93 lines
3 KiB
TypeScript
93 lines
3 KiB
TypeScript
import { expect, test } from '@playwright/test';
|
|
|
|
test.describe('Admin Auth Split', () => {
|
|
test('blocks external identities on internal management login', async ({ page }) => {
|
|
await page.route('**/api/gateway/users/auth/internal/login', async (route) => {
|
|
await route.fulfill({
|
|
status: 200,
|
|
contentType: 'application/json',
|
|
body: JSON.stringify({
|
|
success: true,
|
|
audience: 'public',
|
|
user: {
|
|
audience: 'public',
|
|
user_type: 'external_user',
|
|
},
|
|
}),
|
|
});
|
|
});
|
|
|
|
await page.goto('/login');
|
|
await expect(page.getByRole('heading', { name: 'Employee Login' })).toBeVisible();
|
|
await page.getByPlaceholder('Enter your email').fill('external.user@example.com');
|
|
await page.getByPlaceholder('Enter your password').fill('StrongPass123!');
|
|
await page.getByRole('button', { name: 'Sign in' }).click();
|
|
|
|
await expect(page.getByText('External users are not allowed on management login. Please use the external user login.')).toBeVisible();
|
|
await expect(page).toHaveURL(/\/login/);
|
|
});
|
|
|
|
test('allows internal identities and lands on admin shell', async ({ page }) => {
|
|
await page.route('**/api/gateway/users/auth/internal/login', async (route) => {
|
|
await route.fulfill({
|
|
status: 200,
|
|
contentType: 'application/json',
|
|
body: JSON.stringify({
|
|
success: true,
|
|
audience: 'admin',
|
|
user: {
|
|
audience: 'admin',
|
|
user_type: 'employee',
|
|
},
|
|
}),
|
|
});
|
|
});
|
|
|
|
await page.route('**/api/gateway/users/auth/me', async (route) => {
|
|
await route.fulfill({
|
|
status: 200,
|
|
contentType: 'application/json',
|
|
body: JSON.stringify({
|
|
id: 'admin-1',
|
|
audience: 'admin',
|
|
userType: 'employee',
|
|
role: { name: 'Super Admin' },
|
|
}),
|
|
});
|
|
});
|
|
|
|
await page.goto('/login');
|
|
await expect(page.getByRole('heading', { name: 'Employee Login' })).toBeVisible();
|
|
await page.getByPlaceholder('Enter your email').fill('admin@nxtgauge.com');
|
|
await page.getByPlaceholder('Enter your password').fill('StrongPass123!');
|
|
await page.getByRole('button', { name: 'Sign in' }).click();
|
|
|
|
await expect(page).toHaveURL(/\/admin/);
|
|
await expect(page.getByRole('heading', { name: 'Dashboard' })).toBeVisible();
|
|
});
|
|
|
|
test('redirects back to login if admin session resolves as external identity', async ({ page }) => {
|
|
await page.context().addCookies([
|
|
{
|
|
name: 'nxtgauge_admin_session',
|
|
value: 'internal_management',
|
|
domain: '127.0.0.1',
|
|
path: '/',
|
|
},
|
|
]);
|
|
|
|
await page.route('**/api/gateway/users/auth/me', async (route) => {
|
|
await route.fulfill({
|
|
status: 200,
|
|
contentType: 'application/json',
|
|
body: JSON.stringify({
|
|
audience: 'public',
|
|
user_type: 'external_user',
|
|
}),
|
|
});
|
|
});
|
|
|
|
await page.goto('/admin');
|
|
await expect(page).toHaveURL(/\/login\?from=%2Fadmin/);
|
|
});
|
|
});
|