개요/감사로그 개발자 권한 신청 E2E 추가

2026-05-29 10:30:39 +09:00
parent 2c93bd8dfb
commit 0f06fbc901
2 changed files with 119 additions and 3 deletions
--- a/devfront/tests/devfront-security.spec.ts
+++ b/devfront/tests/devfront-security.spec.ts
@@ -137,4 +137,82 @@ test.describe("DevFront security and isolation", () => {
      page.getByText(/테넌트 관리자 권한|Tenant administrator permissions/i),
    ).toBeVisible();
  });
+
+  test("user sees audit log access CTA when access is blocked", async ({
+    page,
+  }, testInfo) => {
+    await seedAuth(page, "user");
+
+    const state = {
+      clients: [] as ReturnType<typeof makeClient>[],
+      consents: [] as Consent[],
+      auditLogsByCursor: undefined,
+      developerRequests: [],
+    };
+    await installDevApiMock(page, state);
+
+    await page.goto("/audit-logs");
+    await expect(page.getByRole("heading", { name: /감사 로그|Audit Logs/ })).toBeVisible();
+    await expect(
+      page.getByText(/감사 로그는 개발자 권한이 있어야 볼 수 있습니다|Audit logs are available only to users with developer access/i),
+    ).toBeVisible();
+    const requestBtn = page.getByRole("button", {
+      name: /개발자 권한 신청/,
+    });
+    await expect(requestBtn).toBeVisible();
+    await requestBtn.click();
+    await expect(page).toHaveURL(/\/developer-requests$/);
+    await captureEvidence(page, testInfo, "security-user-audit-request-entry");
+  });
+
+  test("user with approved developer request can enter audit logs without CTA", async ({
+    page,
+  }, testInfo) => {
+    await seedAuth(page, "user");
+
+    const state = {
+      clients: [] as ReturnType<typeof makeClient>[],
+      consents: [] as Consent[],
+      auditLogs: [
+        {
+          event_id: "evt-audit-1",
+          timestamp: "2026-05-29T00:00:00.000Z",
+          user_id: "playwright-user",
+          event_type: "CLIENT_UPDATE",
+          status: "success" as const,
+          ip_address: "127.0.0.1",
+          user_agent: "playwright",
+          details: JSON.stringify({
+            action: "UPDATE_CLIENT",
+            target_id: "tenant-a-client",
+            tenant_id: "tenant-a",
+          }),
+        },
+      ],
+      auditLogsByCursor: undefined,
+      developerRequests: [
+        {
+          id: "req-approved",
+          userId: "playwright-user",
+          userName: "Playwright User",
+          name: "Playwright User",
+          userEmail: "playwright@example.com",
+          organization: "Tenant A",
+          reason: "Need access",
+          status: "approved",
+          createdAt: "2026-05-29T00:00:00.000Z",
+          updatedAt: "2026-05-29T00:10:00.000Z",
+          approvedAt: "2026-05-29T00:10:00.000Z",
+        },
+      ],
+    };
+    await installDevApiMock(page, state);
+
+    await page.goto("/audit-logs");
+    await expect(page.getByText("UPDATE_CLIENT")).toBeVisible();
+    await expect(
+      page.getByRole("button", { name: /개발자 권한 신청/ }),
+    ).toHaveCount(0);
+    await captureEvidence(page, testInfo, "security-user-audit-approved");
+  });
 });