test(BA-5737): rewrite tests — SDK component test, repo unit tests

- Remove test_vfolder_in_project_service.py (service unit test).
- Rename test_vfolder_project_mutations.py → test_vfolder_mutation.py
  and rewrite to use V2ClientRegistry SDK calls via HTTP instead of
  direct adapter invocation.
- Add TestVFolderRepositoryTrashAndUpdate to test_vfolder_repository.py:
  trash_vfolder (status → DELETE_PENDING + not found) and
  update_vfolder_attribute (name rename + not found).
- Fix changelog Vfolder → VFolder casing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: fregataa

changes/11139.feature.md

@@ -1 +1 @@
-Add project-scoped `createProjectVfolderV2` GraphQL mutation and enforce RBAC on `deleteVfolderV2`, `purgeVfolderV2`, and new `updateVfolderV2` across GraphQL, REST v2, SDK, and CLI.
+Add project-scoped `createProjectVFolder` GraphQL mutation and enforce RBAC on `deleteVFolder`, `purgeVFolder`, and new `updateVFolder` across GraphQL, REST v2, SDK, and CLI.

…der_v2/test_vfolder_project_mutations.py …nent/vfolder_v2/test_vfolder_mutation.pytests/component/vfolder_v2/test_vfolder_project_mutations.py renamed to tests/component/vfolder_v2/test_vfolder_mutation.py tests/component/vfolder_v2/test_vfolder_project_mutations.py renamed to tests/component/vfolder_v2/test_vfolder_mutation.py

@@ -1,8 +1,7 @@
-"""Component tests for v2 VFolder RBAC-enforced mutations.
+"""Component tests for v2 VFolder RBAC-enforced mutations via SDK.
 
-Exercises ``SingleEntityActionProcessor`` (delete/purge) and
-``ScopeActionProcessor`` (create) end-to-end against the real DB
-and real RBAC validators.
+Exercises create (project-scoped), delete, purge, and update mutations
+through the real HTTP server + V2ClientRegistry SDK.
 """
 
 from __future__ import annotations
@@ -15,9 +14,13 @@
 from unittest.mock import MagicMock
 
 import pytest
+import yarl
 
-from ai.backend.common.contexts.user import with_user
-from ai.backend.common.data.user.types import UserData, UserRole
+from ai.backend.client.v2.auth import HMACAuth
+from ai.backend.client.v2.config import ClientConfig
+from ai.backend.client.v2.exceptions import PermissionDeniedError
+from ai.backend.client.v2.v2_registry import V2ClientRegistry
+from ai.backend.common.dto.manager.v2.vfolder.request import UpdateVFolderInput
 from ai.backend.common.types import QuotaScopeID, QuotaScopeType, VFolderUsageMode
 from ai.backend.manager.actions.validators import ActionValidators
 from ai.backend.manager.actions.validators.rbac import RBACValidators
@@ -26,12 +29,15 @@
     SingleEntityActionRBACValidator,
 )
 from ai.backend.manager.api.adapters.vfolder import VFolderAdapter
+from ai.backend.manager.api.rest.routing import RouteRegistry
+from ai.backend.manager.api.rest.types import RouteDeps
+from ai.backend.manager.api.rest.v2.vfolder.handler import V2VFolderHandler
+from ai.backend.manager.api.rest.v2.vfolder.registry import register_v2_vfolder_routes
 from ai.backend.manager.data.vfolder.types import (
     VFolderMountPermission,
     VFolderOperationStatus,
     VFolderOwnershipType,
 )
-from ai.backend.manager.errors.permission import NotEnoughPermission
 from ai.backend.manager.models.utils import ExtendedAsyncSAEngine
 from ai.backend.manager.models.vfolder import vfolders
 from ai.backend.manager.repositories.permission_controller.repository import (
@@ -45,7 +51,7 @@
 
 if TYPE_CHECKING:
     from sqlalchemy.ext.asyncio.engine import AsyncEngine as SAEngine
-    from tests.component.conftest import UserFixtureData
+    from tests.component.conftest import ServerInfo, UserFixtureData
 
 
 @dataclass(frozen=True)
@@ -54,6 +60,9 @@ class ProjectVFolderFixtureData:
     project_id: uuid.UUID
 
 
+# ── Fixtures ──────────────────────────────────────────────────────
+
+
 @pytest.fixture()
 def rbac_permission_repo(
     database_engine: ExtendedAsyncSAEngine,
@@ -62,11 +71,11 @@ def rbac_permission_repo(
 
 
 @pytest.fixture()
-def vfolder_processors_with_real_rbac(
+def vfolder_processors(
     database_engine: ExtendedAsyncSAEngine,
     rbac_permission_repo: PermissionControllerRepository,
 ) -> VFolderProcessors:
-    """VFolderProcessors wired with real scope + single-entity RBAC validators."""
+    """Override: real scope + single-entity RBAC validators."""
     vfolder_repository = VfolderRepository(database_engine)
     user_repository = UserRepository(database_engine)
     service = VFolderService(
@@ -91,36 +100,54 @@ def vfolder_processors_with_real_rbac(
 
 
 @pytest.fixture()
-def vfolder_adapter(
-    vfolder_processors_with_real_rbac: VFolderProcessors,
-) -> VFolderAdapter:
+def server_module_registries(
+    route_deps: RouteDeps,
+    vfolder_processors: VFolderProcessors,
+) -> list[RouteRegistry]:
+    """Register v2 vfolder REST routes with real RBAC."""
     processors = MagicMock(spec=Processors)
-    processors.vfolder = vfolder_processors_with_real_rbac
-    return VFolderAdapter(processors)
+    processors.vfolder = vfolder_processors
+    adapter = VFolderAdapter(processors)
+    handler = V2VFolderHandler(adapter=adapter)
+    v2_reg = RouteRegistry.create("v2", route_deps.cors_options)
+    v2_reg.add_subregistry(register_v2_vfolder_routes(handler, route_deps))
+    return [v2_reg]
 
 
 @pytest.fixture()
-def admin_user_data(admin_user_fixture: UserFixtureData) -> UserData:
-    return UserData(
-        user_id=admin_user_fixture.user_uuid,
-        is_authorized=True,
-        is_admin=True,
-        is_superadmin=True,
-        role=UserRole.SUPERADMIN,
-        domain_name="default",
+async def admin_v2_registry(
+    server: ServerInfo,
+    admin_user_fixture: UserFixtureData,
+) -> AsyncIterator[V2ClientRegistry]:
+    registry = await V2ClientRegistry.create(
+        ClientConfig(endpoint=yarl.URL(server.url)),
+        HMACAuth(
+            access_key=admin_user_fixture.keypair.access_key,
+            secret_key=admin_user_fixture.keypair.secret_key,
+        ),
     )
+    try:
+        yield registry
+    finally:
+        await registry.close()
 
 
 @pytest.fixture()
-def regular_user_data(regular_user_fixture: UserFixtureData) -> UserData:
-    return UserData(
-        user_id=regular_user_fixture.user_uuid,
-        is_authorized=True,
-        is_admin=False,
-        is_superadmin=False,
-        role=UserRole.USER,
-        domain_name="default",
+async def user_v2_registry(
+    server: ServerInfo,
+    regular_user_fixture: UserFixtureData,
+) -> AsyncIterator[V2ClientRegistry]:
+    registry = await V2ClientRegistry.create(
+        ClientConfig(endpoint=yarl.URL(server.url)),
+        HMACAuth(
+            access_key=regular_user_fixture.keypair.access_key,
+            secret_key=regular_user_fixture.keypair.secret_key,
+        ),
     )
+    try:
+        yield registry
+    finally:
+        await registry.close()
 
 
 @pytest.fixture()
@@ -157,39 +184,51 @@ async def project_vfolder(
         await conn.execute(vfolders.delete().where(vfolders.c.id == vfolder_id))
 
 
-class TestDeleteVFolderV2ByIdRBAC:
-    """SingleEntityActionProcessor RBAC enforcement for vfolder delete."""
+# ── Tests ─────────────────────────────────────────────────────────
 
-    async def test_regular_user_without_grant_is_denied(
+
+class TestDeleteVFolderRBAC:
+    """DELETE /v2/vfolders/{id} — SingleEntityActionProcessor RBAC."""
+
+    async def test_regular_user_denied(
         self,
-        vfolder_adapter: VFolderAdapter,
-        regular_user_data: UserData,
+        user_v2_registry: V2ClientRegistry,
         project_vfolder: ProjectVFolderFixtureData,
     ) -> None:
-        with with_user(regular_user_data):
-            with pytest.raises(NotEnoughPermission):
-                await vfolder_adapter.delete(project_vfolder.id)
+        with pytest.raises(PermissionDeniedError):
+            await user_v2_registry.vfolder.delete(project_vfolder.id)
 
-    async def test_superadmin_bypasses_rbac(
+    async def test_superadmin_succeeds(
         self,
-        vfolder_adapter: VFolderAdapter,
-        admin_user_data: UserData,
+        admin_v2_registry: V2ClientRegistry,
         project_vfolder: ProjectVFolderFixtureData,
     ) -> None:
-        with with_user(admin_user_data):
-            payload = await vfolder_adapter.delete(project_vfolder.id)
+        payload = await admin_v2_registry.vfolder.delete(project_vfolder.id)
         assert payload.id == project_vfolder.id
 
 
-class TestPurgeVFolderV2ByIdRBAC:
-    """SingleEntityActionProcessor RBAC enforcement for vfolder purge."""
+class TestPurgeVFolderRBAC:
+    """POST /v2/vfolders/{id}/purge — SingleEntityActionProcessor RBAC."""
 
-    async def test_regular_user_without_grant_is_denied(
+    async def test_regular_user_denied(
         self,
-        vfolder_adapter: VFolderAdapter,
-        regular_user_data: UserData,
+        user_v2_registry: V2ClientRegistry,
         project_vfolder: ProjectVFolderFixtureData,
     ) -> None:
-        with with_user(regular_user_data):
-            with pytest.raises(NotEnoughPermission):
-                await vfolder_adapter.purge(project_vfolder.id)
+        with pytest.raises(PermissionDeniedError):
+            await user_v2_registry.vfolder.purge(project_vfolder.id)
+
+
+class TestUpdateVFolderRBAC:
+    """PATCH /v2/vfolders/{id} — SingleEntityActionProcessor RBAC."""
+
+    async def test_regular_user_denied(
+        self,
+        user_v2_registry: V2ClientRegistry,
+        project_vfolder: ProjectVFolderFixtureData,
+    ) -> None:
+        with pytest.raises(PermissionDeniedError):
+            await user_v2_registry.vfolder.update(
+                project_vfolder.id,
+                UpdateVFolderInput(name="new-name"),
+            )