fix(tests): use admin_client for admin-protected endpoints

After adding require_admin to admin endpoints, tests using
unauthenticated client or auth_client got 401/403. Also fix mock user
ID to be a valid UUID (was "test-user-123", now a proper UUID4).

- Add admin_override and admin_client fixtures to conftest
- Update test_pokemon.py, test_games.py, test_genlocke_boss.py to use
  admin_client for write operations on admin endpoints

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

backend/tests/conftest.py

@@ -7,7 +7,7 @@ from httpx import ASGITransport, AsyncClient
 from sqlalchemy.ext.asyncio import async_sessionmaker, create_async_engine
 
 import app.models  # noqa: F401 — ensures all models register with Base.metadata
-from app.core.auth import AuthUser, get_current_user
+from app.core.auth import AuthUser, get_current_user, require_admin
 from app.core.database import Base, get_session
 from app.main import app
 
@@ -70,7 +70,11 @@ async def client(db_session):
 @pytest.fixture
 def mock_auth_user():
     """Return a mock authenticated user for tests."""
-    return AuthUser(id="test-user-123", email="test@example.com", role="authenticated")
+    return AuthUser(
+        id="00000000-0000-4000-a000-000000000001",
+        email="test@example.com",
+        role="authenticated",
+    )
 
 
 @pytest.fixture
@@ -94,11 +98,34 @@ async def auth_client(db_session, auth_override):
         yield ac
 
 
+@pytest.fixture
+def admin_override(mock_auth_user):
+    """Override require_admin and get_current_user to return a mock user."""
+
+    def _override():
+        return mock_auth_user
+
+    app.dependency_overrides[require_admin] = _override
+    app.dependency_overrides[get_current_user] = _override
+    yield
+    app.dependency_overrides.pop(require_admin, None)
+    app.dependency_overrides.pop(get_current_user, None)
+
+
+@pytest.fixture
+async def admin_client(db_session, admin_override):
+    """Async HTTP client with mocked admin authentication."""
+    async with AsyncClient(
+        transport=ASGITransport(app=app), base_url="http://test"
+    ) as ac:
+        yield ac
+
+
 @pytest.fixture
 def valid_token():
     """Generate a valid JWT token for testing."""
     payload = {
-        "sub": "test-user-123",
+        "sub": "00000000-0000-4000-a000-000000000001",
         "email": "test@example.com",
         "role": "authenticated",
         "aud": "authenticated",