apps/quiz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
quiz/tests/conftest.py
ameer 74c1745559 feat(roster): gate joins on registered student-ID list 
Adds an optional roster.json (set of allowed student IDs) loaded at
startup. add_participant() raises StudentIdNotInRoster when the gate is
on and the supplied id is not present; route returns 403 with a clear
message and logs a roster_reject audit event. Names are NOT checked
against the roster: the join form asks for a current name as a soft
deterrent, but the only hard check is the id.

Includes a deploy/build_roster.py helper that turns class_register
attendance.xlsx into roster.json. Bootstrap env file now exports
QUIZ_ROSTER_PATH; missing file disables the gate (legacy behaviour).

Also drops the user-facing "The cookie is per-device." line from the
join card — students don't need to know the implementation; replaced
with "Enter your registered student ID and your current full name."
2026-05-05 22:02:03 +08:00

104 lines
3.2 KiB
Python
Raw Permalink Blame History

"""Test fixtures."""
from __future__ import annotations
import json
import pytest
from fastapi.testclient import TestClient
from app.config import Settings
from app.main import create_app
CANONICAL_SID = "main"
@pytest.fixture
def sample_pool():
# 8 s per question gives the load-simulation room to drive 50 sequential
# WS submits without the autoclose timer racing them on busy CI / dev
# boxes. Tests that don't care about the timer simply close questions
# explicitly; the larger default doesn't slow them down.
return {
"title": "Sample Quiz",
"score_fn": "linear_decay",
"time_limit_default": 8,
"session_id": CANONICAL_SID,
"questions": [
{
"id": "q1",
"text": "First question?",
"options": {"A": "Alpha", "B": "Beta", "C": "Gamma", "D": "Delta"},
"correct": "B",
"time_limit": 8,
"explanation": "B is correct.",
},
{
"id": "q2",
"text": "Second question?",
"options": {"A": "One", "B": "Two", "C": "Three", "D": "Four"},
"correct": "C",
"time_limit": 8,
},
{
"id": "q3",
"text": "Third question?",
"options": {"A": "Red", "B": "Blue", "C": "Green", "D": "Gold"},
"correct": "A",
"time_limit": 8,
},
{
"id": "q4",
"text": "Fourth question?",
"options": {"A": "North", "B": "South", "C": "East", "D": "West"},
"correct": "D",
"time_limit": 8,
},
{
"id": "q5",
"text": "Fifth question?",
"options": {"A": "Fetch", "B": "Decode", "C": "Execute", "D": "Write"},
"correct": "A",
"time_limit": 8,
},
],
}
@pytest.fixture
def client(tmp_path, sample_pool):
pool_path = tmp_path / "pool.json"
pool_path.write_text(json.dumps(sample_pool))
settings = Settings(
db_path=str(tmp_path / "quiz.db"),
secret_key="test-secret",
admin_password="admin-pass",
public_url="http://testserver",
pool_path=str(pool_path),
# Point roster at a path that doesn't exist so the gate stays off
# for the default suite (existing fixtures use synthetic IDs that
# wouldn't be in a real roster).
roster_path=str(tmp_path / "roster-absent.json"),
default_session_id=CANONICAL_SID,
)
app = create_app(settings)
with TestClient(app) as test_client:
yield test_client
@pytest.fixture
def sid() -> str:
return CANONICAL_SID
def admin_login(client: TestClient) -> None:
response = client.post("/admin/login", json={"password": "admin-pass"})
assert response.status_code == 200, response.text
def join_student(client: TestClient, sid: str, student_id: str = "s1", name: str = "Student One") -> dict:
response = client.post(f"/api/session/{sid}/join", json={"student_id": student_id, "name": name})
assert response.status_code == 200, response.text
return response.json()
Reference in New Issue View Git Blame Copy Permalink