Device Service Tests
Overview
Integration tests for the device-service, testing complete device management flows against a live service.
Running Tests
cd /backend
make test device
Test Configuration
- Auth URL:
http://localhost:80/api/auth(via gateway) - Device URL:
http://localhost:80/api/devices(via gateway) - Database: Direct PostgreSQL connection for test setup/cleanup
- Email Domain:
@pytest.example.com(generated per test)
Test Flows
| Test Class | Description |
|---|---|
TestAdminDeviceCrud | health → create → list → get → update → delete (admin) |
TestRegularUserCannotCreate | user cannot create devices (403) |
TestRegularUserCannotDelete | user cannot delete devices (403) |
TestDuplicateUniqueId | duplicate uniqueId returns 409 Conflict |
TestValidateToken | validate token → invalid token → claimed token (admin only) |
TestClaimDevice | claim → list → get → verify ownership and permissions |
TestClaimAlreadyClaimed | claim same token twice → alreadyClaimed=true |
TestClaimByOtherUser | claim by second user → 409 Conflict |
TestUnclaimDevice | unclaim → device removed from list |
TestReclaimAfterUnclaim | unclaim → reclaim same token succeeds |
TestUserCannotAccessOthersDevice | user cannot get another user's device (403) |
TestUnauthenticatedAccess | list without auth → 401 |
TestHealth | health check returns 200 |
Helper Functions
Located in tests/helpers.py:
Database Setup
| Function | Description |
|---|---|
create_admin_user(email?, password?) | Create admin user directly in DB |
create_regular_user(email?, password?) | Create regular user directly in DB |
delete_user(user_id) | Delete user and their device links |
create_device_token(unique_id?, model?) | Create device claim token in DB |
delete_device_token(token_id) | Delete token from device_list |
delete_device_by_unique_id(unique_id) | Delete device and its user links |
Authentication
| Function | Description |
|---|---|
login_user(auth_client, email, password) | Login via auth API, returns access token |
get_auth_headers(access_token) | Create Authorization: Bearer header |
Device API Calls
| Function | Description |
|---|---|
check_health(client) | Verify service is healthy |
list_devices(client, headers) | GET / - list user's devices |
get_device(client, headers, device_id) | GET /{id} - get device details |
create_device(client, headers, name, unique_id, **kwargs) | POST / - create device (admin) |
update_device(client, headers, device_id, **kwargs) | PUT /{id} - update device |
delete_device(client, headers, device_id) | DELETE /{id} - delete device (admin) |
validate_token(client, headers, token) | POST /validate-token - check token (admin) |
claim_device(client, headers, token) | POST /claim - claim device |
unclaim_device(client, headers, device_id) | POST /unclaim/{id} - unclaim device |
Test Strategy
Tests create users and device tokens directly in the database (not via API) to:
- Ensure test independence from auth-service registration flow
- Avoid email verification requirements
- Allow testing both admin and regular user roles
Users are then authenticated via the auth-service login API to obtain real JWT tokens for device API calls.
Permissions Tested
| Operation | Admin | Owner | Shared User | Other User |
|---|---|---|---|---|
| Create Device | ✅ | ❌ | ❌ | ❌ |
| Delete Device | ✅ | ❌ | ❌ | ❌ |
| Update Device | ✅ | ✅ | ❌ | ❌ |
| View Device | ✅ | ✅ | ✅ | ❌ |
| Claim Device | ✅ | ✅ | ✅ | ✅ |
| Unclaim Device | N/A | ✅ | ✅ | ❌ |
| Validate Token | ✅ | ❌ | ❌ | ❌ |