django-bolt 0.1.0__cp310-abi3-win_amd64.whl

django_bolt/tests/test_middleware_server.py

@@ -0,0 +1,230 @@
+"""
+Integration test for middleware with TestClient
+"""
+import jwt
+import time
+import pytest
+from django_bolt import BoltAPI
+from django_bolt.middleware import rate_limit, cors
+from django_bolt.auth import JWTAuthentication, APIKeyAuthentication
+from django_bolt.auth import IsAuthenticated
+from django_bolt.testing import TestClient
+
+
+@pytest.fixture(scope="module")
+def api():
+    """Create test API with various middleware configurations"""
+    # Setup minimal Django for testing
+    import django
+    from django.conf import settings
+
+    if not settings.configured:
+        settings.configure(
+            DEBUG=True,
+            SECRET_KEY='test-secret-key-for-middleware',
+            INSTALLED_APPS=[
+                'django.contrib.contenttypes',
+                'django.contrib.auth',
+                'django_bolt',
+            ],
+            DATABASES={
+                'default': {
+                    'ENGINE': 'django.db.backends.sqlite3',
+                    'NAME': ':memory:',
+                }
+            },
+            USE_TZ=True,
+        )
+        django.setup()
+
+    api = BoltAPI(
+        middleware_config={
+            'cors': {
+                'origins': ['http://localhost:3000'],
+                'credentials': True
+            }
+        }
+    )
+
+    @api.get("/")
+    async def root():
+        return {"message": "Hello, middleware!"}
+
+    @api.get("/rate-limited")
+    @rate_limit(rps=5, burst=10)
+    async def rate_limited_endpoint():
+        return {"message": "This endpoint is rate limited", "timestamp": time.time()}
+
+    @api.get("/cors-test")
+    @cors(origins=["http://localhost:3000", "http://example.com"], credentials=True)
+    async def cors_endpoint():
+        return {"cors": "enabled"}
+
+    @api.get(
+        "/protected-jwt",
+        auth=[JWTAuthentication(secret="test-secret")],
+        guards=[IsAuthenticated()]
+    )
+    async def jwt_protected():
+        return {"message": "JWT protected content"}
+
+    @api.get(
+        "/protected-api-key",
+        auth=[APIKeyAuthentication(
+            api_keys={"test-key-123", "test-key-456"},
+            header="authorization"
+        )],
+        guards=[IsAuthenticated()]
+    )
+    async def api_key_protected():
+        return {"message": "API key protected content"}
+
+    @api.get(
+        "/context-test",
+        auth=[APIKeyAuthentication(
+            api_keys={"test-key"},
+            header="authorization"
+        )],
+        guards=[IsAuthenticated()]
+    )
+    async def context_endpoint(request: dict):
+        """Test that middleware context is available"""
+        context = request.get("context", None)
+        return {
+            "has_context": context is not None,
+            "context_keys": list(context.keys()) if context and hasattr(context, 'keys') else []
+        }
+
+    return api
+
+
+@pytest.fixture(scope="module")
+def client(api):
+    """Create TestClient for the API (fast mode - direct dispatch)"""
+    with TestClient(api) as client:
+        yield client
+
+
+@pytest.fixture(scope="module")
+def http_client(api):
+    """Create TestClient with HTTP layer enabled (for middleware testing)"""
+    with TestClient(api, use_http_layer=True) as client:
+        yield client
+
+
+def test_basic_endpoint(client):
+    """Test basic endpoint"""
+    response = client.get("/")
+    assert response.status_code == 200
+    assert response.json() == {"message": "Hello, middleware!"}
+
+
+def test_compression_http_layer(http_client):
+    """Test that compression middleware is applied in HTTP layer"""
+    # Request with Accept-Encoding header
+    response = http_client.get("/", headers={"Accept-Encoding": "gzip"})
+    assert response.status_code == 200
+    assert response.json() == {"message": "Hello, middleware!"}
+    # Note: httpx automatically decompresses, so we won't see content-encoding in response
+    # But the middleware is applied in Actix layer
+
+
+def test_rate_limiting(http_client):
+    """Test rate limiting"""
+    # The rate limit is 5 rps with burst of 10
+    # First 10 requests should succeed (burst)
+    for i in range(10):
+        response = http_client.get("/rate-limited")
+        assert response.status_code == 200, f"Request {i+1} failed"
+
+    # Next request should be rate limited
+    response = http_client.get("/rate-limited")
+    assert response.status_code == 429  # Too Many Requests
+    assert "retry-after" in response.headers
+
+
+def test_cors_headers(http_client):
+    """Test CORS headers"""
+    response = http_client.get("/cors-test", headers={"Origin": "http://localhost:3000"})
+    assert response.status_code == 200
+    assert response.json() == {"cors": "enabled"}
+    # Check CORS headers
+    assert "access-control-allow-origin" in response.headers
+    assert response.headers["access-control-allow-origin"] == "http://localhost:3000"
+
+
+def test_cors_preflight(http_client):
+    """Test CORS preflight (OPTIONS)"""
+    response = http_client.options(
+        "/cors-test",
+        headers={
+            "Origin": "http://localhost:3000",
+            "Access-Control-Request-Method": "GET",
+            "Access-Control-Request-Headers": "Content-Type"
+        }
+    )
+    # Preflight should return 204
+    assert response.status_code == 204
+    # Check preflight headers
+    assert "access-control-allow-origin" in response.headers
+    assert "access-control-allow-methods" in response.headers
+    assert "access-control-allow-headers" in response.headers
+
+
+def test_jwt_auth_without_token(client):
+    """Test JWT authentication without token"""
+    response = client.get("/protected-jwt")
+    assert response.status_code == 401
+
+
+def test_jwt_auth_with_valid_token(client):
+    """Test JWT authentication with valid token"""
+    token = jwt.encode(
+        {"sub": "user123", "exp": int(time.time()) + 3600},
+        "test-secret",
+        algorithm="HS256"
+    )
+    response = client.get("/protected-jwt", headers={"Authorization": f"Bearer {token}"})
+    assert response.status_code == 200
+    assert response.json() == {"message": "JWT protected content"}
+
+
+def test_jwt_auth_with_expired_token(client):
+    """Test JWT authentication with expired token"""
+    expired_token = jwt.encode(
+        {"sub": "user123", "exp": int(time.time()) - 3600},
+        "test-secret",
+        algorithm="HS256"
+    )
+    response = client.get("/protected-jwt", headers={"Authorization": f"Bearer {expired_token}"})
+    assert response.status_code == 401
+
+
+def test_api_key_auth_without_key(client):
+    """Test API key authentication without key"""
+    response = client.get("/protected-api-key")
+    assert response.status_code == 401
+
+
+def test_api_key_auth_with_valid_key(client):
+    """Test API key authentication with valid key"""
+    response = client.get("/protected-api-key", headers={"Authorization": "Bearer test-key-123"})
+    assert response.status_code == 200
+    assert response.json() == {"message": "API key protected content"}
+
+
+def test_api_key_auth_with_invalid_key(client):
+    """Test API key authentication with invalid key"""
+    response = client.get("/protected-api-key", headers={"Authorization": "Bearer invalid-key"})
+    assert response.status_code == 401
+
+
+def test_context_availability(client):
+    """Test middleware context availability"""
+    response = client.get("/context-test", headers={"Authorization": "Bearer test-key"})
+    assert response.status_code == 200
+    data = response.json()
+    # Context may or may not be available depending on implementation
+    # Just verify the endpoint works and returns expected structure
+    assert "has_context" in data
+    assert "context_keys" in data

django_bolt/tests/test_model_viewset.py

@@ -0,0 +1,323 @@
+"""
+Tests for ModelViewSet and ReadOnlyModelViewSet (DRF-style usage).
+
+This test suite verifies that ModelViewSet and ReadOnlyModelViewSet work similarly
+to Django REST Framework's ModelViewSet, where you just set queryset and serializer_class.
+"""
+import pytest
+import msgspec
+from django_bolt import BoltAPI, ModelViewSet, ReadOnlyModelViewSet
+from django_bolt.testing import TestClient
+from .test_models import Article
+
+
+# --- Schemas ---
+
+class ArticleSchema(msgspec.Struct):
+    """Full article schema."""
+    id: int
+    title: str
+    content: str
+    author: str
+    is_published: bool
+
+    @classmethod
+    def from_model(cls, obj):
+        return cls(
+            id=obj.id,
+            title=obj.title,
+            content=obj.content,
+            author=obj.author,
+            is_published=obj.is_published,
+        )
+
+
+class ArticleCreateSchema(msgspec.Struct):
+    """Schema for creating/updating articles."""
+    title: str
+    content: str
+    author: str
+
+
+# --- Tests ---
+
+@pytest.mark.django_db(transaction=True)
+def test_readonly_model_viewset(api):
+    """Test ReadOnlyModelViewSet provides helpers for read operations."""
+    from asgiref.sync import async_to_sync
+
+    # Create test data
+    article1 = async_to_sync(Article.objects.acreate)(
+        title="Article 1",
+        content="Content 1",
+        author="Author 1",
+    )
+    article2 = async_to_sync(Article.objects.acreate)(
+        title="Article 2",
+        content="Content 2",
+        author="Author 2",
+    )
+
+    @api.view("/articles", methods=["GET"])
+    class ArticleListViewSet(ReadOnlyModelViewSet):
+        queryset = Article.objects.all()
+        serializer_class = ArticleSchema
+
+        async def get(self, request):
+            """List all articles."""
+            articles = []
+            async for article in await self.get_queryset():
+                articles.append(ArticleSchema.from_model(article))
+            return articles
+
+    @api.view("/articles/{pk}", methods=["GET"])
+    class ArticleDetailViewSet(ReadOnlyModelViewSet):
+        queryset = Article.objects.all()
+        serializer_class = ArticleSchema
+
+        async def get(self, request, pk: int):
+            """Retrieve a single article."""
+            article = await self.get_object(pk)
+            return ArticleSchema.from_model(article)
+
+    with TestClient(api) as client:
+        # List
+        response = client.get("/articles")
+        assert response.status_code == 200
+        data = response.json()
+        assert len(data) == 2
+        assert all("id" in article and "title" in article for article in data)
+
+        # Retrieve
+        response = client.get(f"/articles/{article1.id}")
+        assert response.status_code == 200
+        data = response.json()
+        assert data["id"] == article1.id
+        assert data["title"] == "Article 1"
+
+
+@pytest.mark.django_db(transaction=True)
+def test_model_viewset_with_custom_methods(api):
+    """Test ModelViewSet with full CRUD implementation."""
+
+    @api.view("/articles", methods=["GET", "POST"])
+    class ArticleListViewSet(ModelViewSet):
+        queryset = Article.objects.all()
+        serializer_class = ArticleSchema
+
+        async def get(self, request):
+            """List all articles."""
+            articles = []
+            async for article in await self.get_queryset():
+                articles.append(ArticleSchema.from_model(article))
+            return articles
+
+        async def post(self, request, data: ArticleCreateSchema):
+            """Create a new article."""
+            article = await Article.objects.acreate(
+                title=data.title,
+                content=data.content,
+                author=data.author,
+            )
+            return ArticleSchema.from_model(article)
+
+    @api.view("/articles/{pk}", methods=["GET", "PUT", "PATCH", "DELETE"])
+    class ArticleDetailViewSet(ModelViewSet):
+        queryset = Article.objects.all()
+        serializer_class = ArticleSchema
+
+        async def get(self, request, pk: int):
+            """Retrieve a single article."""
+            article = await self.get_object(pk)
+            return ArticleSchema.from_model(article)
+
+        async def put(self, request, pk: int, data: ArticleCreateSchema):
+            """Update an article."""
+            article = await self.get_object(pk)
+            article.title = data.title
+            article.content = data.content
+            article.author = data.author
+            await article.asave()
+            return ArticleSchema.from_model(article)
+
+        async def patch(self, request, pk: int, data: ArticleCreateSchema):
+            """Partially update an article."""
+            article = await self.get_object(pk)
+            if data.title:
+                article.title = data.title
+            if data.content:
+                article.content = data.content
+            if data.author:
+                article.author = data.author
+            await article.asave()
+            return ArticleSchema.from_model(article)
+
+        async def delete(self, request, pk: int):
+            """Delete an article."""
+            article = await self.get_object(pk)
+            await article.adelete()
+            return {"detail": "Object deleted successfully"}
+
+    with TestClient(api) as client:
+        # List
+        response = client.get("/articles")
+        assert response.status_code == 200
+        assert response.json() == []
+
+        # Create
+        response = client.post(
+            "/articles",
+            json={"title": "New Article", "content": "New Content", "author": "Test Author"},
+        )
+        assert response.status_code == 200
+        article_id = response.json()["id"]
+
+        # Retrieve
+        response = client.get(f"/articles/{article_id}")
+        assert response.status_code == 200
+        assert response.json()["title"] == "New Article"
+
+        # Update
+        response = client.put(
+            f"/articles/{article_id}",
+            json={"title": "Updated Title", "content": "Updated Content", "author": "Updated Author"},
+        )
+        assert response.status_code == 200
+        assert response.json()["title"] == "Updated Title"
+
+        # Partial update
+        response = client.patch(
+            f"/articles/{article_id}",
+            json={"title": "Patched Title", "content": "", "author": ""},
+        )
+        assert response.status_code == 200
+        assert response.json()["title"] == "Patched Title"
+
+        # Delete
+        response = client.delete(f"/articles/{article_id}")
+        assert response.status_code == 200
+
+        # Verify deletion
+        response = client.get(f"/articles/{article_id}")
+        assert response.status_code == 404
+
+
+@pytest.mark.django_db(transaction=True)
+def test_model_viewset_queryset_reevaluation(api):
+    """Test that queryset is re-evaluated on each request (like DRF)."""
+    from asgiref.sync import async_to_sync
+
+    @api.view("/articles", methods=["GET"])
+    class ArticleViewSet(ReadOnlyModelViewSet):
+        queryset = Article.objects.all()
+        serializer_class = ArticleSchema
+
+        async def get(self, request):
+            """List all articles."""
+            articles = []
+            async for article in await self.get_queryset():
+                articles.append(ArticleSchema.from_model(article))
+            return articles
+
+    with TestClient(api) as client:
+        # First request - empty
+        response = client.get("/articles")
+        assert response.status_code == 200
+        assert len(response.json()) == 0
+
+        # Create article outside the viewset
+        async_to_sync(Article.objects.acreate)(
+            title="Article 1",
+            content="Content 1",
+            author="Author 1",
+        )
+
+        # Second request - should see the new article (queryset re-evaluated)
+        response = client.get("/articles")
+        assert response.status_code == 200
+        assert len(response.json()) == 1
+
+
+@pytest.mark.django_db(transaction=True)
+def test_model_viewset_custom_queryset(api):
+    """Test ModelViewSet with custom get_queryset()."""
+    from asgiref.sync import async_to_sync
+
+    # Create test data
+    async_to_sync(Article.objects.acreate)(
+        title="Published 1",
+        content="Content",
+        author="Author",
+        is_published=True,
+    )
+    async_to_sync(Article.objects.acreate)(
+        title="Draft 1",
+        content="Content",
+        author="Author",
+        is_published=False,
+    )
+
+    @api.view("/articles/published", methods=["GET"])
+    class PublishedArticleViewSet(ReadOnlyModelViewSet):
+        queryset = Article.objects.all()  # Base queryset
+        serializer_class = ArticleSchema
+
+        async def get_queryset(self):
+            # Custom filtering
+            queryset = await super().get_queryset()
+            return queryset.filter(is_published=True)
+
+        async def get(self, request):
+            """List published articles."""
+            articles = []
+            async for article in await self.get_queryset():
+                articles.append(ArticleSchema.from_model(article))
+            return articles
+
+    with TestClient(api) as client:
+        response = client.get("/articles/published")
+        assert response.status_code == 200
+        data = response.json()
+        # Should only get published articles
+        assert len(data) == 1
+        assert data[0]["is_published"] is True
+        assert data[0]["title"] == "Published 1"
+
+
+@pytest.mark.django_db(transaction=True)
+def test_model_viewset_lookup_field(api):
+    """Test ModelViewSet with custom lookup_field."""
+    from asgiref.sync import async_to_sync
+
+    # Create article
+    article = async_to_sync(Article.objects.acreate)(
+        title="Test Article",
+        content="Content",
+        author="test-author",
+    )
+
+    # Use {pk} in URL pattern (will be matched to author field)
+    @api.view("/articles/by-author/{pk}", methods=["GET"])
+    class ArticleViewSet(ReadOnlyModelViewSet):
+        queryset = Article.objects.all()
+        serializer_class = ArticleSchema
+        lookup_field = 'author'  # Look up by author instead of pk
+
+        async def get(self, request, pk: str):  # pk will be the author name
+            """Retrieve article by author."""
+            article = await self.get_object(pk)
+            return ArticleSchema.from_model(article)
+
+    with TestClient(api) as client:
+        # Lookup by author
+        response = client.get("/articles/by-author/test-author")
+        assert response.status_code == 200
+        data = response.json()
+        assert data["author"] == "test-author"
+        assert data["title"] == "Test Article"
+
+
+@pytest.fixture
+def api():
+    """Create a fresh BoltAPI instance for each test."""
+    return BoltAPI()

django_bolt/tests/test_models.py

@@ -0,0 +1,24 @@
+"""
+Test models for Django ORM integration tests.
+
+These models are used to verify that ViewSets work with real Django ORM operations.
+"""
+from django.db import models
+
+
+class Article(models.Model):
+    """Test model for ViewSet/Mixin Django ORM integration tests."""
+
+    title = models.CharField(max_length=200)
+    content = models.TextField()
+    author = models.CharField(max_length=100)
+    is_published = models.BooleanField(default=False)
+    created_at = models.DateTimeField(auto_now_add=True)
+    updated_at = models.DateTimeField(auto_now=True)
+
+    class Meta:
+        app_label = 'django_bolt'
+        ordering = ['-created_at']
+
+    def __str__(self):
+        return self.title