diff --git a/fastapi_users/router/users.py b/fastapi_users/router/users.py index 753b22b7..68f2857e 100644 --- a/fastapi_users/router/users.py +++ b/fastapi_users/router/users.py @@ -71,7 +71,7 @@ def get_users_router( return updated_user @router.get( - "/{id}", + "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], ) @@ -79,7 +79,7 @@ def get_users_router( return await _get_or_404(id) @router.patch( - "/{id}", + "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], ) @@ -95,7 +95,7 @@ def get_users_router( return await _update_user(user, updated_user_data, request) @router.delete( - "/{id}", + "/{id:uuid}", status_code=status.HTTP_204_NO_CONTENT, dependencies=[Depends(get_current_superuser)], ) diff --git a/tests/test_fastapi_users.py b/tests/test_fastapi_users.py index 8bf5cd0d..c1b45b8f 100644 --- a/tests/test_fastapi_users.py +++ b/tests/test_fastapi_users.py @@ -30,6 +30,10 @@ async def test_app_client( app.include_router(fastapi_users.get_users_router(), prefix="/users") app.include_router(fastapi_users.get_verify_router("SECRET")) + @app.delete("/users/me") + def custom_users_route(): + return None + @app.get("/current-user") def current_user(user=Depends(fastapi_users.get_current_user)): return user @@ -86,61 +90,35 @@ async def test_app_client( @pytest.mark.fastapi_users @pytest.mark.asyncio -class TestRoutes: - async def test_routes_exist(self, test_app_client: httpx.AsyncClient): - response = await test_app_client.post("/register") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) +@pytest.mark.parametrize( + "path,method", + [ + ("/register", "POST"), + ("/request-verify-token", "POST"), + ("/verify", "POST"), + ("/forgot-password", "POST"), + ("/reset-password", "POST"), + ("/login", "POST"), + ("/logout", "POST"), + ("/register", "POST"), + ("/users/d35d213e-f3d8-4f08-954a-7e0d1bea286f", "GET"), + ("/users/d35d213e-f3d8-4f08-954a-7e0d1bea286f", "PATCH"), + ("/users/d35d213e-f3d8-4f08-954a-7e0d1bea286f", "DELETE"), + ], +) +async def test_route_exists(test_app_client: httpx.AsyncClient, path: str, method: str): + response = await test_app_client.request(method, path) + assert response.status_code not in ( + status.HTTP_404_NOT_FOUND, + status.HTTP_405_METHOD_NOT_ALLOWED, + ) - response = await test_app_client.post("/request-verify-token") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - response = await test_app_client.post("/verify") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - - response = await test_app_client.post("/forgot-password") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - - response = await test_app_client.post("/reset-password") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - - response = await test_app_client.post("/login") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - - response = await test_app_client.post("/logout") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - - response = await test_app_client.get("/users/aaa") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) - - response = await test_app_client.patch("/users/aaa") - assert response.status_code not in ( - status.HTTP_404_NOT_FOUND, - status.HTTP_405_METHOD_NOT_ALLOWED, - ) +@pytest.mark.fastapi_users +@pytest.mark.asyncio +async def test_custom_users_route_not_catched(test_app_client: httpx.AsyncClient): + response = await test_app_client.request("DELETE", "/users/me") + assert response.status_code == status.HTTP_200_OK @pytest.mark.fastapi_users