""" LinkSyncServer - Admin API Tests """ import uuid import pytest from fastapi.testclient import TestClient class TestAdmin: def test_list_users(self, client: TestClient, admin_token: str): response = client.get( "/api/admin/users", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 assert isinstance(response.json(), list) def test_create_user(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] response = client.post( "/api/admin/users", json={ "username": f"admin_created_{unique}", "email": f"admin_{unique}@example.com", "password": "testpass123", "role": "user", "is_active": True, }, headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 201 data = response.json() assert data["username"] == f"admin_created_{unique}" def test_create_admin_user(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] response = client.post( "/api/admin/users", json={ "username": f"admin_user_{unique}", "email": f"adminuser_{unique}@example.com", "password": "testpass123", "role": "admin", "is_active": True, }, headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 201 assert response.json()["role"] == "admin" def test_create_user_duplicate(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] client.post( "/api/admin/users", json={ "username": f"dup_admin_{unique}", "email": f"dupadmin_{unique}@example.com", "password": "testpass123", }, headers={"Authorization": f"Bearer {admin_token}"}, ) response = client.post( "/api/admin/users", json={ "username": f"dup_admin_{unique}", "email": f"dupadmin2_{unique}@example.com", "password": "testpass123", }, headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 400 def test_get_user(self, client: TestClient, admin_token: str): users = client.get("/api/admin/users", headers={"Authorization": f"Bearer {admin_token}"}).json() if users: user_id = users[0]["id"] response = client.get( f"/api/admin/users/{user_id}", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 assert "username" in response.json() def test_get_user_not_found(self, client: TestClient, admin_token: str): response = client.get( "/api/admin/users/00000000-0000-0000-0000-000000000000", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 404 def test_update_user(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] create_resp = client.post( "/api/admin/users", json={ "username": f"update_user_{unique}", "email": f"update_{unique}@example.com", "password": "testpass123", "role": "user", }, headers={"Authorization": f"Bearer {admin_token}"}, ) user_id = create_resp.json()["id"] response = client.put( f"/api/admin/users/{user_id}", json={"email": f"updated_{unique}@example.com"}, headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 assert response.json()["email"] == f"updated_{unique}@example.com" def test_update_user_role(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] create_resp = client.post( "/api/admin/users", json={ "username": f"role_user_{unique}", "email": f"role_{unique}@example.com", "password": "testpass123", "role": "user", }, headers={"Authorization": f"Bearer {admin_token}"}, ) user_id = create_resp.json()["id"] response = client.put( f"/api/admin/users/{user_id}", json={"role": "admin"}, headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 assert response.json()["role"] == "admin" def test_deactivate_user(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] create_resp = client.post( "/api/admin/users", json={ "username": f"deact_user_{unique}", "email": f"deact_{unique}@example.com", "password": "testpass123", }, headers={"Authorization": f"Bearer {admin_token}"}, ) user_id = create_resp.json()["id"] response = client.put( f"/api/admin/users/{user_id}", json={"is_active": False}, headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 assert response.json()["is_active"] is False def test_delete_user(self, client: TestClient, admin_token: str): unique = str(uuid.uuid4())[:8] create_resp = client.post( "/api/admin/users", json={ "username": f"del_user_{unique}", "email": f"del_{unique}@example.com", "password": "testpass123", }, headers={"Authorization": f"Bearer {admin_token}"}, ) user_id = create_resp.json()["id"] response = client.delete( f"/api/admin/users/{user_id}", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 def test_delete_self_not_allowed(self, client: TestClient, admin_token: str): users = client.get("/api/admin/users", headers={"Authorization": f"Bearer {admin_token}"}).json() admin_user = next((u for u in users if u["username"] == "admin"), None) if admin_user: response = client.delete( f"/api/admin/users/{admin_user['id']}", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 400 def test_stats(self, client: TestClient, admin_token: str): response = client.get( "/api/admin/stats", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 data = response.json() assert "total_users" in data assert "total_bookmarks" in data def test_audit_log(self, client: TestClient, admin_token: str): response = client.get( "/api/admin/audit", headers={"Authorization": f"Bearer {admin_token}"}, ) assert response.status_code == 200 assert isinstance(response.json(), list) def test_admin_required_for_user_list(self, client: TestClient): unique = str(uuid.uuid4())[:8] client.post( "/api/auth/register", json={ "username": f"regular_{unique}", "email": f"regular_{unique}@example.com", "password": "testpass123", }, ) resp = client.post( "/api/auth/login", data={"username": f"regular_{unique}", "password": "testpass123"}, ) token = resp.json()["access_token"] response = client.get( "/api/admin/users", headers={"Authorization": f"Bearer {token}"}, ) assert response.status_code == 403 def test_unauthenticated_admin_access(self, client: TestClient): response = client.get("/api/admin/users") assert response.status_code == 401