feat(fusion_clock): NFC card enrollment endpoint

Adds /fusion_clock/kiosk/nfc/enroll (jsonrpc, auth=user) that validates the enroll password, normalises the card UID, checks for duplicate assignments, writes x_fclk_nfc_card_uid, and creates a card_enrollment activity log entry. 4 new tests; 21 total passing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-14 00:58:25 -04:00
parent a24a1ddf1a
commit 661c8ae227
2 changed files with 125 additions and 0 deletions
--- a/fusion_clock/tests/test_clock_nfc_kiosk.py
+++ b/fusion_clock/tests/test_clock_nfc_kiosk.py
@@ -79,3 +79,75 @@ class TestUidNormalization(TransactionCase):

    def test_odd_length_returns_none(self):
        self.assertIsNone(FusionClockNfcKiosk._normalize_uid('04A2B562C18'))
+
+
+import json
+
+
+@tagged('-at_install', 'post_install', 'fusion_clock')
+class TestEnrollEndpoint(HttpCase):
+
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.ICP = cls.env['ir.config_parameter'].sudo()
+        cls.ICP.set_param('fusion_clock.enable_nfc_kiosk', 'True')
+        cls.ICP.set_param('fusion_clock.nfc_enroll_password', '1234')
+        cls.kiosk_user = cls.env['res.users'].create({
+            'name': 'Enroll Kiosk User',
+            'login': 'nfc-kiosk-enroll',
+            'password': 'kioskpass123',
+            'group_ids': [(4, cls.env.ref('fusion_clock.group_fusion_clock_manager').id)],
+        })
+        cls.alice = cls.env['hr.employee'].create({'name': 'Alice E', 'x_fclk_enable_clock': True})
+        cls.bob = cls.env['hr.employee'].create({'name': 'Bob E', 'x_fclk_enable_clock': True})
+
+    def _call(self, payload):
+        self.authenticate('nfc-kiosk-enroll', 'kioskpass123')
+        response = self.url_open(
+            '/fusion_clock/kiosk/nfc/enroll',
+            data=json.dumps({'jsonrpc': '2.0', 'method': 'call', 'params': payload}),
+            headers={'Content-Type': 'application/json'},
+        )
+        return response.json().get('result', {})
+
+    def test_enroll_success(self):
+        result = self._call({
+            'employee_id': self.alice.id,
+            'card_uid': '04:a2:b5:62:c1:80',
+            'enroll_password': '1234',
+        })
+        self.assertTrue(result.get('success'))
+        self.assertEqual(result.get('card_uid'), '04:A2:B5:62:C1:80')
+        self.alice.invalidate_recordset()
+        self.assertEqual(self.alice.x_fclk_nfc_card_uid, '04:A2:B5:62:C1:80')
+
+    def test_enroll_wrong_password(self):
+        result = self._call({
+            'employee_id': self.alice.id,
+            'card_uid': '04:A2:B5:62:C1:81',
+            'enroll_password': 'wrong',
+        })
+        self.assertEqual(result.get('error'), 'invalid_password')
+        self.alice.invalidate_recordset()
+        self.assertFalse(self.alice.x_fclk_nfc_card_uid)
+
+    def test_enroll_card_already_assigned(self):
+        self.alice.x_fclk_nfc_card_uid = '04:A2:B5:62:C1:82'
+        result = self._call({
+            'employee_id': self.bob.id,
+            'card_uid': '04:A2:B5:62:C1:82',
+            'enroll_password': '1234',
+        })
+        self.assertEqual(result.get('error'), 'card_already_assigned')
+        self.assertEqual(result.get('existing_employee'), 'Alice E')
+        self.bob.invalidate_recordset()
+        self.assertFalse(self.bob.x_fclk_nfc_card_uid)
+
+    def test_enroll_invalid_uid(self):
+        result = self._call({
+            'employee_id': self.alice.id,
+            'card_uid': 'not-a-uid',
+            'enroll_password': '1234',
+        })
+        self.assertEqual(result.get('error'), 'invalid_uid')