UltiSuite/ultisuite-backend
UltiSuite/ultisuite-backend
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
951c88b1ca
ultisuite-backend/internal/integrationtest/auth/first_admin_test.go
R3D347HR4Y f67c109f2f Admin interface
2026-06-07 21:55:22 +02:00

67 lines
2.0 KiB
Go
Raw Blame History

//go:build integration
package auth_test
import (
"context"
"testing"
"github.com/ultisuite/ulti-backend/internal/integrationtest"
"github.com/ultisuite/ulti-backend/internal/users"
)
func TestPlatformAdminAccessAfterGrant(t *testing.T) {
h := integrationtest.RequireHarness(t)
externalID := integrationtest.NewExternalID("plat-admin")
claims := integrationtest.RegularUser(externalID)
if _, err := users.EnsureUser(context.Background(), h.Pool, claims); err != nil {
t.Fatalf("ensure user: %v", err)
}
if err := users.GrantPlatformAdmin(context.Background(), h.Pool, externalID); err != nil {
t.Fatalf("grant platform admin: %v", err)
}
client, err := h.Client(claims)
integrationtest.FailIf(err, t, "client")
meResp, err := client.Get("/api/v1/users/me")
integrationtest.FailIf(err, t, "GET /users/me")
integrationtest.FailUnlessStatus(t, meResp, 200)
var me map[string]any
integrationtest.DecodeJSON(t, meResp, &me)
if me["platform_admin"] != true {
t.Fatalf("platform_admin = %v, want true", me["platform_admin"])
}
statsResp, err := client.Get("/api/v1/admin/stats")
integrationtest.FailIf(err, t, "GET /admin/stats")
integrationtest.FailUnlessStatus(t, statsResp, 200)
}
func TestFirstProvisionedUserBecomesPlatformAdmin(t *testing.T) {
h := integrationtest.RequireHarness(t)
var count int64
if err := h.Pool.QueryRow(context.Background(), `SELECT COUNT(*) FROM users`).Scan(&count); err != nil {
t.Fatalf("count users: %v", err)
}
if count > 0 {
t.Skip("database already has users; first-user bootstrap not testable here")
}
externalID := integrationtest.NewExternalID("bootstrap-admin")
claims := integrationtest.RegularUser(externalID)
client, err := h.Client(claims)
integrationtest.FailIf(err, t, "client")
meResp, err := client.Get("/api/v1/users/me")
integrationtest.FailIf(err, t, "GET /users/me")
integrationtest.FailUnlessStatus(t, meResp, 200)
var me map[string]any
integrationtest.DecodeJSON(t, meResp, &me)
if me["platform_admin"] != true {
t.Fatalf("platform_admin = %v, want true", me["platform_admin"])
}
}
Reference in New Issue View Git Blame Copy Permalink