Skip to content

test: cover admin role-based access control#1161

Open
bhavyajain0810 wants to merge 1 commit into
imDarshanGK:mainfrom
bhavyajain0810:feat/rbac-permissions-528
Open

test: cover admin role-based access control#1161
bhavyajain0810 wants to merge 1 commit into
imDarshanGK:mainfrom
bhavyajain0810:feat/rbac-permissions-528

Conversation

@bhavyajain0810

Copy link
Copy Markdown
Contributor

Description

This PR adds regression test coverage for the admin role-based access control flow.

It verifies that protected admin endpoints correctly enforce authentication and administrator permissions, and that role-management actions behave safely.

Covered scenarios include:

  • unauthenticated users receiving 401 on admin audit routes
  • authenticated non-admin users receiving 403 on admin-only routes
  • admins successfully updating a user's admin role
  • role updates being persisted in the database
  • role updates creating audit-log entries
  • audit logs being filterable by action
  • missing users returning 404
  • admins being blocked from deleting their own account

Related Issue

Fixes #528

Type of change

  • Bug fix
  • New feature / enhancement
  • Documentation update
  • Test addition
  • Refactor

Checklist

  • I have read [CONTRIBUTING.md](../CONTRIBUTING.md)
  • My branch is up to date with main
  • I have run pytest -v and all tests pass
  • I have not introduced duplicate issues or features
  • My PR title follows the format: feat/fix/docs/test: short description
  • I have added tests for new features (Level 2 and 3 issues)
  • No hardcoded secrets or API keys in my code
  • This PR is linked to a GSSoC 2026 issue

Screenshots (if frontend change)

Not applicable. This is a backend test/security coverage change.

Test evidence

pytest tests/test_auth_endpoints.py tests/test_rbac.py -q
15 passed, 115 warnings in 4.53s

pytest -q
441 passed, 115 warnings in 39.16s

pytest -v
441 passed, 115 warnings in 39.11s

@bhavyajain0810 bhavyajain0810 force-pushed the feat/rbac-permissions-528 branch from acbc173 to 3de13ae Compare June 30, 2026 12:58
@bhavyajain0810

Copy link
Copy Markdown
Contributor Author

Hi @imDarshanGK,

I have added regression coverage for the admin role-based access control flow linked to #528.

This PR covers:

  • unauthenticated access returning 401
  • non-admin users being blocked with 403
  • admin role updates
  • role update persistence in the database
  • audit-log creation and filtering
  • missing-user handling
  • self-delete protection for admins

All CI checks are passing, and I also verified locally with:

pytest tests/test_auth_endpoints.py tests/test_rbac.py -q
pytest -q
pytest -v

Could you please review when convenient?

Thank you!

@bhavyajain0810 bhavyajain0810 force-pushed the feat/rbac-permissions-528 branch from 3de13ae to 6bd88fd Compare June 30, 2026 21:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add user role management and permissions

1 participant