From 785cfb6cc559d69adfa64853567eb216b1acdc53 Mon Sep 17 00:00:00 2001
From: fuomag9 <1580624+fuomag9@users.noreply.github.com>
Date: Mon, 6 Apr 2026 01:04:09 +0200
Subject: [PATCH] Fix dashboard stat card selector and use Bun.password.hash
 for test users

- dashboard: Match stat cards via link role with count+label pattern
  to avoid matching subtitle paragraph containing "certificates"
- role-access: Use Bun.password.hash (built-in bcrypt) instead of
  bcryptjs which is not installed in the production container

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 tests/e2e/dashboard.spec.ts   | 8 ++++----
 tests/e2e/role-access.spec.ts | 6 ++----
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/tests/e2e/dashboard.spec.ts b/tests/e2e/dashboard.spec.ts
index f9c6052a..cd4fa473 100644
--- a/tests/e2e/dashboard.spec.ts
+++ b/tests/e2e/dashboard.spec.ts
@@ -15,10 +15,10 @@ test.describe('Dashboard home page', () => {
   });
 
   test('shows stat cards for Proxy Hosts, Certificates, and Access Lists', async ({ page }) => {
-    // Stat card labels are inside <p> tags — use exact text to avoid matching nav items
-    await expect(page.locator('p', { hasText: 'Proxy Hosts' })).toBeVisible();
-    await expect(page.locator('p', { hasText: 'Certificates' })).toBeVisible();
-    await expect(page.locator('p', { hasText: 'Access Lists' })).toBeVisible();
+    // Stat card labels are <p> inside link cards — match via the parent link
+    await expect(page.getByRole('link', { name: /\d+\s*Proxy Hosts/ })).toBeVisible();
+    await expect(page.getByRole('link', { name: /\d+\s*Certificates/ })).toBeVisible();
+    await expect(page.getByRole('link', { name: /\d+\s*Access Lists/ })).toBeVisible();
   });
 
   test('shows Traffic (24h) card', async ({ page }) => {
diff --git a/tests/e2e/role-access.spec.ts b/tests/e2e/role-access.spec.ts
index c6e141b6..51d6a51b 100644
--- a/tests/e2e/role-access.spec.ts
+++ b/tests/e2e/role-access.spec.ts
@@ -47,16 +47,14 @@ const ALL_DASHBOARD_PAGES = [...USER_ACCESSIBLE_PAGES, ...ADMIN_ONLY_PAGES];
 
 /**
  * Create a test user inside the running web container using bun.
- * Uses bcrypt to hash the password (same as the app does).
+ * Uses Bun's built-in Bun.password.hash (bcrypt) — no npm deps needed.
  */
 function ensureTestUser(username: string, password: string, role: string) {
-  // Bun uses ESM by default — use import() for bcryptjs
   const script = `
     import { Database } from "bun:sqlite";
-    import bcrypt from "bcryptjs";
     const db = new Database("./data/caddy-proxy-manager.db");
     const email = "${username}@localhost";
-    const hash = bcrypt.hashSync("${password}", 12);
+    const hash = await Bun.password.hash("${password}", { algorithm: "bcrypt", cost: 12 });
     const now = new Date().toISOString();
     const existing = db.query("SELECT id FROM users WHERE email = ?").get(email);
     if (existing) {