|
29 | 29 | TEST_USER_ID = "00000000-0000-0000-0000-000" |
30 | 30 | TEST_USERNAME = "lightspeed-user" |
31 | 31 | TEST_CONVERSATION_ID = "a1b2c3d4-e5f6-7890-abcd-ef1234567890" |
| 32 | +TEST_SECOND_CONVERSATION_ID = "22222222-2222-2222-2222-222222222222" |
32 | 33 | TEST_REQUEST_ID = "123e4567-e89b-12d3-a456-426614174000" |
33 | 34 | TEST_OTHER_USER_ID = "11111111-1111-1111-1111-111111111111" |
34 | 35 | TEST_NON_EXISTENT_ID = "00000000-0000-0000-0000-000000000001" |
| 36 | +TEST_INVALID_ID = "invalid-id-format" |
35 | 37 |
|
36 | 38 | # Test Model/Provider |
37 | 39 | TEST_MODEL = "test-provider/test-model" |
@@ -303,6 +305,39 @@ async def test_auth_fixture(test_request: Request) -> AuthTuple: |
303 | 305 | return await noop_auth(test_request) |
304 | 306 |
|
305 | 307 |
|
| 308 | +@pytest.fixture(name="non_admin_test_request") |
| 309 | +def non_admin_test_request_fixture( |
| 310 | + test_request: Request, mocker: Any |
| 311 | +) -> Generator[Request, None, None]: |
| 312 | + """Create a test request with standard user permissions (no elevated OTHERS permissions). |
| 313 | +
|
| 314 | + This fixture patches the authorization system to grant only standard user actions, |
| 315 | + excluding elevated permissions like LIST_OTHERS_CONVERSATIONS, DELETE_OTHERS_CONVERSATIONS, etc. |
| 316 | + This allows testing user isolation in integration tests. |
| 317 | +
|
| 318 | + Parameters: |
| 319 | + test_request: Base request fixture |
| 320 | + mocker: pytest-mock fixture |
| 321 | +
|
| 322 | + Yields: |
| 323 | + Request: Test request that will have limited permissions when used with @authorize decorator |
| 324 | + """ |
| 325 | + # Define standard user actions (excluding OTHERS and ADMIN permissions) |
| 326 | + standard_actions = { |
| 327 | + Action.LIST_CONVERSATIONS, |
| 328 | + Action.GET_CONVERSATION, |
| 329 | + Action.DELETE_CONVERSATION, |
| 330 | + Action.UPDATE_CONVERSATION, |
| 331 | + } |
| 332 | + |
| 333 | + # Patch the NoopAccessResolver to return limited actions |
| 334 | + mocker.patch( |
| 335 | + "authorization.resolvers.NoopAccessResolver.get_actions", |
| 336 | + return_value=standard_actions, |
| 337 | + ) |
| 338 | + yield test_request |
| 339 | + |
| 340 | + |
306 | 341 | @pytest.fixture(name="integration_http_client") |
307 | 342 | def integration_http_client_fixture( |
308 | 343 | test_config: object, |
@@ -419,9 +454,12 @@ def mock_llama_stack_client_fixture( |
419 | 454 |
|
420 | 455 | # Patch AsyncLlamaStackClientHolder at multiple import locations |
421 | 456 | # This ensures the mock is active both during app startup (app.main) |
422 | | - # and during endpoint execution (app.endpoints.query) |
| 457 | + # and during endpoint execution (query, conversations_v1, responses, etc.) |
423 | 458 | mock_holder_class = mocker.patch("app.endpoints.query.AsyncLlamaStackClientHolder") |
424 | 459 | mocker.patch("app.main.AsyncLlamaStackClientHolder", mock_holder_class) |
| 460 | + mocker.patch( |
| 461 | + "app.endpoints.conversations_v1.AsyncLlamaStackClientHolder", mock_holder_class |
| 462 | + ) |
425 | 463 |
|
426 | 464 | mock_client = mocker.AsyncMock() |
427 | 465 |
|
|
0 commit comments