Week 11: 测试与代码质量

# test_example.py

def add(a, b):
    return a + b

def test_add():
    assert add(1, 2) == 3
    assert add(-1, 1) == 0
    assert add(0, 0) == 0

# 运行测试
pytest
pytest test_example.py
pytest test_example.py::test_add
pytest -v  # 详细输出

class TestCalculator:
    def test_add(self):
        assert add(1, 2) == 3
    
    def test_subtract(self):
        assert subtract(5, 3) == 2

import pytest

def divide(a, b):
    if b == 0:
        raise ValueError("除数不能为零")
    return a / b

def test_divide_by_zero():
    with pytest.raises(ValueError) as excinfo:
        divide(1, 0)
    assert "除数不能为零" in str(excinfo.value)

import pytest

@pytest.mark.parametrize("a,b,expected", [
    (1, 2, 3),
    (0, 0, 0),
    (-1, 1, 0),
    (100, 200, 300),
])
def test_add_parametrized(a, b, expected):
    assert add(a, b) == expected

import pytest

@pytest.fixture
def sample_data():
    return {"name": "Alice", "age": 30}

def test_name(sample_data):
    assert sample_data["name"] == "Alice"

def test_age(sample_data):
    assert sample_data["age"] == 30

@pytest.fixture(scope="function")  # 每个测试函数执行一次 (默认)
def func_fixture():
    return create_resource()

@pytest.fixture(scope="class")  # 每个测试类执行一次
def class_fixture():
    return create_resource()

@pytest.fixture(scope="module")  # 每个模块执行一次
def module_fixture():
    return create_resource()

@pytest.fixture(scope="session")  # 整个测试会话执行一次
def session_fixture():
    return create_resource()

@pytest.fixture
def database():
    # Setup
    db = connect_database()
    
    yield db  # 返回给测试
    
    # Teardown
    db.close()

def test_query(database):
    result = database.query("SELECT 1")
    assert result == 1

# conftest.py
import pytest

@pytest.fixture
def config():
    return {"debug": True}

# 所有测试文件都可以使用 config fixture

from unittest.mock import Mock

# 创建 Mock 对象
mock = Mock()
mock.method()
mock.method.assert_called_once()

# 设置返回值
mock.method.return_value = 42
assert mock.method() == 42

# 设置副作用
mock.method.side_effect = Exception("Error")

from unittest.mock import patch

# 假设 mymodule.py 中有:
# import requests
# def fetch_data(url):
#     return requests.get(url).json()

@patch("mymodule.requests.get")
def test_fetch_data(mock_get):
    # 配置 mock
    mock_get.return_value.json.return_value = {"data": "test"}
    
    # 测试
    result = fetch_data("http://example.com")
    
    assert result == {"data": "test"}
    mock_get.assert_called_once_with("http://example.com")

def test_with_patch():
    with patch("mymodule.requests.get") as mock_get:
        mock_get.return_value.status_code = 200
        # 测试代码

from unittest.mock import MagicMock

mock = MagicMock()

# 支持魔术方法
len(mock)
mock[0]
mock.__len__.return_value = 5
assert len(mock) == 5

# 安装
pip install pytest-cov

# 运行
pytest --cov=mypackage
pytest --cov=mypackage --cov-report=html

def debug_function():  # pragma: no cover
    """调试用, 不需要测试"""
    pass

# pyproject.toml
[tool.coverage.run]
branch = true
source = ["mypackage"]

[tool.coverage.report]
exclude_lines = [
    "pragma: no cover",
    "if __name__ == .__main__.:",
]

def greet(name: str) -> str:
    return f"Hello, {name}!"

def add(a: int, b: int) -> int:
    return a + b

age: int = 30
names: list[str] = ["Alice", "Bob"]
user: dict[str, int] = {"age": 30}

from typing import Optional

def find_user(user_id: int) -> Optional[dict]:
    """返回用户或 None"""
    ...

# Python 3.10+
def find_user(user_id: int) -> dict | None:
    ...

from typing import TypeAlias

UserId: TypeAlias = int
UserDict: TypeAlias = dict[str, str | int]

def get_user(user_id: UserId) -> UserDict:
    ...

from typing import TypeVar, Generic

T = TypeVar("T")

class Stack(Generic[T]):
    def __init__(self) -> None:
        self.items: list[T] = []
    
    def push(self, item: T) -> None:
        self.items.append(item)
    
    def pop(self) -> T:
        return self.items.pop()

stack: Stack[int] = Stack()
stack.push(1)

from typing import Callable

def apply(func: Callable[[int, int], int], a: int, b: int) -> int:
    return func(a, b)

apply(lambda x, y: x + y, 1, 2)

pip install mypy
mypy mypackage/

# pyproject.toml
[tool.mypy]
python_version = "3.12"
strict = true
ignore_missing_imports = true

# 忽略特定行
x = some_func()  # type: ignore

# 忽略特定错误
x = some_func()  # type: ignore[arg-type]

pip install black
black mypackage/

pip install ruff
ruff check mypackage/
ruff check --fix mypackage/

pip install isort
isort mypackage/

# .pre-commit-config.yaml
repos:
  - repo: https://github.com/psf/black
    rev: 23.12.1
    hooks:
      - id: black

  - repo: https://github.com/astral-sh/ruff-pre-commit
    rev: v0.1.9
    hooks:
      - id: ruff
        args: [--fix]

  - repo: https://github.com/pre-commit/mirrors-mypy
    rev: v1.8.0
    hooks:
      - id: mypy

pip install pre-commit
pre-commit install
pre-commit run --all-files

pip install bandit
bandit -r mypackage/
bandit -r mypackage/ -f json -o security_report.json

[bandit]
exclude = tests,docs
skips = B101,B601

import subprocess

# 危险
user_input = "file.txt; rm -rf /"
subprocess.run(f"cat {user_input}", shell=True)  # B602

# 安全
subprocess.run(["cat", user_input])  # 列表形式, 不使用 shell

# 危险
cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")  # B608

# 安全: 参数化查询
cursor.execute("SELECT * FROM users WHERE id = ?", (user_id,))

import pickle

# 危险: 不要反序列化不可信数据
data = pickle.load(open("untrusted.pkl", "rb"))  # B301

# 安全替代: 使用 JSON
import json
data = json.load(open("data.json"))

import random
import secrets

# 危险: 用于安全场景
token = ''.join(random.choices('abc123', k=32))  # 可预测

# 安全
token = secrets.token_hex(16)  # 密码学安全随机