diff --git a/_refactored/tests/restapi/catalog_personalisation/test_personalisation.py b/_refactored/tests/restapi/catalog_personalisation/test_personalisation.py index 90b4653b..20d9373a 100644 --- a/_refactored/tests/restapi/catalog_personalisation/test_personalisation.py +++ b/_refactored/tests/restapi/catalog_personalisation/test_personalisation.py @@ -15,10 +15,11 @@ tagOutlinesSync → test_tag_outlines_sync (serial) """ -from requests.exceptions import HTTPError +import uuid import allure import pytest +from requests.exceptions import HTTPError from core.clients.rest import RestClient @@ -136,3 +137,33 @@ def test_tag_settings_get(rest_client: RestClient, backend_base_url: str) -> Non with allure.step("Verify list of tags"): assert isinstance(result, list) + + +@pytest.mark.restapi +@pytest.mark.serial +@allure.feature("Catalog Personalisation / Tags (REST API)") +@allure.title("Add tag to Customer.MemberGroups dictionary and verify round-trip") +def test_tag_add_to_member_groups(rest_client: RestClient, backend_base_url: str) -> None: + setting_name = "Customer.MemberGroups" + tag_value = f"QA_TAG_{uuid.uuid4().hex[:6]}" + + with allure.step(f"Read current {setting_name}"): + current = rest_client.get(f"{backend_base_url}/api/platform/settings/{setting_name}") + assert isinstance(current, dict) + original_values = list(current.get("allowedValues") or []) + + try: + with allure.step(f"PUT — add {tag_value}"): + updated = {**current, "allowedValues": original_values + [tag_value]} + rest_client.post(f"{backend_base_url}/api/platform/settings", json=[updated]) + + with allure.step("Verify tag present in GET"): + reloaded = rest_client.get(f"{backend_base_url}/api/platform/settings/{setting_name}") + assert tag_value in (reloaded.get("allowedValues") or []) + finally: + with allure.step("Restore original tag list"): + try: + restore = {**current, "allowedValues": original_values} + rest_client.post(f"{backend_base_url}/api/platform/settings", json=[restore]) + except Exception: + pass diff --git a/_refactored/tests/restapi/contacts/test_contact.py b/_refactored/tests/restapi/contacts/test_contact.py index 1ad11a6a..155a3a7d 100644 --- a/_refactored/tests/restapi/contacts/test_contact.py +++ b/_refactored/tests/restapi/contacts/test_contact.py @@ -11,6 +11,7 @@ import allure import pytest +from requests.exceptions import HTTPError from restapi.constants import ADDRESS_TEMPLATE from restapi.operations import ContactOperations @@ -193,3 +194,18 @@ def test_contact_add_address(make_contact, contact_ops: ContactOperations) -> No reloaded = contact_ops.get_by_id(contact["id"]) addresses = reloaded.get("addresses", []) assert len(addresses) >= 1 + + +@pytest.mark.restapi +@allure.feature("Contacts / Contacts (REST API)") +@allure.title("Get contact by non-existent id — expect 404 or empty") +def test_contact_get_not_found(contact_ops: ContactOperations) -> None: + bogus_id = f"qa-missing-{uuid.uuid4().hex}" + + with allure.step(f"GET /api/contacts/{bogus_id}"): + try: + result = contact_ops.get_by_id(bogus_id) + except HTTPError as exc: + assert exc.response.status_code == 404 + else: + assert result is None or result.get("id") != bogus_id diff --git a/_refactored/tests/restapi/orders/test_orders.py b/_refactored/tests/restapi/orders/test_orders.py index efe47a5f..833fb55d 100644 --- a/_refactored/tests/restapi/orders/test_orders.py +++ b/_refactored/tests/restapi/orders/test_orders.py @@ -5,49 +5,61 @@ """ import uuid +from collections.abc import Generator import allure import pytest +from requests.exceptions import HTTPError from core.clients.rest import RestClient from core.global_settings import GlobalSettings +@pytest.fixture +def make_order( + rest_client: RestClient, backend_base_url: str, global_settings: GlobalSettings, dataset: dict +) -> Generator[callable, None, None]: + """Factory: create a customer order; deletes all created orders at teardown.""" + created_ids: list[str] = [] + + def _make(**overrides: dict) -> dict: + users = dataset.get("users", []) + customer_id = users[0]["id"] if users else "unknown-user" + customer_name = users[0].get("userName", "QA User") if users else "QA User" + payload = { + "number": f"QA-{uuid.uuid4().hex[:8].upper()}", + "storeId": global_settings.store_id, + "customerId": customer_id, + "customerName": customer_name, + "currency": "USD", + "status": "New", + "items": [], + } + payload.update(overrides) + order = rest_client.post(f"{backend_base_url}/api/order/customerOrders", json=payload) + created_ids.append(order["id"]) + return order + + yield _make + + for oid in reversed(created_ids): + try: + rest_client.delete(f"{backend_base_url}/api/order/customerOrders", params={"ids": [oid]}) + except Exception: + pass + + @pytest.mark.restapi @allure.feature("Orders (REST API)") @allure.title("Create order") -def test_order_create( - rest_client: RestClient, backend_base_url: str, global_settings: GlobalSettings, dataset: dict -) -> None: - order_number = f"QA-{uuid.uuid4().hex[:8].upper()}" - users = dataset.get("users", []) - customer_id = users[0]["id"] if users else "unknown-user" - customer_name = users[0].get("userName", "QA User") if users else "QA User" - +def test_order_create(make_order) -> None: with allure.step("POST /api/order/customerOrders"): - result = rest_client.post( - f"{backend_base_url}/api/order/customerOrders", - json={ - "number": order_number, - "storeId": global_settings.store_id, - "customerId": customer_id, - "customerName": customer_name, - "currency": "USD", - "status": "New", - "items": [], - }, - ) - - with allure.step("Verify"): - assert result is not None - order_id = result.get("id", "") + order = make_order() - with allure.step("Cleanup"): - if order_id: - try: - rest_client.delete(f"{backend_base_url}/api/order/customerOrders", params={"ids": [order_id]}) - except Exception: - pass + with allure.step("Verify response"): + assert order["id"] + assert order["number"].startswith("QA-") + assert order["status"] == "New" @pytest.mark.restapi @@ -73,3 +85,50 @@ def test_order_indexed_search_enabled(rest_client: RestClient, backend_base_url: with allure.step("Verify"): assert result is not None + + +@pytest.mark.restapi +@allure.feature("Orders (REST API)") +@allure.title("Get order by id") +def test_order_get_by_id(make_order, rest_client: RestClient, backend_base_url: str) -> None: + order = make_order() + + with allure.step(f"GET /api/order/customerOrders/{order['id']}"): + reloaded = rest_client.get(f"{backend_base_url}/api/order/customerOrders/{order['id']}") + + with allure.step("Verify fields match"): + assert reloaded["id"] == order["id"] + assert reloaded["number"] == order["number"] + assert reloaded["storeId"] == order["storeId"] + + +@pytest.mark.restapi +@allure.feature("Orders (REST API)") +@allure.title("Update order status") +def test_order_update_status(make_order, rest_client: RestClient, backend_base_url: str) -> None: + order = make_order() + + with allure.step("PUT /api/order/customerOrders — status=Processing"): + rest_client.put( + f"{backend_base_url}/api/order/customerOrders", + json={**order, "status": "Processing"}, + ) + + with allure.step("Verify status changed via GET"): + reloaded = rest_client.get(f"{backend_base_url}/api/order/customerOrders/{order['id']}") + assert reloaded["status"] == "Processing" + + +@pytest.mark.restapi +@allure.feature("Orders (REST API)") +@allure.title("Get order by non-existent id — expect empty or 404") +def test_order_get_not_found(rest_client: RestClient, backend_base_url: str) -> None: + bogus_id = f"qa-missing-{uuid.uuid4().hex}" + + with allure.step(f"GET /api/order/customerOrders/{bogus_id}"): + try: + result = rest_client.get(f"{backend_base_url}/api/order/customerOrders/{bogus_id}") + except HTTPError as exc: + assert exc.response.status_code in (404, 204) + else: + assert result is None or result.get("id") != bogus_id diff --git a/_refactored/tests/restapi/platform/test_user_password.py b/_refactored/tests/restapi/platform/test_user_password.py index 5150603e..b71679e3 100644 --- a/_refactored/tests/restapi/platform/test_user_password.py +++ b/_refactored/tests/restapi/platform/test_user_password.py @@ -89,6 +89,27 @@ def test_user_send_verification_email(make_user, user_ops: UserOperations) -> No # The test verifies the endpoint doesn't error out. +@pytest.mark.restapi +@allure.feature("Platform / User Password (REST API)") +@allure.title("Change password — wrong current password returns succeeded=false") +def test_user_password_change_wrong_old(make_user, user_ops: UserOperations, global_settings: GlobalSettings) -> None: + user = make_user() + new_password = f"Changed!{uuid.uuid4().hex[:8]}" + wrong_old = f"WrongPwd_{uuid.uuid4().hex[:8]}" + + with allure.step("POST changepassword with wrong old password"): + result = user_ops.change_password(user["user_name"], wrong_old, new_password) + + with allure.step("Verify failure returned (succeeded=false or errors present)"): + assert result.get("succeeded") is False or result.get("errors") + + with allure.step("Verify original password still works"): + provider = AuthProvider(global_settings) + provider.sign_in(user["user_name"], SecretStr(user["password"])) + assert provider.is_authenticated + provider.sign_out() + + @pytest.mark.restapi @allure.feature("Platform / User Password (REST API)") @allure.title("Reset password on login page flow")