//! Integration tests for `aura_cli::privdrop::drop_to_user`.
//!
//! These tests run unprivileged (the developer or CI is not root), so `drop_to_user` MUST take
//! the "already non-root, skip" fast path and return Ok. Actually exercising the syscalls
//! requires running the binary under sudo, which is out of scope for a unit test.

use aura_cli::privdrop::drop_to_user;

/// On a non-root host the call is a no-op: it logs a "skipped" line and returns Ok regardless of
/// whether the requested user actually exists (we never reach the lookup path).
#[test]
fn drop_to_user_is_noop_when_not_root() {
    let res = drop_to_user("nobody");
    assert!(
        res.is_ok(),
        "drop_to_user must be a no-op on a non-root host, got {res:?}"
    );
}

/// A non-existent user is still tolerated when not root (because we never reach the lookup at
/// all). This guarantees the dev/CI flow never blows up on a misconfigured `[server] run_as`.
#[test]
fn drop_to_user_does_not_lookup_user_when_not_root() {
    let res = drop_to_user("this-user-definitely-does-not-exist-aura-12345");
    assert!(res.is_ok(), "no lookup happens on a non-root host: {res:?}");
}