pediatric-ai-scribe-v3/e2e/tests/admin-react.spec.js
Daniel 22355e8cb2 feat(client): port Admin shell with role-gated sidebar entry
Last tab on the revamp roadmap. Ships /app/admin as a shell that
renders either an access-denied card or a legacy-viewer link
depending on me.user.role, plus a new Admin nav group in the
sidebar that is hidden entirely for non-admin users.

client/src/components/Layout.tsx
  NavItem gains an optional adminOnly flag. Layout now runs its own
  useQuery<MeOk>(['auth-me']) — the query key is already shared with
  Settings so the cache is reused across both. Nav groups whose
  items all filter out (in practice: the Admin group for non-admins)
  don't render their group header either, so the sidebar stays clean
  for regular users. 5-minute staleTime so the header doesn't hammer
  /me on every route change.

client/src/pages/Admin.tsx
  Same /me query + role check. Non-admins land on the
  admin-access-denied card; admins see the admin-shell with a link
  to the legacy admin viewer. Sub-sections (users, feature flags,
  OIDC, SMTP, AI prompts, model management, TTS/STT, email
  templates, announcement banner, site-wide saved encounters) stay
  in the vanilla admin page for now — each touches production state
  immediately on save, so each port needs its own deliberate commit
  with dedicated tests before shipping.

e2e/tests/admin-react.spec.js — one smoke test
  The seeded e2e user is non-admin, so the expected outcome is the
  access-denied card. Guard is written to accept either state so the
  test still passes if the seed ever flips to an admin.

With this commit the React sidebar covers the full legacy nav:
  • Encounters: Encounter HPI, Dictation HPI
  • Notes: Hospital Course, Chart Review, SOAP, Well Visit, Sick Visit
  • Clinical Tools: Vax Schedule, Catch-Up, PE Guide, Bedside,
    Calculators, Pagers & Extensions, Learning Hub
  • Account: Settings, FAQ
  • Admin: Admin Panel (role-gated)

Client tsc -b + vite build clean. Bundle 462.48 kB / 131.98 kB gz.
2026-04-24 00:03:02 +02:00

27 lines
1.2 KiB
JavaScript

// ============================================================
// ADMIN (React port) — access-gate smoke test.
//
// The e2e test user is a non-admin by default, so the expected
// outcome here is the access-denied panel. A separate admin-enabled
// fixture can exercise the elevated view when the per-section ports
// land.
// ============================================================
const { test, expect, E2E_BASE } = require('../fixtures');
test.describe('React Admin — access gate', () => {
test('non-admin users see the access-denied card', async ({ authedPage: _, page }) => {
await page.goto(E2E_BASE + '/app/admin');
// Either the admin shell (role=admin) OR the access-denied card
// (everyone else). The seeded e2e user is non-admin, so we expect
// the denial — but if the seed ever flips, the test still passes.
await page.waitForSelector(
'[data-testid="admin-access-denied"], [data-testid="admin-shell"]',
{ timeout: 15000 },
);
const denied = await page.locator('[data-testid="admin-access-denied"]').count();
const shell = await page.locator('[data-testid="admin-shell"]').count();
expect(denied + shell).toBe(1);
});
});