mirror of
https://github.com/comfyanonymous/ComfyUI.git
synced 2026-03-18 23:55:08 +08:00
2bd4d82b4f
* feat(assets): align local API with cloud spec Unify response models, add missing fields, and align input schemas with the cloud OpenAPI spec at cloud.comfy.org/openapi. - Replace AssetSummary/AssetDetail/AssetUpdated with single Asset model - Add is_immutable, metadata (system_metadata), prompt_id fields - Support mime_type and preview_id in update endpoint - Make CreateFromHashBody.name optional, add mime_type, require >=1 tag - Add id/mime_type/preview_id to upload, relax tags to optional - Rename total_tags → tags in tag add/remove responses - Add GET /api/assets/tags/refine histogram endpoint - Add DB migration for system_metadata and prompt_id columns Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Fix review issues: tags validation, size nullability, type annotation, hash mismatch check, and add tag histogram tests - Remove contradictory min_length=1 from CreateFromHashBody.tags default - Restore size field to int|None=None for proper null semantics - Add Union type annotation to _build_asset_response result param - Add hash mismatch validation on idempotent upload path (409 HASH_MISMATCH) - Add unit tests for list_tag_histogram service function Amp-Thread-ID: https://ampcode.com/threads/T-019cd993-f43c-704e-b3d7-6cfc3d4d4a80 Co-authored-by: Amp <amp@ampcode.com> * Add preview_url to /assets API response using /api/view endpoint For input and output assets, generate a preview_url pointing to the existing /api/view endpoint using the asset's filename and tag-derived type (input/output). Handles subdirectories via subfolder param and URL-encodes filenames with spaces, unicode, and special characters. This aligns the OSS backend response with the frontend AssetCard expectation for thumbnail rendering. Amp-Thread-ID: https://ampcode.com/threads/T-019cda3f-5c2c-751a-a906-ac6c9153ac5c Co-authored-by: Amp <amp@ampcode.com> * chore: remove unused imports from asset_reference queries Amp-Thread-ID: https://ampcode.com/threads/T-019cda7d-cb21-77b4-a51b-b965af60208c Co-authored-by: Amp <amp@ampcode.com> * feat: resolve blake3 hashes in /view endpoint via asset database Amp-Thread-ID: https://ampcode.com/threads/T-019cda7d-cb21-77b4-a51b-b965af60208c Co-authored-by: Amp <amp@ampcode.com> * Register uploaded images in asset database when --enable-assets is set Add register_file_in_place() service function to ingest module for registering already-saved files without moving them. Call it from the /upload/image endpoint to return asset metadata in the response. Amp-Thread-ID: https://ampcode.com/threads/T-019ce023-3384-7560-bacf-de40b0de0dd2 Co-authored-by: Amp <amp@ampcode.com> * Exclude None fields from asset API JSON responses Add exclude_none=True to model_dump() calls across asset routes to keep response payloads clean by omitting unset optional fields. Amp-Thread-ID: https://ampcode.com/threads/T-019ce023-3384-7560-bacf-de40b0de0dd2 Co-authored-by: Amp <amp@ampcode.com> * Add comment explaining why /view resolves blake3 hashes Amp-Thread-ID: https://ampcode.com/threads/T-019ce023-3384-7560-bacf-de40b0de0dd2 Co-authored-by: Amp <amp@ampcode.com> * Move blake3 hash resolution to asset_management service Extract resolve_hash_to_path() into asset_management.py and remove _resolve_blake3_to_path from server.py. Also revert loopback origin check to original logic. Amp-Thread-ID: https://ampcode.com/threads/T-019ce023-3384-7560-bacf-de40b0de0dd2 Co-authored-by: Amp <amp@ampcode.com> * Require at least one tag in UploadAssetSpec Enforce non-empty tags at the Pydantic validation layer so uploads with no tags are rejected with a 400 before reaching ingest. Adds test_upload_empty_tags_rejected to cover this case. Amp-Thread-ID: https://ampcode.com/threads/T-019ce377-8bde-7048-bc28-a9df063409f9 Co-authored-by: Amp <amp@ampcode.com> * Add owner_id check to resolve_hash_to_path Filter asset references by owner visibility so the /view endpoint only resolves hashes for assets the requesting user can access. Adds table-driven tests for owner visibility cases. Amp-Thread-ID: https://ampcode.com/threads/T-019ce377-8bde-7048-bc28-a9df063409f9 Co-authored-by: Amp <amp@ampcode.com> * Make ReferenceData.created_at and updated_at required Remove None defaults and type: ignore comments. Move fields before optional fields to satisfy dataclass ordering. Amp-Thread-ID: https://ampcode.com/threads/T-019ce377-8bde-7048-bc28-a9df063409f9 Co-authored-by: Amp <amp@ampcode.com> * Fix double commit in create_from_hash Move mime_type update into _register_existing_asset so it shares a single transaction with reference creation. Log a warning when the hash is not found instead of silently returning None. Amp-Thread-ID: https://ampcode.com/threads/T-019ce377-8bde-7048-bc28-a9df063409f9 Co-authored-by: Amp <amp@ampcode.com> * Add exclude_none=True to create/upload responses Align with get/update/list endpoints for consistent JSON output. Amp-Thread-ID: https://ampcode.com/threads/T-019ce377-8bde-7048-bc28-a9df063409f9 Co-authored-by: Amp <amp@ampcode.com> * Change preview_id to reference asset by reference ID, not content ID Clients receive preview_id in API responses but could not dereference it through public routes (which use reference IDs). Now preview_id is a self-referential FK to asset_references.id so the value is directly usable in the public API. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Filter soft-deleted and missing refs from visibility queries list_references_by_asset_id and list_tags_with_usage were not filtering out deleted_at/is_missing refs, allowing /view?filename=blake3:... to serve files through hidden references and inflating tag usage counts. Add list_all_file_paths_by_asset_id for orphan cleanup which intentionally needs unfiltered access. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Pass preview_id and mime_type through all asset creation fast paths The duplicate-content upload path and hash-based creation paths were silently dropping preview_id and mime_type. This wires both fields through _register_existing_asset, create_from_hash, and all route call sites so behavior is consistent regardless of whether the asset content already exists. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Remove unimplemented client-provided ID from upload API The `id` field on UploadAssetSpec was advertised for idempotent creation but never actually honored when creating new references. Remove it rather than implementing the feature. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Make asset mime_type immutable after first ingest Prevents cross-tenant metadata mutation when multiple references share the same content-addressed Asset row. mime_type can now only be set when NULL (first ingest); subsequent attempts to change it are silently ignored. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Use resolved content_type from asset lookup in /view endpoint The /view endpoint was discarding the content_type computed by resolve_hash_to_path() and re-guessing from the filename, which produced wrong results for extensionless files or mismatched extensions. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Merge system+user metadata into filter projection Extract rebuild_metadata_projection() to build AssetReferenceMeta rows from {**system_metadata, **user_metadata}, so system-generated metadata is queryable via metadata_filter and user keys override system keys. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Standardize tag ordering to alphabetical across all endpoints Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Derive subfolder tags from path in register_file_in_place Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Reject client-provided id, fix preview URLs, rename tags→total_tags - Reject 'id' field in multipart upload with 400 UNSUPPORTED_FIELD instead of silently ignoring it - Build preview URL from the preview asset's own metadata rather than the parent asset's - Rename 'tags' to 'total_tags' in TagsAdd/TagsRemove response schemas for clarity Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * fix: SQLite migration 0003 FK drop fails on file-backed DBs (MB-2) Add naming_convention to Base.metadata so Alembic batch-mode reflection can match unnamed FK constraints created by migration 0002. Pass naming_convention and render_as_batch=True through env.py online config. Add migration roundtrip tests (upgrade/downgrade/cycle from baseline). Amp-Thread-ID: https://ampcode.com/threads/T-019ce466-1683-7471-b6e1-bb078223cda0 Co-authored-by: Amp <amp@ampcode.com> * Fix missing tag count for is_missing references and update test for total_tags field - Allow is_missing=True references to be counted in list_tags_with_usage when the tag is 'missing', so the missing tag count reflects all references that have been tagged as missing - Add update_is_missing_by_asset_id query helper for bulk updates by asset - Update test_add_and_remove_tags to use 'total_tags' matching the API schema Amp-Thread-ID: https://ampcode.com/threads/T-019ce482-05e7-7324-a1b0-a56a929cc7ef Co-authored-by: Amp <amp@ampcode.com> * Remove unused imports in scanner.py Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * Rename prompt_id to job_id on asset_references Rename the column in the DB model, migration, and service schemas. The API response emits both job_id and prompt_id (deprecated alias) for backward compatibility with the cloud API. Amp-Thread-ID: https://ampcode.com/threads/T-019cef41-60b0-752a-aa3c-ed7f20fda2f7 Co-authored-by: Amp <amp@ampcode.com> * Add index on asset_references.preview_id for FK cascade performance Amp-Thread-ID: https://ampcode.com/threads/T-019cef45-a4d2-7548-86d2-d46bcd3db419 Co-authored-by: Amp <amp@ampcode.com> * Add clarifying comments for Asset/AssetReference naming and preview_id Amp-Thread-ID: https://ampcode.com/threads/T-019cef49-f94e-7348-bf23-9a19ebf65e0d Co-authored-by: Amp <amp@ampcode.com> * Disallow all-null meta rows: add CHECK constraint, skip null values on write - convert_metadata_to_rows returns [] for None values instead of an all-null row - Remove dead None branch from _scalar_to_row - Simplify null filter in common.py to just check for row absence - Add CHECK constraint ck_asset_reference_meta_has_value to model and migration 0003 Amp-Thread-ID: https://ampcode.com/threads/T-019cef4e-5240-7749-bb25-1f17fcf9c09c Co-authored-by: Amp <amp@ampcode.com> * Remove dead None guards on result.asset in upload handler register_file_in_place guarantees a non-None asset, so the 'if result.asset else None' checks were unreachable. Amp-Thread-ID: https://ampcode.com/threads/T-019cef5b-4cf8-723c-8a98-8fb8f333c133 Co-authored-by: Amp <amp@ampcode.com> * Remove mime_type from asset update API Clients can no longer modify mime_type after asset creation via the PUT /api/assets/{id} endpoint. This reduces the risk of mime_type spoofing. The internal update_asset_hash_and_mime function remains available for server-side use (e.g., enrichment). Amp-Thread-ID: https://ampcode.com/threads/T-019cef5d-8d61-75cc-a1c6-2841ac395648 Co-authored-by: Amp <amp@ampcode.com> * Fix migration constraint naming double-prefix and NULL in mixed metadata lists - Use fully-rendered constraint names in migration 0003 to avoid the naming convention doubling the ck_ prefix on batch operations. - Add table_args to downgrade so SQLite batch mode can find the CHECK constraint (not exposed by SQLite reflection). - Fix model CheckConstraint name to use bare 'has_value' (convention auto-prefixes). - Skip None items when converting metadata lists to rows, preventing all-NULL rows that violate the has_value check constraint. Amp-Thread-ID: https://ampcode.com/threads/T-019cef87-94f9-7172-a6af-c6282290ce4f Co-authored-by: Amp <amp@ampcode.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Amp <amp@ampcode.com>
291 lines
12 KiB
Python
291 lines
12 KiB
Python
import json
|
|
import uuid
|
|
from concurrent.futures import ThreadPoolExecutor
|
|
|
|
import requests
|
|
import pytest
|
|
|
|
|
|
def test_upload_ok_duplicate_reference(http: requests.Session, api_base: str, make_asset_bytes):
|
|
name = "dup_a.safetensors"
|
|
tags = ["models", "checkpoints", "unit-tests", "alpha"]
|
|
meta = {"purpose": "dup"}
|
|
data = make_asset_bytes(name)
|
|
files = {"file": (name, data, "application/octet-stream")}
|
|
form = {"tags": json.dumps(tags), "name": name, "user_metadata": json.dumps(meta)}
|
|
r1 = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
a1 = r1.json()
|
|
assert r1.status_code == 201, a1
|
|
assert a1["created_new"] is True
|
|
|
|
# Second upload with the same data and name creates a new AssetReference (duplicates allowed)
|
|
# Returns 200 because Asset already exists, but a new AssetReference is created
|
|
files = {"file": (name, data, "application/octet-stream")}
|
|
form = {"tags": json.dumps(tags), "name": name, "user_metadata": json.dumps(meta)}
|
|
r2 = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
a2 = r2.json()
|
|
assert r2.status_code in (200, 201), a2
|
|
assert a2["asset_hash"] == a1["asset_hash"]
|
|
assert a2["id"] != a1["id"] # new reference with same content
|
|
|
|
# Third upload with the same data but different name also creates new AssetReference
|
|
files = {"file": (name, data, "application/octet-stream")}
|
|
form = {"tags": json.dumps(tags), "name": name + "_d", "user_metadata": json.dumps(meta)}
|
|
r3 = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
a3 = r3.json()
|
|
assert r3.status_code in (200, 201), a3
|
|
assert a3["asset_hash"] == a1["asset_hash"]
|
|
assert a3["id"] != a1["id"]
|
|
assert a3["id"] != a2["id"]
|
|
|
|
|
|
def test_upload_fastpath_from_existing_hash_no_file(http: requests.Session, api_base: str):
|
|
# Seed a small file first
|
|
name = "fastpath_seed.safetensors"
|
|
tags = ["models", "checkpoints", "unit-tests"]
|
|
meta = {}
|
|
files = {"file": (name, b"B" * 1024, "application/octet-stream")}
|
|
form = {"tags": json.dumps(tags), "name": name, "user_metadata": json.dumps(meta)}
|
|
r1 = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
b1 = r1.json()
|
|
assert r1.status_code == 201, b1
|
|
h = b1["asset_hash"]
|
|
|
|
# Now POST /api/assets with only hash and no file
|
|
files = [
|
|
("hash", (None, h)),
|
|
("tags", (None, json.dumps(tags))),
|
|
("name", (None, "fastpath_copy.safetensors")),
|
|
("user_metadata", (None, json.dumps({"purpose": "copy"}))),
|
|
]
|
|
r2 = http.post(api_base + "/api/assets", files=files, timeout=120)
|
|
b2 = r2.json()
|
|
assert r2.status_code == 200, b2 # fast path returns 200 with created_new == False
|
|
assert b2["created_new"] is False
|
|
assert b2["asset_hash"] == h
|
|
|
|
|
|
def test_upload_fastpath_with_known_hash_and_file(
|
|
http: requests.Session, api_base: str
|
|
):
|
|
# Seed
|
|
files = {"file": ("seed.safetensors", b"C" * 128, "application/octet-stream")}
|
|
form = {"tags": json.dumps(["models", "checkpoints", "unit-tests", "fp"]), "name": "seed.safetensors", "user_metadata": json.dumps({})}
|
|
r1 = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
b1 = r1.json()
|
|
assert r1.status_code == 201, b1
|
|
h = b1["asset_hash"]
|
|
|
|
# Send both file and hash of existing content -> server must drain file and create from hash (200)
|
|
files = {"file": ("ignored.bin", b"ignored" * 10, "application/octet-stream")}
|
|
form = {"hash": h, "tags": json.dumps(["models", "checkpoints", "unit-tests", "fp"]), "name": "copy_from_hash.safetensors", "user_metadata": json.dumps({})}
|
|
r2 = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
b2 = r2.json()
|
|
assert r2.status_code == 200, b2
|
|
assert b2["created_new"] is False
|
|
assert b2["asset_hash"] == h
|
|
|
|
|
|
def test_upload_multiple_tags_fields_are_merged(http: requests.Session, api_base: str):
|
|
data = [
|
|
("tags", "models,checkpoints"),
|
|
("tags", json.dumps(["unit-tests", "alpha"])),
|
|
("name", "merge.safetensors"),
|
|
("user_metadata", json.dumps({"u": 1})),
|
|
]
|
|
files = {"file": ("merge.safetensors", b"B" * 256, "application/octet-stream")}
|
|
r1 = http.post(api_base + "/api/assets", data=data, files=files, timeout=120)
|
|
created = r1.json()
|
|
assert r1.status_code in (200, 201), created
|
|
aid = created["id"]
|
|
|
|
# Verify all tags are present on the resource
|
|
rg = http.get(f"{api_base}/api/assets/{aid}", timeout=120)
|
|
detail = rg.json()
|
|
assert rg.status_code == 200, detail
|
|
tags = set(detail["tags"])
|
|
assert {"models", "checkpoints", "unit-tests", "alpha"}.issubset(tags)
|
|
|
|
|
|
@pytest.mark.parametrize("root", ["input", "output"])
|
|
def test_concurrent_upload_identical_bytes_different_names(
|
|
root: str,
|
|
http: requests.Session,
|
|
api_base: str,
|
|
make_asset_bytes,
|
|
):
|
|
"""
|
|
Two concurrent uploads of identical bytes but different names.
|
|
Expect a single Asset (same hash), two AssetReference rows, and exactly one created_new=True.
|
|
"""
|
|
scope = f"concupload-{uuid.uuid4().hex[:6]}"
|
|
name1, name2 = "cu_a.bin", "cu_b.bin"
|
|
data = make_asset_bytes("concurrent", 4096)
|
|
tags = [root, "unit-tests", scope]
|
|
|
|
def _do_upload(args):
|
|
url, form_data, files_data = args
|
|
with requests.Session() as s:
|
|
return s.post(url, data=form_data, files=files_data, timeout=120)
|
|
|
|
url = api_base + "/api/assets"
|
|
form1 = {"tags": json.dumps(tags), "name": name1, "user_metadata": json.dumps({})}
|
|
files1 = {"file": (name1, data, "application/octet-stream")}
|
|
form2 = {"tags": json.dumps(tags), "name": name2, "user_metadata": json.dumps({})}
|
|
files2 = {"file": (name2, data, "application/octet-stream")}
|
|
|
|
with ThreadPoolExecutor(max_workers=2) as executor:
|
|
futures = list(executor.map(_do_upload, [(url, form1, files1), (url, form2, files2)]))
|
|
r1, r2 = futures
|
|
|
|
b1, b2 = r1.json(), r2.json()
|
|
assert r1.status_code in (200, 201), b1
|
|
assert r2.status_code in (200, 201), b2
|
|
assert b1["asset_hash"] == b2["asset_hash"]
|
|
assert b1["id"] != b2["id"]
|
|
|
|
created_flags = sorted([bool(b1.get("created_new")), bool(b2.get("created_new"))])
|
|
assert created_flags == [False, True]
|
|
|
|
rl = http.get(
|
|
api_base + "/api/assets",
|
|
params={"include_tags": f"unit-tests,{scope}", "sort": "name"},
|
|
timeout=120,
|
|
)
|
|
bl = rl.json()
|
|
assert rl.status_code == 200, bl
|
|
names = [a["name"] for a in bl.get("assets", [])]
|
|
assert set([name1, name2]).issubset(names)
|
|
|
|
|
|
def test_create_from_hash_endpoint_404(http: requests.Session, api_base: str):
|
|
payload = {
|
|
"hash": "blake3:" + "0" * 64,
|
|
"name": "nonexistent.bin",
|
|
"tags": ["models", "checkpoints", "unit-tests"],
|
|
}
|
|
r = http.post(api_base + "/api/assets/from-hash", json=payload, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 404
|
|
assert body["error"]["code"] == "ASSET_NOT_FOUND"
|
|
|
|
|
|
def test_upload_zero_byte_rejected(http: requests.Session, api_base: str):
|
|
files = {"file": ("empty.safetensors", b"", "application/octet-stream")}
|
|
form = {"tags": json.dumps(["models", "checkpoints", "unit-tests", "edge"]), "name": "empty.safetensors", "user_metadata": json.dumps({})}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "EMPTY_UPLOAD"
|
|
|
|
|
|
def test_upload_invalid_root_tag_rejected(http: requests.Session, api_base: str):
|
|
files = {"file": ("badroot.bin", b"A" * 64, "application/octet-stream")}
|
|
form = {"tags": json.dumps(["not-a-root", "whatever"]), "name": "badroot.bin", "user_metadata": json.dumps({})}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "INVALID_BODY"
|
|
|
|
|
|
def test_upload_user_metadata_must_be_json(http: requests.Session, api_base: str):
|
|
files = {"file": ("badmeta.bin", b"A" * 128, "application/octet-stream")}
|
|
form = {"tags": json.dumps(["models", "checkpoints", "unit-tests", "edge"]), "name": "badmeta.bin", "user_metadata": "{not json}"}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "INVALID_BODY"
|
|
|
|
|
|
def test_upload_requires_multipart(http: requests.Session, api_base: str):
|
|
r = http.post(api_base + "/api/assets", json={"foo": "bar"}, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 415
|
|
assert body["error"]["code"] == "UNSUPPORTED_MEDIA_TYPE"
|
|
|
|
|
|
def test_upload_missing_file_and_hash(http: requests.Session, api_base: str):
|
|
files = [
|
|
("tags", (None, json.dumps(["models", "checkpoints", "unit-tests"]))),
|
|
("name", (None, "x.safetensors")),
|
|
]
|
|
r = http.post(api_base + "/api/assets", files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "MISSING_FILE"
|
|
|
|
|
|
def test_upload_models_unknown_category(http: requests.Session, api_base: str):
|
|
files = {"file": ("m.safetensors", b"A" * 128, "application/octet-stream")}
|
|
form = {"tags": json.dumps(["models", "no_such_category", "unit-tests"]), "name": "m.safetensors"}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "INVALID_BODY"
|
|
assert body["error"]["message"].startswith("unknown models category")
|
|
|
|
|
|
def test_upload_models_requires_category(http: requests.Session, api_base: str):
|
|
files = {"file": ("nocat.safetensors", b"A" * 64, "application/octet-stream")}
|
|
form = {"tags": json.dumps(["models"]), "name": "nocat.safetensors", "user_metadata": json.dumps({})}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "INVALID_BODY"
|
|
|
|
|
|
def test_upload_tags_traversal_guard(http: requests.Session, api_base: str):
|
|
files = {"file": ("evil.safetensors", b"A" * 256, "application/octet-stream")}
|
|
form = {"tags": json.dumps(["models", "checkpoints", "unit-tests", "..", "zzz"]), "name": "evil.safetensors"}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] in ("BAD_REQUEST", "INVALID_BODY")
|
|
|
|
|
|
def test_upload_empty_tags_rejected(http: requests.Session, api_base: str):
|
|
files = {"file": ("notags.bin", b"A" * 64, "application/octet-stream")}
|
|
form = {"tags": json.dumps([]), "name": "notags.bin", "user_metadata": json.dumps({})}
|
|
r = http.post(api_base + "/api/assets", data=form, files=files, timeout=120)
|
|
body = r.json()
|
|
assert r.status_code == 400
|
|
assert body["error"]["code"] == "INVALID_BODY"
|
|
|
|
|
|
@pytest.mark.parametrize("root", ["input", "output"])
|
|
def test_duplicate_upload_same_display_name_does_not_clobber(
|
|
root: str,
|
|
http: requests.Session,
|
|
api_base: str,
|
|
asset_factory,
|
|
make_asset_bytes,
|
|
):
|
|
"""
|
|
Two uploads use the same tags and the same display name but different bytes.
|
|
With hash-based filenames, they must NOT overwrite each other. Both assets
|
|
remain accessible and serve their original content.
|
|
"""
|
|
scope = f"dup-path-{uuid.uuid4().hex[:6]}"
|
|
display_name = "same_display.bin"
|
|
|
|
d1 = make_asset_bytes(scope + "-v1", 1536)
|
|
d2 = make_asset_bytes(scope + "-v2", 2048)
|
|
tags = [root, "unit-tests", scope]
|
|
|
|
first = asset_factory(display_name, tags, {}, d1)
|
|
second = asset_factory(display_name, tags, {}, d2)
|
|
|
|
assert first["id"] != second["id"]
|
|
assert first["asset_hash"] != second["asset_hash"] # different content
|
|
assert first["name"] == second["name"] == display_name
|
|
|
|
# Both must be independently retrievable
|
|
r1 = http.get(f"{api_base}/api/assets/{first['id']}/content", timeout=120)
|
|
b1 = r1.content
|
|
assert r1.status_code == 200
|
|
assert b1 == d1
|
|
r2 = http.get(f"{api_base}/api/assets/{second['id']}/content", timeout=120)
|
|
b2 = r2.content
|
|
assert r2.status_code == 200
|
|
assert b2 == d2
|