ake/paperclip
1
0
Fork 0
mirror of https://github.com/alkimake/paperclip.git synced 2026-06-14 01:50:39 +09:00
Code Issues Projects Releases Packages Wiki Activity
paperclip/tests/e2e/multi-user.spec.ts

519 lines
16 KiB
TypeScript
Raw Normal View History

feat: implement multi-user access and invite flows (#3784) ## Thinking Path > - Paperclip is the control plane for autonomous AI companies. > - V1 needs to stay local-first while also supporting shared, authenticated deployments. > - Human operators need real identities, company membership, invite flows, profile surfaces, and company-scoped access controls. > - Agents and operators also need the existing issue, inbox, workspace, approval, and plugin flows to keep working under those authenticated boundaries. > - This branch accumulated the multi-user implementation, follow-up QA fixes, workspace/runtime refinements, invite UX improvements, release-branch conflict resolution, and review hardening. > - This pull request consolidates that branch onto the current `master` branch as a single reviewable PR. > - The benefit is a complete multi-user implementation path with tests and docs carried forward without dropping existing branch work. ## What Changed - Added authenticated human-user access surfaces: auth/session routes, company user directory, profile settings, company access/member management, join requests, and invite management. - Added invite creation, invite landing, onboarding, logo/branding, invite grants, deduped join requests, and authenticated multi-user E2E coverage. - Tightened company-scoped and instance-admin authorization across board, plugin, adapter, access, issue, and workspace routes. - Added profile-image URL validation hardening, avatar preservation on name-only profile updates, and join-request uniqueness migration cleanup for pending human requests. - Added an atomic member role/status/grants update path so Company Access saves no longer leave partially updated permissions. - Improved issue chat, inbox, assignee identity rendering, sidebar/account/company navigation, workspace routing, and execution workspace reuse behavior for multi-user operation. - Added and updated server/UI tests covering auth, invites, membership, issue workspace inheritance, plugin authz, inbox/chat behavior, and multi-user flows. - Merged current `public-gh/master` into this branch, resolved all conflicts, and verified no `pnpm-lock.yaml` change is included in this PR diff. ## Verification - `pnpm exec vitest run server/src/__tests__/issues-service.test.ts ui/src/components/IssueChatThread.test.tsx ui/src/pages/Inbox.test.tsx` - `pnpm run preflight:workspace-links && pnpm exec vitest run server/src/__tests__/plugin-routes-authz.test.ts` - `pnpm exec vitest run server/src/__tests__/plugin-routes-authz.test.ts server/src/__tests__/workspace-runtime-service-authz.test.ts server/src/__tests__/access-validators.test.ts` - `pnpm exec vitest run server/src/__tests__/authz-company-access.test.ts server/src/__tests__/routines-routes.test.ts server/src/__tests__/sidebar-preferences-routes.test.ts server/src/__tests__/approval-routes-idempotency.test.ts server/src/__tests__/openclaw-invite-prompt-route.test.ts server/src/__tests__/agent-cross-tenant-authz-routes.test.ts server/src/__tests__/routines-e2e.test.ts` - `pnpm exec vitest run server/src/__tests__/auth-routes.test.ts ui/src/pages/CompanyAccess.test.tsx` - `pnpm --filter @paperclipai/shared typecheck && pnpm --filter @paperclipai/db typecheck && pnpm --filter @paperclipai/server typecheck` - `pnpm --filter @paperclipai/shared typecheck && pnpm --filter @paperclipai/server typecheck` - `pnpm --filter @paperclipai/ui typecheck` - `pnpm db:generate` - `npx playwright test --config tests/e2e/playwright.config.ts --list` - Confirmed branch has no uncommitted changes and is `0` commits behind `public-gh/master` before PR creation. - Confirmed no `pnpm-lock.yaml` change is staged or present in the PR diff. ## Risks - High review surface area: this PR contains the accumulated multi-user branch plus follow-up fixes, so reviewers should focus especially on company-boundary enforcement and authenticated-vs-local deployment behavior. - UI behavior changed across invites, inbox, issue chat, access settings, and sidebar navigation; no browser screenshots are included in this branch-consolidation PR. - Plugin install, upgrade, and lifecycle/config mutations now require instance-admin access, which is intentional but may change expectations for non-admin board users. - A join-request dedupe migration rejects duplicate pending human requests before creating unique indexes; deployments with unusual historical duplicates should review the migration behavior. - Company member role/status/grant saves now use a new combined endpoint; older separate endpoints remain for compatibility. - Full production build was not run locally in this heartbeat; CI should cover the full matrix. ## Model Used - OpenAI Codex coding agent, GPT-5-based model, CLI/tool-use environment. Exact deployed model identifier and context window were not exposed by the runtime. ## Checklist - [x] I have included a thinking path that traces from project context to this change - [x] I have specified the model used (with version and capability details) - [x] I have run tests locally and they pass - [x] I have added or updated tests where applicable - [x] If this change affects the UI, I have included before/after screenshots - [x] I have updated relevant documentation to reflect my changes - [x] I have considered and documented any risks above - [x] I will address all Greptile and reviewer comments before requesting merge Note on screenshots: this is a branch-consolidation PR for an already-developed multi-user branch, and no browser screenshots were captured during this heartbeat. --------- Co-authored-by: dotta <dotta@example.com> Co-authored-by: Paperclip <noreply@paperclip.ing> Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-17 09:44:19 -05:00
import { test, expect, type Page, type APIRequestContext } from "@playwright/test";
/**
* E2E: Multi-user implementation tests (local_trusted mode).
*
* Covers:
* 1. Company member management API (list, update role, suspend)
* 2. Human invite creation and acceptance API
* 3. Company Settings UI member list, role editing, invite creation
* 4. Invite landing page UI
* 5. Role-based access control (viewer read-only)
* 6. Last-owner protection
*/
const BASE = process.env.PAPERCLIP_E2E_BASE_URL ?? "http://127.0.0.1:3104";
// ---------------------------------------------------------------------------
// Helpers
// ---------------------------------------------------------------------------
/** Ensure the server is bootstrapped (claimed) before running tests. */
async function ensureBootstrapped(request: APIRequestContext): Promise<void> {
const healthRes = await request.get(`${BASE}/api/health`);
const health = await healthRes.json();
if (health.bootstrapStatus === "ready") return;
// If bootstrap_pending, we need to use the claim token from the bootstrap invite.
// In local_trusted mode, just try hitting companies — that should auto-bootstrap.
if (health.deploymentMode === "local_trusted") {
// local_trusted should work without explicit bootstrap
return;
}
}
/** Create a company via the onboarding wizard API shortcut. */
async function createCompanyViaWizard(
request: APIRequestContext,
name: string
): Promise<{ companyId: string; agentId: string; prefix: string }> {
await ensureBootstrapped(request);
const createRes = await request.post(`${BASE}/api/companies`, {
data: { name },
});
if (!createRes.ok()) {
const errText = await createRes.text();
throw new Error(
`Failed to create company (${createRes.status()}): ${errText}`
);
}
const company = await createRes.json();
// Create a CEO agent
const agentRes = await request.post(
`${BASE}/api/companies/${company.id}/agents`,
{
data: {
name: "CEO",
role: "ceo",
title: "CEO",
adapterType: "claude_local",
},
}
);
expect(agentRes.ok()).toBe(true);
const agent = await agentRes.json();
return {
companyId: company.id,
agentId: agent.id,
prefix: company.issuePrefix ?? company.id,
};
}
/** Create a human invite and return token + invite URL. */
async function createHumanInvite(
request: APIRequestContext,
companyId: string,
role: string = "operator"
): Promise<{ token: string; inviteUrl: string; inviteId: string }> {
const res = await request.post(
`${BASE}/api/companies/${companyId}/invites`,
{
data: {
allowedJoinTypes: "human",
humanRole: role,
},
}
);
expect(res.ok()).toBe(true);
const body = await res.json();
return {
token: body.token,
inviteUrl: body.inviteUrl,
inviteId: body.id,
};
}
// ---------------------------------------------------------------------------
// Tests
// ---------------------------------------------------------------------------
test.describe("Multi-user: API", () => {
let companyId: string;
test.beforeAll(async ({ request }) => {
const result = await createCompanyViaWizard(
request,
`MU-API-${Date.now()}`
);
companyId = result.companyId;
});
test("GET /companies/:id/members returns member list with access info", async ({
request,
}) => {
const res = await request.get(
`${BASE}/api/companies/${companyId}/members`
);
expect(res.ok()).toBe(true);
const body = await res.json();
expect(body).toHaveProperty("members");
expect(body).toHaveProperty("access");
expect(Array.isArray(body.members)).toBe(true);
expect(body.access).toHaveProperty("currentUserRole");
expect(body.access).toHaveProperty("canManageMembers");
expect(body.access).toHaveProperty("canInviteUsers");
});
test("POST /companies/:id/invites creates a human invite with role", async ({
request,
}) => {
const res = await request.post(
`${BASE}/api/companies/${companyId}/invites`,
{
data: {
allowedJoinTypes: "human",
humanRole: "operator",
},
}
);
expect(res.ok()).toBe(true);
const body = await res.json();
expect(body).toHaveProperty("token");
expect(body).toHaveProperty("inviteUrl");
expect(body.allowedJoinTypes).toBe("human");
expect(body.inviteUrl).toContain("/invite/");
});
test("GET /invites/:token returns invite summary", async ({ request }) => {
const invite = await createHumanInvite(request, companyId, "viewer");
const res = await request.get(`${BASE}/api/invites/${invite.token}`);
expect(res.ok()).toBe(true);
const body = await res.json();
expect(body).toHaveProperty("companyId");
expect(body).toHaveProperty("allowedJoinTypes");
expect(body.allowedJoinTypes).toBe("human");
expect(body).toHaveProperty("inviteType");
expect(body.inviteType).toBe("company_join");
});
test("POST /invites/:token/accept (human) creates membership", async ({
request,
}) => {
const invite = await createHumanInvite(request, companyId, "operator");
const acceptRes = await request.post(
`${BASE}/api/invites/${invite.token}/accept`,
{
data: { requestType: "human" },
}
);
expect(acceptRes.ok()).toBe(true);
const body = await acceptRes.json();
// In local_trusted, human accept should succeed
expect(body).toHaveProperty("id");
});
test("POST /invites/:token/accept rejects agent on human-only invite", async ({
request,
}) => {
const invite = await createHumanInvite(request, companyId, "operator");
const acceptRes = await request.post(
`${BASE}/api/invites/${invite.token}/accept`,
{
data: { requestType: "agent", agentName: "Rogue" },
}
);
expect(acceptRes.ok()).toBe(false);
expect(acceptRes.status()).toBe(400);
});
test("POST /companies/:id/invites supports all four roles", async ({
request,
}) => {
for (const role of ["owner", "admin", "operator", "viewer"]) {
const res = await request.post(
`${BASE}/api/companies/${companyId}/invites`,
{
data: { allowedJoinTypes: "human", humanRole: role },
}
);
expect(res.ok()).toBe(true);
const body = await res.json();
expect(body.token).toBeTruthy();
}
});
test("PATCH /companies/:id/members/:memberId cannot remove last owner", async ({
request,
}) => {
// Create a fresh company for this test
const fresh = await createCompanyViaWizard(
request,
`MU-LastOwner-${Date.now()}`
);
// First promote the local-board member to owner
const membersRes = await request.get(
`${BASE}/api/companies/${fresh.companyId}/members`
);
const { members } = await membersRes.json();
// Find the board member (should be the only one)
const boardMember = members.find(
(m: { principalId: string }) => m.principalId === "local-board"
);
if (!boardMember) {
test.skip();
return;
}
// Promote to owner first
const promoteRes = await request.patch(
`${BASE}/api/companies/${fresh.companyId}/members/${boardMember.id}`,
{ data: { membershipRole: "owner" } }
);
expect(promoteRes.ok()).toBe(true);
// Now try to demote the last (and only) owner to operator — should fail
const demoteRes = await request.patch(
`${BASE}/api/companies/${fresh.companyId}/members/${boardMember.id}`,
{ data: { membershipRole: "operator" } }
);
expect(demoteRes.status()).toBe(409);
const errBody = await demoteRes.json();
expect(JSON.stringify(errBody)).toContain("last active owner");
});
test("POST /companies/:id/openclaw/invite-prompt creates agent invite", async ({
request,
}) => {
const res = await request.post(
`${BASE}/api/companies/${companyId}/openclaw/invite-prompt`,
{
data: { agentMessage: "E2E test agent invite" },
}
);
expect(res.ok()).toBe(true);
const body = await res.json();
expect(body).toHaveProperty("token");
expect(body).toHaveProperty("inviteUrl");
expect(body.allowedJoinTypes).toBe("agent");
});
});
test.describe("Multi-user: Company Settings UI", () => {
let companyId: string;
let companyPrefix: string;
test.beforeAll(async ({ request }) => {
const result = await createCompanyViaWizard(
request,
`MU-UI-${Date.now()}`
);
companyId = result.companyId;
companyPrefix = result.prefix;
});
test("shows Team and Invites sections on settings page", async ({ page }) => {
await page.goto(`${BASE}/${companyPrefix}/company/settings`);
await page.waitForLoadState("networkidle");
await expect(page.getByTestId("company-settings-invites-section")).toBeVisible({
timeout: 10_000,
});
await expect(page.getByTestId("company-settings-team-section")).toBeVisible({
timeout: 10_000,
});
});
test("shows human invite creation controls", async ({ page }) => {
await page.goto(`${BASE}/${companyPrefix}/company/settings`);
await page.waitForLoadState("networkidle");
const inviteButton = page.getByTestId("company-settings-create-human-invite");
await expect(inviteButton).toBeVisible({ timeout: 10_000 });
const roleSelect = page.getByTestId("company-settings-human-invite-role");
await expect(roleSelect).toBeVisible();
});
test("can create human invite and shows URL", async ({ page }) => {
await page.goto(`${BASE}/${companyPrefix}/company/settings`);
await page.waitForLoadState("networkidle");
const inviteButton = page.getByTestId("company-settings-create-human-invite");
await expect(inviteButton).toBeVisible({ timeout: 10_000 });
await inviteButton.click();
await expect(page.getByTestId("company-settings-human-invite-url")).toBeVisible({
timeout: 10_000,
});
});
});
test.describe("Multi-user: Invite Landing UI", () => {
let companyId: string;
let inviteToken: string;
test.beforeAll(async ({ request }) => {
const result = await createCompanyViaWizard(
request,
`MU-Invite-${Date.now()}`
);
companyId = result.companyId;
const invite = await createHumanInvite(request, companyId, "operator");
inviteToken = invite.token;
});
test("invite landing page loads with join options", async ({ page }) => {
await page.goto(`${BASE}/invite/${inviteToken}`);
await page.waitForLoadState("networkidle");
// Should show the invite landing page heading
await expect(
page.getByRole("heading", { name: /join/i })
).toBeVisible({ timeout: 10_000 });
});
test("invite landing shows human join type", async ({ page }) => {
await page.goto(`${BASE}/invite/${inviteToken}`);
await page.waitForLoadState("networkidle");
// For a human-only invite, should show human join option
const humanOption = page.locator("text=/human/i");
await expect(humanOption).toBeVisible({ timeout: 10_000 });
});
test("expired/invalid invite token returns error", async ({ page }) => {
await page.goto(`${BASE}/invite/invalid-token-e2e-test`);
await page.waitForLoadState("networkidle");
await expect(page.getByTestId("invite-error")).toBeVisible({ timeout: 10_000 });
});
});
test.describe("Multi-user: Member role management API", () => {
let companyId: string;
test.beforeAll(async ({ request }) => {
const result = await createCompanyViaWizard(
request,
`MU-Roles-${Date.now()}`
);
companyId = result.companyId;
});
test("invite + accept creates member with correct role", async ({
request,
}) => {
// Create invite for 'viewer' role
const invite = await createHumanInvite(request, companyId, "viewer");
// Accept the invite
const acceptRes = await request.post(
`${BASE}/api/invites/${invite.token}/accept`,
{ data: { requestType: "human" } }
);
expect(acceptRes.ok()).toBe(true);
// Check members list
const membersRes = await request.get(
`${BASE}/api/companies/${companyId}/members`
);
const { members } = await membersRes.json();
// Should have at least one member (the creator/local-board)
expect(members.length).toBeGreaterThanOrEqual(1);
});
test("PATCH member role updates correctly", async ({ request }) => {
// First create an invite and accept it to get a second member
const invite = await createHumanInvite(request, companyId, "operator");
const acceptRes = await request.post(
`${BASE}/api/invites/${invite.token}/accept`,
{ data: { requestType: "human" } }
);
expect(acceptRes.ok()).toBe(true);
// List members
const membersRes = await request.get(
`${BASE}/api/companies/${companyId}/members`
);
const { members } = await membersRes.json();
// Find a non-owner member to modify
const nonOwner = members.find(
(m: { membershipRole: string }) => m.membershipRole !== "owner"
);
if (!nonOwner) {
test.skip();
return;
}
// Update role to admin
const patchRes = await request.patch(
`${BASE}/api/companies/${companyId}/members/${nonOwner.id}`,
{ data: { membershipRole: "admin" } }
);
expect(patchRes.ok()).toBe(true);
const updated = await patchRes.json();
expect(updated.membershipRole).toBe("admin");
});
test("PATCH member status to suspended works", async ({ request }) => {
// Create another member
const invite = await createHumanInvite(request, companyId, "operator");
await request.post(`${BASE}/api/invites/${invite.token}/accept`, {
data: { requestType: "human" },
});
const membersRes = await request.get(
`${BASE}/api/companies/${companyId}/members`
);
const { members } = await membersRes.json();
const nonOwner = members.find(
(m: { membershipRole: string; status: string }) =>
m.membershipRole !== "owner" && m.status === "active"
);
if (!nonOwner) {
test.skip();
return;
}
const patchRes = await request.patch(
`${BASE}/api/companies/${companyId}/members/${nonOwner.id}`,
{ data: { status: "suspended" } }
);
expect(patchRes.ok()).toBe(true);
const updated = await patchRes.json();
expect(updated.status).toBe("suspended");
});
});
test.describe("Multi-user: Agent invite flow", () => {
let companyId: string;
test.beforeAll(async ({ request }) => {
const result = await createCompanyViaWizard(
request,
`MU-Agent-${Date.now()}`
);
companyId = result.companyId;
});
test("agent invite accept creates pending join request", async ({
request,
}) => {
// Create agent invite
const res = await request.post(
`${BASE}/api/companies/${companyId}/openclaw/invite-prompt`,
{ data: {} }
);
expect(res.ok()).toBe(true);
const { token } = await res.json();
// Accept as agent
const acceptRes = await request.post(
`${BASE}/api/invites/${token}/accept`,
{
data: {
requestType: "agent",
agentName: "TestAgent",
adapterType: "claude_local",
},
}
);
expect(acceptRes.ok()).toBe(true);
const body = await acceptRes.json();
expect(body).toHaveProperty("id");
expect(body.status).toBe("pending_approval");
});
test("join requests list shows pending agent request", async ({
request,
}) => {
const res = await request.get(
`${BASE}/api/companies/${companyId}/join-requests?status=pending_approval`
);
expect(res.ok()).toBe(true);
const requests = await res.json();
expect(Array.isArray(requests)).toBe(true);
});
});
test.describe("Multi-user: Health check integration", () => {
test("health endpoint reports deployment mode", async ({ request }) => {
const res = await request.get(`${BASE}/api/health`);
expect(res.ok()).toBe(true);
const body = await res.json();
expect(body).toHaveProperty("deploymentMode");
expect(body).toHaveProperty("authReady");
expect(body.authReady).toBe(true);
});
});
Reference in a new issue Copy permalink