roof/pic - pic - Gitea: Git with a cup of tea

roof/pic

Fork 0

Commit Graph

Author	SHA1	Message	Date
roof	420dced9ff	fix: WireGuard peer sync, privileged mode, E2E and integration test correctness - api/app.py: sync WireGuard server config on peer add/remove (non-fatal) - docker-compose.yml: add privileged:true to wireguard service - E2E tests: fix logout selector, DNS IP lookup, wg config DNS line, VIP skip guards, badge text selectors, heading .first, async logout wait - Integration tests: fix 4 tests that sent unauthenticated requests expecting 400 (now use authenticated session helpers); accept 401 as valid in webui proxy test; add password field to service_access validation test - Remove stale tracked config templates (config/api/api/*, config/api/cell.env, etc.) that no longer exist on disk after config layout was reorganised Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-26 06:04:40 -04:00
roof	7d2979b8af	fix: integration and E2E test correctness after auth enforcement config_manager: make per-file copy errors non-fatal during restore (resolves test failures when /app/config/* is not writable by test runner) test_live_api.py: fix NameError (_req.Session not requests.Session) test_negative_scenarios.py: replace raw requests.* with authenticated _S.* (all endpoints now require auth; unauthenticated calls return 401) wg/conftest.py: fix wg_server_info — public key is at /api/wireguard/keys test_admin_navigation.py, test_peer_acl.py: add .first to ambiguous locators to avoid Playwright strict-mode errors when desktop+mobile nav both mount Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 18:14:38 -04:00
roof	0d32038150	feat: add comprehensive E2E test suite (Playwright + WireGuard + API) Adds tests/e2e/ with three layers of E2E coverage: - API layer (tests/e2e/api/): unauthenticated access, admin endpoints, peer endpoints, access control enforcement — 24 tests - Playwright UI (tests/e2e/ui/): login flows, admin navigation, peer dashboard/services, role-based ACL, password change — 60+ tests - WireGuard connectivity (tests/e2e/wg/): tunnel up/down, DNS resolution through VPN, service ACL enforcement via iptables, full-tunnel routing Shared helpers: PicAPIClient, WGInterface, playwright_login, cleanup. Makefile targets: test-e2e-api, test-e2e-ui, test-e2e-wg, test-e2e. Adds scripts/reset_admin_password.py for test bootstrap. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-25 16:41:13 -04:00

Author

SHA1

Message

Date

roof

420dced9ff

fix: WireGuard peer sync, privileged mode, E2E and integration test correctness

- api/app.py: sync WireGuard server config on peer add/remove (non-fatal)
- docker-compose.yml: add privileged:true to wireguard service
- E2E tests: fix logout selector, DNS IP lookup, wg config DNS line, VIP skip guards,
  badge text selectors, heading .first, async logout wait
- Integration tests: fix 4 tests that sent unauthenticated requests expecting 400
  (now use authenticated session helpers); accept 401 as valid in webui proxy test;
  add password field to service_access validation test
- Remove stale tracked config templates (config/api/api/*, config/api/cell.env, etc.)
  that no longer exist on disk after config layout was reorganised

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-26 06:04:40 -04:00

roof

7d2979b8af

fix: integration and E2E test correctness after auth enforcement

config_manager: make per-file copy errors non-fatal during restore
  (resolves test failures when /app/config/* is not writable by test runner)
test_live_api.py: fix NameError (_req.Session not requests.Session)
test_negative_scenarios.py: replace raw requests.* with authenticated _S.*
  (all endpoints now require auth; unauthenticated calls return 401)
wg/conftest.py: fix wg_server_info — public key is at /api/wireguard/keys
test_admin_navigation.py, test_peer_acl.py: add .first to ambiguous locators
  to avoid Playwright strict-mode errors when desktop+mobile nav both mount

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-25 18:14:38 -04:00

roof

0d32038150

feat: add comprehensive E2E test suite (Playwright + WireGuard + API)

Adds tests/e2e/ with three layers of E2E coverage:
- API layer (tests/e2e/api/): unauthenticated access, admin endpoints,
  peer endpoints, access control enforcement — 24 tests
- Playwright UI (tests/e2e/ui/): login flows, admin navigation, peer
  dashboard/services, role-based ACL, password change — 60+ tests
- WireGuard connectivity (tests/e2e/wg/): tunnel up/down, DNS resolution
  through VPN, service ACL enforcement via iptables, full-tunnel routing
Shared helpers: PicAPIClient, WGInterface, playwright_login, cleanup.
Makefile targets: test-e2e-api, test-e2e-ui, test-e2e-wg, test-e2e.
Adds scripts/reset_admin_password.py for test bootstrap.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-25 16:41:13 -04:00

3 Commits