roof/pic - pic - Gitea: Git with a cup of tea

roof/pic

Fork 0

Commit Graph

Author	SHA1	Message	Date
roof	31a7951ffd	fix: 4 issues — admin password sudo, peer modal, WireGuard fetch creds, port check 1. make reset/show-admin-password: use sudo so data/api/ owned-by-root files are writable without explicit sudo prefix 2. Peers.jsx: remove one-time password modal on peer creation — admin already knows the password they typed; replace with a success toast showing peer name and provisioned accounts 3. WireGuard.jsx + Peers.jsx: add credentials:'include' to every raw fetch() call (7 calls across two files, plus fix one hardcoded localhost:3000 URL); the port check and peer status calls were returning 401 because they didn't send the session cookie 4. test_admin_wireguard.py: update test to match new toast flow (no modal), add Scenario 10 test that verifies the port check badge renders on the WireGuard page after the credentials fix Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-26 03:33:11 -04:00
roof	7d2979b8af	fix: integration and E2E test correctness after auth enforcement config_manager: make per-file copy errors non-fatal during restore (resolves test failures when /app/config/* is not writable by test runner) test_live_api.py: fix NameError (_req.Session not requests.Session) test_negative_scenarios.py: replace raw requests.* with authenticated _S.* (all endpoints now require auth; unauthenticated calls return 401) wg/conftest.py: fix wg_server_info — public key is at /api/wireguard/keys test_admin_navigation.py, test_peer_acl.py: add .first to ambiguous locators to avoid Playwright strict-mode errors when desktop+mobile nav both mount Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 18:14:38 -04:00
roof	0d32038150	feat: add comprehensive E2E test suite (Playwright + WireGuard + API) Adds tests/e2e/ with three layers of E2E coverage: - API layer (tests/e2e/api/): unauthenticated access, admin endpoints, peer endpoints, access control enforcement — 24 tests - Playwright UI (tests/e2e/ui/): login flows, admin navigation, peer dashboard/services, role-based ACL, password change — 60+ tests - WireGuard connectivity (tests/e2e/wg/): tunnel up/down, DNS resolution through VPN, service ACL enforcement via iptables, full-tunnel routing Shared helpers: PicAPIClient, WGInterface, playwright_login, cleanup. Makefile targets: test-e2e-api, test-e2e-ui, test-e2e-wg, test-e2e. Adds scripts/reset_admin_password.py for test bootstrap. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 16:41:13 -04:00

Author

SHA1

Message

Date

roof

31a7951ffd

fix: 4 issues — admin password sudo, peer modal, WireGuard fetch creds, port check

1. make reset/show-admin-password: use sudo so data/api/ owned-by-root
   files are writable without explicit sudo prefix

2. Peers.jsx: remove one-time password modal on peer creation — admin
   already knows the password they typed; replace with a success toast
   showing peer name and provisioned accounts

3. WireGuard.jsx + Peers.jsx: add credentials:'include' to every raw
   fetch() call (7 calls across two files, plus fix one hardcoded
   localhost:3000 URL); the port check and peer status calls were
   returning 401 because they didn't send the session cookie

4. test_admin_wireguard.py: update test to match new toast flow (no modal),
   add Scenario 10 test that verifies the port check badge renders on the
   WireGuard page after the credentials fix

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-26 03:33:11 -04:00

roof

7d2979b8af

fix: integration and E2E test correctness after auth enforcement

config_manager: make per-file copy errors non-fatal during restore
  (resolves test failures when /app/config/* is not writable by test runner)
test_live_api.py: fix NameError (_req.Session not requests.Session)
test_negative_scenarios.py: replace raw requests.* with authenticated _S.*
  (all endpoints now require auth; unauthenticated calls return 401)
wg/conftest.py: fix wg_server_info — public key is at /api/wireguard/keys
test_admin_navigation.py, test_peer_acl.py: add .first to ambiguous locators
  to avoid Playwright strict-mode errors when desktop+mobile nav both mount

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-25 18:14:38 -04:00

roof

0d32038150

feat: add comprehensive E2E test suite (Playwright + WireGuard + API)

Adds tests/e2e/ with three layers of E2E coverage:
- API layer (tests/e2e/api/): unauthenticated access, admin endpoints,
  peer endpoints, access control enforcement — 24 tests
- Playwright UI (tests/e2e/ui/): login flows, admin navigation, peer
  dashboard/services, role-based ACL, password change — 60+ tests
- WireGuard connectivity (tests/e2e/wg/): tunnel up/down, DNS resolution
  through VPN, service ACL enforcement via iptables, full-tunnel routing
Shared helpers: PicAPIClient, WGInterface, playwright_login, cleanup.
Makefile targets: test-e2e-api, test-e2e-ui, test-e2e-wg, test-e2e.
Adds scripts/reset_admin_password.py for test bootstrap.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-25 16:41:13 -04:00

3 Commits