flyer-crawler.projectium.com/src/tests/e2e/admin-dashboard.e2e.test.ts

// src/tests/e2e/admin-dashboard.e2e.test.ts
import { describe, it, expect, afterAll } from 'vitest';
import supertest from 'supertest';
import { getPool } from '../../services/db/connection.db';
import { cleanupDb } from '../utils/cleanup';
import { getServerUrl } from '../setup/e2e-global-setup';

/**
 * @vitest-environment node
 */

describe('E2E Admin Dashboard Flow', () => {
  // Create a getter function that returns supertest instance with the app
  const getRequest = () => supertest(getServerUrl());

  // Use a unique email for every run to avoid collisions
  const uniqueId = Date.now();
  const adminEmail = `e2e-admin-${uniqueId}@example.com`;
  const adminPassword = 'StrongPassword123!';

  let authToken: string;
  let adminUserId: string | null = null;

  afterAll(async () => {
    // Safety cleanup: Ensure the user is deleted from the DB if the test fails mid-way.
    await cleanupDb({
      userIds: [adminUserId],
    });
  });

  it('should allow an admin to log in and access dashboard features', async () => {
    // 1. Register a new user (initially a regular user)
    const registerResponse = await getRequest()
      .post('/api/auth/register')
      .send({ email: adminEmail, password: adminPassword, full_name: 'E2E Admin User' });

    expect(registerResponse.status).toBe(201);
    const registeredUser = registerResponse.body.data.userprofile.user;
    adminUserId = registeredUser.user_id;
    expect(adminUserId).toBeDefined();

    // 2. Promote the user to 'admin' via direct DB access
    // (This simulates an existing admin or a manual promotion, as there is no public "register as admin" endpoint)
    await getPool().query(`UPDATE public.profiles SET role = 'admin' WHERE user_id = $1`, [
      adminUserId,
    ]);

    // 3. Login to get the access token (now with admin privileges)
    // We wait briefly to ensure the DB transaction is committed and visible to the API,
    // and to provide a buffer for any rate limits from previous tests.
    await new Promise((resolve) => setTimeout(resolve, 2000));

    const loginResponse = await getRequest()
      .post('/api/auth/login')
      .send({ email: adminEmail, password: adminPassword, rememberMe: false });

    expect(loginResponse.status).toBe(200);
    authToken = loginResponse.body.data.token;
    expect(authToken).toBeDefined();
    // Verify the role returned in the login response is now 'admin'
    expect(loginResponse.body.data.userprofile.role).toBe('admin');

    // 4. Fetch System Stats (Protected Admin Route)
    const statsResponse = await getRequest()
      .get('/admin/stats')
      .set('Authorization', `Bearer ${authToken}`);

    expect(statsResponse.status).toBe(200);
    expect(statsResponse.body.data).toHaveProperty('userCount');
    expect(statsResponse.body.data).toHaveProperty('flyerCount');

    // 5. Fetch User List (Protected Admin Route)
    const usersResponse = await getRequest()
      .get('/admin/users')
      .set('Authorization', `Bearer ${authToken}`);

    expect(usersResponse.status).toBe(200);
    expect(usersResponse.body.data).toHaveProperty('users');
    expect(usersResponse.body.data).toHaveProperty('total');
    expect(Array.isArray(usersResponse.body.data.users)).toBe(true);
    // The list should contain the admin user we just created
    const self = usersResponse.body.data.users.find((u: any) => u.user_id === adminUserId);
    expect(self).toBeDefined();

    // 6. Check Queue Status (Protected Admin Route)
    const queueResponse = await getRequest()
      .get('/admin/queues/status')
      .set('Authorization', `Bearer ${authToken}`);

    expect(queueResponse.status).toBe(200);
    expect(Array.isArray(queueResponse.body.data)).toBe(true);
    // Verify that the 'flyer-processing' queue is present in the status report
    const flyerQueue = queueResponse.body.data.find((q: any) => q.name === 'flyer-processing');
    expect(flyerQueue).toBeDefined();
    expect(flyerQueue.counts).toBeDefined();
  });
});