"""Tests for invite management endpoints.""" from __future__ import annotations from bincio.auth.db import create_invite from .conftest import auth_cookies def test_list_invites_empty(client, user): cookies = auth_cookies("alice", "alicepass1", client) r = client.get("/api/invites", cookies=cookies) assert r.status_code == 200 assert r.json() == [] def test_create_and_list_invite(client, user): cookies = auth_cookies("alice", "alicepass1", client) r = client.post("/api/invites", json={}, cookies=cookies) assert r.status_code == 200 code = r.json()["code"] assert len(code) > 0 r2 = client.get("/api/invites", cookies=cookies) codes = [i["code"] for i in r2.json()] assert code in codes def test_invite_limit_regular_user(client, user): cookies = auth_cookies("alice", "alicepass1", client) # Regular users capped at 3 for _ in range(3): r = client.post("/api/invites", json={}, cookies=cookies) assert r.status_code == 200 r = client.post("/api/invites", json={}, cookies=cookies) assert r.status_code == 400 def test_admin_has_no_invite_limit(client, admin): cookies = auth_cookies("admin", "adminpass1", client) for _ in range(5): r = client.post("/api/invites", json={}, cookies=cookies) assert r.status_code == 200 def test_create_invite_unauthenticated(client): r = client.post("/api/invites", json={}) assert r.status_code == 401 def test_list_invites_unauthenticated(client): r = client.get("/api/invites") assert r.status_code == 401 def test_invite_grants_activity_flag(client, admin): cookies = auth_cookies("admin", "adminpass1", client) r = client.post("/api/invites", json={"grants_activity": True}, cookies=cookies) assert r.status_code == 200 assert r.json()["grants_activity"] is True def test_regular_user_cannot_grant_activity_they_dont_have(client, user): # alice has no activity_access cookies = auth_cookies("alice", "alicepass1", client) r = client.post("/api/invites", json={"grants_activity": True}, cookies=cookies) assert r.status_code == 400