baron-sso/adminfront/tests/users_bulk_uuid.spec.ts

import { expect, test } from "@playwright/test";

test.describe("Users Bulk Upload UUID Import Policy", () => {
  test.beforeEach(async ({ page }) => {
    await page.addInitScript(() => {
      window.localStorage.setItem("locale", "ko");
      window.localStorage.setItem("admin_session", "fake-token");
      (
        window as Window & typeof globalThis & { _IS_TEST_MODE?: boolean }
      )._IS_TEST_MODE = true;

      const authority = "http://localhost:5000/oidc";
      const client_id = "adminfront";
      const key = `oidc.user:${authority}:${client_id}`;
      const authData = {
        access_token: "fake-token",
        token_type: "Bearer",
        profile: { sub: "admin-user", name: "Admin", role: "super_admin" },
        expires_at: Math.floor(Date.now() / 1000) + 36000,
      };
      window.localStorage.setItem(key, JSON.stringify(authData));
    });

    await page.route("**/api/v1/**", async (route) => {
      const url = route.request().url();
      const headers = { "Access-Control-Allow-Origin": "*" };

      if (url.includes("/user/me")) {
        return route.fulfill({
          json: {
            id: "admin-user",
            name: "Admin",
            role: "super_admin",
            manageableTenants: [],
          },
          headers,
        });
      }
      if (url.includes("/admin/users") && !url.includes("/bulk")) {
        return route.fulfill({
          json: { items: [], total: 0, limit: 50, offset: 0 },
          headers,
        });
      }
      if (url.includes("/admin/tenants")) {
        return route.fulfill({
          json: { items: [], total: 0, limit: 100, offset: 0 },
          headers,
        });
      }
      return route.fulfill({ json: { items: [], total: 0 }, headers });
    });

    await page.route("**/oidc/**", async (route) => {
      await route.fulfill({ json: { issuer: "http://localhost:5000/oidc" } });
    });
  });

  test("should not include exported user_id or uuid in bulk upload payload", async ({
    page,
  }) => {
    let bulkPayload = "";
    const testUuid = "550e8400-e29b-41d4-a716-446655440000";

    await page.route("**/api/v1/admin/users/bulk", async (route) => {
      bulkPayload = route.request().postData() ?? "";
      return route.fulfill({
        json: {
          results: [
            { email: "uuid@test.com", success: true, userId: "kratos-id" },
          ],
        },
        headers: { "Access-Control-Allow-Origin": "*" },
      });
    });

    await page.goto("/users");
    await page.getByTestId("user-data-mgmt-btn").click();
    await page
      .getByRole("menuitem", { name: /일괄 임포트|Bulk Import/i })
      .click();

    await page.locator('input[type="file"]').setInputFiles({
      name: "users_uuid.csv",
      mimeType: "text/csv",
      buffer: Buffer.from(
        `user_id,email,name,uuid\n${testUuid},uuid@test.com,UUID User,${testUuid}\n`,
      ),
    });

    await page.getByTestId("bulk-start-btn").click();
    await expect(page.getByText("uuid@test.com")).toBeVisible();

    const payload = JSON.parse(bulkPayload);
    expect(payload.users[0]).not.toHaveProperty("userId");
    expect(payload.users[0]).not.toHaveProperty("uuid");
    expect(payload.users[0]).not.toHaveProperty("id");
  });

  test("should treat id column as login id, not UUID import", async ({
    page,
  }) => {
    let bulkPayload = "";
    const testUuid = "550e8400-e29b-41d4-a716-446655440001";

    await page.route("**/api/v1/admin/users/bulk", async (route) => {
      bulkPayload = route.request().postData() ?? "";
      return route.fulfill({
        json: {
          results: [
            { email: "id-uuid@test.com", success: true, userId: "kratos-id" },
          ],
        },
        headers: { "Access-Control-Allow-Origin": "*" },
      });
    });

    await page.goto("/users");
    await page.getByTestId("user-data-mgmt-btn").click();
    await page
      .getByRole("menuitem", { name: /일괄 임포트|Bulk Import/i })
      .click();

    await page.locator('input[type="file"]').setInputFiles({
      name: "users_id.csv",
      mimeType: "text/csv",
      buffer: Buffer.from(
        `email,name,id\nid-uuid@test.com,ID UUID User,${testUuid}\n`,
      ),
    });

    await page.getByTestId("bulk-start-btn").click();

    const payload = JSON.parse(bulkPayload);
    expect(payload.users[0]).not.toHaveProperty("uuid");
    expect(payload.users[0].loginId).toBe(testUuid);
    expect(payload.users[0].metadata.naverworks_id).toBe(testUuid);
  });
});