""" HTTP-level smoke test confirming the REST contract the existing web/mobile clients consume. Run: DJANGO_SETTINGS_MODULE=config.settings.test python api_smoke.py """ import os from decimal import Decimal import django os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings.test') django.setup() from django.test import Client # noqa: E402 from apps.accounts.models import User # noqa: E402 from apps.catalog.models import Category, Product # noqa: E402 from django.core.management import call_command # noqa: E402 def check(label, cond, extra=''): print(f' [{"PASS" if cond else "FAIL"}] {label}{(" — " + extra) if extra else ""}') assert cond, label def main(): call_command('seed_system_accounts', verbosity=0) User.objects.create_user('0700000003', 'Admin', 'admin1234', role='admin') seller = User.objects.create_user('0711111114', 'Seller', 'seller1234') cat = Category.objects.create(name='Watches') product = Product.objects.create( name='Outdoor Sports Watch', selling_price=Decimal('1550'), cost_price=Decimal('1000'), commission_percent=15, category=cat, stock_quantity=-1) c = Client() print('\n1) POST /api/auth/login') r = c.post('/api/auth/login', {'phone': '0711111114', 'password': 'seller1234'}, content_type='application/json') check('login 200', r.status_code == 200, str(r.status_code)) token = r.json().get('token') check('returns token + role', bool(token) and r.json().get('role') == 'user') auth = {'HTTP_AUTHORIZATION': f'Bearer {token}'} print('\n2) GET /api/products (public array)') r = c.get('/api/products') check('products 200 array', r.status_code == 200 and isinstance(r.json(), list)) check('product has commission fields', 'commission_per_unit' in r.json()[0] and 'selling_price' in r.json()[0]) print('\n3) POST /api/sales/batch (place order)') r = c.post('/api/sales/batch', {'items': [{'product_id': product.id, 'quantity': 3}], 'customer_name': 'Jane'}, content_type='application/json', **auth) check('batch 201', r.status_code == 201, str(r.status_code)) order_number = r.json().get('order_number') check('returns order_number + total_commission', bool(order_number) and float(r.json()['total_commission']) > 0, f"commission={r.json().get('total_commission')}") print('\n4) GET /api/sales (paginated, header metadata)') r = c.get('/api/sales', **auth) check('sales 200 array', r.status_code == 200 and isinstance(r.json(), list)) check('X-Total-Count header present', r.headers.get('X-Total-Count') is not None, f"count={r.headers.get('X-Total-Count')}") print('\n5) GET /api/earnings/:id (derived)') r = c.get(f'/api/earnings/{seller.id}', **auth) check('earnings 200', r.status_code == 200) check('pending_sales_earnings reflects open order', float(r.json()['pending_sales_earnings']) > 0, f"pending={r.json()['pending_sales_earnings']}") print('\n6) Auth required on protected endpoint') r = c.get('/api/sales') check('401 without token', r.status_code == 401, str(r.status_code)) print('\n7) Error shape is {"error": ...}') r = c.post('/api/auth/login', {'phone': 'x', 'password': 'bad'}, content_type='application/json') check('bad login returns error key', 'error' in r.json(), str(r.json())) print('\nAPI CONTRACT CHECKS PASSED ✔') if __name__ == '__main__': main()