a5c0df6a9c
Tests every /api/v1/ endpoint (86 endpoints × 4 auth levels = 316 tests): - Unauthenticated requests → 401 on all endpoints - User role → 403 on admin-only endpoints - Viewer role → 403 on admin-only endpoints - Admin role → allowed on all endpoints - Cross-user isolation: users cannot access other users' profiles Uses Bearer API tokens (created directly in DB) to avoid Better Auth rate limiting during test execution. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
18 KiB
18 KiB