fc16581b04
Add minimal auth checks ensuring 401 Authentication required is returned when unauthenticated for POST/DELETE/GET on shares and POST on admin/set-admin-role. Matches existing test style.
15 lines
535 B
JavaScript
15 lines
535 B
JavaScript
const request = require('supertest');
|
|
const app = require('../../app');
|
|
|
|
describe('Admin Routes - Authentication', () => {
|
|
describe('POST /api/admin/set-admin-role', () => {
|
|
it('should require authentication', async () => {
|
|
const response = await request(app)
|
|
.post('/api/admin/set-admin-role')
|
|
.send({ user_id: 1, is_admin: true });
|
|
|
|
expect(response.status).toBe(401);
|
|
expect(response.body.error).toBe('Authentication required');
|
|
});
|
|
});
|
|
});
|