284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
43 lines
2.1 KiB
JavaScript
43 lines
2.1 KiB
JavaScript
import fs from 'node:fs';
|
|
import path from 'node:path';
|
|
import test from 'node:test';
|
|
import assert from 'node:assert/strict';
|
|
|
|
const repoRoot = path.resolve(path.join(import.meta.dirname, '..', '..', '..', '..'));
|
|
const uiRoot = path.join(repoRoot, 'ee', 'appliance', 'status-ui');
|
|
|
|
test('T006 setup/status UI package uses session-based auth (no query token)', () => {
|
|
const packageJson = JSON.parse(fs.readFileSync(path.join(uiRoot, 'package.json'), 'utf8'));
|
|
const nextConfig = fs.readFileSync(path.join(uiRoot, 'next.config.mjs'), 'utf8');
|
|
const statusPage = fs.readFileSync(path.join(uiRoot, 'app', 'page.tsx'), 'utf8');
|
|
const setupPage = fs.readFileSync(path.join(uiRoot, 'app', 'setup', 'page.tsx'), 'utf8');
|
|
const layout = fs.readFileSync(path.join(uiRoot, 'app', 'layout.tsx'), 'utf8');
|
|
const dockerfile = fs.readFileSync(path.join(repoRoot, 'ee', 'appliance', 'control-plane', 'Dockerfile'), 'utf8');
|
|
|
|
assert.equal(packageJson.scripts.build, 'next build');
|
|
assert.match(nextConfig, /output: 'export'/);
|
|
assert.match(nextConfig, /distDir: 'dist'/);
|
|
assert.match(dockerfile, /COPY --from=ui-build .*status-ui\/dist \.\/status-ui\/dist/);
|
|
|
|
// The auth gate wraps every page; requests ride the session cookie, not ?token=.
|
|
assert.match(layout, /<AuthGate>\{children\}<\/AuthGate>/);
|
|
assert.match(statusPage, /fetch\(apiPath\('\/api\/status'\)/);
|
|
assert.match(statusPage, /href="\/setup\/"/);
|
|
assert.match(setupPage, /fetch\('\/api\/setup\/config'/);
|
|
assert.match(setupPage, /fetch\('\/api\/setup'/);
|
|
|
|
// No leftover query-token threading anywhere.
|
|
for (const source of [statusPage, setupPage]) {
|
|
assert.doesNotMatch(source, /withToken/);
|
|
assert.doesNotMatch(source, /tokenQuery/);
|
|
}
|
|
|
|
// Auth UI pieces are present.
|
|
for (const file of ['AuthGate.tsx', 'TokenInput.tsx', 'LogoutButton.tsx', 'pin.ts']) {
|
|
assert.equal(fs.existsSync(path.join(uiRoot, 'app', 'auth', file)), true, `missing app/auth/${file}`);
|
|
}
|
|
|
|
assert.equal(fs.existsSync(path.join(uiRoot, 'dist', 'index.html')), true);
|
|
assert.equal(fs.existsSync(path.join(uiRoot, 'dist', 'setup', 'index.html')), true);
|
|
});
|