Phase 11: Objectstory (File) ===")
code, body, _ = s.post_multipart(
f"{GATEWAY}/api/v1/upload",
fields={"type": "post"},
files={"file": (f"empty-{rand_str(4)}.txt", b"", "text/plain")},
headers=s.csrf_headers(),
)
report_rejected("POST /upload (empty file)", code, body)
report_check("empty upload does not return url", not body.get("url"), body)
code, body, _ = s.post_multipart(
f"{GATEWAY}/api/v1/upload",
fields={"type": "post"},