- test "group admin is treated like non-admin for index" do
- check_index_condition_fails(:rominiadmin,
- filters: [["last_name", "=", "__nonexistent__"]])
+ test "non-admin user can limit index" do
+ g = act_as_system_user do
+ create :group
+ end
+ users = create_list :active_user, 4, join_groups: [g]
+ token = create :token, user: users[0]
+
+ [2, 4].each do |limit|
+ authorize_with_token token
+ get(:index, limit: limit)
+ check_non_admin_index
+ assert_equal(limit, json_response["items"].size,
+ "non-admin index limit was ineffective")
+ end