marcel/familienarchiv
1
0
Fork 0
Code Issues 109 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

feat(audit): track user management events in audit log (#336) #337

Merged
marcel merged 14 commits from feat/issue-336-audit-user-management into main 2026-04-26 19:42:00 +02:00
Conversation 15 Commits 14 Files Changed 10 +24
1 changed files with 24 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit ce41e96a45 - Show all commits

24
backend/src/test/java/org/raddatz/familienarchiv/controller/UserControllerTest.java
View File

@@ -133,4 +133,28 @@ class UserControllerTest {
mockMvc.perform(delete("/api/users/" + UUID.randomUUID())) mockMvc.perform(delete("/api/users/" + UUID.randomUUID()))
.andExpect(status().isForbidden()); .andExpect(status().isForbidden());
} }
// ─── unauthenticated access ───────────────────────────────────────────────
@Test
void createUser_returns401_whenUnauthenticated() throws Exception {
mockMvc.perform(post("/api/users")
.contentType(org.springframework.http.MediaType.APPLICATION_JSON)
.content("{\"email\":\"x@x.com\",\"initialPassword\":\"secret123\"}"))
.andExpect(status().isUnauthorized());
}
@Test
void adminUpdateUser_returns401_whenUnauthenticated() throws Exception {
mockMvc.perform(put("/api/users/" + UUID.randomUUID())
.contentType(org.springframework.http.MediaType.APPLICATION_JSON)
.content("{}"))
.andExpect(status().isUnauthorized());
}
@Test
void deleteUser_returns401_whenUnauthenticated() throws Exception {
mockMvc.perform(delete("/api/users/" + UUID.randomUUID()))
.andExpect(status().isUnauthorized());
}
} }