Files
arc53--docsgpt/tests/storage/db/test_migration_user_roles.py
wehub-resource-sync fed8b2eed7
Backend release / release (push) Waiting to run
Bandit Security Scan / bandit_scan (push) Waiting to run
Build and push multi-arch DocsGPT Docker image / build (linux/amd64, ubuntu-latest, amd64) (push) Waiting to run
Build and push multi-arch DocsGPT Docker image / build (linux/arm64, ubuntu-24.04-arm, arm64) (push) Waiting to run
Build and push multi-arch DocsGPT Docker image / manifest (push) Blocked by required conditions
Build and push DocsGPT FE Docker image for development / build (linux/amd64, ubuntu-latest, amd64) (push) Waiting to run
Build and push DocsGPT FE Docker image for development / build (linux/arm64, ubuntu-24.04-arm, arm64) (push) Waiting to run
Build and push DocsGPT FE Docker image for development / manifest (push) Blocked by required conditions
Python linting / ruff (push) Waiting to run
Run python tests with pytest / Run tests and count coverage (3.12) (push) Waiting to run
React Widget Build / build (push) Waiting to run
chore: import upstream snapshot with attribution
2026-07-13 13:28:29 +08:00

62 lines
2.0 KiB
Python

"""Guards for the 0020_user_roles migration.
The single-head assertion catches a branched Alembic history (e.g. a new
migration numbered off the wrong parent), which would wedge ``upgrade head``.
"""
from __future__ import annotations
import pytest
from alembic.config import Config
from alembic.script import ScriptDirectory
@pytest.mark.unit
def test_single_migration_head(_alembic_ini_path):
script = ScriptDirectory.from_config(Config(str(_alembic_ini_path)))
heads = script.get_heads()
assert len(heads) == 1, f"expected one head, found {heads}"
@pytest.mark.unit
def test_user_roles_revision_chains_off_0019(_alembic_ini_path):
script = ScriptDirectory.from_config(Config(str(_alembic_ini_path)))
rev = script.get_revision("0020_user_roles")
assert rev is not None
assert rev.down_revision == "0019_agent_slug"
class TestUserRolesSchema:
def test_table_exists_after_migration(self, pg_conn):
from sqlalchemy import text
cols = pg_conn.execute(
text(
"SELECT column_name FROM information_schema.columns "
"WHERE table_name = 'user_roles'"
)
).fetchall()
names = {c[0] for c in cols}
assert names == {"user_id", "role", "source", "granted_by", "granted_at"}
def test_role_check_rejects_unknown_role(self, pg_conn):
from sqlalchemy import text
from sqlalchemy.exc import IntegrityError
with pytest.raises(IntegrityError):
pg_conn.execute(
text("INSERT INTO user_roles (user_id, role) VALUES ('x', 'superuser')")
)
def test_source_check_rejects_unknown_source(self, pg_conn):
from sqlalchemy import text
from sqlalchemy.exc import IntegrityError
with pytest.raises(IntegrityError):
pg_conn.execute(
text(
"INSERT INTO user_roles (user_id, role, source) "
"VALUES ('x', 'admin', 'sso')"
)
)