aurak/test_admin_features.md

# Admin Feature Verification Test Cases

## 1. User Management Access Control
- [ ] Non-admin users should NOT see the "User Management" menu item
- [ ] Admin users should see the "User Management" menu item
- [ ] Non-admin users attempting to access user management should get a permission error
- [ ] Admin users should be able to access user management successfully

## 2. Admin User Password Modification
- [ ] Admin users should see a "Change Password" button for each user in the user list
- [ ] Clicking the button should open a password change modal
- [ ] Admin users should be able to submit new passwords for other users
- [ ] The password change should persist in the backend
- [ ] Non-admin users should not have access to this functionality

## 3. Knowledge Base Upload Restrictions
- [ ] Non-admin users should NOT see the "Upload File" button in Knowledge Base View
- [ ] Admin users should see the "Upload File" button in Knowledge Base View
- [ ] Non-admin users attempting to upload directly via API should get a permission error
- [ ] Admin users should be able to upload files successfully

## 4. Knowledge Group Upload Restrictions
- [ ] Non-admin users should NOT see the "Add File" or "Import Folder" buttons in Knowledge Group View
- [ ] Admin users should see the "Add File" and "Import Folder" buttons in Knowledge Group View
- [ ] Non-admin users attempting to upload via API should get a permission error
- [ ] Admin users should be able to upload files to knowledge groups successfully

## 5. Backend Security
- [ ] Upload endpoints (POST /upload and POST /upload/text) should require AdminGuard
- [ ] Import task endpoint (POST /import-tasks) should require AdminGuard
- [ ] User update endpoint (PUT /users/:id) should accept password changes from admins
- [ ] All existing functionality should remain operational for authorized users