admin
750cf4129d
- Add Auth Context route role guards so doctors cannot directly enter template management, user management, or audit logs. - Add Audit Logs page, sidebar entry, frontend audit API client, and API client test. - Add backend audit log query endpoint with super/admin visibility rules and query filtering. - Extend PostgreSQL integration tests to cover audit log query permissions. - Move Playwright E2E away from localStorage seed data to real backend API login and seed helpers. - Add E2E coverage for route guards and audit log visibility. - Run Playwright backend on port 3100 and proxy Vite API requests there to avoid local port conflicts. - Make server:dev use the compiled NestJS server path, avoiding tsx parameter-property injection issues. - Update README, AGENTS, feature, testing, security, deployment, progress, API, backendization, and auth/user module docs.
27 lines
1.1 KiB
TypeScript
27 lines
1.1 KiB
TypeScript
import { expect, test } from '@playwright/test';
|
|
import { apiRequest, loginByApi, uniqueId } from './helpers';
|
|
|
|
test('doctor can save current report as a personal template visible only to self', async ({ page }) => {
|
|
await loginByApi(page, '0001');
|
|
const templateName = `我的测试模板 ${uniqueId('tpl')}`;
|
|
|
|
page.on('dialog', async (dialog) => {
|
|
if (dialog.type() === 'prompt') {
|
|
await dialog.accept(templateName);
|
|
return;
|
|
}
|
|
await dialog.accept();
|
|
});
|
|
|
|
await page.goto('/report-editor');
|
|
await expect(page.getByRole('button', { name: '保存为我的模板' })).toBeVisible();
|
|
await page.getByRole('button', { name: '保存为我的模板' }).click();
|
|
|
|
await expect.poll(async () => {
|
|
const data = await apiRequest<{ items: any[] }>(page.request, 'get', '/api/templates?access=use');
|
|
return data.items.some((template) => template.name === templateName && template.scope === 'personal' && template.ownerUser === '0001');
|
|
}).toBe(true);
|
|
|
|
await expect(page.locator('option:not([disabled])', { hasText: templateName })).toHaveCount(1);
|
|
});
|