fix(test): update pdf-queue test for non-admin access
The pdf-queue listing endpoint now uses get_api_current_user, not get_api_admin_user. Update test to expect 200 instead of 403.
This commit is contained in:
parent
151e0774d8
commit
d1865f923d
1 changed files with 4 additions and 3 deletions
|
|
@ -340,10 +340,11 @@ async def test_api_admin_dbops_forbidden_for_non_admin_and_validates_scope(db_se
|
||||||
assert forbidden_integrity.status_code == 403
|
assert forbidden_integrity.status_code == 403
|
||||||
assert forbidden_integrity.json()["error"]["code"] == "forbidden"
|
assert forbidden_integrity.json()["error"]["code"] == "forbidden"
|
||||||
|
|
||||||
forbidden_pdf_queue = client.get("/api/v1/admin/db/pdf-queue")
|
# PDF queue listing is accessible to all authenticated users (not admin-only).
|
||||||
assert forbidden_pdf_queue.status_code == 403
|
allowed_pdf_queue = client.get("/api/v1/admin/db/pdf-queue")
|
||||||
assert forbidden_pdf_queue.json()["error"]["code"] == "forbidden"
|
assert allowed_pdf_queue.status_code == 200
|
||||||
|
|
||||||
|
# But requeue actions still require admin.
|
||||||
forbidden_requeue = client.post(
|
forbidden_requeue = client.post(
|
||||||
"/api/v1/admin/db/pdf-queue/1/requeue",
|
"/api/v1/admin/db/pdf-queue/1/requeue",
|
||||||
headers=headers,
|
headers=headers,
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue