akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 6 Packages Projects Releases Wiki Activity
Files
main
Charon/docs/issues/created/20260125-manual-test-security-helpers.md
T
akanealw eec8c28fb3
Go Benchmark / Performance Regression Check (push) Has been cancelled
Details
Cerberus Integration / Cerberus Security Stack Integration (push) Has been cancelled
Details
Upload Coverage to Codecov / Backend Codecov Upload (push) Has been cancelled
Details
Upload Coverage to Codecov / Frontend Codecov Upload (push) Has been cancelled
Details
CodeQL - Analyze / CodeQL analysis (go) (push) Has been cancelled
Details
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Has been cancelled
Details
CrowdSec Integration / CrowdSec Bouncer Integration (push) Has been cancelled
Details
Docker Build, Publish & Test / build-and-push (push) Has been cancelled
Details
Quality Checks / Auth Route Protection Contract (push) Has been cancelled
Details
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Has been cancelled
Details
Quality Checks / Backend (Go) (push) Has been cancelled
Details
Quality Checks / Frontend (React) (push) Has been cancelled
Details
Rate Limit integration / Rate Limiting Integration (push) Has been cancelled
Details
Security Scan (PR) / Trivy Binary Scan (push) Has been cancelled
Details
Supply Chain Verification (PR) / Verify Supply Chain (push) Has been cancelled
Details
WAF integration / Coraza WAF Integration (push) Has been cancelled
Details
Docker Build, Publish & Test / Security Scan PR Image (push) Has been cancelled
Details
Repo Health Check / Repo health (push) Has been cancelled
Details
History Rewrite Dry-Run / Dry-run preview for history rewrite (push) Has been cancelled
Details
Prune Renovate Branches / prune (push) Has been cancelled
Details
Renovate / renovate (push) Has been cancelled
Details
Nightly Build & Package / sync-development-to-nightly (push) Has been cancelled
Details
Nightly Build & Package / Trigger Nightly Validation Workflows (push) Has been cancelled
Details
Nightly Build & Package / build-and-push-nightly (push) Has been cancelled
Details
Nightly Build & Package / test-nightly-image (push) Has been cancelled
Details
Nightly Build & Package / verify-nightly-supply-chain (push) Has been cancelled
Details
Update GeoLite2 Checksum / update-checksum (push) Has been cancelled
Details
Container Registry Prune / prune-ghcr (push) Has been cancelled
Details
Container Registry Prune / prune-dockerhub (push) Has been cancelled
Details
Container Registry Prune / summarize (push) Has been cancelled
Details
Supply Chain Verification / Verify SBOM (push) Has been cancelled
Details
Supply Chain Verification / Verify Release Artifacts (push) Has been cancelled
Details
Supply Chain Verification / Verify Docker Image Supply Chain (push) Has been cancelled
Details
Monitor Caddy Major Release / check-caddy-major (push) Has been cancelled
Details
Weekly Nightly to Main Promotion / Verify Nightly Branch Health (push) Has been cancelled
Details
Weekly Nightly to Main Promotion / Create Promotion PR (push) Has been cancelled
Details
Weekly Nightly to Main Promotion / Trigger Missing Required Checks (push) Has been cancelled
Details
Weekly Nightly to Main Promotion / Notify on Failure (push) Has been cancelled
Details
Weekly Nightly to Main Promotion / Workflow Summary (push) Has been cancelled
Details
Weekly Security Rebuild / Security Rebuild & Scan (push) Has been cancelled
Details
changed perms
2026-04-22 18:19:14 +00:00

59 lines
1.8 KiB
Markdown
Executable File
Raw Permalink Blame History

# Manual Testing: Security Test Helpers
**Created**: June 2025
**Priority**: Medium
**Status**: Open
## Objective
Verify the security test helpers implementation prevents ACL deadlock during E2E test execution.
## Test Scenarios
### Scenario 1: ACL Toggle Isolation
1. Run security dashboard tests that toggle ACL on
2. Intentionally cancel mid-test (Ctrl+C)
3. Run any other E2E test (e.g., manual-dns-provider)
4. **Expected**: Tests should pass - global-setup.ts should reset ACL
### Scenario 2: State Restoration After Failure
1. Modify a security dashboard toggle test to throw an error after enabling ACL
2. Run the test (it will fail)
3. Run a different test file
4. **Expected**: ACL should be disabled, other tests should pass
### Scenario 3: Concurrent Test Runs
1. Run full E2E suite: `npx playwright test --project=chromium`
2. **Expected**: No tests fail due to ACL blocking (@api-tagged requests)
3. **Expected**: Security dashboard toggle tests complete without deadlock
### Scenario 4: Fresh Container State
1. Stop all containers: `docker compose -f .docker/compose/docker-compose.yml down -v`
2. Start fresh: `docker compose -f .docker/compose/docker-compose.ci.yml up -d`
3. Run security dashboard tests
4. **Expected**: Tests pass, ACL state properly managed
## Verification Commands
```bash
# Full E2E suite
npx playwright test --project=chromium
# Security-specific tests
npx playwright test tests/security/*.spec.ts --project=chromium
# Check ACL is disabled after tests
curl -s http://localhost:8080/api/v1/security/status | jq '.acl_enabled'
```
## Acceptance Criteria
- [ ] Security dashboard toggle tests pass consistently
- [ ] No "403 Forbidden" errors in unrelated tests after security tests run
- [ ] global-setup.ts emergency reset works when ACL is stuck enabled
- [ ] afterAll cleanup creates fresh request context (no fixture reuse errors)
Reference in New Issue View Git Blame Copy Permalink