AdrianoDev
4d9db750be
- pyproject.toml: ruff target-version py311 → py313 (auto-fix 42 lint warnings via UP rules); aggiunto consider_namespace_packages = true che risolve la collisione conftest tra servizi e permette di lanciare pytest sull'intera suite cross-servizio. - mcp_common.audit: nuovo helper audit_write_op() con logger dedicato mcp.audit. Wirato su tutti i write endpoint di deribit, bybit, alpaca e hyperliquid (place_order, place_combo_order, cancel_*, set_*, close_*, transfer_*, switch_*, amend_*) con principal + target + payload non-sensibile + result summarizzato. - mcp_common.app_factory: ExchangeAppSpec + run_exchange_main() centralizza il boilerplate dei __main__.py (configure_root_logging, fail_fast_if_missing, summarize, load creds, resolve_environment, load token store, uvicorn). I 4 __main__.py exchange ridotti da ~60 LOC ognuno a ~25 LOC dichiarativi. mcp_common.env_validation promosso da mcp_deribit (mantenuto re-export shim per back-compat test_env_validation). - 8 test nuovi (4 audit + 4 app_factory). Suite full: 450/450 verdi. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
111 lines
3.6 KiB
Python
111 lines
3.6 KiB
Python
from __future__ import annotations
|
|
|
|
from unittest.mock import AsyncMock, MagicMock
|
|
|
|
import pytest
|
|
from fastapi.testclient import TestClient
|
|
from mcp_alpaca.server import create_app
|
|
from mcp_common.auth import Principal, TokenStore
|
|
|
|
|
|
@pytest.fixture
|
|
def token_store():
|
|
return TokenStore(
|
|
tokens={
|
|
"core-tok": Principal("core", {"core"}),
|
|
"obs-tok": Principal("observer", {"observer"}),
|
|
}
|
|
)
|
|
|
|
|
|
@pytest.fixture
|
|
def mock_client():
|
|
c = MagicMock()
|
|
c.get_account = AsyncMock(return_value={"equity": 100000})
|
|
c.get_positions = AsyncMock(return_value=[])
|
|
c.get_activities = AsyncMock(return_value=[])
|
|
c.get_assets = AsyncMock(return_value=[])
|
|
c.get_ticker = AsyncMock(return_value={"symbol": "AAPL"})
|
|
c.get_bars = AsyncMock(return_value={"bars": []})
|
|
c.get_snapshot = AsyncMock(return_value={})
|
|
c.get_option_chain = AsyncMock(return_value={"contracts": []})
|
|
c.get_open_orders = AsyncMock(return_value=[])
|
|
c.get_clock = AsyncMock(return_value={"is_open": True})
|
|
c.get_calendar = AsyncMock(return_value=[])
|
|
c.place_order = AsyncMock(return_value={"id": "o1"})
|
|
c.amend_order = AsyncMock(return_value={"id": "o1"})
|
|
c.cancel_order = AsyncMock(return_value={"canceled": True})
|
|
c.cancel_all_orders = AsyncMock(return_value=[])
|
|
c.close_position = AsyncMock(return_value={"id": "close1"})
|
|
c.close_all_positions = AsyncMock(return_value=[])
|
|
return c
|
|
|
|
|
|
@pytest.fixture
|
|
def http(mock_client, token_store):
|
|
app = create_app(client=mock_client, token_store=token_store, creds={"max_leverage": 1})
|
|
return TestClient(app)
|
|
|
|
|
|
CORE = {"Authorization": "Bearer core-tok"}
|
|
OBS = {"Authorization": "Bearer obs-tok"}
|
|
|
|
READ_ENDPOINTS = [
|
|
("/tools/get_account", {}),
|
|
("/tools/get_positions", {}),
|
|
("/tools/get_activities", {}),
|
|
("/tools/get_assets", {}),
|
|
("/tools/get_ticker", {"symbol": "AAPL"}),
|
|
("/tools/get_bars", {"symbol": "AAPL"}),
|
|
("/tools/get_snapshot", {"symbol": "AAPL"}),
|
|
("/tools/get_option_chain", {"underlying": "AAPL"}),
|
|
("/tools/get_open_orders", {}),
|
|
("/tools/get_clock", {}),
|
|
("/tools/get_calendar", {}),
|
|
]
|
|
|
|
WRITE_ENDPOINTS = [
|
|
("/tools/place_order", {"symbol": "AAPL", "side": "buy", "qty": 1}),
|
|
("/tools/amend_order", {"order_id": "o1", "qty": 2}),
|
|
("/tools/cancel_order", {"order_id": "o1"}),
|
|
("/tools/cancel_all_orders", {}),
|
|
("/tools/close_position", {"symbol": "AAPL"}),
|
|
("/tools/close_all_positions", {}),
|
|
]
|
|
|
|
|
|
@pytest.mark.parametrize("path,payload", READ_ENDPOINTS)
|
|
def test_read_core_ok(http, path, payload):
|
|
r = http.post(path, json=payload, headers=CORE)
|
|
assert r.status_code == 200, (path, r.text)
|
|
|
|
|
|
@pytest.mark.parametrize("path,payload", READ_ENDPOINTS)
|
|
def test_read_observer_ok(http, path, payload):
|
|
r = http.post(path, json=payload, headers=OBS)
|
|
assert r.status_code == 200, (path, r.text)
|
|
|
|
|
|
@pytest.mark.parametrize("path,payload", READ_ENDPOINTS)
|
|
def test_read_no_auth_401(http, path, payload):
|
|
r = http.post(path, json=payload)
|
|
assert r.status_code == 401, (path, r.text)
|
|
|
|
|
|
@pytest.mark.parametrize("path,payload", WRITE_ENDPOINTS)
|
|
def test_write_core_ok(http, path, payload):
|
|
r = http.post(path, json=payload, headers=CORE)
|
|
assert r.status_code == 200, (path, r.text)
|
|
|
|
|
|
@pytest.mark.parametrize("path,payload", WRITE_ENDPOINTS)
|
|
def test_write_observer_403(http, path, payload):
|
|
r = http.post(path, json=payload, headers=OBS)
|
|
assert r.status_code == 403, (path, r.text)
|
|
|
|
|
|
@pytest.mark.parametrize("path,payload", WRITE_ENDPOINTS)
|
|
def test_write_no_auth_401(http, path, payload):
|
|
r = http.post(path, json=payload)
|
|
assert r.status_code == 401, (path, r.text)
|