Device Service Tests
Overviewβ
Integration tests for the device-service, testing complete device management flows against a live service.
Running Testsβ
cd /backend
make test device
Test Configurationβ
- Auth URL:
http://localhost:80/api/auth(via gateway) - Device URL:
http://localhost:80/api/devices(via gateway) - Database: Direct PostgreSQL connection for test setup/cleanup
- Email Domain:
@pytest.example.com(generated per test)
Test Flowsβ
| Test Class | Description |
|---|---|
TestAdminDeviceCrud | health β create β list β get β update β delete (admin) |
TestRegularUserCannotCreate | user cannot create devices (403) |
TestRegularUserCannotDelete | user cannot delete devices (403) |
TestDuplicateUniqueId | duplicate uniqueId returns 409 Conflict |
TestValidateToken | validate token β invalid token β claimed token (admin only) |
TestClaimDevice | claim β list β get β verify ownership and permissions |
TestClaimAlreadyClaimed | claim same token twice β alreadyClaimed=true |
TestClaimByOtherUser | claim by second user β 409 Conflict |
TestUnclaimDevice | unclaim β device removed from list |
TestReclaimAfterUnclaim | unclaim β reclaim same token succeeds |
TestUserCannotAccessOthersDevice | user cannot get another user's device (403) |
TestUnauthenticatedAccess | list without auth β 401 |
TestHealth | health check returns 200 |
Helper Functionsβ
Located in tests/helpers.py:
Database Setupβ
| Function | Description |
|---|---|
create_admin_user(email?, password?) | Create admin user directly in DB |
create_regular_user(email?, password?) | Create regular user directly in DB |
delete_user(user_id) | Delete user and their device links |
create_device_token(unique_id?, model?) | Create device claim token in DB |
delete_device_token(token_id) | Delete token from device_list |
delete_device_by_unique_id(unique_id) | Delete device and its user links |
Authenticationβ
| Function | Description |
|---|---|
login_user(auth_client, email, password) | Login via auth API, returns access token |
get_auth_headers(access_token) | Create Authorization: Bearer header |
Device API Callsβ
| Function | Description |
|---|---|
check_health(client) | Verify service is healthy |
list_devices(client, headers) | GET / - list user's devices |
get_device(client, headers, device_id) | GET /{id} - get device details |
create_device(client, headers, name, unique_id, **kwargs) | POST / - create device (admin) |
update_device(client, headers, device_id, **kwargs) | PUT /{id} - update device |
delete_device(client, headers, device_id) | DELETE /{id} - delete device (admin) |
validate_token(client, headers, token) | POST /validate-token - check token (admin) |
claim_device(client, headers, token) | POST /claim - claim device |
unclaim_device(client, headers, device_id) | POST /unclaim/{id} - unclaim device |
Test Strategyβ
Tests create users and device tokens directly in the database (not via API) to:
- Ensure test independence from auth-service registration flow
- Avoid email verification requirements
- Allow testing both admin and regular user roles
Users are then authenticated via the auth-service login API to obtain real JWT tokens for device API calls.
Permissions Testedβ
| Operation | Admin | Owner | Shared User | Other User |
|---|---|---|---|---|
| Create Device | β | β | β | β |
| Delete Device | β | β | β | β |
| Update Device | β | β | β | β |
| View Device | β | β | β | β |
| Claim Device | β | β | β | β |
| Unclaim Device | N/A | β | β | β |
| Validate Token | β | β | β | β |