coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

test: add comprehensive integration test suite for IAM platform

Browse Source 
Add 162 integration tests covering authentication flows, TOTP MFA,
SSH key/certificate management, organization workflows, multi-org
access, self-service features, admin operations, authorization,
security edge cases, department/principal management, CA management,
policy compliance, WebAuthn passkeys, and ZeroTier network access.

Includes:
- Reusable API client library with session management
- Test fixtures for users, organizations, memberships, and CAs
- Helper functions for SSH key generation and verification
- Documentation for running and writing tests

Also update test configuration to disable conflicting maas plugins
and configure WebAuthn/session settings for localhost testing.
This commit is contained in:
Cory Hawkvelt
2026-04-23 15:41:37 +09:30
parent eb2fc6c8b3
commit 015c622016
36 changed files with 5446 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/integration/client/admin.py
+53
View File
@@ -0,0 +1,53 @@
"""Admin client for integration tests."""
import logging
logger = logging.getLogger(__name__)
class AdminClient:
"""Wraps admin-only API calls."""
def __init__(self, client):
self._client = client
def list_users(self) -> dict:
"""List all users (paginated)."""
return self._client.get("/admin/users")
def get_user(self, user_id: str) -> dict:
"""Get a single user by ID."""
return self._client.get(f"/admin/users/{user_id}")
def suspend_user(self, user_id: str) -> dict:
"""Suspend a user account."""
return self._client.post(f"/admin/users/{user_id}/suspend")
def unsuspend_user(self, user_id: str) -> dict:
"""Unsuspend a user account."""
return self._client.post(f"/admin/users/{user_id}/unsuspend")
def verify_user_email(self, user_id: str) -> dict:
"""Admin-verify a user's email."""
return self._client.post(f"/admin/users/{user_id}/verify-email")
def set_user_password(self, user_id: str, new_password: str) -> dict:
"""Set a user's password (admin override)."""
return self._client.post(
f"/admin/users/{user_id}/password",
data={"password": new_password},
)
def remove_user_mfa(self, user_id: str, mfa_type: str = "totp") -> dict:
"""Remove a user's MFA method."""
return self._client.delete(f"/admin/users/{user_id}/mfa/{mfa_type}")
def hard_delete_user(self, user_id: str, confirm: bool = False) -> dict:
"""Hard-delete a user."""
return self._client.post(
f"/admin/users/{user_id}/delete",
data={"confirm": confirm},
)
def list_audit_logs(self) -> dict:
"""List system-wide audit logs."""
return self._client.get("/audit-logs")