From 24f35c05f19a60cb03a4e515916e6ae16192111f Mon Sep 17 00:00:00 2001
From: Alix JEUDI--LEMOINE <Alix.JEUDI--LEMOINE@etu.uca.fr>
Date: Tue, 17 Jun 2025 15:48:59 +0200
Subject: [PATCH] =?UTF-8?q?=E2=9C=85=20Add=20tests=20for=20user=20search?=
 =?UTF-8?q?=20and=20retrieval,=20including=20unauthorized=20access=20and?=
 =?UTF-8?q?=20handling=20of=20invalid=20IDs?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 tests/test_user.py | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/tests/test_user.py b/tests/test_user.py
index 686af9b..d12eab4 100644
--- a/tests/test_user.py
+++ b/tests/test_user.py
@@ -41,4 +41,33 @@ def test_search_users(token):
     assert response.status_code == 200
     data = response.json()
     assert isinstance(data, list)
-    assert data[0]["username"] == "testuser"
\ No newline at end of file
+    assert data[0]["username"] == "testuser"
+
+def test_search_users_unauthorized():
+    response = client.get("/users?name=testuser", headers={"Authorization": "Bearer invalid_token"})
+    assert response.status_code == 401
+    
+def test_search_users_false_regex(token):
+    response = client.get("/users?name=*", headers={"Authorization": f"Bearer {token}"})
+    assert response.status_code == 422
+
+def test_get_user_by_id(token):
+    # D'abord, on récupère l'ID d'un utilisateur existant
+    search_response = client.get("/users?name=testuser", headers={"Authorization": f"Bearer {token}"})
+    user_id = search_response.json()[0]["uid"]
+    
+    # Ensuite, on teste la récupération de cet utilisateur
+    response = client.get(f"/user/{user_id}", headers={"Authorization": f"Bearer {token}"})
+    assert response.status_code == 200
+    data = response.json()
+    assert data["username"] == "testuser"
+
+def test_get_user_invalid_id(token):
+    response = client.get("/user/invalid_id", headers={"Authorization": f"Bearer {token}"})
+    assert response.status_code == 422
+
+def test_get_user_not_found(token):
+    # On utilise un ID qui n'existe probablement pas
+    non_existent_id = "507f1f77bcf86cd799439011"
+    response = client.get(f"/user/{non_existent_id}", headers={"Authorization": f"Bearer {token}"})
+    assert response.status_code == 404
\ No newline at end of file