marcel/familienarchiv
1
0
Fork 0
Code Issues 117 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
e63adb964d0f3fdc031978bc36f79e3658808d81
familienarchiv/backend/api_tests/Admin-Auth.http
Marcel e63adb964d restructure: flatten workspace nesting, move devcontainer to root 
- backend/workspaces/backend/ → backend/
- backend/workspaces/frontend/ → frontend/
- backend/.devcontainer/ + .vscode/ → repo root (where VS Code expects them)
- loose scripts/SQL files → scripts/
- replace nested git repo with single repo at project root
- update docker-compose.yml build context and devcontainer.json path
- add root .gitignore

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-15 11:47:58 +01:00

31 lines
1.1 KiB
HTTP
Raw Blame History

### 1. Einen "Gast" User erstellen (Muss vom Admin gemacht werden)
# Wir lassen groupIds leer -> Der User hat KEINE Rechte
POST http://localhost:8080/api/admin/users
Authorization: Basic admin admin123
Content-Type: application/json
{
"username": "Gast_User",
"email": "gast@test.de",
"initialPassword": "gast",
"groupIds": []
}
### 2. POSITIV-TEST: Admin darf Admin-Endpunkt aufrufen -> Sollte 200 OK sein
GET http://localhost:8080/api/admin/users
Authorization: Basic admin admin123
### 3. NEGATIV-TEST: Gast darf KEINEN Admin-Endpunkt aufrufen -> Sollte 403 Forbidden sein
GET http://localhost:8080/api/admin/users
Authorization: Basic Gast_User gast
### 4. ABER: Gast darf normale Dokumenten-API nutzen (sofern er eingeloggt ist) -> 200 OK
GET http://localhost:8080/api/documents/upload
Authorization: Basic Gast_User gast
# (Gibt 405 Method Not Allowed zurück, weil es ein POST Endpunkt ist,
# aber das beweist, dass Auth geklappt hat. Bei Auth-Fehler käme 401/403)
###Groups
#GET
GET http://localhost:8080/api/admin/tags
Authorization: Basic admin admin123
Reference in New Issue View Git Blame Copy Permalink