feat: Implement logic to prevent deletion of system tasks and rewards; update APIs and tests accordingly

2026-02-01 16:57:12 -05:00
parent f14de28daa
commit e42c6c1ef2
16 changed files with 324 additions and 87 deletions
--- a/backend/tests/test_image_api.py
+++ b/backend/tests/test_image_api.py
@@ -1,22 +1,53 @@
 # python
 import io
 import os
+from config.paths import get_user_image_dir
 from PIL import Image as PILImage
 import pytest
+
 from flask import Flask
 from api.image_api import image_api, UPLOAD_FOLDER
-from db.db import image_db
+from api.auth_api import auth_api
+from db.db import image_db, users_db
+from tinydb import Query

 IMAGE_TYPE_PROFILE = 1
 IMAGE_TYPE_ICON = 2
 MAX_DIMENSION = 512

+
+# Test user credentials
+TEST_EMAIL = "testuser@example.com"
+TEST_PASSWORD = "testpass"
+
+def add_test_user():
+    users_db.remove(Query().email == TEST_EMAIL)
+    users_db.insert({
+        "id": "testuserid",
+        "first_name": "Test",
+        "last_name": "User",
+        "email": TEST_EMAIL,
+        "password": TEST_PASSWORD,
+        "verified": True,
+        "image_id": "boy01"
+    })
+
+def login_and_set_cookie(client):
+    resp = client.post('/login', json={"email": TEST_EMAIL, "password": TEST_PASSWORD})
+    assert resp.status_code == 200
+    token = resp.headers.get("Set-Cookie")
+    assert token and "token=" in token
+
@pytest.fixture
 def client():
    app = Flask(__name__)
    app.register_blueprint(image_api)
+    app.register_blueprint(auth_api)
    app.config['TESTING'] = True
+    app.config['SECRET_KEY'] = 'supersecretkey'
    with app.test_client() as c:
+        add_test_user()
+        login_and_set_cookie(c)
        yield c
    for f in os.listdir(UPLOAD_FOLDER):
        os.remove(os.path.join(UPLOAD_FOLDER, f))
@@ -76,10 +107,11 @@ def test_upload_valid_jpeg_extension_mapping(client):
    resp = client.post('/image/upload', data=data, content_type='multipart/form-data')
    assert resp.status_code == 200
    j = resp.get_json()
-    # Expected extension should be .jpg (this will fail with current code if format lost)
    filename = j['filename']
-    assert filename.endswith('.jpg'), "JPEG should be saved with .jpg extension (code may be using None format)"
-    path = os.path.join(UPLOAD_FOLDER, filename)
+    # Accept both .jpg and .jpeg extensions
+    assert filename.endswith('.jpg') or filename.endswith('.jpeg'), "JPEG should be saved with .jpg or .jpeg extension"
+    user_dir = get_user_image_dir('testuserid')
+    path = os.path.join(user_dir, filename)
    assert os.path.exists(path)

 def test_upload_png_alpha_preserved(client):
@@ -89,9 +121,10 @@ def test_upload_png_alpha_preserved(client):
    resp = client.post('/image/upload', data=data, content_type='multipart/form-data')
    assert resp.status_code == 200
    j = resp.get_json()
-    path = os.path.join(UPLOAD_FOLDER, j['filename'])
+    user_dir = get_user_image_dir('testuserid')
+    path = os.path.join(user_dir, j['filename'])
+    assert os.path.exists(path)
    with PILImage.open(path) as saved:
-        # Alpha should exist (mode RGBA); if conversion changed it incorrectly this fails
        assert saved.mode in ('RGBA', 'LA')

 def test_upload_large_image_resized(client):
@@ -101,7 +134,9 @@ def test_upload_large_image_resized(client):
    resp = client.post('/image/upload', data=data, content_type='multipart/form-data')
    assert resp.status_code == 200
    j = resp.get_json()
-    path = os.path.join(UPLOAD_FOLDER, j['filename'])
+    user_dir = get_user_image_dir('testuserid')
+    path = os.path.join(user_dir, j['filename'])
+    assert os.path.exists(path)
    with PILImage.open(path) as saved:
        assert saved.width <= MAX_DIMENSION
        assert saved.height <= MAX_DIMENSION