test(api): add full API test suite with get_keycloak_client async fix

Add 45 API tests covering all 12 post endpoints (CRUD, publish/unpublish) with RBAC policy coverage across guest, user, admin roles. Fix get_keycloak_client() in deps.py to be async - Dishka's async container requires await on get(), without it a coroutine object was returned instead of the actual client.
2026-05-10 14:08:23 +03:00
parent 448da0396a
commit c9b380c601
7 changed files with 1216 additions and 18 deletions
--- a/app/presentation/api/deps.py
+++ b/app/presentation/api/deps.py
@@ -32,7 +32,7 @@ PublishPostDep = FromDishka[PublishPostUseCase]
 security = HTTPBearer(auto_error=False)


-def get_keycloak_client(request: Request) -> KeycloakAuthClient:
+async def get_keycloak_client(request: Request) -> KeycloakAuthClient:
    """Get Keycloak client from DI container via request state.

    Args:
@@ -41,7 +41,7 @@ def get_keycloak_client(request: Request) -> KeycloakAuthClient:
    Returns:
        KeycloakAuthClient instance from container.
    """
-    client: KeycloakAuthClient = request.state.dishka_container.get(KeycloakAuthClient)
+    client: KeycloakAuthClient = await request.state.dishka_container.get(KeycloakAuthClient)
    return client


@@ -64,7 +64,7 @@ async def get_current_token_info(
    if not credentials:
        raise UnauthorizedException("Authentication required")

-    keycloak_client = get_keycloak_client(request)
+    keycloak_client = await get_keycloak_client(request)
    token = credentials.credentials
    token_info = await keycloak_client.introspect_token(token)

@@ -110,7 +110,7 @@ async def get_optional_token_info(
    if not credentials:
        return None

-    keycloak_client = get_keycloak_client(request)
+    keycloak_client = await get_keycloak_client(request)
    token = credentials.credentials
    token_info = await keycloak_client.introspect_token(token)