test(spp_api_v2): add coverage for records without valid identifiers

Author: pmigueld

spp_api_v2/tests/test_group_api.py

@@ -134,6 +134,35 @@ def test_read_group_not_found(self):
 
         self.assertEqual(response.status_code, 404)
 
+    def test_read_group_no_identifiers_returns_404(self):
+        """GET group without valid identifiers returns 404"""
+        no_id_group = self.env["res.partner"].create(
+            {
+                "name": "No Identifier Group",
+                "is_registrant": True,
+                "is_group": True,
+            }
+        )
+        self.env["spp.registry.id"].create(
+            {
+                "registrant_id": no_id_group.id,
+                "value": "NO-TYPE-GRP-001",
+            }
+        )
+
+        no_consent_client = self.create_api_client(
+            name="No Consent Client For Group 404",
+            scopes=[{"resource": "group", "action": "read"}],
+            require_consent=False,
+            legal_basis="public_interest",
+        )
+        token = self.generate_jwt_token(no_consent_client)
+
+        url = f"{self.api_base_url}/urn:openspp:vocab:id-type%23test_national_id|NO-TYPE-GRP-001"
+        response = self.url_open(url, headers=self._get_headers(token=token))
+
+        self.assertEqual(response.status_code, 404)
+
     def test_read_group_invalid_format(self):
         """GET with invalid identifier format returns 400"""
         url = f"{self.api_base_url}/INVALID-FORMAT"

spp_api_v2/tests/test_group_service.py

@@ -322,6 +322,36 @@ def test_to_api_schema_no_members(self):
         self.assertNotIn("member", data)
         self.assertNotIn("quantity", data)
 
+    def test_to_api_schema_member_without_identifiers_skipped(self):
+        """Members without valid identifiers are skipped from member list"""
+        # Create an individual without registry IDs
+        no_id_individual = self.env["res.partner"].create(
+            {
+                "name": "No ID Member",
+                "is_registrant": True,
+                "is_group": False,
+            }
+        )
+        group = self.create_test_group(identifier_value="HH-MEMBER-SKIP")
+
+        # Create membership directly (bypassing the API which would validate)
+        self.env["spp.group.membership"].create(
+            {
+                "group": group.id,
+                "individual": no_id_individual.id,
+            }
+        )
+
+        data = self.service.to_api_schema(group)
+
+        # Member without identifiers should be skipped
+        if "member" in data:
+            for member in data["member"]:
+                self.assertNotIn(
+                    "No ID Member",
+                    member.get("entity", {}).get("display", ""),
+                )
+
     def test_create_member_invalid_reference_ignored(self):
         """Invalid member references are logged and ignored"""
         schema = Group(

spp_api_v2/tests/test_individual_api.py

@@ -108,6 +108,41 @@ def test_read_individual_not_found(self):
 
         self.assertEqual(response.status_code, 404)
 
+    def test_read_individual_no_identifiers_returns_404(self):
+        """GET individual without valid identifiers returns 404"""
+        # Create individual without registry IDs but with a known identifier
+        # to look it up. The partner exists but has no reg_ids, so
+        # to_api_schema returns None and the router returns 404.
+        no_id_partner = self.env["res.partner"].create(
+            {
+                "name": "No Identifier Person",
+                "is_registrant": True,
+                "is_group": False,
+            }
+        )
+        # Add a reg_id with a value but no id_type (invalid identifier)
+        self.env["spp.registry.id"].create(
+            {
+                "registrant_id": no_id_partner.id,
+                "value": "NO-TYPE-001",
+            }
+        )
+
+        no_consent_client = self.create_api_client(
+            name="No Consent Client For 404",
+            scopes=[{"resource": "individual", "action": "read"}],
+            require_consent=False,
+            legal_basis="public_interest",
+        )
+        token = self.generate_jwt_token(no_consent_client)
+
+        url = f"{self.api_base_url}/urn:openspp:vocab:id-type%23test_national_id|NO-TYPE-001"
+        response = self.url_open(url, headers=self._get_headers(token=token))
+
+        # Partner exists but to_api_schema returns None (no valid identifiers)
+        # Router should return 404
+        self.assertEqual(response.status_code, 404)
+
     def test_read_individual_invalid_format(self):
         """GET with invalid identifier format returns 400"""
         url = f"{self.api_base_url}/INVALID-FORMAT"