Merge pull request #30 from codewithme-py/feat/tests-coverage

test: add comprehensive test suite and improve service robustness and model defaults

Author: codewithme-py

.github/workflows/ci.yaml

@@ -61,7 +61,7 @@ jobs:
         run: uv run ruff check .
 
       - name: Run tests
-        run: uv run pytest # --cov-fail-under=70 Temporarily disabled
+        run: uv run pytest --cov-fail-under=95
 
       - name: Run mypy
         run: uv run mypy .

app/shared/dtos.py Noneapp/shared/dtos.py renamed to None

@@ -90,7 +90,7 @@ def docs_link_formatter(model: Any, name: Any) -> Any:
         return Markup(', '.join(links))
 
 
-class VerificationRequestAdmin(ModelView, model=VerificationRequest):
+class VerificationRequestAdmin(AdminAccessMixin, model=VerificationRequest):
     column_list = [
         VerificationRequest.id,
         VerificationRequest.user_id,

app/core/admin/admin.py

@@ -39,10 +39,16 @@ class Settings(BaseSettings):
     max_file_size_bytes: int = Field(alias='MAX_FILE_SIZE_BYTES')
     secret_key: str = Field(alias='SECRET_KEY')
     debug_mode: bool = Field(default=False, alias='DEBUG_MODE')
+    unverified_seller_limit: int = 3
+    verified_seller_limit: int = 100
 
     @computed_field
     def database_url(self) -> str:
         return f'postgresql+asyncpg://{self.db_user}:{self.db_password}@{self.db_host}:{self.db_port}/{self.db_name}'
 
+    @computed_field
+    def database_url_masked(self) -> str:
+        return f'postgresql+asyncpg://{self.db_user}:****@{self.db_host}:{self.db_port}/{self.db_name}'
+
 
 settings = Settings()

app/core/config.py

@@ -7,6 +7,7 @@
     InsufficientInventoryError,
     NotFoundError,
     PermissionDeniedError,
+    SellerLimitExceededError,
     UserAlreadyExists,
     VerificationRequestAlreadyExists,
 )
@@ -76,3 +77,12 @@ async def verification_request_already_exists_handler(
         status_code=status.HTTP_400_BAD_REQUEST,
         content={'detail': str(exc) or 'Verification request already exists'},
     )
+
+
+async def seller_limit_exceeded_handler(
+    request: Request, exc: SellerLimitExceededError
+) -> JSONResponse:
+    return JSONResponse(
+        status_code=status.HTTP_400_BAD_REQUEST,
+        content={'detail': str(exc) or 'Seller limit exceeded'},
+    )

app/core/exception_handlers.py

@@ -11,6 +11,13 @@ class UserAlreadyExists(AppError):
     """User with such email already exists."""
 
 
+class SellerLimitExceededError(AppError):
+    """Seller product listing limit exceeded."""
+
+    def __init__(self, message: str = 'Seller product listing limit exceeded'):
+        super().__init__(message=message)
+
+
 class CredentialsError(AppError):
     """Invalid credentials."""
 

app/core/exceptions.py

@@ -1,20 +1,20 @@
-import logging
-from collections.abc import AsyncGenerator
+from collections.abc import AsyncIterator
 from contextlib import asynccontextmanager
 from typing import Any
 
 import aioboto3  # type: ignore
+import structlog
 from botocore.exceptions import ClientError
 
 from app.core.config import settings
 
-logger = logging.getLogger(__name__)
+logger = structlog.get_logger(__name__)
 
 session = aioboto3.Session()
 
 
 @asynccontextmanager
-async def get_s3_client() -> AsyncGenerator[Any, None]:
+async def get_s3_client() -> AsyncIterator[Any]:
     async with session.client(
         's3',
         endpoint_url=settings.minio_url,

app/core/s3.py

@@ -61,9 +61,12 @@ async def check_permission(
 def check_ownership(user: User, obj: Any) -> None:
     if user.role in (UserRole.ADMIN, UserRole.MODERATOR):
         return
-    if not hasattr(obj, 'owner_id'):
-        raise ValueError(f'Object {type(obj)} does not have owner_id')
-    if obj.owner_id != user.id:
+    owner_attr = 'owner_id'
+    if not hasattr(obj, 'owner_id') and hasattr(obj, 'user_id'):
+        owner_attr = 'user_id'
+    if not hasattr(obj, owner_attr):
+        raise ValueError(f'Object {type(obj)} does not have owner_id or user_id')
+    if getattr(obj, owner_attr) != user.id:
         raise PermissionDeniedError
 
 

app/core/security.py

@@ -6,6 +6,7 @@
     insufficient_inventory_error_handler,
     not_found_error_handler,
     permission_denied_handler,
+    seller_limit_exceeded_handler,
     user_already_exists_handler,
     verification_request_already_exists_handler,
 )
@@ -15,6 +16,7 @@
     InsufficientInventoryError,
     NotFoundError,
     PermissionDeniedError,
+    SellerLimitExceededError,
     UserAlreadyExists,
     VerificationRequestAlreadyExists,
 )
@@ -37,3 +39,7 @@ def setup_exception_handlers(app: FastAPI) -> None:
         VerificationRequestAlreadyExists,
         verification_request_already_exists_handler,  # type: ignore[arg-type]
     )
+    app.add_exception_handler(
+        SellerLimitExceededError,
+        seller_limit_exceeded_handler,  # type: ignore[arg-type]
+    )

app/core/setup.py

@@ -30,7 +30,7 @@
 SELLER_DEPENDENCY = Depends(
     RoleChecker(
         allowed_roles=[UserRole.SELLER, UserRole.SELLER_B2B],
-        required_verified=True,
+        required_verified=False,
     )
 )
 ADMIN_DEPENDENCY = Depends(