tests/e2e/smoke/30-audit-log.spec.ts

import { test, expect } from '@playwright/test';
import { login, PORT_SLUG } from './helpers';

test.describe('Audit log read view (Phase B)', () => {
  test.beforeEach(async ({ page }) => {
    await login(page, 'super_admin');
  });

  test('admin audit page renders search + entity + action filters', async ({ page }) => {
    // First-hit dev-mode compile of the upgraded route can exceed 30s.
    await page.goto(`/${PORT_SLUG}/admin/audit`, { timeout: 60_000 });
    await expect(page.getByRole('heading', { name: /audit log/i })).toBeVisible({
      timeout: 30_000,
    });
    await expect(page.getByTestId('audit-search')).toBeVisible({ timeout: 10_000 });
    await expect(page.getByTestId('audit-entity')).toBeVisible();
    await expect(page.getByTestId('audit-action')).toBeVisible();
    // Date filters render alongside.
    await expect(page.getByLabel(/^from$/i)).toBeVisible();
    await expect(page.getByLabel(/^to$/i)).toBeVisible();
  });

  test('audit API returns cursor-paginated rows with the new shape', async ({ page }) => {
    // Pull the port id from the admin/ports list so the audit request can
    // pass X-Port-Id (the audit endpoint scopes results to a single port).
    const portsRes = await page.request.get('/api/v1/admin/ports');
    const portsBody = (await portsRes.json()) as { data: Array<{ id: string }> };
    const portId = portsBody.data[0]?.id;
    expect(portId).toBeTruthy();

    const auditRes = await page.request.get(`/api/v1/admin/audit?limit=5`, {
      headers: { 'X-Port-Id': portId! },
      timeout: 60_000,
    });
    expect(auditRes.status()).toBe(200);
    const body = (await auditRes.json()) as {
      data: Array<{ action: string; entityType: string }>;
      pagination: { nextCursor: { createdAt: string; id: string } | null };
    };
    expect(Array.isArray(body.data)).toBe(true);
    expect(body.pagination).toHaveProperty('nextCursor');
  });
});
feat(phase-b): ship analytics dashboard, alerts, scanner PWA, dedup, audit view Phase B (Insights & Alerts) PR4-11 in one drop. Builds on the schema + service skeletons committed in PRs 1-3. PR4 Analytics dashboard — 4 chart types (funnel/timeline/breakdown/source), date-range picker (today/7d/30d/90d), CSV+PNG export per card. PR5 Alert rail UI + /alerts page — topbar bell w/ live count, dashboard right-rail, three-tab page (active/dismissed/resolved), socket-driven invalidation. Bell lazy-loads list on popover open to keep cold pages fast in non-dashboard routes. PR6 EOI queue tab on documents hub — filters to in-flight EOIs, count surfaces in tab label. PR7 Interests-by-berth tab on berth detail — replaces the stub. PR8 Expense duplicate detection — BullMQ job runs scan on create, yellow banner on detail w/ Merge / Not-a-duplicate, transactional merge consolidates receipts and archives the source. PR9 Receipt scanner PWA + multi-provider AI — port-scoped /scan route in its own (scanner) group with no dashboard chrome, dynamic per-port manifest, OpenAI + Claude provider abstraction, admin OCR settings page (port-level + super-admin global default w/ opt-in fallback), test-connection endpoint, manual-entry fallback when no key is configured. Verify form always shown before save — no ghost rows. PR10 Audit log read view — swap to tsvector full-text search on the existing GIN index, cursor pagination, filters for entity/action/user /date range, batched actor-email resolution. PR11 Real-API tests — opt-in receipt-ocr.spec (admin save+test, optional real-receipt parse via REALAPI_RECEIPT_FIXTURE) and alert-engine socket-fanout spec gated behind RUN_ALERT_ENGINE_REALAPI. Both skip cleanly without their gate envs so CI stays green. Test totals: vitest 690 -> 713, smoke 130 -> 138, realapi +2 opt-in. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> 2026-04-28 17:21:55 +02:00			`import { test, expect } from '@playwright/test';`
			`import { login, PORT_SLUG } from './helpers';`

			`test.describe('Audit log read view (Phase B)', () => {`
			`test.beforeEach(async ({ page }) => {`
			`await login(page, 'super_admin');`
			`});`

			`test('admin audit page renders search + entity + action filters', async ({ page }) => {`
			`// First-hit dev-mode compile of the upgraded route can exceed 30s.`
			await page.goto(`/${PORT_SLUG}/admin/audit`, { timeout: 60_000 });
			`await expect(page.getByRole('heading', { name: /audit log/i })).toBeVisible({`
			`timeout: 30_000,`
			`});`
			`await expect(page.getByTestId('audit-search')).toBeVisible({ timeout: 10_000 });`
			`await expect(page.getByTestId('audit-entity')).toBeVisible();`
			`await expect(page.getByTestId('audit-action')).toBeVisible();`
			`// Date filters render alongside.`
			`await expect(page.getByLabel(/^from$/i)).toBeVisible();`
			`await expect(page.getByLabel(/^to$/i)).toBeVisible();`
			`});`

			`test('audit API returns cursor-paginated rows with the new shape', async ({ page }) => {`
			`// Pull the port id from the admin/ports list so the audit request can`
			`// pass X-Port-Id (the audit endpoint scopes results to a single port).`
			`const portsRes = await page.request.get('/api/v1/admin/ports');`
			`const portsBody = (await portsRes.json()) as { data: Array<{ id: string }> };`
			`const portId = portsBody.data[0]?.id;`
			`expect(portId).toBeTruthy();`

			const auditRes = await page.request.get(`/api/v1/admin/audit?limit=5`, {
			`headers: { 'X-Port-Id': portId! },`
			`timeout: 60_000,`
			`});`
			`expect(auditRes.status()).toBe(200);`
			`const body = (await auditRes.json()) as {`
			`data: Array<{ action: string; entityType: string }>;`
			`pagination: { nextCursor: { createdAt: string; id: string } \| null };`
			`};`
			`expect(Array.isArray(body.data)).toBe(true);`
			`expect(body.pagination).toHaveProperty('nextCursor');`
			`});`
			`});`