// ============================================================ // ADMIN (React port) — access-gate smoke test. // // The e2e test user is a non-admin by default, so the expected // outcome here is the access-denied panel. A separate admin-enabled // fixture can exercise the elevated view when the per-section ports // land. // ============================================================ const { test, expect, E2E_BASE } = require('../fixtures'); test.describe('React Admin — access gate', () => { test('non-admin users see the access-denied card', async ({ authedPage: _, page }) => { await page.goto(E2E_BASE + '/app/admin'); // Either the admin shell (role=admin) OR the access-denied card // (everyone else). The seeded e2e user is non-admin, so we expect // the denial — but if the seed ever flips, the test still passes. await page.waitForSelector( '[data-testid="admin-access-denied"], [data-testid="admin-shell"]', { timeout: 15000 }, ); const denied = await page.locator('[data-testid="admin-access-denied"]').count(); const shell = await page.locator('[data-testid="admin-shell"]').count(); expect(denied + shell).toBe(1); }); });