#!/usr/bin/env python3 """ Test script to verify admin image access functionality via API endpoints. This script tests the actual HTTP endpoints to ensure admin users can see all images. """ import requests import json import sys import os # Configuration BASE_URL = "http://localhost:8000" API_BASE = f"{BASE_URL}/api/v1" def test_api_endpoints(): """Test the admin functionality via API endpoints""" print("๐Ÿงช Testing Admin Image Access via API") print("=" * 50) # You'll need to replace these with actual API keys from your system # Get these by running: python scripts/get_test_api_key.py print("๐Ÿ“ To run this test, you need:") print("1. A running API server (python main.py)") print("2. Valid API keys for both admin and regular users") print("3. Update the API_KEYS section below with real keys") print() # Example API keys (replace with real ones) API_KEYS = { "admin": "your_admin_api_key_here", "regular": "your_regular_api_key_here" } if API_KEYS["admin"] == "your_admin_api_key_here": print("โŒ Please update the API_KEYS in this script with real API keys") print(" Run: python scripts/get_test_api_key.py") return # Test regular user access print("\n=== Testing Regular User API Access ===") headers_regular = {"X-API-Key": API_KEYS["regular"]} try: response = requests.get(f"{API_BASE}/images", headers=headers_regular) if response.status_code == 200: data = response.json() regular_count = data.get("total", 0) print(f"Regular user sees {regular_count} images") print(f"Images returned: {len(data.get('images', []))}") else: print(f"โŒ Regular user API call failed: {response.status_code}") print(response.text) return except Exception as e: print(f"โŒ Error calling regular user API: {e}") return # Test admin user access print("\n=== Testing Admin User API Access ===") headers_admin = {"X-API-Key": API_KEYS["admin"]} try: response = requests.get(f"{API_BASE}/images", headers=headers_admin) if response.status_code == 200: data = response.json() admin_count = data.get("total", 0) print(f"Admin user sees {admin_count} images") print(f"Images returned: {len(data.get('images', []))}") # Show teams represented in the results teams = set() for image in data.get('images', []): teams.add(image.get('team_id')) print(f"Images from {len(teams)} different teams") else: print(f"โŒ Admin user API call failed: {response.status_code}") print(response.text) return except Exception as e: print(f"โŒ Error calling admin user API: {e}") return # Compare results print(f"\n=== Summary ===") print(f"Regular user images: {regular_count}") print(f"Admin user images: {admin_count}") if admin_count >= regular_count: print("โœ… SUCCESS: Admin sees same or more images than regular user") if admin_count > regular_count: print("โœ… PERFECT: Admin sees more images (cross-team access working)") else: print("โ„น๏ธ NOTE: Admin and regular user see same count (might be same team or no other teams)") else: print("โŒ FAILURE: Admin should see at least as many images as regular user") def get_sample_api_keys(): """Helper function to show how to get API keys""" print("\n๐Ÿ“‹ How to get API keys for testing:") print("1. Make sure your API server is running:") print(" python main.py") print() print("2. Get a regular user API key:") print(" python scripts/get_test_api_key.py") print() print("3. Get an admin user API key:") print(" python scripts/create_admin.py") print(" # Then use the admin email to get their API key") print() print("4. Update the API_KEYS dictionary in this script") if __name__ == "__main__": if len(sys.argv) > 1 and sys.argv[1] == "--help": get_sample_api_keys() else: test_api_endpoints()