diff --git a/Lactose/WepApiTest.http b/Lactose/WepApiTest.http index 0280b0b..9f7b20f 100644 --- a/Lactose/WepApiTest.http +++ b/Lactose/WepApiTest.http @@ -1119,13 +1119,20 @@ Authorization: Bearer {{admin_token}} client.assert(response.status === 200) }); client.test("Admin sees original fileName", function () { - client.assert(jsonPath(response.body, "$.fileName") != null) + client.assert(response.body.fileName != null) }); - client.test("Admin sees uploader email", function () { - client.assert(jsonPath(response.body, "$.uploadedBy.email") != null) + client.test("Admin sees uploader email (or placeholder if server-scanned)", function () { + // uploadedBy is always present (real user or "deleted" placeholder). + // If it's a real uploader (non-empty GUID), email must be visible. + // If server-scanned (Guid.Empty placeholder), email can be null. + var uploader = response.body.uploadedBy; + client.assert(uploader != null, "uploadedBy field must be present"); + if (uploader.id !== "00000000-0000-0000-0000-000000000000") { + client.assert(uploader.email != null, "real uploader email should be visible to admin") + } }); client.test("Admin sees asset visibility", function () { - client.assert(jsonPath(response.body, "$.visibility") != null) + client.assert(response.body.visibility != null) }); } else { client.test("No assets in database — skipping asset visibility tests", function () {