local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 51 Pull requests 14 Projects 1 Releases Packages 1 Activity Actions

feat: add playwright and a11y audit and example test

Browse source
This commit is contained in:
carla 2025-09-04 13:54:57 +02:00
parent 96085ea420
commit c6be9b5104
19 changed files with 133 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

110
test/unit/membership/member_test.exs Normal file
View file

@ -0,0 +1,110 @@
defmodule Mv.Membership.MemberTest do
use Mv.DataCase, async: false
alias Mv.Membership
describe "Fields and Validations" do
@valid_attrs %{
first_name: "John",
last_name: "Doe",
birth_date: ~D[1990-01-01],
paid: true,
email: "john@example.com",
phone_number: "+49123456789",
join_date: ~D[2020-01-01],
exit_date: nil,
notes: "Test note",
city: "Berlin",
street: "Main Street",
house_number: "1A",
postal_code: "12345"
}
test "First name is required and must not be empty" do
attrs = Map.put(@valid_attrs, :first_name, "")
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :first_name) =~ "must be present"
end
test "Last name is required and must not be empty" do
attrs = Map.put(@valid_attrs, :last_name, "")
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :last_name) =~ "must be present"
end
test "Email is required" do
attrs = Map.put(@valid_attrs, :email, "")
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :email) =~ "must be present"
end
test "Email must be valid" do
attrs = Map.put(@valid_attrs, :email, "test@")
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :email) =~ "is not a valid email"
end
test "Birth date is optional but must not be in the future" do
attrs = Map.put(@valid_attrs, :birth_date, Date.utc_today() |> Date.add(1))
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :birth_date) =~ "cannot be in the future"
end
test "Paid is optional but must be boolean if specified" do
attrs = Map.put(@valid_attrs, :paid, nil)
attrs2 = Map.put(@valid_attrs, :paid, "yes")
assert {:ok, _member} = Membership.create_member(Map.delete(attrs, :paid))
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs2)
assert error_message(errors, :paid) =~ "is invalid"
end
test "Phone number is optional but must have a valid format if specified" do
attrs = Map.put(@valid_attrs, :phone_number, "abc")
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :phone_number) =~ "is not a valid phone number"
attrs2 = Map.delete(@valid_attrs, :phone_number)
assert {:ok, _member} = Membership.create_member(attrs2)
end
test "Join date is optional but must not be in the future" do
attrs = Map.put(@valid_attrs, :join_date, Date.utc_today() |> Date.add(1))
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :join_date) =~ "cannot be in the future"
attrs2 = Map.delete(@valid_attrs, :join_date)
assert {:ok, _member} = Membership.create_member(attrs2)
end
test "Exit date is optional but must not be before join date if both are specified" do
attrs = Map.put(@valid_attrs, :exit_date, ~D[2010-01-01])
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :exit_date) =~ "cannot be before join date"
attrs2 = Map.delete(@valid_attrs, :exit_date)
assert {:ok, _member} = Membership.create_member(attrs2)
end
test "Notes is optional" do
attrs = Map.delete(@valid_attrs, :notes)
assert {:ok, _member} = Membership.create_member(attrs)
end
test "City, street, house number are optional" do
attrs = @valid_attrs |> Map.drop([:city, :street, :house_number])
assert {:ok, _member} = Membership.create_member(attrs)
end
test "Postal code is optional but must have 5 digits if specified" do
attrs = Map.put(@valid_attrs, :postal_code, "1234")
assert {:error, %Ash.Error.Invalid{errors: errors}} = Membership.create_member(attrs)
assert error_message(errors, :postal_code) =~ "must consist of 5 digits"
attrs2 = Map.delete(@valid_attrs, :postal_code)
assert {:ok, _member} = Membership.create_member(attrs2)
end
end
# Helper function for error evaluation
defp error_message(errors, field) do
errors
|> Enum.filter(fn err -> Map.get(err, :field) == field end)
|> Enum.map(&Map.get(&1, :message, ""))
|> List.first()
end
end

192
test/unit/mv_web/controllers/auth_controller_test.exs Normal file
View file

@ -0,0 +1,192 @@
defmodule MvWeb.AuthControllerTest do
use MvWeb.ConnCase, async: true
import Phoenix.LiveViewTest
# Basic UI tests
test "GET /sign-in shows sign in form", %{conn: conn} do
conn = get(conn, ~p"/sign-in")
assert html_response(conn, 200) =~ "Sign in"
end
test "GET /sign-out redirects to home", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = get(conn, ~p"/sign-out")
assert redirected_to(conn) == ~p"/"
end
# Password authentication (LiveView)
test "password user can sign in with valid credentials via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "password@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "password@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
test "password user with invalid credentials shows error via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "test@example.com",
password: "correct_password",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
html =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "test@example.com", password: "wrong_password"}
)
|> render_submit()
assert html =~ "Email or password was incorrect"
end
test "password user with non-existent email shows error via LiveView", %{conn: conn} do
{:ok, view, _html} = live(conn, "/sign-in")
html =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "nonexistent@example.com", password: "anypassword"}
)
|> render_submit()
assert html =~ "Email or password was incorrect"
end
# Registration (LiveView)
test "user can register with valid credentials via LiveView", %{conn: conn} do
{:ok, view, _html} = live(conn, "/register")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-register-with-password-wrapper form",
user: %{email: "newuser@example.com", password: "newpassword123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
test "registration with existing email shows error via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "existing@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/register")
html =
view
|> form("#user-password-register-with-password-wrapper form",
user: %{email: "existing@example.com", password: "anotherpassword"}
)
|> render_submit()
assert html =~ "has already been taken"
end
test "registration with weak password shows error via LiveView", %{conn: conn} do
{:ok, view, _html} = live(conn, "/register")
html =
view
|> form("#user-password-register-with-password-wrapper form",
user: %{email: "weakpass@example.com", password: "123"}
)
|> render_submit()
assert html =~ "length must be greater than or equal to 8"
end
# Access control
test "unauthenticated user accessing protected route gets redirected to sign-in", %{conn: conn} do
conn = get(conn, ~p"/members")
assert redirected_to(conn) == ~p"/sign-in"
end
test "authenticated user can access protected route", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = get(conn, ~p"/members")
assert conn.status == 200
end
test "password authenticated user can access protected route via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "auth@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "auth@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
# After login, user is redirected to /auth/user/password/sign_in_with_token. Session handling for protected routes should be tested in integration or E2E tests.
end
# Edge cases
test "user with nil oidc_id can still sign in with password via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "nil_oidc@example.com",
password: "secret123",
oidc_id: nil
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "nil_oidc@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
test "user with empty string oidc_id is handled correctly via LiveView", %{conn: conn} do
_user =
create_test_user(%{
email: "empty_oidc@example.com",
password: "secret123",
oidc_id: ""
})
{:ok, view, _html} = live(conn, "/sign-in")
{:error, {:redirect, %{to: to}}} =
view
|> form("#user-password-sign-in-with-password",
user: %{email: "empty_oidc@example.com", password: "secret123"}
)
|> render_submit()
assert to =~ "/auth/user/password/sign_in_with_token"
end
end

14
test/unit/mv_web/controllers/error_html_test.exs Normal file
View file

@ -0,0 +1,14 @@
defmodule MvWeb.ErrorHTMLTest do
use MvWeb.ConnCase, async: true
# Bring render_to_string/4 for testing custom views
import Phoenix.Template, only: [render_to_string: 4]
test "renders 404.html" do
assert render_to_string(MvWeb.ErrorHTML, "404", "html", []) == "Not Found"
end
test "renders 500.html" do
assert render_to_string(MvWeb.ErrorHTML, "500", "html", []) == "Internal Server Error"
end
end

12
test/unit/mv_web/controllers/error_json_test.exs Normal file
View file

@ -0,0 +1,12 @@
defmodule MvWeb.ErrorJSONTest do
use MvWeb.ConnCase, async: true
test "renders 404" do
assert MvWeb.ErrorJSON.render("404.json", %{}) == %{errors: %{detail: "Not Found"}}
end
test "renders 500" do
assert MvWeb.ErrorJSON.render("500.json", %{}) ==
%{errors: %{detail: "Internal Server Error"}}
end
end

166
test/unit/mv_web/controllers/oidc_integration_test.exs Normal file
View file

@ -0,0 +1,166 @@
defmodule MvWeb.OidcIntegrationTest do
use MvWeb.ConnCase, async: true
# Test OIDC callback scenarios by directly calling the actions
# This simulates what happens during real OIDC authentication
describe "OIDC sign-in scenarios" do
test "existing OIDC user with unchanged email can sign in" do
# Create user with OIDC ID
user =
create_test_user(%{
email: "existing@example.com",
oidc_id: "existing_oidc_123"
})
# Simulate OIDC callback data
user_info = %{
"sub" => "existing_oidc_123",
"preferred_username" => "existing@example.com"
}
# Test sign_in_with_rauthy action directly
{:ok, [found_user]} =
Mv.Accounts.read_sign_in_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
})
assert found_user.id == user.id
assert to_string(found_user.email) == "existing@example.com"
assert found_user.oidc_id == "existing_oidc_123"
end
test "new OIDC user gets created via register_with_rauthy" do
# Simulate OIDC callback for completely new user
user_info = %{
"sub" => "brand_new_oidc_456",
"preferred_username" => "newuser@example.com"
}
# Test register_with_rauthy action
case Mv.Accounts.create_register_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
}) do
{:ok, new_user} ->
assert to_string(new_user.email) == "newuser@example.com"
assert new_user.oidc_id == "brand_new_oidc_456"
assert is_nil(new_user.hashed_password)
{:error, error} ->
flunk("Should have created new user: #{inspect(error)}")
end
end
end
describe "OIDC error and edge case scenarios" do
test "OIDC registration with conflicting email and OIDC ID shows error" do
# Create user with email and OIDC ID
_existing_user =
create_test_user(%{
email: "conflict@example.com",
oidc_id: "oidc_conflict_1"
})
# Try to register with same email but different OIDC ID
user_info = %{
"sub" => "oidc_conflict_2",
"preferred_username" => "conflict@example.com"
}
result =
Mv.Accounts.create_register_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
})
# Should fail due to unique constraint
assert {:error, %Ash.Error.Invalid{errors: errors}} = result
assert Enum.any?(errors, fn
%Ash.Error.Changes.InvalidAttribute{field: :email, message: message} ->
String.contains?(message, "has already been taken")
_ ->
false
end)
end
test "OIDC registration with missing sub and id should fail" do
user_info = %{
"preferred_username" => "nosub@example.com"
}
result =
Mv.Accounts.create_register_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
})
assert {:error,
%Ash.Error.Invalid{
errors: [%Ash.Error.Changes.InvalidChanges{vars: [user_info: msg]}]
}} = result
assert String.contains?(msg, "OIDC user_info must contain a non-empty 'sub' or 'id' field")
end
test "OIDC registration with missing preferred_username should fail" do
user_info = %{
"sub" => "noemail_oidc_123"
}
result =
Mv.Accounts.create_register_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
})
assert {:error, %Ash.Error.Invalid{errors: errors}} = result
assert Enum.any?(errors, fn err ->
match?(%Ash.Error.Changes.Required{field: :email}, err)
end)
end
test "OIDC registration with existing OIDC ID and different email updates email" do
existing_user =
create_test_user(%{
email: "old@example.com",
oidc_id: "oidc_update_email"
})
user_info = %{
"sub" => "oidc_update_email",
"preferred_username" => "new@example.com"
}
{:ok, user} =
Mv.Accounts.create_register_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
})
assert user.id == existing_user.id
assert to_string(user.email) == "new@example.com"
assert user.oidc_id == "oidc_update_email"
end
test "OIDC registration with alternative OIDC ID field (id instead of sub)" do
user_info = %{
"id" => "alt_oidc_id_123",
"preferred_username" => "altid@example.com"
}
{:ok, user} =
Mv.Accounts.create_register_with_rauthy(%{
user_info: user_info,
oauth_tokens: %{}
})
assert user.oidc_id == "alt_oidc_id_123"
assert to_string(user.email) == "altid@example.com"
end
end
end

10
test/unit/mv_web/controllers/page_controller_test.exs Normal file
View file

@ -0,0 +1,10 @@
defmodule MvWeb.PageControllerTest do
use MvWeb.ConnCase
test "GET /", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = get(conn, ~p"/")
assert html_response(conn, 200) =~ "Mitgliederverwaltung"
end
end

14
test/unit/mv_web/locale_test.exs Normal file
View file

@ -0,0 +1,14 @@
defmodule MvWeb.LocaleTest do
use MvWeb.ConnCase, async: true
import Phoenix.ConnTest
test "language switch via form sets the locale to English in the session" do
conn = post(build_conn(), "/set_locale", %{"locale" => "en"})
assert get_session(conn, :locale) == "en"
end
test "language switch via form sets the locale to German in the session" do
conn = post(build_conn(), "/set_locale", %{"locale" => "de"})
assert get_session(conn, :locale) == "de"
end
end

77
test/unit/mv_web/member_live/index_test.exs Normal file
View file

@ -0,0 +1,77 @@
defmodule MvWeb.MemberLive.IndexTest do
use MvWeb.ConnCase, async: true
import Phoenix.LiveViewTest
test "shows translated title in German", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = Plug.Test.init_test_session(conn, locale: "de")
{:ok, _view, html} = live(conn, "/members")
# Expected German title
assert html =~ "Mitglieder"
end
test "shows translated title in English", %{conn: conn} do
conn = conn_with_oidc_user(conn)
Gettext.put_locale(MvWeb.Gettext, "en")
{:ok, _view, html} = live(conn, "/members")
# Expected English title
assert html =~ "Members"
end
test "shows translated button text in German", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = Plug.Test.init_test_session(conn, locale: "de")
{:ok, _view, html} = live(conn, "/members/new")
assert html =~ "Speichern"
end
test "shows translated button text in English", %{conn: conn} do
conn = conn_with_oidc_user(conn)
Gettext.put_locale(MvWeb.Gettext, "en")
{:ok, _view, html} = live(conn, "/members/new")
assert html =~ "Save"
end
test "shows translated flash message after creating a member in German", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = Plug.Test.init_test_session(conn, locale: "de")
{:ok, form_view, _html} = live(conn, "/members/new")
form_data = %{
"member[first_name]" => "Max",
"member[last_name]" => "Mustermann",
"member[email]" => "max@example.com"
}
# Submit form and follow the redirect to get the flash message
{:ok, index_view, _html} =
form_view
|> form("#member-form", form_data)
|> render_submit()
|> follow_redirect(conn, "/members")
assert has_element?(index_view, "#flash-group", "Mitglied erstellt erfolgreich")
end
test "shows translated flash message after creating a member in English", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = Plug.Test.init_test_session(conn, locale: "en")
{:ok, form_view, _html} = live(conn, "/members/new")
form_data = %{
"member[first_name]" => "Max",
"member[last_name]" => "Mustermann",
"member[email]" => "max@example.com"
}
# Submit form and follow the redirect to get the flash message
{:ok, index_view, _html} =
form_view
|> form("#member-form", form_data)
|> render_submit()
|> follow_redirect(conn, "/members")
assert has_element?(index_view, "#flash-group", "Member create successfully")
end
end

284
test/unit/mv_web/user_live/form_test.exs Normal file
View file

@ -0,0 +1,284 @@
defmodule MvWeb.UserLive.FormTest do
use MvWeb.ConnCase, async: true
import Phoenix.LiveViewTest
# Helper to setup authenticated connection and live view
defp setup_live_view(conn, path) do
conn = conn_with_oidc_user(conn, %{email: "admin@example.com"})
live(conn, path)
end
describe "new user form - display" do
test "shows correct form elements", %{conn: conn} do
{:ok, view, html} = setup_live_view(conn, "/users/new")
assert html =~ "New User"
assert html =~ "Email"
assert html =~ "Set Password"
assert has_element?(view, "form#user-form[phx-submit='save']")
assert has_element?(view, "input[name='user[email]']")
assert has_element?(view, "input[type='checkbox'][name='set_password']")
end
test "hides password fields initially", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
refute has_element?(view, "input[name='user[password]']")
refute has_element?(view, "input[name='user[password_confirmation]']")
end
test "shows password fields when checkbox toggled", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
view |> element("input[name='set_password']") |> render_click()
assert has_element?(view, "input[name='user[password]']")
assert has_element?(view, "input[name='user[password_confirmation]']")
assert render(view) =~ "Password requirements"
end
end
describe "new user form - creation" do
test "creates user without password", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
view
|> form("#user-form", user: %{email: "newuser@example.com"})
|> render_submit()
assert_redirected(view, "/users")
end
test "creates user with password when enabled", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
view |> element("input[name='set_password']") |> render_click()
view
|> form("#user-form",
user: %{
email: "passworduser@example.com",
password: "securepassword123",
password_confirmation: "securepassword123"
}
)
|> render_submit()
assert_redirected(view, "/users")
end
test "stores user data correctly", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
view
|> form("#user-form", user: %{email: "storetest@example.com"})
|> render_submit()
user =
Ash.get!(
Mv.Accounts.User,
[email: Ash.CiString.new("storetest@example.com")],
domain: Mv.Accounts
)
assert to_string(user.email) == "storetest@example.com"
assert is_nil(user.hashed_password)
end
test "stores password when provided", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
view |> element("input[name='set_password']") |> render_click()
view
|> form("#user-form",
user: %{
email: "passwordstoretest@example.com",
password: "securepassword123",
password_confirmation: "securepassword123"
}
)
|> render_submit()
user =
Ash.get!(
Mv.Accounts.User,
[email: Ash.CiString.new("passwordstoretest@example.com")],
domain: Mv.Accounts
)
assert user.hashed_password != nil
assert String.starts_with?(user.hashed_password, "$2b$")
end
end
describe "new user form - validation" do
test "shows error for duplicate email", %{conn: conn} do
_existing_user = create_test_user(%{email: "existing@example.com"})
{:ok, view, _html} = setup_live_view(conn, "/users/new")
html =
view
|> form("#user-form", user: %{email: "existing@example.com"})
|> render_submit()
assert html =~ "has already been taken"
end
test "shows error for short password", %{conn: conn} do
{:ok, view, _html} = setup_live_view(conn, "/users/new")
view |> element("input[name='set_password']") |> render_click()
html =
view
|> form("#user-form",
user: %{
email: "test@example.com",
password: "123",
password_confirmation: "123"
}
)
|> render_submit()
assert html =~ "length must be greater than or equal to 8"
end
end
describe "edit user form - display" do
test "shows correct form elements for existing user", %{conn: conn} do
user = create_test_user(%{email: "editme@example.com"})
{:ok, view, html} = setup_live_view(conn, "/users/#{user.id}/edit")
assert html =~ "Edit User"
assert html =~ "Change Password"
assert has_element?(view, "input[name='user[email]'][value='editme@example.com']")
assert html =~ "Check 'Change Password' above to set a new password for this user"
end
test "shows admin password fields when enabled", %{conn: conn} do
user = create_test_user(%{email: "editme@example.com"})
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
view |> element("input[name='set_password']") |> render_click()
assert has_element?(view, "input[name='user[password]']")
refute has_element?(view, "input[name='user[password_confirmation]']")
assert render(view) =~ "Admin Note"
end
end
describe "edit user form - updates" do
test "updates email without changing password", %{conn: conn} do
user = create_test_user(%{email: "old@example.com"})
original_password = user.hashed_password
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
view
|> form("#user-form", user: %{email: "new@example.com"})
|> render_submit()
assert_redirected(view, "/users")
updated_user = Ash.reload!(user, domain: Mv.Accounts)
assert to_string(updated_user.email) == "new@example.com"
assert updated_user.hashed_password == original_password
end
test "admin sets new password for user", %{conn: conn} do
user = create_test_user(%{email: "user@example.com"})
original_password = user.hashed_password
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
view |> element("input[name='set_password']") |> render_click()
view
|> form("#user-form",
user: %{
email: "user@example.com",
password: "newadminpassword123"
}
)
|> render_submit()
assert_redirected(view, "/users")
updated_user = Ash.reload!(user, domain: Mv.Accounts)
assert updated_user.hashed_password != original_password
assert String.starts_with?(updated_user.hashed_password, "$2b$")
end
end
describe "edit user form - validation" do
test "shows error for duplicate email", %{conn: conn} do
_existing_user = create_test_user(%{email: "taken@example.com"})
user_to_edit = create_test_user(%{email: "original@example.com"})
{:ok, view, _html} = setup_live_view(conn, "/users/#{user_to_edit.id}/edit")
html =
view
|> form("#user-form", user: %{email: "taken@example.com"})
|> render_submit()
assert html =~ "has already been taken"
end
test "shows error for invalid password", %{conn: conn} do
user = create_test_user(%{email: "user@example.com"})
{:ok, view, _html} = setup_live_view(conn, "/users/#{user.id}/edit")
view |> element("input[name='set_password']") |> render_click()
result =
view
|> form("#user-form",
user: %{
email: "user@example.com",
password: "123"
}
)
|> render_submit()
case result do
{:error, {:live_redirect, %{to: "/users"}}} ->
flunk("Expected validation error but form was submitted successfully")
html when is_binary(html) ->
assert html =~ "must have length of at least 8"
end
end
end
describe "internationalization" do
test "shows German labels", %{conn: conn} do
conn = conn_with_oidc_user(conn, %{email: "admin_de@example.com"})
conn = Plug.Test.init_test_session(conn, locale: "de")
{:ok, _view, html} = live(conn, "/users/new")
assert html =~ "Neuer Benutzer"
assert html =~ "E-Mail"
assert html =~ "Passwort setzen"
end
test "shows English labels", %{conn: conn} do
conn = conn_with_oidc_user(conn, %{email: "admin_en@example.com"})
Gettext.put_locale(MvWeb.Gettext, "en")
{:ok, _view, html} = live(conn, "/users/new")
assert html =~ "New User"
assert html =~ "Email"
assert html =~ "Set Password"
end
test "shows different labels for edit vs new", %{conn: conn} do
user = create_test_user(%{email: "test@example.com"})
conn = conn_with_oidc_user(conn, %{email: "admin@example.com"})
{:ok, _view, new_html} = live(conn, "/users/new")
{:ok, _view, edit_html} = live(conn, "/users/#{user.id}/edit")
assert new_html =~ "Set Password"
assert edit_html =~ "Change Password"
end
end
end

412
test/unit/mv_web/user_live/index_test.exs Normal file
View file

@ -0,0 +1,412 @@
defmodule MvWeb.UserLive.IndexTest do
use MvWeb.ConnCase, async: true
import Phoenix.LiveViewTest
describe "basic functionality" do
test "shows translated title in German", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = Plug.Test.init_test_session(conn, locale: "de")
{:ok, _view, html} = live(conn, "/users")
assert html =~ "Benutzer auflisten"
end
test "shows translated title in English", %{conn: conn} do
conn = conn_with_oidc_user(conn)
Gettext.put_locale(MvWeb.Gettext, "en")
{:ok, _view, html} = live(conn, "/users")
assert html =~ "Listing Users"
end
test "shows New User button", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ "New User"
end
test "displays users in a table", %{conn: conn} do
# Create test users
_user1 = create_test_user(%{email: "alice@example.com", oidc_id: "alice123"})
_user2 = create_test_user(%{email: "bob@example.com", oidc_id: "bob456"})
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ "alice@example.com"
assert html =~ "bob@example.com"
assert html =~ "alice123"
assert html =~ "bob456"
end
test "shows correct action links", %{conn: conn} do
user = create_test_user(%{email: "test@example.com"})
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ "Edit"
assert html =~ "Delete"
assert html =~ ~r/href="[^"]*\/users\/#{user.id}\/edit"/
end
end
describe "sorting functionality" do
setup do
# Create users with different emails for sorting tests
user_a = create_test_user(%{email: "alpha@example.com", oidc_id: "alpha"})
user_z = create_test_user(%{email: "zulu@example.com", oidc_id: "zulu"})
user_m = create_test_user(%{email: "mike@example.com", oidc_id: "mike"})
%{users: [user_a, user_z, user_m]}
end
test "initially sorts by email ascending", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
# Should show ascending indicator (up arrow)
assert html =~ "hero-chevron-up"
assert html =~ ~s(aria-sort="ascending")
# Test actual sort order: alpha should appear before mike, mike before zulu
alpha_pos = html |> :binary.match("alpha@example.com") |> elem(0)
mike_pos = html |> :binary.match("mike@example.com") |> elem(0)
zulu_pos = html |> :binary.match("zulu@example.com") |> elem(0)
assert alpha_pos < mike_pos, "alpha@example.com should appear before mike@example.com"
assert mike_pos < zulu_pos, "mike@example.com should appear before zulu@example.com"
end
test "can sort email descending by clicking sort button", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Click on email sort button and get rendered result
html = view |> element("button[phx-value-field='email']") |> render_click()
# Should now show descending indicator (down arrow)
assert html =~ "hero-chevron-down"
assert html =~ ~s(aria-sort="descending")
# Test actual sort order reversed: zulu should now appear before mike, mike before alpha
alpha_pos = html |> :binary.match("alpha@example.com") |> elem(0)
mike_pos = html |> :binary.match("mike@example.com") |> elem(0)
zulu_pos = html |> :binary.match("zulu@example.com") |> elem(0)
assert zulu_pos < mike_pos,
"zulu@example.com should appear before mike@example.com when sorted desc"
assert mike_pos < alpha_pos,
"mike@example.com should appear before alpha@example.com when sorted desc"
end
test "toggles back to ascending when clicking sort button twice", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Click twice to toggle: asc -> desc -> asc
view |> element("button[phx-value-field='email']") |> render_click()
html = view |> element("button[phx-value-field='email']") |> render_click()
# Should be back to ascending
assert html =~ "hero-chevron-up"
assert html =~ ~s(aria-sort="ascending")
# Should be back to original ascending order
alpha_pos = html |> :binary.match("alpha@example.com") |> elem(0)
mike_pos = html |> :binary.match("mike@example.com") |> elem(0)
zulu_pos = html |> :binary.match("zulu@example.com") |> elem(0)
assert alpha_pos < mike_pos, "Should be back to ascending: alpha before mike"
assert mike_pos < zulu_pos, "Should be back to ascending: mike before zulu"
end
test "shows sort direction icons", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Initially ascending - should show up arrow
html = render(view)
assert html =~ "hero-chevron-up"
# After clicking, should show down arrow
view |> element("button[phx-value-field='email']") |> render_click()
html = render(view)
assert html =~ "hero-chevron-down"
end
end
describe "checkbox selection functionality" do
setup do
user1 = create_test_user(%{email: "user1@example.com", oidc_id: "user1"})
user2 = create_test_user(%{email: "user2@example.com", oidc_id: "user2"})
%{users: [user1, user2]}
end
test "shows select all checkbox", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ ~s(name="select_all")
assert html =~ ~s(phx-click="select_all")
end
test "shows individual user checkboxes", %{conn: conn, users: [user1, user2]} do
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ ~s(name="#{user1.id}")
assert html =~ ~s(name="#{user2.id}")
assert html =~ ~s(phx-click="select_user")
end
test "can select individual users", %{conn: conn, users: [user1, user2]} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Initially, individual checkboxes should exist but not be checked
assert view |> element("input[type='checkbox'][name='#{user1.id}']") |> has_element?()
assert view |> element("input[type='checkbox'][name='#{user2.id}']") |> has_element?()
# Initially, select_all should not be checked (since no individual items are selected)
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Select first user checkbox
html = view |> element("input[type='checkbox'][name='#{user1.id}']") |> render_click()
# The select_all checkbox should still not be checked (not all users selected)
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Page should still function normally
assert html =~ "Email"
assert html =~ to_string(user1.email)
end
test "can deselect individual users", %{conn: conn, users: [user1, _user2]} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Select user first
view |> element("input[type='checkbox'][name='#{user1.id}']") |> render_click()
# Then deselect user
html = view |> element("input[type='checkbox'][name='#{user1.id}']") |> render_click()
# Select all should not be checked after deselecting individual user
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Page should still function normally
assert html =~ "Email"
assert html =~ to_string(user1.email)
end
test "select all functionality selects all users", %{conn: conn, users: [user1, user2]} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Initially no checkboxes should be checked
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
refute view
|> element("input[type='checkbox'][name='#{user1.id}'][checked]")
|> has_element?()
refute view
|> element("input[type='checkbox'][name='#{user2.id}'][checked]")
|> has_element?()
# Click select all
html = view |> element("input[type='checkbox'][name='select_all']") |> render_click()
# After selecting all, the select_all checkbox should be checked
assert view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Page should still function normally and show all users
assert html =~ "Email"
assert html =~ to_string(user1.email)
assert html =~ to_string(user2.email)
end
test "deselect all functionality deselects all users", %{conn: conn, users: [user1, user2]} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Select all first
view |> element("input[type='checkbox'][name='select_all']") |> render_click()
# Verify that select_all is checked
assert view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Then deselect all
html = view |> element("input[type='checkbox'][name='select_all']") |> render_click()
# After deselecting all, no checkboxes should be checked
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
refute view
|> element("input[type='checkbox'][name='#{user1.id}'][checked]")
|> has_element?()
refute view
|> element("input[type='checkbox'][name='#{user2.id}'][checked]")
|> has_element?()
# Page should still function normally
assert html =~ "Email"
assert html =~ to_string(user1.email)
assert html =~ to_string(user2.email)
end
test "select all automatically checks when all individual users are selected", %{
conn: conn,
users: [user1, user2]
} do
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Initially nothing should be checked
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Select first user
view |> element("input[type='checkbox'][name='#{user1.id}']") |> render_click()
# Select all should still not be checked (only 1 of 2+ users selected)
refute view
|> element("input[type='checkbox'][name='select_all'][checked]")
|> has_element?()
# Select second user
html = view |> element("input[type='checkbox'][name='#{user2.id}']") |> render_click()
# Now select all should be automatically checked (all individual users are selected)
# Note: This test might need adjustment based on actual implementation
# The logic depends on whether authenticated user is included in the count
assert html =~ "Email"
assert html =~ to_string(user1.email)
assert html =~ to_string(user2.email)
end
end
describe "delete functionality" do
test "can delete a user", %{conn: conn} do
_user = create_test_user(%{email: "delete-me@example.com"})
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# Confirm user is displayed
assert render(view) =~ "delete-me@example.com"
# Click the first delete button to test the functionality
view |> element("tbody tr:first-child a[data-confirm]") |> render_click()
# The page should still render (basic functionality test)
html = render(view)
# Table header should still be there
assert html =~ "Email"
end
test "shows delete confirmation", %{conn: conn} do
_user = create_test_user(%{email: "confirm-delete@example.com"})
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
# Check that delete link has confirmation attribute
assert html =~ ~s(data-confirm="Are you sure?")
end
end
describe "navigation" do
test "clicking on user row navigates to user show page", %{conn: conn} do
user = create_test_user(%{email: "navigate@example.com"})
conn = conn_with_oidc_user(conn)
{:ok, view, _html} = live(conn, "/users")
# This test would need to check row click behavior
# The actual navigation would happen via JavaScript
html = render(view)
assert html =~ ~s(/users/#{user.id})
end
test "edit link points to correct edit page", %{conn: conn} do
user = create_test_user(%{email: "edit-me@example.com"})
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ ~s(/users/#{user.id}/edit)
end
test "new user button points to correct new page", %{conn: conn} do
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ ~s(/users/new)
end
end
describe "translations" do
test "shows German translations for selection", %{conn: conn} do
conn = conn_with_oidc_user(conn)
conn = Plug.Test.init_test_session(conn, locale: "de")
{:ok, _view, html} = live(conn, "/users")
assert html =~ "Alle Benutzer auswählen"
assert html =~ "Benutzer auswählen"
end
test "shows English translations for selection", %{conn: conn} do
conn = conn_with_oidc_user(conn)
Gettext.put_locale(MvWeb.Gettext, "en")
{:ok, _view, html} = live(conn, "/users")
# Note: English translations might be empty strings by default
# This test would verify the structure is there
# Checking that aria-label attributes exist
assert html =~ ~s(aria-label=)
end
end
describe "edge cases" do
test "handles empty user list gracefully", %{conn: conn} do
# Don't create any users besides the authenticated one
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
# Should still show the table structure
assert html =~ "Email"
assert html =~ "OIDC ID"
# Should show the authenticated user at minimum
assert html =~ "user@example.com"
end
test "handles users with missing OIDC ID", %{conn: conn} do
_user = create_test_user(%{email: "no-oidc@example.com", oidc_id: nil})
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ "no-oidc@example.com"
# Should handle nil OIDC ID gracefully
end
test "handles very long email addresses", %{conn: conn} do
long_email = "very.long.email.address.that.might.break.layouts@example.com"
_user = create_test_user(%{email: long_email})
conn = conn_with_oidc_user(conn)
{:ok, _view, html} = live(conn, "/users")
assert html =~ long_email
end
end
end