Version API endpoint

server/server_admin_test.go

@@ -1,6 +1,7 @@
 package server
 
 import (
+	"encoding/json"
 	"github.com/stretchr/testify/require"
 	"heckel.io/ntfy/v2/user"
 	"heckel.io/ntfy/v2/util"
@@ -9,6 +10,41 @@ import (
 	"time"
 )
 
+func TestVersion_Admin(t *testing.T) {
+	c := newTestConfigWithAuthFile(t)
+	c.BuildVersion = "1.2.3"
+	c.BuildCommit = "abcdef0"
+	c.BuildDate = "2026-02-08T00:00:00Z"
+	s := newTestServer(t, c)
+	defer s.closeDatabases()
+
+	// Create admin and regular user
+	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleAdmin, false))
+	require.Nil(t, s.userManager.AddUser("ben", "ben", user.RoleUser, false))
+
+	// Admin can access /v1/version
+	rr := request(t, s, "GET", "/v1/version", "", map[string]string{
+		"Authorization": util.BasicAuth("phil", "phil"),
+	})
+	require.Equal(t, 200, rr.Code)
+
+	var versionResponse apiVersionResponse
+	require.Nil(t, json.NewDecoder(rr.Body).Decode(&versionResponse))
+	require.Equal(t, "1.2.3", versionResponse.Version)
+	require.Equal(t, "abcdef0", versionResponse.Commit)
+	require.Equal(t, "2026-02-08T00:00:00Z", versionResponse.Date)
+
+	// Non-admin user cannot access /v1/version
+	rr = request(t, s, "GET", "/v1/version", "", map[string]string{
+		"Authorization": util.BasicAuth("ben", "ben"),
+	})
+	require.Equal(t, 401, rr.Code)
+
+	// Unauthenticated user cannot access /v1/version
+	rr = request(t, s, "GET", "/v1/version", "", nil)
+	require.Equal(t, 401, rr.Code)
+}
+
 func TestUser_AddRemove(t *testing.T) {
 	s := newTestServer(t, newTestConfigWithAuthFile(t))
 	defer s.closeDatabases()