Skip to content

Commit ac1f1a5

Browse files
lsteinlstein
committed
chore(backend): ruff
1 parent 61c884c commit ac1f1a5

1 file changed

Lines changed: 10 additions & 28 deletions

File tree

tests/app/routers/test_multiuser_authorization.py

Lines changed: 10 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010

1111
import logging
1212
from typing import Any
13-
from unittest.mock import MagicMock, patch
13+
from unittest.mock import MagicMock
1414

1515
import pytest
1616
from fastapi import status
@@ -237,9 +237,7 @@ def test_remove_images_from_board_batch_requires_auth(self, enable_multiuser: An
237237
r = client.post("/api/v1/board_images/batch/delete", json={"image_names": ["y"]})
238238
assert r.status_code == status.HTTP_401_UNAUTHORIZED
239239

240-
def test_non_owner_cannot_add_image_to_shared_board(
241-
self, client: TestClient, user1_token: str, user2_token: str
242-
):
240+
def test_non_owner_cannot_add_image_to_shared_board(self, client: TestClient, user1_token: str, user2_token: str):
243241
board_id = _create_board(client, user1_token, "User1 Shared Board")
244242
_share_board(client, user1_token, board_id)
245243

@@ -263,9 +261,7 @@ def test_non_owner_cannot_add_images_batch_to_shared_board(
263261
)
264262
assert r.status_code == status.HTTP_403_FORBIDDEN
265263

266-
def test_admin_can_add_image_to_any_board(
267-
self, client: TestClient, admin_token: str, user1_token: str
268-
):
264+
def test_admin_can_add_image_to_any_board(self, client: TestClient, admin_token: str, user1_token: str):
269265
board_id = _create_board(client, user1_token, "User1 Board For Admin")
270266

271267
# This may 500 because the image doesn't exist in the DB, but it should NOT be 403
@@ -329,9 +325,7 @@ def test_non_owner_cannot_read_private_image(
329325
r = client.get("/api/v1/images/i/user1-private-img", headers=_auth(user2_token))
330326
assert r.status_code == status.HTTP_403_FORBIDDEN
331327

332-
def test_owner_can_read_own_image(
333-
self, client: TestClient, mock_invoker: Invoker, user1_token: str
334-
):
328+
def test_owner_can_read_own_image(self, client: TestClient, mock_invoker: Invoker, user1_token: str):
335329
user1 = mock_invoker.services.users.get_by_email("user1@test.com")
336330
assert user1 is not None
337331
_save_image(mock_invoker, "user1-readable", user1.user_id)
@@ -361,9 +355,7 @@ def test_shared_board_image_readable_by_other_user(
361355
# Create a shared board and add the image to it
362356
board_id = _create_board(client, user1_token, "Shared Read Board")
363357
_share_board(client, user1_token, board_id)
364-
mock_invoker.services.board_image_records.add_image_to_board(
365-
board_id=board_id, image_name="shared-board-img"
366-
)
358+
mock_invoker.services.board_image_records.add_image_to_board(board_id=board_id, image_name="shared-board-img")
367359

368360
r = client.get("/api/v1/images/i/shared-board-img", headers=_auth(user2_token))
369361
# Should not be 403 — image is on a shared board
@@ -388,9 +380,7 @@ def test_non_owner_cannot_read_image_metadata(
388380
class TestImageUploadAuth:
389381
"""Tests that image upload enforces board ownership."""
390382

391-
def test_upload_to_other_users_shared_board_forbidden(
392-
self, client: TestClient, user1_token: str, user2_token: str
393-
):
383+
def test_upload_to_other_users_shared_board_forbidden(self, client: TestClient, user1_token: str, user2_token: str):
394384
"""A user should not be able to upload an image into another user's shared board."""
395385
board_id = _create_board(client, user1_token, "User1 Shared Upload Board")
396386
_share_board(client, user1_token, board_id)
@@ -406,9 +396,7 @@ def test_upload_to_other_users_shared_board_forbidden(
406396
)
407397
assert r.status_code == status.HTTP_403_FORBIDDEN
408398

409-
def test_owner_can_upload_to_own_shared_board(
410-
self, client: TestClient, user1_token: str
411-
):
399+
def test_owner_can_upload_to_own_shared_board(self, client: TestClient, user1_token: str):
412400
board_id = _create_board(client, user1_token, "User1 Own Upload Board")
413401
_share_board(client, user1_token, board_id)
414402

@@ -466,9 +454,7 @@ def test_non_owner_cannot_delete_image(
466454
r = client.delete("/api/v1/images/i/user1-image", headers=_auth(user2_token))
467455
assert r.status_code == status.HTTP_403_FORBIDDEN
468456

469-
def test_owner_can_delete_own_image(
470-
self, client: TestClient, mock_invoker: Invoker, user1_token: str
471-
):
457+
def test_owner_can_delete_own_image(self, client: TestClient, mock_invoker: Invoker, user1_token: str):
472458
user1 = mock_invoker.services.users.get_by_email("user1@test.com")
473459
assert user1 is not None
474460
_save_image(mock_invoker, "user1-delete-me", user1.user_id)
@@ -596,9 +582,7 @@ def test_update_opened_at_requires_auth(self, enable_multiuser: Any, client: Tes
596582
r = client.put("/api/v1/workflows/i/some-id/opened_at")
597583
assert r.status_code == status.HTTP_401_UNAUTHORIZED
598584

599-
def test_non_owner_cannot_update_opened_at(
600-
self, client: TestClient, user1_token: str, user2_token: str
601-
):
585+
def test_non_owner_cannot_update_opened_at(self, client: TestClient, user1_token: str, user2_token: str):
602586
workflow_id = _create_workflow(client, user1_token)
603587
r = client.put(
604588
f"/api/v1/workflows/i/{workflow_id}/opened_at",
@@ -642,9 +626,7 @@ def test_thumbnail_is_unauthenticated(self, enable_multiuser: Any, client: TestC
642626
class TestAdminEmailLeak:
643627
"""Tests that the auth status endpoint does not leak admin email."""
644628

645-
def test_status_does_not_leak_admin_email_when_setup_complete(
646-
self, client: TestClient, admin_token: str
647-
):
629+
def test_status_does_not_leak_admin_email_when_setup_complete(self, client: TestClient, admin_token: str):
648630
"""After setup is complete, admin_email must be null."""
649631
r = client.get("/api/v1/auth/status")
650632
assert r.status_code == 200

0 commit comments

Comments
 (0)