from sqlalchemy import select from app.auth.models import EmailVerificationToken from app.chats.models import ChatType async def _create_verified_user(client, db_session, email: str, username: str, password: str) -> dict: await client.post( "/api/v1/auth/register", json={"email": email, "name": username, "username": username, "password": password}, ) token_row = await db_session.execute(select(EmailVerificationToken).order_by(EmailVerificationToken.id.desc())) verify_token = token_row.scalar_one().token await client.post("/api/v1/auth/verify-email", json={"token": verify_token}) login_response = await client.post("/api/v1/auth/login", json={"email": email, "password": password}) return login_response.json() async def test_private_chat_message_lifecycle(client, db_session): u1 = await _create_verified_user(client, db_session, "u1@example.com", "user_one", "strongpass123") u2 = await _create_verified_user(client, db_session, "u2@example.com", "user_two", "strongpass123") me_u2 = await client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {u2['access_token']}"}) u2_id = me_u2.json()["id"] create_chat_response = await client.post( "/api/v1/chats", headers={"Authorization": f"Bearer {u1['access_token']}"}, json={"type": ChatType.PRIVATE.value, "title": None, "member_ids": [u2_id]}, ) assert create_chat_response.status_code == 200 chat_id = create_chat_response.json()["id"] send_message_response = await client.post( "/api/v1/messages", headers={"Authorization": f"Bearer {u1['access_token']}"}, json={"chat_id": chat_id, "type": "text", "text": "hello @user_two"}, ) assert send_message_response.status_code == 201 message_id = send_message_response.json()["id"] list_messages_response = await client.get( f"/api/v1/messages/{chat_id}", headers={"Authorization": f"Bearer {u2['access_token']}"}, ) assert list_messages_response.status_code == 200 assert len(list_messages_response.json()) == 1 edit_message_response = await client.put( f"/api/v1/messages/{message_id}", headers={"Authorization": f"Bearer {u1['access_token']}"}, json={"text": "edited text"}, ) assert edit_message_response.status_code == 200 assert edit_message_response.json()["text"] == "edited text" delete_message_response = await client.delete( f"/api/v1/messages/{message_id}", headers={"Authorization": f"Bearer {u1['access_token']}"}, ) assert delete_message_response.status_code == 204 async def test_private_chat_respects_contacts_only_policy(client, db_session): u1 = await _create_verified_user(client, db_session, "pm_u1@example.com", "pm_user_one", "strongpass123") u2 = await _create_verified_user(client, db_session, "pm_u2@example.com", "pm_user_two", "strongpass123") me_u1 = await client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {u1['access_token']}"}) me_u2 = await client.get("/api/v1/auth/me", headers={"Authorization": f"Bearer {u2['access_token']}"}) u1_id = me_u1.json()["id"] u2_id = me_u2.json()["id"] update_privacy = await client.put( "/api/v1/users/profile", headers={"Authorization": f"Bearer {u2['access_token']}"}, json={"privacy_private_messages": "contacts"}, ) assert update_privacy.status_code == 200 create_chat_blocked = await client.post( "/api/v1/chats", headers={"Authorization": f"Bearer {u1['access_token']}"}, json={"type": ChatType.PRIVATE.value, "title": None, "member_ids": [u2_id]}, ) assert create_chat_blocked.status_code == 403 add_contact = await client.post( f"/api/v1/users/{u1_id}/contacts", headers={"Authorization": f"Bearer {u2['access_token']}"}, ) assert add_contact.status_code == 204 create_chat_allowed = await client.post( "/api/v1/chats", headers={"Authorization": f"Bearer {u1['access_token']}"}, json={"type": ChatType.PRIVATE.value, "title": None, "member_ids": [u2_id]}, ) assert create_chat_allowed.status_code == 200