Files
mic-check/tests/api/MicCheck.Api.Tests.Integration/Flags/FlagsApiAuthorizationTests.cs
James Wampler 8fc0ebb724 Add integration + Playwright smoke suite for post-deploy QA validation
Existing coverage was one integration test and zero e2e tests. Adds the thin,
high-value integration/e2e layer unit tests can't reach (real Postgres wire
contract, real browser flows) and wires it as a post-deploy smoke gate.

- Seed a deterministic dev/QA admin user and fixed Development env key so
  HTTP-only tests can authenticate without per-run registration.
- Expand the API integration suite: disabled-flag, unauthorized access,
  environment-document bootstrap, identity-override precedence, and auth
  login scenarios, reusing the existing black-box HTTP+Npgsql harness.
- Add a Playwright suite for the admin SPA: login, nav, project/environment
  context selection, and feature create/toggle, against the real API.
- Bind QA Postgres to 127.0.0.1 for direct seeding, add smoke-qa.sh and an
  ensure_node() bootstrap (the qa runner has no Node today), and wire a new
  smoke-qa CI job after deploy-qa.
2026-07-04 17:57:50 -07:00

58 lines
1.8 KiB
C#

using MicCheck.Api.Tests.Integration.Common;
using NUnit.Framework;
namespace MicCheck.Api.Tests.Integration.Flags;
[TestFixture]
public class FlagsApiAuthorizationTests
{
private IntegrationTestSettings settings = null!;
private FlagApiHttpClient client = null!;
[OneTimeSetUp]
public void OneTimeSetUp()
{
settings = IntegrationTestSettings.Load();
client = new FlagApiHttpClient(settings);
}
[OneTimeTearDown]
public void OneTimeTearDown() => client.Dispose();
[Test]
public async Task WhenNoEnvironmentKeyIsProvided_ThenTheFlagsApiReturnsUnauthorized()
{
using var response = await client.SendAsync(
httpFile: "Flags.http",
requestName: "GetFlags",
variables: new Dictionary<string, string>
{
["baseUrl"] = settings.BaseUrl,
["environmentKey"] = string.Empty
});
Assert.That(
(int)response.StatusCode,
Is.EqualTo(401),
$"Expected 401 for a missing environment key, got {(int)response.StatusCode} {response.ReasonPhrase}.");
}
[Test]
public async Task WhenAnUnknownEnvironmentKeyIsProvided_ThenTheFlagsApiReturnsUnauthorized()
{
using var response = await client.SendAsync(
httpFile: "Flags.http",
requestName: "GetFlags",
variables: new Dictionary<string, string>
{
["baseUrl"] = settings.BaseUrl,
["environmentKey"] = $"unknown_{Guid.NewGuid():N}"
});
Assert.That(
(int)response.StatusCode,
Is.EqualTo(401),
$"Expected 401 for an unrecognized environment key, got {(int)response.StatusCode} {response.ReasonPhrase}.");
}
}