feat: 完善分割工作区导入导出与管理流程
- 新增基于 JWT 当前用户的登录恢复、角色权限、用户管理、审计日志和演示出厂重置后台接口与前端管理页。 - 重串 GT_label 导出和 GT Mask 导入逻辑:导出保留类别真实 maskid,导入仅接受灰度或 RGB 等通道 maskid 图,支持未知 maskid 策略、尺寸最近邻拉伸和导入预览。 - 统一分割结果导出体验:默认当前帧,按项目抽帧顺序和 XhXXmXXsXXXms 时间戳命名 ZIP 与图片,补齐 GT/Pro/Mix/分开 Mask 输出和映射 JSON。 - 调整工作区左侧工具栏:移除创建点/线段入口,新增画笔、橡皮擦及尺寸控制,并按绘制、布尔、导入/AI 工具分组分隔。 - 扩展 Canvas 编辑能力:画笔按语义分类绘制并可自动并入连通选中 mask,橡皮擦对选中区域扣除,优化布尔操作、选区、撤销重做和保存状态联动。 - 优化自动传播时间轴显示:同一蓝色系按传播新旧递进变暗,老传播记录达到阈值后统一旧记录色,并维护范围选择与清空后的历史显示。 - 将 AI 智能分割入口替换为更明确的 AI 元素图标,并同步侧栏、工作区和 AI 页面入口表现。 - 完善模板分类、maskid 工具函数、分类树联动、遮罩透明度、边缘平滑和传播链同步相关前端状态。 - 扩展后端项目、媒体、任务、Dashboard、模板和传播 runner 的用户隔离、任务控制、进度事件与兼容处理。 - 补充前后端测试,覆盖用户管理、GT_label 往返导入导出、GT Mask 校验和预览、画笔/橡皮擦、时间轴传播历史、导出范围、WebSocket 与 API 封装。 - 更新 AGENTS、README 和 doc 文档,记录当前接口契约、实现状态、测试计划、安装说明和 maskid/GT_label 规则。
This commit is contained in:
158
backend/tests/test_admin.py
Normal file
158
backend/tests/test_admin.py
Normal file
@@ -0,0 +1,158 @@
|
||||
from models import Annotation, AuditLog, Frame, Mask, ProcessingTask, Project, Template, User
|
||||
from routers.auth import create_access_token, hash_password
|
||||
from statuses import PROJECT_STATUS_PENDING
|
||||
|
||||
|
||||
def test_admin_user_management_and_audit_logs(client, db_session):
|
||||
created = client.post("/api/admin/users", json={
|
||||
"username": "doctor",
|
||||
"password": "secret123",
|
||||
"role": "annotator",
|
||||
"is_active": True,
|
||||
})
|
||||
assert created.status_code == 201
|
||||
user_id = created.json()["id"]
|
||||
|
||||
updated = client.patch(f"/api/admin/users/{user_id}", json={
|
||||
"role": "viewer",
|
||||
"password": "newsecret",
|
||||
"is_active": False,
|
||||
})
|
||||
assert updated.status_code == 200
|
||||
assert updated.json()["role"] == "viewer"
|
||||
assert updated.json()["is_active"] == 0
|
||||
|
||||
users = client.get("/api/admin/users")
|
||||
assert users.status_code == 200
|
||||
assert any(user["username"] == "doctor" for user in users.json())
|
||||
|
||||
deleted = client.delete(f"/api/admin/users/{user_id}")
|
||||
assert deleted.status_code == 204
|
||||
|
||||
logs = client.get("/api/admin/audit-logs")
|
||||
assert logs.status_code == 200
|
||||
actions = [log["action"] for log in logs.json()]
|
||||
assert "admin.user_created" in actions
|
||||
assert "admin.user_updated" in actions
|
||||
assert "admin.user_deleted" in actions
|
||||
|
||||
|
||||
def test_admin_routes_require_admin_role(client, db_session):
|
||||
user = User(username="viewer", password_hash=hash_password("secret123"), role="viewer", is_active=1)
|
||||
db_session.add(user)
|
||||
db_session.commit()
|
||||
db_session.refresh(user)
|
||||
original_auth = client.headers["Authorization"]
|
||||
client.headers.update({"Authorization": f"Bearer {create_access_token(user)}"})
|
||||
try:
|
||||
response = client.get("/api/admin/users")
|
||||
assert response.status_code == 403
|
||||
finally:
|
||||
client.headers.update({"Authorization": original_auth})
|
||||
|
||||
|
||||
def test_viewer_role_is_read_only_for_business_mutations(client, db_session):
|
||||
project = client.post("/api/projects", json={"name": "Readonly Check"}).json()
|
||||
user = User(username="readonly", password_hash=hash_password("secret123"), role="viewer", is_active=1)
|
||||
db_session.add(user)
|
||||
db_session.commit()
|
||||
db_session.refresh(user)
|
||||
original_auth = client.headers["Authorization"]
|
||||
client.headers.update({"Authorization": f"Bearer {create_access_token(user)}"})
|
||||
try:
|
||||
assert client.get("/api/projects").status_code == 200
|
||||
assert client.post("/api/projects", json={"name": "Nope"}).status_code == 403
|
||||
assert client.patch(f"/api/projects/{project['id']}", json={"name": "Nope"}).status_code == 403
|
||||
assert client.post("/api/ai/annotate", json={"project_id": project["id"]}).status_code == 403
|
||||
finally:
|
||||
client.headers.update({"Authorization": original_auth})
|
||||
|
||||
|
||||
def test_admin_cannot_delete_self_or_user_with_projects(client, db_session):
|
||||
me = client.get("/api/auth/me").json()
|
||||
assert client.delete(f"/api/admin/users/{me['id']}").status_code == 400
|
||||
|
||||
user = User(username="owner", password_hash=hash_password("secret123"), role="annotator", is_active=1)
|
||||
db_session.add(user)
|
||||
db_session.commit()
|
||||
db_session.refresh(user)
|
||||
db_session.add(Project(name="Owned", owner_user_id=user.id))
|
||||
db_session.commit()
|
||||
|
||||
response = client.delete(f"/api/admin/users/{user.id}")
|
||||
assert response.status_code == 409
|
||||
|
||||
|
||||
def test_demo_factory_reset_leaves_admin_and_unparsed_demo_video(client, db_session, monkeypatch, tmp_path):
|
||||
video_path = tmp_path / "Data_MyVideo_1.mp4"
|
||||
video_path.write_bytes(b"demo-video")
|
||||
monkeypatch.setattr("routers.admin.settings.demo_video_path", str(video_path))
|
||||
uploaded = []
|
||||
monkeypatch.setattr("routers.admin.upload_file", lambda object_name, data, content_type, length: uploaded.append({
|
||||
"object_name": object_name,
|
||||
"data": data,
|
||||
"content_type": content_type,
|
||||
"length": length,
|
||||
}))
|
||||
|
||||
extra_user = User(username="doctor", password_hash=hash_password("secret123"), role="annotator", is_active=1)
|
||||
db_session.add(extra_user)
|
||||
db_session.commit()
|
||||
db_session.refresh(extra_user)
|
||||
old_project = Project(name="Old", owner_user_id=extra_user.id, video_path="uploads/old.mp4")
|
||||
db_session.add(old_project)
|
||||
db_session.commit()
|
||||
db_session.refresh(old_project)
|
||||
frame = Frame(project_id=old_project.id, frame_index=0, image_url="frames/old.jpg")
|
||||
db_session.add(frame)
|
||||
task = ProcessingTask(task_type="parse_video", project_id=old_project.id)
|
||||
private_template = Template(
|
||||
name="Private",
|
||||
description="private",
|
||||
color="#fff",
|
||||
z_index=1,
|
||||
owner_user_id=extra_user.id,
|
||||
)
|
||||
db_session.add_all([task, private_template])
|
||||
db_session.commit()
|
||||
db_session.refresh(frame)
|
||||
annotation = Annotation(project_id=old_project.id, frame_id=frame.id, mask_data={"label": "old"})
|
||||
db_session.add(annotation)
|
||||
db_session.commit()
|
||||
db_session.refresh(annotation)
|
||||
db_session.add(Mask(annotation_id=annotation.id, mask_url="masks/old.png"))
|
||||
db_session.add(AuditLog(actor_user_id=extra_user.id, action="old.audit"))
|
||||
db_session.commit()
|
||||
|
||||
response = client.post("/api/admin/demo-factory-reset", json={"confirmation": "RESET_DEMO_FACTORY"})
|
||||
|
||||
assert response.status_code == 200
|
||||
data = response.json()
|
||||
assert data["message"] == "演示环境已恢复出厂设置"
|
||||
assert data["admin_user"]["username"] == "admin"
|
||||
assert data["project"]["name"] == "Data_MyVideo_1"
|
||||
assert data["project"]["status"] == PROJECT_STATUS_PENDING
|
||||
assert data["project"]["frame_count"] == 0
|
||||
assert data["project"]["video_path"] == f"uploads/{data['project']['id']}/Data_MyVideo_1.mp4"
|
||||
assert uploaded == [{
|
||||
"object_name": data["project"]["video_path"],
|
||||
"data": b"demo-video",
|
||||
"content_type": "video/mp4",
|
||||
"length": len(b"demo-video"),
|
||||
}]
|
||||
|
||||
assert [user.username for user in db_session.query(User).all()] == ["admin"]
|
||||
assert db_session.query(Project).count() == 1
|
||||
assert db_session.query(Frame).count() == 0
|
||||
assert db_session.query(Annotation).count() == 0
|
||||
assert db_session.query(Mask).count() == 0
|
||||
assert db_session.query(ProcessingTask).count() == 0
|
||||
assert db_session.query(Template).filter(Template.owner_user_id.is_not(None)).count() == 0
|
||||
assert db_session.query(AuditLog).count() == 1
|
||||
assert db_session.query(AuditLog).first().action == "admin.demo_factory_reset"
|
||||
|
||||
|
||||
def test_demo_factory_reset_requires_exact_confirmation(client):
|
||||
response = client.post("/api/admin/demo-factory-reset", json={"confirmation": "reset"})
|
||||
|
||||
assert response.status_code == 400
|
||||
Reference in New Issue
Block a user