- test_audit_log_includes_user_handle: user_handle and actor_handle in audit items (D-11) - test_audit_log_filter_by_handle: user_handle query param filters entries (D-12) - test_audit_log_filter_unknown_handle: unknown handle returns empty list, not 422 (D-12) - test_daily_exports_list: daily-exports listing endpoint returns {items} (D-15) - test_daily_export_download: daily export download returns CSV bytes with Content-Disposition (D-16)
Verifies event_type filter returns only matching entries. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
WR-01: extend nested metadata_ forbidden-key check to all 4 keys WR-02: assert no forbidden fields in CSV export body (D-15) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Replace all 4 @pytest.mark.xfail stubs with real assertions - Add _seed_audit() helper calling write_audit_log() + commit - test_audit_log_viewer: verifies paginated JSON shape and total >= 1 - test_audit_log_no_doc_content: asserts no filename/extracted_text in items - test_audit_log_regular_user_403: asserts 403 for regular users - test_audit_log_export_csv: asserts text/csv content-type and CSV header line - Remove unused 'import os' - Add pytestmark = pytest.mark.asyncio at module level
- test_documents.py: append 4 stubs (content_stream 200, 206, admin_403, no_presigned_url) - test_audit.py: create new file with 4 stubs (viewer, no_doc_content, user_403, export_csv) - test_security.py: create new file with 2 stubs (credentials_enc_not_in_response, delete_user_cleans_files) - All stubs: xfail(strict=False), body is pytest.xfail("not implemented yet")
curo1305