torrent-gateway/test/e2e/admin_operations_test.sh

#!/bin/bash

# E2E Test: Admin Operations
# Tests admin authentication, user management, and content moderation

set -e

BASE_URL="http://localhost:9876"
ADMIN_BASE="$BASE_URL/api/admin"

echo "=== Admin Operations E2E Test ==="

# Test 1: Admin stats without authentication
echo "Testing admin stats without authentication..."
UNAUTH_RESPONSE=$(curl -s -w "%{http_code}" "$ADMIN_BASE/stats")
HTTP_CODE="${UNAUTH_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Expected 401 Unauthorized but got $HTTP_CODE"
    exit 1
fi
echo "✅ Admin endpoints properly protected"

# Test 2: Test admin users endpoint
echo "Testing admin users endpoint..."
USERS_RESPONSE=$(curl -s -w "%{http_code}" "$ADMIN_BASE/users")
HTTP_CODE="${USERS_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Admin users endpoint should return 401 without auth"
    exit 1
fi
echo "✅ Admin users endpoint protected"

# Test 3: Test admin files endpoint
echo "Testing admin files endpoint..."
FILES_RESPONSE=$(curl -s -w "%{http_code}" "$ADMIN_BASE/files")
HTTP_CODE="${FILES_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Admin files endpoint should return 401 without auth"
    exit 1
fi
echo "✅ Admin files endpoint protected"

# Test 4: Test ban user endpoint
echo "Testing ban user endpoint..."
BAN_RESPONSE=$(curl -s -w "%{http_code}" -X POST \
    -H "Content-Type: application/json" \
    -d '{"reason": "test ban"}' \
    "$ADMIN_BASE/users/test_pubkey/ban")
HTTP_CODE="${BAN_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Ban user endpoint should return 401 without auth"
    exit 1
fi
echo "✅ Ban user endpoint protected"

# Test 5: Test cleanup endpoint
echo "Testing cleanup endpoint..."
CLEANUP_RESPONSE=$(curl -s -w "%{http_code}" -X POST "$ADMIN_BASE/cleanup")
HTTP_CODE="${CLEANUP_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Cleanup endpoint should return 401 without auth"
    exit 1
fi
echo "✅ Cleanup endpoint protected"

# Test 6: Test reports endpoint
echo "Testing reports endpoint..."
REPORTS_RESPONSE=$(curl -s -w "%{http_code}" "$ADMIN_BASE/reports")
HTTP_CODE="${REPORTS_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Reports endpoint should return 401 without auth"
    exit 1
fi
echo "✅ Reports endpoint protected"

# Test 7: Test logs endpoint
echo "Testing logs endpoint..."
LOGS_RESPONSE=$(curl -s -w "%{http_code}" "$ADMIN_BASE/logs")
HTTP_CODE="${LOGS_RESPONSE: -3}"

if [ "$HTTP_CODE" != "401" ]; then
    echo "❌ Logs endpoint should return 401 without auth"
    exit 1
fi
echo "✅ Logs endpoint protected"

# Test 8: Test admin page accessibility
echo "Testing admin page accessibility..."
ADMIN_PAGE_RESPONSE=$(curl -s -w "%{http_code}" "$BASE_URL/admin")
HTTP_CODE="${ADMIN_PAGE_RESPONSE: -3}"

if [ "$HTTP_CODE" != "200" ]; then
    echo "❌ Admin page should be accessible, got $HTTP_CODE"
    exit 1
fi
echo "✅ Admin page accessible"

# Test 9: Verify admin functionality is properly configured
echo "Checking admin configuration..."
# Check if admin is enabled in the running service by looking at stats
STATS_RESPONSE=$(curl -s "$BASE_URL/api/stats")
if [ -z "$STATS_RESPONSE" ]; then
    echo "❌ Could not get system stats"
    exit 1
fi
echo "✅ Admin configuration appears functional"

echo ""
echo "🎉 All admin operations tests passed!"
echo "✅ All admin endpoints properly protected"
echo "✅ Admin page accessible"
echo "✅ Admin authentication system functional"
echo "✅ Content moderation endpoints secured"

echo ""
echo "📝 Notes:"
echo "   - These tests verify admin endpoints are protected"
echo "   - Full admin functionality requires valid Nostr admin authentication"
echo "   - To test with actual admin auth, use the admin interface with configured pubkey"