xTr1m/GameList
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement admin back-pass flow and guarded admin actions

Browse Source
This commit is contained in:
Frank Tovar
2026-02-08 14:20:38 +01:00
parent 4ee327fb4e
commit 5595bfd3b1
25 changed files with 572 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
GameList.Tests/StateTests.cs
View File

@@ -224,6 +224,32 @@ public class StateTests
Assert.Equal(nameof(Phase.Suggest), me.GetProperty("currentPhase").GetString());
}
[Fact]
public async Task Phase_prev_with_granted_joker_moves_player_back_once_and_consumes_it()
{
await using var factory = new TestWebApplicationFactory();
var admin = factory.CreateClientWithCookies();
await admin.RegisterAsync("admin", admin: true);
var player = factory.CreateClientWithCookies();
await player.RegisterAsync("jokerback");
await player.AdvanceToVoteAsync("Joker back seed");
var grant = await admin.PostAsJsonAsync("/api/admin/joker", new { playerId = await player.GetProfileIdAsync() });
grant.EnsureSuccessStatusCode();
var back = await player.PostAsJsonAsync("/api/me/phase/prev", new { });
back.EnsureSuccessStatusCode();
var meAfterBack = await player.GetFromJsonAsync<JsonElement>("/api/me");
Assert.Equal(nameof(Phase.Suggest), meAfterBack.GetProperty("currentPhase").GetString());
Assert.False(meAfterBack.GetProperty("hasJoker").GetBoolean());
await player.PostAsJsonAsync("/api/me/phase/next", new { });
var denied = await player.PostAsJsonAsync("/api/me/phase/prev", new { });
Assert.Equal(HttpStatusCode.BadRequest, denied.StatusCode);
}
[Fact]
public async Task State_endpoint_requires_auth_and_counts()
{