| import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'; |
| import { apiClient, clearAdminApiKey, getAdminApiKey, setAdminApiKey } from './client'; |
|
|
| describe('api client admin key handling', () => { |
| const fetchMock = vi.fn(); |
|
|
| beforeEach(() => { |
| clearAdminApiKey(); |
| fetchMock.mockReset(); |
| fetchMock.mockResolvedValue({ |
| ok: true, |
| json: async () => ({ ok: true }), |
| }); |
| vi.stubGlobal('fetch', fetchMock); |
| }); |
|
|
| afterEach(() => { |
| clearAdminApiKey(); |
| vi.unstubAllGlobals(); |
| }); |
|
|
| it('attaches the in-memory admin key to admin requests only', async () => { |
| setAdminApiKey(' test-admin-key '); |
|
|
| await apiClient.post('/admin/review-queue'); |
|
|
| expect(getAdminApiKey()).toBe('test-admin-key'); |
| expect(fetchMock).toHaveBeenCalledTimes(1); |
| const [url, init] = fetchMock.mock.calls[0]; |
| expect(url).toContain('/api/pots-shutdown/admin/review-queue'); |
| expect(init?.headers).toMatchObject({ |
| 'Content-Type': 'application/json', |
| 'X-Admin-Key': 'test-admin-key', |
| }); |
| }); |
|
|
| it('does not attach the admin key to public requests', async () => { |
| setAdminApiKey('test-admin-key'); |
|
|
| await apiClient.get('/search'); |
|
|
| expect(fetchMock).toHaveBeenCalledTimes(1); |
| const [, init] = fetchMock.mock.calls[0]; |
| expect(init?.headers).toMatchObject({ |
| 'Content-Type': 'application/json', |
| }); |
| expect(init?.headers).not.toHaveProperty('X-Admin-Key'); |
| }); |
| }); |
|
|
