generated from coulomb/repo-seed
87 lines
2.6 KiB
Python
87 lines
2.6 KiB
Python
OPERATOR_HEADERS = {"Authorization": "Bearer operator-token"}
|
|
|
|
|
|
def seed_console_data(client):
|
|
hub = client.post(
|
|
"/api/v2/hubs",
|
|
headers=OPERATOR_HEADERS,
|
|
json={
|
|
"slug": "ops-hub",
|
|
"name": "Ops Hub",
|
|
"domain": "ops.coulomb.social",
|
|
"hubKind": "domain",
|
|
"hubFamily": "vsm",
|
|
"vsmFunction": "OPS",
|
|
"vsmSystem": "1",
|
|
},
|
|
).json()
|
|
manifest = client.post(
|
|
"/api/v2/hub-capability-manifests",
|
|
headers=OPERATOR_HEADERS,
|
|
json={"hubId": hub["id"], "manifestVersion": "1.0"},
|
|
).json()
|
|
client.post(
|
|
f"/api/v2/hub-capability-manifests/{manifest['id']}/activate",
|
|
headers=OPERATOR_HEADERS,
|
|
)
|
|
consumer = client.post(
|
|
"/api/v2/api-consumers",
|
|
headers=OPERATOR_HEADERS,
|
|
json={
|
|
"name": "ops-hub",
|
|
"description": "API consumer for the VSM Operations hub",
|
|
"hubCapabilityManifestId": manifest["id"],
|
|
"rateLimitPerMinute": 120,
|
|
},
|
|
).json()
|
|
key_payload = client.post(
|
|
f"/api/v2/api-consumers/{consumer['id']}/api-keys",
|
|
headers=OPERATOR_HEADERS,
|
|
json={"scopes": "framework:read hub:ops-hub:write"},
|
|
).json()
|
|
runtime_headers = {"Authorization": f"Bearer {key_payload['fullKey']}"}
|
|
widget = client.post(
|
|
"/api/v2/widgets",
|
|
headers=runtime_headers,
|
|
json={
|
|
"hubId": hub["id"],
|
|
"name": "Readiness",
|
|
"widgetType": "ops-readiness-gate",
|
|
"capabilityRef": "ops:readiness",
|
|
"viewContext": "ops-hub/readiness",
|
|
"policyScope": "ops-registry",
|
|
},
|
|
).json()
|
|
client.post(
|
|
"/api/v2/interaction-events",
|
|
headers=runtime_headers,
|
|
json={
|
|
"widgetId": widget["id"],
|
|
"eventType": "ops-endpoint-verified",
|
|
"metadata": {"expectedStatus": 401},
|
|
},
|
|
)
|
|
return key_payload
|
|
|
|
|
|
def test_console_requires_operator_auth(client):
|
|
response = client.get("/console")
|
|
|
|
assert response.status_code == 401
|
|
|
|
|
|
def test_console_renders_operational_state_without_full_key(client):
|
|
key_payload = seed_console_data(client)
|
|
|
|
response = client.get("/console", headers=OPERATOR_HEADERS)
|
|
|
|
assert response.status_code == 200
|
|
assert response.headers["content-type"].startswith("text/html")
|
|
body = response.text
|
|
assert "Operator console" in body
|
|
assert "ops-hub" in body
|
|
assert "ops-endpoint-verified" in body
|
|
assert key_payload["apiKey"]["keyPrefix"] in body
|
|
assert key_payload["fullKey"] not in body
|
|
assert "fullKey" not in body
|