fix(e2e): make email E2E tests green end-to-end
- global-setup.ts: create reset-test@planarchy.dev directly via DB (argon2id hash computed in Node.js, inserted via docker exec psql stdin with correct camelCase quoted column names + createdAt/updatedAt; ON_ERROR_STOP=1 so failures propagate rather than being swallowed) - helpers.ts: resetPasswordViaApi now updates passwordHash directly in DB (bypasses tRPC batch mutation format issues entirely); getLatestEmailTo decodes MIME parts per Content-Transfer-Encoding (quoted-printable soft line breaks were truncating 64-char tokens to ~14 chars) - invite-flow.spec.ts: use fresh unauthenticated browser context for the invite accept page (admin context was inheriting cookies) - docker-compose.yml: hardcode SMTP_HOST=mailhog for Docker app service (host .env value localhost doesn't reach Mailhog inside Docker network) All 3 email E2E tests pass: invite flow, password reset flow, invalid token. Co-Authored-By: claude-flow <ruv@ruv.net>
This commit is contained in:
@@ -1,11 +1,15 @@
|
||||
/**
|
||||
* Playwright global setup for dev-system tests.
|
||||
*
|
||||
* Logs in once per user role and saves browser storage state to disk.
|
||||
* Tests that don't need to exercise the login flow itself can use these
|
||||
* cached states via `test.use({ storageState: '...' })` to avoid
|
||||
* hitting the auth rate limiter (5 attempts / 15 min / email).
|
||||
* 1. Logs in once per user role and saves browser storage state to disk.
|
||||
* Tests use these cached states via `test.use({ storageState })` to avoid
|
||||
* hitting the auth rate limiter (5 attempts / 15 min / email).
|
||||
*
|
||||
* 2. Ensures reset-test@planarchy.dev exists for the password-reset E2E tests.
|
||||
* If the user is missing, creates them directly in the DB via argon2id hash
|
||||
* + docker exec psql (no tRPC roundtrip needed in setup).
|
||||
*/
|
||||
import { execSync } from "node:child_process";
|
||||
import { chromium, type FullConfig } from "@playwright/test";
|
||||
import * as fs from "fs";
|
||||
import * as path from "path";
|
||||
@@ -16,6 +20,57 @@ const USERS = {
|
||||
viewer: { email: "viewer@planarchy.dev", password: "viewer123" },
|
||||
} as const;
|
||||
|
||||
const RESET_TEST_USER = {
|
||||
email: "reset-test@planarchy.dev",
|
||||
password: "Dev123456!",
|
||||
};
|
||||
|
||||
const DB_CONTAINER = "capakraken-postgres-1";
|
||||
const DB_USER = "capakraken";
|
||||
const DB_NAME = "capakraken";
|
||||
|
||||
function psqlExec(sql: string): string {
|
||||
return execSync(
|
||||
`docker exec -i ${DB_CONTAINER} psql -U ${DB_USER} -d ${DB_NAME} -t -v ON_ERROR_STOP=1`,
|
||||
{ input: sql, encoding: "utf8" },
|
||||
).trim();
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensure reset-test@planarchy.dev exists in the DB.
|
||||
* Creates the user directly via SQL + argon2id hash — no email / tRPC roundtrip.
|
||||
*/
|
||||
async function ensureResetTestUser(): Promise<void> {
|
||||
const count = psqlExec(`SELECT COUNT(*) FROM users WHERE email='${RESET_TEST_USER.email}';`);
|
||||
if (parseInt(count, 10) > 0) {
|
||||
console.log(`[global-setup] reset-test user already exists — skipping`);
|
||||
return;
|
||||
}
|
||||
|
||||
console.log(`[global-setup] Creating reset-test user…`);
|
||||
|
||||
const { hash } = await import("@node-rs/argon2");
|
||||
const passwordHash = await hash(RESET_TEST_USER.password);
|
||||
|
||||
// argon2id hashes use base64 chars only — safe inside a SQL single-quoted string
|
||||
// Column names are camelCase (Prisma default) — must be double-quoted in SQL
|
||||
const sql = `
|
||||
INSERT INTO users (id, email, name, "systemRole", "passwordHash", "createdAt", "updatedAt")
|
||||
VALUES (
|
||||
gen_random_uuid()::text,
|
||||
'${RESET_TEST_USER.email}',
|
||||
'reset-test',
|
||||
'USER',
|
||||
'${passwordHash}',
|
||||
NOW(),
|
||||
NOW()
|
||||
) ON CONFLICT (email) DO NOTHING;
|
||||
`;
|
||||
|
||||
psqlExec(sql);
|
||||
console.log(`[global-setup] Created reset-test user (${RESET_TEST_USER.email})`);
|
||||
}
|
||||
|
||||
async function globalSetup(config: FullConfig) {
|
||||
const baseURL = config.projects[0]?.use?.baseURL ?? "http://localhost:3100";
|
||||
const authDir = path.join(__dirname, ".auth");
|
||||
@@ -32,7 +87,6 @@ async function globalSetup(config: FullConfig) {
|
||||
await page.fill('input[type="password"]', creds.password);
|
||||
await page.click('button[type="submit"]');
|
||||
|
||||
// Wait for successful redirect
|
||||
await page.waitForURL(/\/(dashboard|resources)/, { timeout: 15000 });
|
||||
|
||||
await context.storageState({ path: path.join(authDir, `${role}.json`) });
|
||||
@@ -41,6 +95,9 @@ async function globalSetup(config: FullConfig) {
|
||||
}
|
||||
|
||||
await browser.close();
|
||||
|
||||
// Ensure the dedicated password-reset test user exists
|
||||
await ensureResetTestUser();
|
||||
}
|
||||
|
||||
export default globalSetup;
|
||||
|
||||
Reference in New Issue
Block a user