Lock admin role permissions on server and client

2026-02-27 19:36:09 -05:00
parent 240d2ecfe8
commit 37419a5592
4 changed files with 17 additions and 1 deletions
--- a/server/tests/test_auth_service.py
+++ b/server/tests/test_auth_service.py
@@ -78,3 +78,12 @@ def test_delete_role_rejects_admin_and_user(tmp_path: Path) -> None:
            service.delete_role("user", "editor")
    finally:
        service.close()
+
+
+def test_update_role_permissions_rejects_admin(tmp_path: Path) -> None:
+    service = make_auth_service(tmp_path)
+    try:
+        with pytest.raises(AuthError):
+            service.update_role_permissions("admin", ["chat.send"])
+    finally:
+        service.close()