From d1865f923df6845fb835e10a3d1b275ada6d63cb Mon Sep 17 00:00:00 2001 From: Justin Visser Date: Sat, 7 Mar 2026 15:45:41 +0100 Subject: [PATCH] fix(test): update pdf-queue test for non-admin access The pdf-queue listing endpoint now uses get_api_current_user, not get_api_admin_user. Update test to expect 200 instead of 403. --- tests/integration/test_api_admin.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/integration/test_api_admin.py b/tests/integration/test_api_admin.py index fb63f34..f80a8e3 100644 --- a/tests/integration/test_api_admin.py +++ b/tests/integration/test_api_admin.py @@ -340,10 +340,11 @@ async def test_api_admin_dbops_forbidden_for_non_admin_and_validates_scope(db_se assert forbidden_integrity.status_code == 403 assert forbidden_integrity.json()["error"]["code"] == "forbidden" - forbidden_pdf_queue = client.get("/api/v1/admin/db/pdf-queue") - assert forbidden_pdf_queue.status_code == 403 - assert forbidden_pdf_queue.json()["error"]["code"] == "forbidden" + # PDF queue listing is accessible to all authenticated users (not admin-only). + allowed_pdf_queue = client.get("/api/v1/admin/db/pdf-queue") + assert allowed_pdf_queue.status_code == 200 + # But requeue actions still require admin. forbidden_requeue = client.post( "/api/v1/admin/db/pdf-queue/1/requeue", headers=headers,