Oliver/oliver-metadata-tool
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
oliver-metadata-tool/tests/test_admin.py
SamoilenkoVadym 3deaa5ef40 Initial commit: Oliver Metadata Tool (FastAPI) 
Complete Flask → FastAPI migration with:
- FastAPI app with session auth, Azure AD SSO, rate limiting
- SQLite-backed session store (survives restarts)
- Bulk AI metadata generation with SSE progress
- Admin panel (user management, audit log, AI usage)
- Subpath deployment support (ROOT_PATH config)
- Docker + deploy.sh for production deployment
- Test suite (auth, upload, templates, imports, admin, sessions)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-09 21:23:42 +00:00

30 lines
1.2 KiB
Python
Raw Permalink Blame History

"""Tests for admin endpoints."""
class TestAdminAccess:
def test_admin_requires_auth(self, client):
"""GET /admin requires authentication."""
client.cookies.clear()
response = client.get("/admin", follow_redirects=False)
assert response.status_code == 302
def test_admin_requires_admin_role(self, auth_client):
"""GET /admin returns 403 for non-admin users."""
response = auth_client.get("/admin")
# tester user has role='user', should get 403
assert response.status_code == 403 or "detail" in response.json()
def test_admin_users_requires_admin(self, auth_client):
"""GET /admin/users returns 403 for non-admin users."""
response = auth_client.get("/admin/users")
assert response.status_code == 403
def test_admin_audit_requires_admin(self, auth_client):
"""GET /admin/audit returns 403 for non-admin users."""
response = auth_client.get("/admin/audit")
assert response.status_code == 403
def test_admin_ai_usage_requires_admin(self, auth_client):
"""GET /admin/ai-usage returns 403 for non-admin users."""
response = auth_client.get("/admin/ai-usage")
assert response.status_code == 403
Reference in a new issue View git blame Copy permalink