| 449 | assert response.status_code == status.HTTP_404_NOT_FOUND |
| 450 | |
| 451 | async def test_superuser( |
| 452 | self, |
| 453 | test_app_client: tuple[httpx.AsyncClient, bool], |
| 454 | user: UserModel, |
| 455 | superuser: UserModel, |
| 456 | ): |
| 457 | client, requires_verification = test_app_client |
| 458 | response = await client.get( |
| 459 | f"/{user.id}", headers={"Authorization": f"Bearer {superuser.id}"} |
| 460 | ) |
| 461 | if requires_verification: |
| 462 | assert response.status_code == status.HTTP_403_FORBIDDEN |
| 463 | else: |
| 464 | assert response.status_code == status.HTTP_200_OK |
| 465 | |
| 466 | data = cast(dict[str, Any], response.json()) |
| 467 | assert data["id"] == str(user.id) |
| 468 | assert "hashed_password" not in data |
| 469 | |
| 470 | async def test_verified_superuser( |
| 471 | self, |