core-framework 0.12.11__tar.gz → 0.12.12__tar.gz

{core_framework-0.12.11 → core_framework-0.12.12}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: core-framework
-Version: 0.12.11
+Version: 0.12.12
 Summary: Core Framework - Django-inspired, FastAPI-powered. Alta performance, baixo acoplamento, produtividade extrema.
 Project-URL: Homepage, https://github.com/SorPuti/core-framework
 Project-URL: Documentation, https://github.com/SorPuti/core-framework#readme

{core_framework-0.12.11 → core_framework-0.12.12}/core/__init__.py

@@ -287,7 +287,7 @@ from core.exceptions import (
     MissingDependency,
 )
 
-__version__ = "0.12.11"
+__version__ = "0.12.12"
 __all__ = [
     # Models
     "Model",

{core_framework-0.12.11 → core_framework-0.12.12}/core/auth/views.py

@@ -88,6 +88,43 @@ class AuthViewSet(ViewSet):
     # ViewSet config
     tags: list[str] = ["auth"]
     
+    # Explicitly disable CRUD endpoints that don't make sense for auth
+    # These would cause 500 errors if called
+    async def list(self, *args, **kwargs):
+        """List is not available on auth endpoint."""
+        raise HTTPException(
+            status_code=405,
+            detail="Method not allowed. Use /auth/me to get current user."
+        )
+    
+    async def retrieve(self, *args, **kwargs):
+        """Retrieve is not available on auth endpoint."""
+        raise HTTPException(
+            status_code=405,
+            detail="Method not allowed. Use /auth/me to get current user."
+        )
+    
+    async def create(self, *args, **kwargs):
+        """Use /auth/register instead."""
+        raise HTTPException(
+            status_code=405,
+            detail="Method not allowed. Use /auth/register to create users."
+        )
+    
+    async def update(self, *args, **kwargs):
+        """Update is not available on auth endpoint."""
+        raise HTTPException(
+            status_code=405,
+            detail="Method not allowed."
+        )
+    
+    async def destroy(self, *args, **kwargs):
+        """Destroy is not available on auth endpoint."""
+        raise HTTPException(
+            status_code=405,
+            detail="Method not allowed."
+        )
+    
     # Cache for dynamic schema
     _dynamic_register_schema: type | None = None
     

{core_framework-0.12.11 → core_framework-0.12.12}/core/cli/main.py

@@ -2266,7 +2266,32 @@ def cmd_check(args: argparse.Namespace) -> int:
                     continue
                 
                 pending_count += 1
-                migration = engine._load_migration(file_path)
+                
+                # Try to load migration with error handling for syntax errors
+                try:
+                    migration = engine._load_migration(file_path)
+                except SyntaxError as e:
+                    print(error(f"\n  {migration_name}: SYNTAX ERROR"))
+                    print(error(f"    File: {file_path}"))
+                    print(error(f"    Line {e.lineno}: {e.msg}"))
+                    if e.text:
+                        print(error(f"    {e.text.strip()}"))
+                    print(warning(f"    Fix the syntax error and run check again."))
+                    total_issues.append(type('Issue', (), {
+                        'severity': Severity.CRITICAL,
+                        'message': f"Syntax error in {migration_name}: {e.msg}"
+                    })())
+                    continue
+                except Exception as e:
+                    print(error(f"\n  {migration_name}: LOAD ERROR"))
+                    print(error(f"    {type(e).__name__}: {e}"))
+                    print(warning(f"    Fix the error and run check again."))
+                    total_issues.append(type('Issue', (), {
+                        'severity': Severity.CRITICAL,
+                        'message': f"Load error in {migration_name}: {e}"
+                    })())
+                    continue
+                
                 result = await analyzer.analyze(
                     migration.operations,
                     conn,
@@ -2373,13 +2398,22 @@ def cmd_reset_db(args: argparse.Namespace) -> int:
                 elif dialect == "mysql":
                     await conn.execute(text("SET FOREIGN_KEY_CHECKS = 0"))
                 
-                # Drop all tables
+                # Drop all tables with CASCADE for PostgreSQL
                 for table in tables:
                     print(f"  Dropping: {table}")
                     try:
-                        await conn.execute(text(f'DROP TABLE IF EXISTS "{table}"'))
+                        if dialect == "postgresql":
+                            # Use CASCADE to handle foreign key dependencies
+                            await conn.execute(text(f'DROP TABLE IF EXISTS "{table}" CASCADE'))
+                        else:
+                            await conn.execute(text(f'DROP TABLE IF EXISTS "{table}"'))
                     except Exception as e:
                         print(warning(f"    Warning: {e}"))
+                        # Rollback and continue with new transaction
+                        try:
+                            await conn.rollback()
+                        except Exception:
+                            pass
                 
                 # Re-enable foreign key checks
                 if dialect == "sqlite":

{core_framework-0.12.11 → core_framework-0.12.12}/core/migrations/operations.py

@@ -18,6 +18,51 @@ if TYPE_CHECKING:
     from sqlalchemy.ext.asyncio import AsyncConnection
 
 
+def _serialize_default(value: Any) -> str:
+    """
+    Serialize a default value for migration file output.
+    
+    Handles:
+    - None -> "None"
+    - Strings -> repr()
+    - Booleans -> "True"/"False"
+    - Callables -> "module.function" (importable reference)
+    - Other -> repr()
+    
+    Args:
+        value: The default value to serialize
+    
+    Returns:
+        String representation suitable for Python code
+    """
+    if value is None:
+        return "None"
+    
+    if callable(value):
+        # Get module and function name for proper serialization
+        module = getattr(value, "__module__", "")
+        name = getattr(value, "__qualname__", "") or getattr(value, "__name__", "")
+        
+        if module and name:
+            # Return importable reference
+            return f"{module}.{name}"
+        
+        # Fallback for lambdas or unnamed functions
+        return "None"
+    
+    if isinstance(value, bool):
+        return str(value)
+    
+    if isinstance(value, str):
+        return repr(value)
+    
+    if isinstance(value, (int, float)):
+        return str(value)
+    
+    # Default: use repr (may not always be valid Python)
+    return repr(value)
+
+
 @dataclass
 class ColumnDef:
     """Definição de uma coluna."""
@@ -300,15 +345,8 @@ class AddColumn(Operation):
     
     def to_code(self) -> str:
         c = self.column
-        # Serializa default de forma segura
-        default_val = "None"
-        if c.default is not None and not callable(c.default):
-            if isinstance(c.default, str):
-                default_val = f"'{c.default}'"
-            elif isinstance(c.default, bool):
-                default_val = str(c.default)
-            else:
-                default_val = repr(c.default)
+        # Serializa default de forma segura usando helper function
+        default_val = _serialize_default(c.default)
         
         return f"""AddColumn(
         table_name='{self.table_name}',

{core_framework-0.12.11 → core_framework-0.12.12}/core/routing.py

@@ -256,8 +256,14 @@ class Router(APIRouter):
             for http_method in action_methods:
                 route_name = f"{basename}-{name}"
                 
+                # Get action-specific permission_classes
+                action_permission_classes = getattr(method, "permission_classes", None)
+                
                 # Captura method em closure para evitar late binding
-                def make_action_endpoint(action_method: Callable) -> Callable:
+                def make_action_endpoint(
+                    action_method: Callable,
+                    perm_classes: list | None = None,
+                ) -> Callable:
                     async def action_endpoint(
                         request: Request,
                         db: AsyncSession = Depends(get_db),
@@ -265,6 +271,13 @@ class Router(APIRouter):
                         data: dict[str, Any] | None = Body(None),
                     ) -> Any:
                         vs = viewset_class()
+                        
+                        # Apply action-specific permissions if defined
+                        if perm_classes:
+                            from core.permissions import check_permissions
+                            perms = [p() if isinstance(p, type) else p for p in perm_classes]
+                            await check_permissions(perms, request, vs)
+                        
                         path_params = request.path_params
                         if data is not None:
                             return await action_method(vs, request, db, data=data, **path_params)
@@ -273,7 +286,7 @@ class Router(APIRouter):
                 
                 self.add_api_route(
                     path,
-                    make_action_endpoint(method),
+                    make_action_endpoint(method, action_permission_classes),
                     methods=[http_method],
                     tags=tags,
                     name=route_name,

{core_framework-0.12.11 → core_framework-0.12.12}/core/views.py

@@ -497,15 +497,25 @@ class ViewSet(Generic[ModelT, InputT, OutputT]):
         """
         Levanta erro padronizado para valor de lookup inválido.
         
+        Returns 422 Validation Error (not 500 Internal Server Error).
+        
         Args:
             value: Valor recebido
             expected_type: Tipo esperado (para mensagem de erro)
         """
         raise HTTPException(
-            status_code=400,
+            status_code=422,
             detail={
-                "error": "invalid_lookup_value",
+                "error": "validation_error",
                 "message": f"Invalid {self.lookup_field} format. Expected {expected_type}.",
+                "errors": [
+                    {
+                        "loc": ["path", self.lookup_field],
+                        "msg": f"Invalid {expected_type} format",
+                        "type": f"{expected_type.lower()}_parsing",
+                        "input": str(value),
+                    }
+                ],
                 "field": self.lookup_field,
                 "value": str(value),
                 "expected_type": expected_type,

{core_framework-0.12.11 → core_framework-0.12.12}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "core-framework"
-version = "0.12.11"
+version = "0.12.12"
 description = "Core Framework - Django-inspired, FastAPI-powered. Alta performance, baixo acoplamento, produtividade extrema."
 requires-python = ">=3.10,<4.0"
 readme = "README.md"

core_framework-0.12.12/tests/test_issues_fixes.py

@@ -0,0 +1,264 @@
+"""
+Tests for issues fixed in v0.12.12.
+
+Issue #1: UUID inválido retorna 500 em vez de 422
+Issue #2: permission_classes in @action decorator not applied
+Issue #3: AuthViewSet list/retrieve endpoints return 500
+Issue #4: AuthViewSet retrieve expects integer but system uses UUID
+Issue #5: makemigrations serializes function references incorrectly
+Issue #6: reset_db does not use CASCADE
+Issue #7: check command fails when migration has syntax errors
+"""
+
+import pytest
+from unittest.mock import MagicMock, AsyncMock, patch
+from typing import Optional
+
+
+class TestIssue1UUIDValidation:
+    """Issue #1: UUID validation should return 422, not 500."""
+    
+    def test_invalid_uuid_raises_422(self):
+        """Invalid UUID should raise 422 with proper error format."""
+        from core.views import ViewSet
+        from fastapi import HTTPException
+        
+        class TestViewSet(ViewSet):
+            model = MagicMock()
+            lookup_field = "id"
+        
+        viewset = TestViewSet()
+        
+        # Mock _get_lookup_field_type to return UUID type
+        mock_uuid_type = MagicMock()
+        mock_uuid_type.__class__.__name__ = "UUID"
+        
+        with patch.object(viewset, "_get_lookup_field_type", return_value=mock_uuid_type):
+            with pytest.raises(HTTPException) as exc_info:
+                viewset._convert_lookup_value("invalid-uuid")
+            
+            assert exc_info.value.status_code == 422
+            assert "validation_error" in str(exc_info.value.detail)
+    
+    def test_error_format_matches_pydantic(self):
+        """Error format should match Pydantic validation errors."""
+        from core.views import ViewSet
+        from fastapi import HTTPException
+        
+        class TestViewSet(ViewSet):
+            model = MagicMock()
+            lookup_field = "workspace_id"
+        
+        viewset = TestViewSet()
+        
+        mock_uuid_type = MagicMock()
+        mock_uuid_type.__class__.__name__ = "UUID"
+        
+        with patch.object(viewset, "_get_lookup_field_type", return_value=mock_uuid_type):
+            with pytest.raises(HTTPException) as exc_info:
+                viewset._convert_lookup_value("not-a-uuid")
+            
+            detail = exc_info.value.detail
+            assert "errors" in detail
+            assert detail["errors"][0]["loc"] == ["path", "workspace_id"]
+            assert "uuid" in detail["errors"][0]["type"].lower()
+
+
+class TestIssue2ActionPermissions:
+    """Issue #2: permission_classes in @action decorator should be applied."""
+    
+    def test_action_stores_permission_classes(self):
+        """@action decorator should store permission_classes."""
+        from core.views import action
+        from core.permissions import IsAuthenticated
+        
+        @action(methods=["POST"], detail=True, permission_classes=[IsAuthenticated])
+        async def my_action(self, request, db, **kwargs):
+            pass
+        
+        assert my_action.permission_classes == [IsAuthenticated]
+    
+    def test_action_without_permissions(self):
+        """@action without permissions should have None."""
+        from core.views import action
+        
+        @action(methods=["GET"], detail=False)
+        async def my_action(self, request, db, **kwargs):
+            pass
+        
+        assert my_action.permission_classes is None
+
+
+class TestIssue3AuthViewSetEndpoints:
+    """Issue #3: AuthViewSet list/retrieve should return 405."""
+    
+    @pytest.mark.asyncio
+    async def test_list_returns_405(self):
+        """AuthViewSet.list() should return 405."""
+        from core.auth.views import AuthViewSet
+        from fastapi import HTTPException
+        
+        viewset = AuthViewSet()
+        
+        with pytest.raises(HTTPException) as exc_info:
+            await viewset.list()
+        
+        assert exc_info.value.status_code == 405
+        assert "not allowed" in exc_info.value.detail.lower()
+    
+    @pytest.mark.asyncio
+    async def test_retrieve_returns_405(self):
+        """AuthViewSet.retrieve() should return 405."""
+        from core.auth.views import AuthViewSet
+        from fastapi import HTTPException
+        
+        viewset = AuthViewSet()
+        
+        with pytest.raises(HTTPException) as exc_info:
+            await viewset.retrieve()
+        
+        assert exc_info.value.status_code == 405
+    
+    @pytest.mark.asyncio
+    async def test_create_returns_405(self):
+        """AuthViewSet.create() should return 405 (use /register)."""
+        from core.auth.views import AuthViewSet
+        from fastapi import HTTPException
+        
+        viewset = AuthViewSet()
+        
+        with pytest.raises(HTTPException) as exc_info:
+            await viewset.create()
+        
+        assert exc_info.value.status_code == 405
+        assert "register" in exc_info.value.detail.lower()
+    
+    @pytest.mark.asyncio
+    async def test_update_returns_405(self):
+        """AuthViewSet.update() should return 405."""
+        from core.auth.views import AuthViewSet
+        from fastapi import HTTPException
+        
+        viewset = AuthViewSet()
+        
+        with pytest.raises(HTTPException) as exc_info:
+            await viewset.update()
+        
+        assert exc_info.value.status_code == 405
+    
+    @pytest.mark.asyncio
+    async def test_destroy_returns_405(self):
+        """AuthViewSet.destroy() should return 405."""
+        from core.auth.views import AuthViewSet
+        from fastapi import HTTPException
+        
+        viewset = AuthViewSet()
+        
+        with pytest.raises(HTTPException) as exc_info:
+            await viewset.destroy()
+        
+        assert exc_info.value.status_code == 405
+
+
+class TestIssue5MigrationSerialization:
+    """Issue #5: Function references should be serialized correctly."""
+    
+    def test_serialize_none(self):
+        """None should serialize to 'None'."""
+        from core.migrations.operations import _serialize_default
+        
+        assert _serialize_default(None) == "None"
+    
+    def test_serialize_string(self):
+        """Strings should use repr()."""
+        from core.migrations.operations import _serialize_default
+        
+        result = _serialize_default("hello")
+        assert result == "'hello'"
+    
+    def test_serialize_bool(self):
+        """Booleans should serialize to 'True'/'False'."""
+        from core.migrations.operations import _serialize_default
+        
+        assert _serialize_default(True) == "True"
+        assert _serialize_default(False) == "False"
+    
+    def test_serialize_number(self):
+        """Numbers should serialize correctly."""
+        from core.migrations.operations import _serialize_default
+        
+        assert _serialize_default(42) == "42"
+        assert _serialize_default(3.14) == "3.14"
+    
+    def test_serialize_callable(self):
+        """Callables should serialize to module.function format."""
+        from core.migrations.operations import _serialize_default
+        from core.datetime import timezone
+        
+        result = _serialize_default(timezone.now)
+        
+        # Should be a valid Python reference, not <function ... at 0x...>
+        assert "<function" not in result
+        assert "0x" not in result
+        # Should contain the function name
+        assert "now" in result
+    
+    def test_serialize_lambda_returns_none(self):
+        """Lambdas (no module) should fallback to 'None'."""
+        from core.migrations.operations import _serialize_default
+        
+        # Lambdas don't have meaningful __module__ path
+        result = _serialize_default(lambda: None)
+        # Should not contain <function
+        assert "<function" not in result
+
+
+class TestIssue6ResetDbCascade:
+    """Issue #6: reset_db should use CASCADE for PostgreSQL."""
+    
+    def test_cascade_in_drop_statement(self):
+        """PostgreSQL should use CASCADE when dropping tables."""
+        # This is more of an integration test - we verify the code path exists
+        from core.cli.main import cmd_reset_db
+        
+        # The fix is in the code, we just verify the function exists
+        assert cmd_reset_db is not None
+
+
+class TestIssue7CheckCommandSyntaxError:
+    """Issue #7: check command should handle syntax errors gracefully."""
+    
+    def test_syntax_error_handling(self):
+        """Check command should report syntax errors without crashing."""
+        # This test verifies the error handling code exists
+        # Full integration test would require mocking the file system
+        from core.cli.main import cmd_check
+        
+        assert cmd_check is not None
+
+
+class TestValidUUIDConversion:
+    """Test that valid UUIDs are properly converted."""
+    
+    def test_valid_uuid_is_converted(self):
+        """Valid UUID string should be converted to UUID object."""
+        from core.views import ViewSet
+        import uuid
+        
+        class TestViewSet(ViewSet):
+            model = MagicMock()
+            lookup_field = "id"
+        
+        viewset = TestViewSet()
+        
+        # Mock _get_lookup_field_type to return UUID type
+        mock_uuid_type = MagicMock()
+        mock_uuid_type.__class__.__name__ = "UUID"
+        
+        valid_uuid = "019c2476-9cac-76e6-8836-4c031d186b6e"
+        
+        with patch.object(viewset, "_get_lookup_field_type", return_value=mock_uuid_type):
+            result = viewset._convert_lookup_value(valid_uuid)
+        
+        assert isinstance(result, uuid.UUID)
+        assert str(result) == valid_uuid