personal-ai-assistant/backend/tests/test_admin_users.py

import pytest
from httpx import AsyncClient


@pytest.fixture
async def user_headers(client: AsyncClient):
    resp = await client.post("/api/v1/auth/register", json={
        "email": "regularuser@example.com",
        "username": "regularuser",
        "password": "testpass123",
    })
    assert resp.status_code == 201
    return {"Authorization": f"Bearer {resp.json()['access_token']}"}


async def test_non_admin_cannot_list_users(client: AsyncClient, user_headers: dict):
    resp = await client.get("/api/v1/admin/users", headers=user_headers)
    assert resp.status_code == 403


async def test_non_admin_cannot_create_user(client: AsyncClient, user_headers: dict):
    resp = await client.post("/api/v1/admin/users", json={
        "email": "new@example.com",
        "username": "newuser",
        "password": "testpass123",
    }, headers=user_headers)
    assert resp.status_code == 403


async def test_non_admin_cannot_get_settings(client: AsyncClient, user_headers: dict):
    resp = await client.get("/api/v1/admin/settings", headers=user_headers)
    assert resp.status_code == 403