marcel/familienarchiv
1
0
Fork 0
Code Issues 126 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(admin): dedicated routes for user management (#37) #47

Merged
marcel merged 17 commits from feat/35-profile-page into main 2026-03-23 07:55:18 +01:00
Conversation 0 Commits 17 Files Changed 25 +31 -24
5 changed files with 31 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit c1e82a7edf - Show all commits

23
frontend/e2e/admin.spec.ts
View File

@@ -25,9 +25,9 @@ test.describe('Admin dashboard', () => {
await page.goto('/admin');
await page.waitForSelector('[data-hydrated]');
await expect(page.getByRole('button', { name: 'Benutzer' })).toBeVisible();
await expect(page.getByRole('button', { name: 'Gruppen' })).toBeVisible();
await expect(page.getByRole('button', { name: 'Schlagworte' })).toBeVisible();
await expect(page.getByRole('button', { name: 'Benutzer', exact: true })).toBeVisible();
await expect(page.getByRole('button', { name: 'Gruppen', exact: true })).toBeVisible();
await expect(page.getByRole('button', { name: 'Schlagworte', exact: true })).toBeVisible();
await page.screenshot({ path: 'test-results/e2e/admin-dashboard.png' });
});
});
@@ -40,7 +40,7 @@ test.describe('Admin — group management', () => {
await page.waitForSelector('[data-hydrated]');
// Switch to the Groups tab
await page.getByRole('button', { name: 'Gruppen' }).click();
await page.getByRole('button', { name: 'Gruppen', exact: true }).click();
await page.getByPlaceholder('Gruppenname (z.B. Editoren)').fill('E2E Leser');
@@ -176,10 +176,14 @@ test.describe('Admin — tag management', () => {
await page.goto('/admin');
await page.waitForSelector('[data-hydrated]');
await page.getByRole('button', { name: 'Schlagworte' }).click();
await page.getByRole('button', { name: 'Schlagworte', exact: true }).click();
// Wait for the tags list to render after the tab switch
await page.waitForSelector('ul > li');
// Hover over the "Familie" row to reveal the opacity-0 action buttons
const familieRow = page.locator('li').filter({ hasText: /^Familie$/ });
const familieRow = page
.locator('ul > li')
.filter({ has: page.locator('span', { hasText: /^Familie$/ }) });
await familieRow.hover();
await familieRow.getByRole('button', { name: 'Schlagwort bearbeiten' }).click();
@@ -195,9 +199,12 @@ test.describe('Admin — tag management', () => {
await page.goto('/admin');
await page.waitForSelector('[data-hydrated]');
await page.getByRole('button', { name: 'Schlagworte' }).click();
await page.getByRole('button', { name: 'Schlagworte', exact: true }).click();
await page.waitForSelector('ul > li');
const renamedRow = page.locator('li').filter({ hasText: /^Familie \(E2E\)$/ });
const renamedRow = page
.locator('ul > li')
.filter({ has: page.locator('span', { hasText: /^Familie \(E2E\)$/ }) });
await renamedRow.hover();
await renamedRow.getByRole('button', { name: 'Schlagwort bearbeiten' }).click();

10
frontend/e2e/auth.spec.ts
View File

@@ -49,11 +49,13 @@ test.describe('Authentication', () => {
});
test('login establishes a session that authenticates API calls', async ({ page }) => {
// Guards against regressions where the session cookie is set but broken
// a working URL redirect is not enough evidence that auth works end-to-end.
// Guards against regressions where the session cookie is set but broken.
// The profile page calls /api/users/me server-side — if auth works end-to-end,
// it loads without redirecting to /login.
await login(page);
const response = await page.request.get('/api/users/me');
expect(response.ok()).toBe(true);
await page.goto('/profile');
await expect(page).toHaveURL('/profile');
await expect(page.getByRole('heading', { name: /Mein Profil/i })).toBeVisible();
await page.screenshot({ path: 'test-results/e2e/auth-session-valid.png' });
});

2
frontend/e2e/documents.spec.ts
View File

@@ -89,7 +89,7 @@ test.describe('Document creation', () => {
await page.getByRole('button', { name: /Speichern/i }).click();
await expect(page).toHaveURL(/\/documents\/[^/]+$/);
await expect(page.getByText('E2E Testbrief')).toBeVisible();
await expect(page.getByRole('heading', { name: 'E2E Testbrief' })).toBeVisible();
await page.screenshot({ path: 'test-results/e2e/document-create.png' });
});
});

2
frontend/e2e/persons.spec.ts
View File

@@ -105,7 +105,7 @@ test.describe('Person creation', () => {
await page.getByRole('button', { name: /Erstellen/i }).click();
await expect(page).toHaveURL(/\/persons\/[^/]+$/);
await expect(page.getByText('E2E Testperson')).toBeVisible();
await expect(page.getByRole('heading', { name: 'E2E Testperson' })).toBeVisible();
await page.screenshot({ path: 'test-results/e2e/person-create.png' });
});
});

18
frontend/e2e/profile.spec.ts
View File

@@ -72,20 +72,19 @@ test.describe('Profile page', () => {
.getByRole('button', { name: /Speichern/i })
.click();
await expect(page.getByText('Passwort erfolgreich geändert.')).toBeVisible();
// ── Step 2: navigate away — server session is invalidated ───────────────
await page.goto('/');
// After the password changes, the auth_token cookie still carries the old
// credentials. use:enhance re-runs the page's load function, which calls
// the backend with the stale Basic Auth header → 401 → redirect to /login.
await expect(page).toHaveURL(/\/login/);
// ── Step 3: log in with the new password ───────────────────────────────
// ── Step 2: log in with the new password ───────────────────────────────
await page.getByLabel('Benutzername').fill('admin');
await page.getByLabel('Passwort').fill('TempAdmin456!');
await page.getByRole('button', { name: 'Anmelden' }).click();
await expect(page).toHaveURL('/');
await page.screenshot({ path: 'test-results/e2e/profile-password-changed.png' });
// ── Step 4: restore the original password so subsequent tests still work ─
// ── Step 3: restore the original password so subsequent tests still work ─
await page.goto('/profile');
await page.waitForSelector('[data-hydrated]');
await page.locator('input[name="currentPassword"]').fill('TempAdmin456!');
@@ -95,11 +94,10 @@ test.describe('Profile page', () => {
.locator('form[action*="changePassword"]')
.getByRole('button', { name: /Speichern/i })
.click();
await expect(page.getByText('Passwort erfolgreich geändert.')).toBeVisible();
// ── Step 5: log back in with the restored password ─────────────────────
await page.goto('/');
// Redirected to /login again after credential rotation
await expect(page).toHaveURL(/\/login/);
// ── Step 4: log back in with the restored password ─────────────────────
await page.getByLabel('Benutzername').fill('admin');
await page.getByLabel('Passwort').fill('admin123');
await page.getByRole('button', { name: 'Anmelden' }).click();