역할 전환 E2E 및 권한 안내 검증 테스트 추가

2026-03-04 13:09:41 +09:00
parent 9946108313
commit e2d3e389f3
5 changed files with 207 additions and 27 deletions
--- a/devfront/tests/devfront-security.spec.ts
+++ b/devfront/tests/devfront-security.spec.ts
@@ -1,9 +1,9 @@
 import { expect, test } from "@playwright/test";
 import {
+  type Consent,
  installDevApiMock,
  makeClient,
  seedAuth,
-  type Consent,
 } from "./helpers/devfront-fixtures";

 test.describe("DevFront security and isolation", () => {
@@ -47,4 +47,14 @@ test.describe("DevFront security and isolation", () => {
    await expect(page.getByText("PKCE only app")).toBeVisible();
    await expect(page.getByText("Server side App")).not.toBeVisible();
  });
+
+  test("tenant_member user is blocked at AuthGuard", async ({ page }) => {
+    await seedAuth(page, "tenant_member");
+
+    await page.goto("/clients");
+    await expect(
+      page.getByText(/DevFront는 관리자 전용 화면입니다|administrator access/i),
+    ).toBeVisible();
+    await expect(page).toHaveURL(/\/clients$/);
+  });
 });