dictia-public/tests/test_api_v1_upload.py

#!/usr/bin/env python3
"""
Integration test for API v1 recording upload endpoint.

Validates API token authentication and expected 400 response when no file is provided.
"""

import secrets
import sys
import os

# Add the parent directory to the path to import app
sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.abspath(__file__))))

from src.app import app, db
from src.models import User, APIToken
from src.utils.token_auth import hash_token


def _get_or_create_test_user():
    user = User.query.filter_by(username="api_test_user").first()
    created = False
    if not user:
        user = User(username="api_test_user", email="api_test_user@local.test")
        db.session.add(user)
        db.session.commit()
        created = True
    return user, created


def _create_api_token(user):
    plaintext = f"test-token-{secrets.token_urlsafe(16)}"
    token = APIToken(
        user_id=user.id,
        token_hash=hash_token(plaintext),
        name="test-api-token"
    )
    db.session.add(token)
    db.session.commit()
    return token, plaintext


def test_upload_requires_file():
    with app.app_context():
        user, created_user = _get_or_create_test_user()
        token_record, token = _create_api_token(user)
        client = app.test_client()

        try:
            response = client.post(
                "/api/v1/recordings/upload",
                headers={"X-API-Token": token}
            )

            if response.status_code != 400:
                print(f"❌ Expected 400, got {response.status_code}")
                return False

            payload = response.get_json(silent=True) or {}
            if payload.get("error") != "No file provided":
                print(f"❌ Unexpected error payload: {payload}")
                return False

            print("✅ Token auth works and missing file returns 400 as expected")
            return True
        finally:
            db.session.delete(token_record)
            db.session.commit()
            if created_user:
                db.session.delete(user)
                db.session.commit()


def main():
    print("🚀 Running API v1 upload test...\n")
    ok = test_upload_requires_file()
    print("\n" + ("✅ PASS" if ok else "❌ FAIL"))
    sys.exit(0 if ok else 1)


if __name__ == "__main__":
    main()