first implementation

2025-12-20 11:12:11 +01:00 · 2025-12-20 11:12:11 +01:00 · 870804e7b9
commit 870804e7b9
parent 79458bcba4
24 changed files with 5485 additions and 184 deletions
--- a/backend/tests/test_permissions.py
+++ b/backend/tests/test_permissions.py
@ -305,11 +305,18 @@ class TestSecurityBypassAttempts:
        Test that new registrations cannot claim admin role.
        New users should only get 'regular' role by default.
        """
-        from tests.helpers import unique_email
+        from tests.helpers import unique_email, create_invite_for_registration
+        
+        async with client_factory.get_db_session() as db:
+            invite_code = await create_invite_for_registration(db, unique_email("gf"))
        
        response = await client_factory.post(
            "/api/auth/register",
-            json={"email": unique_email(), "password": "password123"},
+            json={
+                "email": unique_email(),
+                "password": "password123",
+                "invite_identifier": invite_code,
+            },
        )
        
        assert response.status_code == 200