fix: protected pages tests (#8145)

* fix: protected pages tests

* fix: admin tests

.env.example

@@ -10,4 +10,4 @@ NEXTAUTH_URL="http://localhost:3000"
 LINKFREE_API_SECRET="development"
 GITHUB_API_TOKEN=""
 RANDOM_USERS="eddiejaoude,sarajaoude"
-ADMIN_USERS="eddiejaoude,SaraJaoude"
+ADMIN_USERS="eddiejaoude,SaraJaoude,_test-admin-user"

pages/404.js

@@ -14,11 +14,13 @@ export default function Page404() {
       <Page>
         <div className="grid min-h-full place-items-center px-6 py-24 sm:py-32 lg:px-8">
           <div className="text-center">
-            <p className="text-base font-semibold text-secondary-high">404</p>
+            <p className="text-base font-semibold text-primary-high dark:text-primary-low">
+              404
+            </p>
             <h1 className="mt-4 text-3xl font-bold tracking-tight text-primary-high dark:text-primary-low sm:text-5xl">
               Page not found
             </h1>
-            <p className="m-6 text-base leading-7 text-primary-medium dark:text-primary-medium-low">
+            <p className="m-6 text-base leading-7 text-primary-high dark:text-primary-low">
               Sorry, we could not find the page you are looking for.
             </p>
             <Image

pages/account/statistics.js

@@ -26,7 +26,7 @@ export async function getServerSideProps(context) {
   if (!session) {
     return {
       redirect: {
-        destination: "/",
+        destination: "/auth/signin",
         permanent: false,
       },
     };
@@ -115,9 +115,8 @@ export default function Statistics({ data, profile, progress, BASE_URL }) {
       />
 
       <Page>
-
         <Navigation />
-        
+
         <UserMini
           BASE_URL={BASE_URL}
           username={profile.username}

pages/admin/index.js

@@ -26,7 +26,7 @@ export async function getServerSideProps(context) {
   if (!serverEnv.ADMIN_USERS.includes(username)) {
     return {
       redirect: {
-        destination: "/auth/signin",
+        destination: "/404",
         permanent: false,
       },
     };

tests/404.spec.js

@@ -11,7 +11,7 @@ test.describe("accessibility tests (light)", () => {
   test.use({ colorScheme: "light" });
 
   test("should pass axe wcag accessibility tests", async ({ page }) => {
-    await page.goto("/events");
+    await page.goto("/404");
     const accessibilityScanResults = await new AxeBuilder({ page })
       .withTags(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"])
       .analyze();
@@ -23,7 +23,7 @@ test.describe("accessibility tests (dark)", () => {
   test.use({ colorScheme: "dark" });
 
   test("should pass axe wcag accessibility tests (dark)", async ({ page }) => {
-    await page.goto("/events");
+    await page.goto("/404");
     const accessibilityScanResults = await new AxeBuilder({ page })
       .withTags(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"])
       .analyze();

tests/admin/index.spec.js

@@ -0,0 +1,62 @@
+import { test, expect } from "@playwright/test";
+import AxeBuilder from "@axe-core/playwright";
+import { login, logout } from "../setup/auth";
+
+test("Guest user cannot access admin statistics", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/admin");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user cannot access admin statistics", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await login(browser);
+  const page = await context.newPage();
+  await page.goto("/admin");
+  await expect(page).toHaveURL(/404/);
+});
+
+test("Admin user can access dashboard", async ({ browser }) => {
+  // fixture: make sure user is logged in
+  const context = await login(browser, {
+    id: "66666666",
+    name: "Automated Test Admin User",
+    email: "test-admin-user@test.com",
+    username: "_test-admin-user",
+  });
+  const page = await context.newPage();
+  await page.goto("/admin");
+  await expect(page).toHaveURL(/admin/);
+});
+
+test.describe("accessibility tests (light)", () => {
+  test.use({ colorScheme: "light" });
+
+  test("should pass axe wcag accessibility tests", async ({ browser }) => {
+    const context = await login(browser);
+    const page = await context.newPage();
+    await page.goto("/admin");
+    const accessibilityScanResults = await new AxeBuilder({ page })
+      .withTags(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"])
+      .analyze();
+    expect(accessibilityScanResults.violations).toEqual([]);
+  });
+});
+
+test.describe("accessibility tests (dark)", () => {
+  test.use({ colorScheme: "dark" });
+
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
+    const context = await login(browser);
+    const page = await context.newPage();
+    await page.goto("/admin");
+    const accessibilityScanResults = await new AxeBuilder({ page })
+      .withTags(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"])
+      .analyze();
+    expect(accessibilityScanResults.violations).toEqual([]);
+  });
+});

tests/manage/events.spec.js

@@ -1,8 +1,16 @@
 import { test, expect } from "@playwright/test";
 import AxeBuilder from "@axe-core/playwright";
-import { login } from "../setup/auth";
+import { login, logout } from "../setup/auth";
 
-test("Logged in user can access dashboard", async ({ browser }) => {
+test("Guest user cannot access manage events", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/account/manage/events");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user can access manage events", async ({ browser }) => {
   // fixture: make sure user is logged in
   const context = await login(browser);
   const page = await context.newPage();
@@ -27,7 +35,9 @@ test.describe("accessibility tests (light)", () => {
 test.describe("accessibility tests (dark)", () => {
   test.use({ colorScheme: "dark" });
 
-  test("should pass axe wcag accessibility tests (dark)", async ({ browser }) => {
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
     const context = await login(browser);
     const page = await context.newPage();
     await page.goto("/account/manage/events");
@@ -36,4 +46,4 @@ test.describe("accessibility tests (dark)", () => {
       .analyze();
     expect(accessibilityScanResults.violations).toEqual([]);
   });
-});
+});

tests/manage/links.spec.js

@@ -1,8 +1,16 @@
 import { test, expect } from "@playwright/test";
 import AxeBuilder from "@axe-core/playwright";
-import { login } from "../setup/auth";
+import { login, logout } from "../setup/auth";
 
-test("Logged in user can access dashboard", async ({ browser }) => {
+test("Guest user cannot access manage links", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/account/manage/links");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user can access manage links", async ({ browser }) => {
   // fixture: make sure user is logged in
   const context = await login(browser);
   const page = await context.newPage();
@@ -27,7 +35,9 @@ test.describe("accessibility tests (light)", () => {
 test.describe("accessibility tests (dark)", () => {
   test.use({ colorScheme: "dark" });
 
-  test("should pass axe wcag accessibility tests (dark)", async ({ browser }) => {
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
     const context = await login(browser);
     const page = await context.newPage();
     await page.goto("/account/manage/links");
@@ -36,4 +46,4 @@ test.describe("accessibility tests (dark)", () => {
       .analyze();
     expect(accessibilityScanResults.violations).toEqual([]);
   });
-});
+});

tests/manage/milestones.spec.js

@@ -1,8 +1,16 @@
 import { test, expect } from "@playwright/test";
 import AxeBuilder from "@axe-core/playwright";
-import { login } from "../setup/auth";
+import { login, logout } from "../setup/auth";
 
-test("Logged in user can access dashboard", async ({ browser }) => {
+test("Guest user cannot access manage milestones", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/account/manage/milestones");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user can access manage milestones", async ({ browser }) => {
   // fixture: make sure user is logged in
   const context = await login(browser);
   const page = await context.newPage();
@@ -27,7 +35,9 @@ test.describe("accessibility tests (light)", () => {
 test.describe("accessibility tests (dark)", () => {
   test.use({ colorScheme: "dark" });
 
-  test("should pass axe wcag accessibility tests (dark)", async ({ browser }) => {
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
     const context = await login(browser);
     const page = await context.newPage();
     await page.goto("/account/manage/milestones");
@@ -36,4 +46,4 @@ test.describe("accessibility tests (dark)", () => {
       .analyze();
     expect(accessibilityScanResults.violations).toEqual([]);
   });
-});
+});

tests/manage/profile.spec.js

@@ -1,8 +1,16 @@
 import { test, expect } from "@playwright/test";
 import AxeBuilder from "@axe-core/playwright";
-import { login } from "../setup/auth";
+import { login, logout } from "../setup/auth";
 
-test("Logged in user can access dashboard", async ({ browser }) => {
+test("Guest user cannot access manage profile", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/account/manage/profile");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user can access manage profile", async ({ browser }) => {
   // fixture: make sure user is logged in
   const context = await login(browser);
   const page = await context.newPage();
@@ -27,7 +35,9 @@ test.describe("accessibility tests (light)", () => {
 test.describe("accessibility tests (dark)", () => {
   test.use({ colorScheme: "dark" });
 
-  test("should pass axe wcag accessibility tests (dark)", async ({ browser }) => {
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
     const context = await login(browser);
     const page = await context.newPage();
     await page.goto("/account/manage/profile");
@@ -36,4 +46,4 @@ test.describe("accessibility tests (dark)", () => {
       .analyze();
     expect(accessibilityScanResults.violations).toEqual([]);
   });
-});
+});

tests/manage/statistics.spec.js

@@ -0,0 +1,49 @@
+import { test, expect } from "@playwright/test";
+import AxeBuilder from "@axe-core/playwright";
+import { login, logout } from "../setup/auth";
+
+test("Guest user cannot access statistics", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/account/statistics");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user can access statistics", async ({ browser }) => {
+  // fixture: make sure user is logged in
+  const context = await login(browser);
+  const page = await context.newPage();
+  await page.goto("/account/statistics");
+  await expect(page).toHaveURL(/account\/statistics/);
+});
+
+test.describe("accessibility tests (light)", () => {
+  test.use({ colorScheme: "light" });
+
+  test("should pass axe wcag accessibility tests", async ({ browser }) => {
+    const context = await login(browser);
+    const page = await context.newPage();
+    await page.goto("/account/manage/events");
+    const accessibilityScanResults = await new AxeBuilder({ page })
+      .withTags(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"])
+      .analyze();
+    expect(accessibilityScanResults.violations).toEqual([]);
+  });
+});
+
+test.describe("accessibility tests (dark)", () => {
+  test.use({ colorScheme: "dark" });
+
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
+    const context = await login(browser);
+    const page = await context.newPage();
+    await page.goto("/account/manage/events");
+    const accessibilityScanResults = await new AxeBuilder({ page })
+      .withTags(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"])
+      .analyze();
+    expect(accessibilityScanResults.violations).toEqual([]);
+  });
+});

tests/manage/testimonials.spec.js

@@ -1,8 +1,16 @@
 import { test, expect } from "@playwright/test";
 import AxeBuilder from "@axe-core/playwright";
-import { login } from "../setup/auth";
+import { login, logout } from "../setup/auth";
 
-test("Logged in user can access dashboard", async ({ browser }) => {
+test("Guest user cannot access manage testimonials", async ({ browser }) => {
+  // fixture: make sure user is not logged in
+  const context = await logout(browser);
+  const page = await context.newPage();
+  await page.goto("/account/manage/testimonials");
+  await expect(page).toHaveURL(/auth\/signin/);
+});
+
+test("Logged in user can access manage testimonials", async ({ browser }) => {
   // fixture: make sure user is logged in
   const context = await login(browser);
   const page = await context.newPage();
@@ -27,7 +35,9 @@ test.describe("accessibility tests (light)", () => {
 test.describe("accessibility tests (dark)", () => {
   test.use({ colorScheme: "dark" });
 
-  test("should pass axe wcag accessibility tests (dark)", async ({ browser }) => {
+  test("should pass axe wcag accessibility tests (dark)", async ({
+    browser,
+  }) => {
     const context = await login(browser);
     const page = await context.newPage();
     await page.goto("/account/manage/testimonials");
@@ -36,4 +46,4 @@ test.describe("accessibility tests (dark)", () => {
       .analyze();
     expect(accessibilityScanResults.violations).toEqual([]);
   });
-});
+});