#!/usr/bin/env python3 import requests import json # Test app user menu access login_data = { 'username': 'app', 'password': '123456' } try: # Login as app user login_response = requests.post('http://localhost:8000/api/v1/auth/login', json=login_data) if login_response.status_code == 200: login_result = login_response.json() if login_result.get('code') == 0: token = login_result['data']['access_token'] print('āœ… App user login successful') # Get user menus headers = {'Authorization': f'Bearer {token}'} menus_response = requests.get('http://localhost:8000/api/v1/user/menus', headers=headers) if menus_response.status_code == 200: menus_result = menus_response.json() if menus_result.get('code') == 0: menus = menus_result['data'] print(f'āœ… App user has access to {len(menus)} menu items') # Check specifically for /admin/apps path has_admin_apps = False for menu in menus: if menu.get('menu_type') == 'menu': print(f'šŸ“ {menu["title"]} ({menu["name"]}) - Path: {menu.get("path", "N/A")}') if menu.get('path') == '/admin/apps': has_admin_apps = True print(' āœ… Found /admin/apps access!') if menu.get('children'): for child in menu['children']: if child.get('menu_type') == 'menu': print(f' šŸ“„ {child["title"]} ({child["name"]}) - Path: {child.get("path", "N/A")}') if child.get('path') == '/admin/apps': has_admin_apps = True print(' āœ… Found /admin/apps access!') if has_admin_apps: print('\nšŸŽ‰ App user has access to /admin/apps path!') else: print('\nāŒ App user does NOT have access to /admin/apps path!') else: print(f'āŒ Menus API error: {menus_result.get("message")}') else: print(f'āŒ Menus API HTTP error: {menus_response.status_code}') else: print(f'āŒ Login error: {login_result.get("message")}') else: print(f'āŒ Login HTTP error: {login_response.status_code}') except Exception as e: print(f'āŒ Request error: {e}')