azaion/ui
1
0
Fork 0
mirror of https://github.com/azaion/ui.git synced 2026-06-21 10:51:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
09449bda2cc5e0a5740341491590b5fe721722d7
ui/tests/setup.ts
T
Oleksandr Bezdieniezhnykh 70fb452805 [AZ-510] Auth bootstrap: POST refresh + chained /users/me 
Replace the broken `GET /api/admin/auth/refresh` (no `credentials:'include'`)
mount-time bootstrap with `POST /api/admin/auth/refresh` (with credentials)
chained to `GET /api/admin/users/me`. Returning users with a valid HttpOnly
refresh cookie no longer flash through `/login`. Closes Finding B3 / Vision P3.

- Add module-scoped `bootstrapInflight` guard (StrictMode double-mount safety)
  + test-only reset hook exported via the `src/auth` barrel; `tests/setup.ts`
  resets it in `afterEach` to prevent pending-promise leakage between tests.
- Defensive `hasPermission` against legacy `/users/me` payloads omitting
  `permissions`; default MSW handler now seeds `permissions` explicitly.
- Add `endpoints.admin.usersMe()` builder (STC-ARCH-02 forbids the literal).
- Bulk-swap 15 test files from `http.get` -> `http.post` for the refresh
  override so intentional bootstrap-fail tests still fail correctly.
- Update auth component description; mark B3 closed.
- Code review verdict PASS; static + fast suites green (231 / 13 skipped).

Batch report: _docs/03_implementation/batch_13_cycle3_report.md

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-13 02:59:31 +03:00

69 lines
2.3 KiB
TypeScript
Raw Blame History

import '@testing-library/jest-dom/vitest'
import { afterAll, afterEach, beforeAll } from 'vitest'
import { cleanup } from '@testing-library/react'
import { server } from './msw/server'
import { setToken, setNavigateToLogin } from '../src/api'
import { __resetBootstrapInflightForTests } from '../src/auth'
// JSDOM polyfills for browser APIs production code touches at mount time.
// These are no-op stubs — tests that exercise the actual behavior install
// richer fakes per-suite (e.g. `tests/sse_lifecycle.test.tsx` overrides
// `globalThis.EventSource` and restores it; that pattern still works).
class NoopResizeObserver {
observe(): void {}
unobserve(): void {}
disconnect(): void {}
}
class NoopEventSource extends EventTarget {
url: string
readyState: 0 | 1 | 2 = 0
onopen: ((e: Event) => void) | null = null
onmessage: ((e: MessageEvent) => void) | null = null
onerror: ((e: Event) => void) | null = null
constructor(url: string | URL) {
super()
this.url = String(url)
}
close(): void {
this.readyState = 2
}
static readonly CONNECTING = 0
static readonly OPEN = 1
static readonly CLOSED = 2
}
const g = globalThis as unknown as {
ResizeObserver?: typeof NoopResizeObserver
EventSource?: typeof NoopEventSource
}
if (!g.ResizeObserver) g.ResizeObserver = NoopResizeObserver
if (!g.EventSource) g.EventSource = NoopEventSource
// MSW boundary configured per AZ-456 AC-3:
// - All outbound /api/<service>/... fetches MUST be intercepted.
// - A test missing a handler for a network request is a HARD failure
// (onUnhandledRequest: 'error'). This is how AC-3 is enforced for
// fast-profile tests; a leaked external request would otherwise
// escape the test environment silently.
beforeAll(() => {
server.listen({ onUnhandledRequest: 'error' })
})
afterEach(() => {
cleanup()
server.resetHandlers()
setToken(null)
setNavigateToLogin(() => {
/* default no-op for tests; production accessor restored implicitly
on next module reload — tests must re-seed if they assert on it. */
})
// AZ-510 — clear AuthProvider's module-scoped in-flight bootstrap promise so
// a never-resolving fixture in test N does not leak into test N+1.
__resetBootstrapInflightForTests()
})
afterAll(() => {
server.close()
})
Reference in New Issue View Git Blame Copy Permalink