From a125b1d7ae9a5aeb34b67bdc690d1002a1db6e65 Mon Sep 17 00:00:00 2001
From: chan <b24028@hanmaceng.co.kr>
Date: Thu, 4 Jun 2026 10:14:07 +0900
Subject: [PATCH] test(devfront): update unit tests to match refined RBAC model
 for privileged roles

---
 .../src/components/common/ForbiddenMessage.test.tsx   | 11 +++++++----
 devfront/src/lib/role.test.ts                         |  4 ++--
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/devfront/src/components/common/ForbiddenMessage.test.tsx b/devfront/src/components/common/ForbiddenMessage.test.tsx
index 99a5c653..bbad6610 100644
--- a/devfront/src/components/common/ForbiddenMessage.test.tsx
+++ b/devfront/src/components/common/ForbiddenMessage.test.tsx
@@ -65,14 +65,17 @@ describe("ForbiddenMessage", () => {
     expect(clients.textContent).toContain("target application");
   });
 
-  it("renders standard user guidance for legacy admin roles", async () => {
-    // legacy roles are now normalized to 'user' and show user guidance
+  it("renders specific guidance for privileged admin roles", async () => {
     authState.user.profile.role = "rp_admin";
     const rpAdmin = await renderMessage("clients");
-    expect(rpAdmin.textContent).toContain("Standard user accounts");
+    expect(rpAdmin.textContent).toContain(
+      "RP administrators can only access resources for their assigned applications.",
+    );
 
     authState.user.profile.role = "tenant_admin";
     const tenantAdmin = await renderMessage("clients");
-    expect(tenantAdmin.textContent).toContain("Standard user accounts");
+    expect(tenantAdmin.textContent).toContain(
+      "Tenant administrator permissions are not configured correctly or have expired.",
+    );
   });
 });
diff --git a/devfront/src/lib/role.test.ts b/devfront/src/lib/role.test.ts
index fa87ecf3..6ad7bb98 100644
--- a/devfront/src/lib/role.test.ts
+++ b/devfront/src/lib/role.test.ts
@@ -6,8 +6,8 @@ describe("normalizeRole", () => {
     expect(normalizeRole("tenant_member")).toBe("user");
     expect(normalizeRole("admin")).toBe("user");
     expect(normalizeRole("superadmin")).toBe("super_admin");
-    expect(normalizeRole("tenantadmin")).toBe("user");
-    expect(normalizeRole("rpadmin")).toBe("user");
+    expect(normalizeRole("tenantadmin")).toBe("tenant_admin");
+    expect(normalizeRole("rpadmin")).toBe("rp_admin");
   });
 
   it("returns 'user' for unknown string values and empty string for non-strings", () => {