roof
7d2979b8af
config_manager: make per-file copy errors non-fatal during restore (resolves test failures when /app/config/* is not writable by test runner) test_live_api.py: fix NameError (_req.Session not requests.Session) test_negative_scenarios.py: replace raw requests.* with authenticated _S.* (all endpoints now require auth; unauthenticated calls return 401) wg/conftest.py: fix wg_server_info — public key is at /api/wireguard/keys test_admin_navigation.py, test_peer_acl.py: add .first to ambiguous locators to avoid Playwright strict-mode errors when desktop+mobile nav both mount Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
78 lines
2.5 KiB
Python
78 lines
2.5 KiB
Python
"""
|
|
Admin navigation tests.
|
|
|
|
Scenario 6: admin can reach every route defined in App.jsx adminNavigation
|
|
without being redirected to /login.
|
|
|
|
Routes under test (from App.jsx adminNavigation):
|
|
/ Dashboard
|
|
/peers Peers
|
|
/network Network Services
|
|
/wireguard WireGuard
|
|
/email Email
|
|
/calendar Calendar
|
|
/files Files
|
|
/routing Routing
|
|
/vault Vault
|
|
/containers Container Dashboard
|
|
/cell-network Cell Network
|
|
/logs Logs
|
|
/settings Settings
|
|
/account Account Settings
|
|
"""
|
|
import pytest
|
|
|
|
pytestmark = pytest.mark.ui
|
|
|
|
ADMIN_ROUTES = [
|
|
('/', 'Dashboard'),
|
|
('/peers', 'Peers'),
|
|
('/network', 'Network Services'),
|
|
('/wireguard', 'WireGuard'),
|
|
('/email', 'Email'),
|
|
('/calendar', 'Calendar'),
|
|
('/files', 'Files'),
|
|
('/routing', 'Routing'),
|
|
('/vault', 'Vault'),
|
|
('/containers', 'Containers'),
|
|
('/cell-network', 'Cell Network'),
|
|
('/logs', 'Logs'),
|
|
('/settings', 'Settings'),
|
|
('/account', 'Account'),
|
|
]
|
|
|
|
|
|
@pytest.mark.parametrize('route,label', ADMIN_ROUTES)
|
|
def test_admin_can_reach_route(admin_page, webui_base, route, label):
|
|
"""Admin navigating to each app route should not be sent to /login."""
|
|
page = admin_page
|
|
page.goto(f"{webui_base}{route}")
|
|
page.wait_for_load_state('networkidle')
|
|
assert '/login' not in page.url, (
|
|
f"Admin was redirected to /login when navigating to {route} ({label})"
|
|
)
|
|
|
|
|
|
def test_admin_sidebar_shows_admin_links(admin_page, webui_base):
|
|
"""The desktop sidebar must show admin-only links: Peers, Settings, WireGuard."""
|
|
page = admin_page
|
|
page.goto(f"{webui_base}/")
|
|
page.wait_for_load_state('networkidle')
|
|
# These link names come from the adminNavigation array in App.jsx.
|
|
# Use .first to avoid strict-mode errors when both desktop and mobile nav
|
|
# are mounted simultaneously (both contain the same link names).
|
|
for link_name in ('Peers', 'Settings', 'WireGuard'):
|
|
assert page.get_by_role('link', name=link_name).first.is_visible(), (
|
|
f"Admin sidebar link '{link_name}' not visible"
|
|
)
|
|
|
|
|
|
def test_admin_sidebar_does_not_show_my_services(admin_page, webui_base):
|
|
"""Admin sidebar should NOT contain the peer-only 'My Services' link."""
|
|
page = admin_page
|
|
page.goto(f"{webui_base}/")
|
|
page.wait_for_load_state('networkidle')
|
|
assert not page.get_by_role('link', name='My Services').first.is_visible(), (
|
|
"Admin sidebar should not show the peer-only 'My Services' link"
|
|
)
|