mirror of
https://github.com/screentinker/screentinker.git
synced 2026-06-18 20:22:42 -06:00
7674f6dc9f
Adds server/test/admin-users.test.js and a `npm test` (node --test) script. No DB_PATH override: the suite mounts the real routers against an isolated in-memory better-sqlite3 instance injected into the require cache, seeded by the test itself. Node v20 built-ins only (node:test, node:assert, fetch). Covers: Add User success (response omits password/hash, hash stored not plaintext, membership written, hosted lifecycle sentinels stamped, audit row without the password), duplicate-email 409 (no overwrite), non-admin 403, platform_operator denied (403), org_admin scoped to their own org only, input validation, and the must_change_password lifecycle (set on create, surfaced on login, cleared on PUT /api/auth/me). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| config | ||
| db | ||
| lib | ||
| middleware | ||
| player | ||
| routes | ||
| services | ||
| test | ||
| ws | ||
| .gitignore | ||
| config.js | ||
| package-lock.json | ||
| package.json | ||
| server.js | ||