Files
wehub-resource-sync cddb07a176
docs / deploy (push) Has been cancelled
docs / changes (push) Has been cancelled
docs / check-and-build (push) Has been cancelled
build container image / cpu (push) Has been cancelled
build container image / cuda (push) Has been cancelled
build container image / rocm (push) Has been cancelled
frontend checks / frontend-checks (push) Has been cancelled
frontend tests / frontend-tests (push) Has been cancelled
lfs checks / lfs-check (push) Has been cancelled
python checks / python-checks (push) Has been cancelled
python tests / py3.12: macos-default (push) Has been cancelled
python tests / py3.11: windows-cpu (push) Has been cancelled
python tests / py3.12: windows-cpu (push) Has been cancelled
python tests / py3.11: linux-cpu (push) Has been cancelled
typegen checks / typegen-checks (push) Has been cancelled
uv lock checks / uv-lock-checks (push) Has been cancelled
openapi checks / openapi-checks (push) Has been cancelled
python tests / py3.11: macos-default (push) Has been cancelled
python tests / py3.12: linux-cpu (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:22:06 +08:00

82 lines
2.9 KiB
Python

"""Router-level tests for /api/v1/virtual_boards.
These routes already use CurrentUserOrDefault, but until now had no tests pinning
the anonymous-rejection + per-user filtering behavior.
"""
from typing import Any
from fastapi import status
from fastapi.testclient import TestClient
from invokeai.app.services.image_records.image_records_common import ImageCategory, ResourceOrigin
from invokeai.app.services.invoker import Invoker
def _save_image(mock_invoker: Invoker, image_name: str, user_id: str) -> None:
mock_invoker.services.image_records.save(
image_name=image_name,
image_origin=ResourceOrigin.INTERNAL,
image_category=ImageCategory.GENERAL,
width=10,
height=10,
has_workflow=False,
user_id=user_id,
)
def test_list_by_date_requires_auth(enable_multiuser: Any, client: TestClient):
r = client.get("/api/v1/virtual_boards/by_date")
assert r.status_code == status.HTTP_401_UNAUTHORIZED
def test_image_names_by_date_requires_auth(enable_multiuser: Any, client: TestClient):
r = client.get("/api/v1/virtual_boards/by_date/2026-05-18/image_names")
assert r.status_code == status.HTTP_401_UNAUTHORIZED
def test_user_sees_only_own_dates(client: TestClient, user1_token: str, user2_token: str, mock_invoker: Invoker):
user1 = mock_invoker.services.users.get_by_email("user1@test.com")
user2 = mock_invoker.services.users.get_by_email("user2@test.com")
assert user1 is not None and user2 is not None
_save_image(mock_invoker, "u1-img-a.png", user1.user_id)
_save_image(mock_invoker, "u2-img-a.png", user2.user_id)
r1 = client.get(
"/api/v1/virtual_boards/by_date",
headers={"Authorization": f"Bearer {user1_token}"},
)
assert r1.status_code == status.HTTP_200_OK
user1_counts = sum(b.get("image_count", 0) for b in r1.json())
r2 = client.get(
"/api/v1/virtual_boards/by_date",
headers={"Authorization": f"Bearer {user2_token}"},
)
assert r2.status_code == status.HTTP_200_OK
user2_counts = sum(b.get("image_count", 0) for b in r2.json())
# Each user sees only their single image — not the other user's.
assert user1_counts == 1
assert user2_counts == 1
def test_admin_sees_all_dates(
client: TestClient, admin_token: str, user1_token: str, user2_token: str, mock_invoker: Invoker
):
user1 = mock_invoker.services.users.get_by_email("user1@test.com")
user2 = mock_invoker.services.users.get_by_email("user2@test.com")
assert user1 is not None and user2 is not None
_save_image(mock_invoker, "u1-shared.png", user1.user_id)
_save_image(mock_invoker, "u2-shared.png", user2.user_id)
r = client.get(
"/api/v1/virtual_boards/by_date",
headers={"Authorization": f"Bearer {admin_token}"},
)
assert r.status_code == status.HTTP_200_OK
total = sum(b.get("image_count", 0) for b in r.json())
assert total >= 2 # admin sees images from both users