packages/app-tests/e2e/user/auth-flow.spec.ts

import { type Page, expect, test } from '@playwright/test';

import {
  extractUserVerificationToken,
  seedTestEmail,
  seedUser,
} from '@documenso/prisma/seed/users';

test.use({ storageState: { cookies: [], origins: [] } });

test('[USER] can sign up with email and password', async ({ page }: { page: Page }) => {
  const username = 'Test User';
  const email = seedTestEmail();
  const password = 'Password123#';

  await page.goto('/signup');
  await page.getByLabel('Name').fill(username);
  await page.getByLabel('Email').fill(email);
  await page.getByLabel('Password', { exact: true }).fill(password);

  const canvas = page.locator('canvas').first();
  const box = await canvas.boundingBox();
  if (box) {
    await page.mouse.move(box.x + 40, box.y + 40);
    await page.mouse.down();
    await page.mouse.move(box.x + box.width - 2, box.y + box.height - 2);
    await page.mouse.up();
  }

  await page.getByRole('button', { name: 'Next', exact: true }).click();
  await page.getByLabel('Public profile username').fill(Date.now().toString());

  await page.getByRole('button', { name: 'Complete', exact: true }).click();

  await page.waitForURL('/unverified-account');

  const { token } = await extractUserVerificationToken(email);

  await page.goto(`/verify-email/${token}`);

  await expect(page.getByRole('heading')).toContainText('Email Confirmed!');

  // We now automatically redirect to the home page
  // await page.getByRole('link', { name: 'Go back home' }).click();

  await page.waitForURL('/documents');

  await expect(page).toHaveURL('/documents');
});

test('[USER] can sign in using email and password', async ({ page }: { page: Page }) => {
  const user = await seedUser();

  await page.goto('/signin');
  await page.getByLabel('Email').fill(user.email);
  await page.getByLabel('Password', { exact: true }).fill('password');
  await page.getByRole('button', { name: 'Sign In' }).click();

  await page.waitForURL('/documents');
  await expect(page).toHaveURL('/documents');
});
feat: add playwright 2023-10-03 09:53:47 +01:00			`import { type Page, expect, test } from '@playwright/test';`

fix: e2e tests 2024-02-22 22:58:51 +11:00			`import {`
			`extractUserVerificationToken,`
fix: refactor tests (#1066) ## Changes Made - Refactor/optimise tests - Reduce flakiness - Add parallel tests (if there's enough CPU capacity) - Removed explicit worker count when running parallel tests. Defaults to 50% of CPU capacity. Might want to consider sharding the test across runners in the future as our tests grows. 2024-04-03 17:13:35 +08:00			`seedTestEmail,`
fix: e2e tests 2024-02-22 22:58:51 +11:00			`seedUser,`
			`} from '@documenso/prisma/seed/users';`
feat: add playwright 2023-10-03 09:53:47 +01:00
			`test.use({ storageState: { cookies: [], origins: [] } });`

fix: refactor tests (#1066) ## Changes Made - Refactor/optimise tests - Reduce flakiness - Add parallel tests (if there's enough CPU capacity) - Removed explicit worker count when running parallel tests. Defaults to 50% of CPU capacity. Might want to consider sharding the test across runners in the future as our tests grows. 2024-04-03 17:13:35 +08:00			`test('[USER] can sign up with email and password', async ({ page }: { page: Page }) => {`
fix: e2e tests 2024-02-22 22:58:51 +11:00			`const username = 'Test User';`
fix: refactor tests (#1066) ## Changes Made - Refactor/optimise tests - Reduce flakiness - Add parallel tests (if there's enough CPU capacity) - Removed explicit worker count when running parallel tests. Defaults to 50% of CPU capacity. Might want to consider sharding the test across runners in the future as our tests grows. 2024-04-03 17:13:35 +08:00			`const email = seedTestEmail();`
fix: e2e tests 2024-02-22 22:58:51 +11:00			`const password = 'Password123#';`

feat: add playwright 2023-10-03 09:53:47 +01:00			`await page.goto('/signup');`
			`await page.getByLabel('Name').fill(username);`
			`await page.getByLabel('Email').fill(email);`
			`await page.getByLabel('Password', { exact: true }).fill(password);`

feat: add global settings for teams (#1391) ## Description This PR introduces global settings for teams. At the moment, it allows team admins to configure the following: * The default visibility of the documents uploaded to the team account * Whether to include the document owner (sender) details when sending emails to the recipients. ### Include Sender Details If the Sender Details setting is enabled, the emails sent by the team will include the sender's name: > "Example User" on behalf of "Example Team" has invited you to sign "document.pdf" Otherwise, the email will say: > "Example Team" has invited you to sign "document.pdf" ### Default Document Visibility This new option allows users to set the default visibility for the documents uploaded to the team account. It can have the following values: * Everyone * Manager and above * Admins only If the default document visibility isn't set, the document will be set to the role of the user who created the document: * If a user with the "User" role creates a document, the document's visibility is set to "Everyone". * Manager role -> "Manager and above" * Admin role -> "Admins only" Otherwise, if there is a default document visibility value, it uses that value. #### Gotcha To avoid issues, the `document owner` and the `recipient` can access the document irrespective of their role. For example: * If a team member with the role "Member" uploads a document and the default document visibility is "Admins", only the document owner and admins can access the document. * Similar to the other scenarios. * If an admin uploads a document and the default document visibility is "Admins", the recipient can access the document. * The admins have access to all the documents. * Managers have access to documents with the visibility set to "Everyone" and "Manager and above" * Members have access only to the documents with the visibility set to "Everyone". ## Testing Performed Tested it locally. 2024-11-08 13:50:49 +02:00			`const canvas = page.locator('canvas').first();`
feat: add playwright 2023-10-03 09:53:47 +01:00			`const box = await canvas.boundingBox();`
			`if (box) {`
fix: prevent accidental signatures (#1515) ![CleanShot 2024-12-06 at 03 30 39](https://github.com/user-attachments/assets/d47dc820-f19d-43b7-a60d-914fc9ab24b8) ![CleanShot 2024-12-06 at 03 32 34](https://github.com/user-attachments/assets/0db98735-8c91-469b-873c-adb19d0fff7b) 2024-12-08 03:17:58 +00:00			`await page.mouse.move(box.x + 40, box.y + 40);`
feat: add playwright 2023-10-03 09:53:47 +01:00			`await page.mouse.down();`
fix: prevent accidental signatures (#1515) ![CleanShot 2024-12-06 at 03 30 39](https://github.com/user-attachments/assets/d47dc820-f19d-43b7-a60d-914fc9ab24b8) ![CleanShot 2024-12-06 at 03 32 34](https://github.com/user-attachments/assets/0db98735-8c91-469b-873c-adb19d0fff7b) 2024-12-08 03:17:58 +00:00			`await page.mouse.move(box.x + box.width - 2, box.y + box.height - 2);`
feat: add playwright 2023-10-03 09:53:47 +01:00			`await page.mouse.up();`
			`}`

fix: update e2e tests 2024-02-29 15:19:38 +11:00			`await page.getByRole('button', { name: 'Next', exact: true }).click();`
fix: enforce 2FA for email password SSO linked accounts (#1072) ## Description Fixed issue where accounts that were initially created via email/password, then linked to an SSO account, can bypass the 2FA during login if they use their email password. ## Testing Performed Tested locally, and 2FA is now required for linked SSO accounts 2024-04-03 15:18:36 +08:00			`await page.getByLabel('Public profile username').fill(Date.now().toString());`
fix: update e2e test 2024-02-29 14:26:37 +11:00
			`await page.getByRole('button', { name: 'Complete', exact: true }).click();`
fix: e2e tests 2024-02-22 22:58:51 +11:00
			`await page.waitForURL('/unverified-account');`

			`const { token } = await extractUserVerificationToken(email);`

			await page.goto(`/verify-email/${token}`);

			`await expect(page.getByRole('heading')).toContainText('Email Confirmed!');`

fix: make invite and confirmations long lived (#1309) Previously we would delete all invites and confirmation tokens upon completing the action that they represent. This change instead adds a flag on each token indicating whether it has been completed so we can action a completed token differently in the UI to reduce confusion for users. This had been brought up a number of times where confirmation emails, team member invites and other items may have been actioned and forgotten about causing an error toast/page upon subsequent revisit. 2024-08-28 14:08:35 +10:00			`// We now automatically redirect to the home page`
			`// await page.getByRole('link', { name: 'Go back home' }).click();`
fix: e2e tests 2024-02-22 22:58:51 +11:00
feat: add playwright 2023-10-03 09:53:47 +01:00			`await page.waitForURL('/documents');`

			`await expect(page).toHaveURL('/documents');`
			`});`

fix: refactor tests (#1066) ## Changes Made - Refactor/optimise tests - Reduce flakiness - Add parallel tests (if there's enough CPU capacity) - Removed explicit worker count when running parallel tests. Defaults to 50% of CPU capacity. Might want to consider sharding the test across runners in the future as our tests grows. 2024-04-03 17:13:35 +08:00			`test('[USER] can sign in using email and password', async ({ page }: { page: Page }) => {`
fix: e2e tests 2024-02-22 22:58:51 +11:00			`const user = await seedUser();`

feat: add playwright 2023-10-03 09:53:47 +01:00			`await page.goto('/signin');`
fix: e2e tests 2024-02-22 22:58:51 +11:00			`await page.getByLabel('Email').fill(user.email);`
			`await page.getByLabel('Password', { exact: true }).fill('password');`
feat: add playwright 2023-10-03 09:53:47 +01:00			`await page.getByRole('button', { name: 'Sign In' }).click();`

			`await page.waitForURL('/documents');`
			`await expect(page).toHaveURL('/documents');`
			`});`