From 10e2b699740720f889801e26faf58e785c82e775 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Tue, 21 Apr 2026 21:41:35 +0200
Subject: [PATCH] fix(test): route SecurityFilterIT protected-endpoint check to
 env-scoped URL

The agent list moved from /api/v1/agents to /api/v1/environments/{envSlug}/agents;
the 'valid JWT returns 200' test was hitting the retired flat path and
getting 404. The other 'without JWT' cases still pass because Spring
Security rejects them at the filter chain before URL routing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .../com/cameleer/server/app/security/SecurityFilterIT.java     | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java b/cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java
index 61326aa9..4b1832b3 100644
--- a/cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java
+++ b/cameleer-server-app/src/test/java/com/cameleer/server/app/security/SecurityFilterIT.java
@@ -51,8 +51,9 @@ class SecurityFilterIT extends AbstractPostgresIT {
 
     @Test
     void protectedEndpoint_withValidJwt_returns200() {
+        // Agent list moved from flat /api/v1/agents to env-scoped path.
         ResponseEntity<String> response = restTemplate.exchange(
-                "/api/v1/agents",
+                "/api/v1/environments/default/agents",
                 HttpMethod.GET,
                 new HttpEntity<>(securityHelper.authHeadersNoBody(viewerJwt)),
                 String.class);