feat: add account management, email verification, AI fixes, and user guides

- Profile settings, account transfer, delete/leave account flows - Email verification with JWT tokens and Resend integration - AI assistant/copilot fixes: markdown rendering, shared RAG helpers, token tracking, input refocus, model_validate usage - User guides hub + detail pages with 13 topic guides - Sidebar and top bar navigation for guides Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-04 19:18:06 -05:00
parent 1aa60dada2
commit 8d6accaf60
45 changed files with 2255 additions and 126 deletions
--- a/backend/tests/test_account_transfer.py
+++ b/backend/tests/test_account_transfer.py
@@ -0,0 +1,63 @@
+"""Tests for account ownership transfer."""
+
+import pytest
+from httpx import AsyncClient
+
+
+@pytest.mark.asyncio
+class TestOwnershipTransfer:
+    """Test POST /accounts/me/transfer-ownership."""
+
+    async def _create_member(self, client: AsyncClient, owner_headers: dict, test_db):
+        """Register a second user and add them to the owner's account."""
+        from sqlalchemy import select
+        from app.models.user import User
+
+        # Register second user (gets own account)
+        resp = await client.post("/api/v1/auth/register", json={
+            "email": "member@example.com",
+            "password": "TestPassword123!",
+            "name": "Member User",
+        })
+        assert resp.status_code == 201
+        member_id = resp.json()["id"]
+
+        # Get owner's account_id
+        me = await client.get("/api/v1/auth/me", headers=owner_headers)
+        owner_account_id = me.json()["account_id"]
+
+        # Move member to owner's account
+        result = await test_db.execute(select(User).where(User.id == member_id))
+        member = result.scalar_one()
+        member.account_id = owner_account_id
+        member.account_role = "engineer"
+        await test_db.commit()
+
+        return member_id
+
+    async def test_transfer_success(self, client: AsyncClient, auth_headers: dict, test_db):
+        member_id = await self._create_member(client, auth_headers, test_db)
+        response = await client.post(
+            "/api/v1/accounts/me/transfer-ownership",
+            json={"current_password": "TestPassword123!", "target_user_id": member_id},
+            headers=auth_headers,
+        )
+        assert response.status_code == 200
+        assert response.json()["owner_id"] == member_id
+
+    async def test_transfer_self(self, client: AsyncClient, auth_headers: dict, test_user):
+        response = await client.post(
+            "/api/v1/accounts/me/transfer-ownership",
+            json={"current_password": "TestPassword123!", "target_user_id": test_user["user_data"]["id"]},
+            headers=auth_headers,
+        )
+        assert response.status_code == 400
+
+    async def test_transfer_wrong_password(self, client: AsyncClient, auth_headers: dict, test_db):
+        member_id = await self._create_member(client, auth_headers, test_db)
+        response = await client.post(
+            "/api/v1/accounts/me/transfer-ownership",
+            json={"current_password": "WrongPassword123!", "target_user_id": member_id},
+            headers=auth_headers,
+        )
+        assert response.status_code == 401