refractor code to allow more tests

tests/helpers/proxy-api.ts

@@ -0,0 +1,98 @@
+/**
+ * Higher-level helpers for creating proxy hosts and access lists
+ * in functional E2E tests.
+ *
+ * All helpers accept a Playwright `Page` (pre-authenticated via the
+ * global storageState) so they integrate cleanly with the standard
+ * `page` test fixture.
+ */
+import { expect, type Page } from '@playwright/test';
+import { injectFormFields } from './http';
+
+export interface ProxyHostConfig {
+  name: string;
+  domain: string;
+  upstream: string;        // e.g. "echo-server:8080"
+  accessListName?: string; // name of an existing access list to attach
+  enableWaf?: boolean;     // enable WAF with OWASP CRS in blocking mode
+}
+
+/**
+ * Create a proxy host via the browser UI.
+ * ssl_forced is always set to false so functional tests can use plain HTTP.
+ */
+export async function createProxyHost(page: Page, config: ProxyHostConfig): Promise<void> {
+  await page.goto('/proxy-hosts');
+  await page.getByRole('button', { name: /create host/i }).click();
+  await expect(page.getByRole('dialog')).toBeVisible();
+
+  await page.getByLabel('Name').fill(config.name);
+  await page.getByLabel(/domains/i).fill(config.domain);
+
+  // Support multiple upstreams separated by newlines.
+  const upstreamList = config.upstream.split('\n').map((u) => u.trim()).filter(Boolean);
+  // Fill the first (always-present) upstream input
+  await page.getByPlaceholder('10.0.0.5:8080').first().fill(upstreamList[0] ?? '');
+  // Add additional upstreams via the "Add Upstream" button
+  for (let i = 1; i < upstreamList.length; i++) {
+    await page.getByRole('button', { name: /add upstream/i }).click();
+    await page.getByPlaceholder('10.0.0.5:8080').nth(i).fill(upstreamList[i]);
+  }
+
+  if (config.accessListName) {
+    // MUI TextField select — click to open dropdown, then pick the option
+    await page.getByRole('combobox', { name: /access list/i }).click();
+    await page.getByRole('option', { name: config.accessListName }).click();
+  }
+
+  // Inject hidden fields:
+  //  ssl_forced_present=on  → tells the action the field was in the form
+  //  (ssl_forced absent)    → parseCheckbox(null) = false → no HTTPS redirect
+  const extraFields: Record<string, string> = { ssl_forced_present: 'on' };
+
+  if (config.enableWaf) {
+    Object.assign(extraFields, {
+      waf_present: 'on',
+      waf_enabled: 'on',
+      waf_engine_mode: 'On',    // blocking mode
+      waf_load_owasp_crs: 'on',
+      waf_mode: 'override',
+    });
+  }
+
+  await injectFormFields(page, extraFields);
+
+  await page.getByRole('button', { name: /^create$/i }).click();
+  await expect(page.getByRole('dialog')).not.toBeVisible({ timeout: 15_000 });
+  await expect(page.getByText(config.name)).toBeVisible({ timeout: 10_000 });
+}
+
+export interface AccessListUser {
+  username: string;
+  password: string;
+}
+
+/**
+ * Create an access list with initial users via the browser UI.
+ * Uses the "Seed members" textarea (username:password per line) so all
+ * users are created atomically with the list — no per-user form needed.
+ */
+export async function createAccessList(
+  page: Page,
+  name: string,
+  users: AccessListUser[]
+): Promise<void> {
+  await page.goto('/access-lists');
+
+  await page.getByPlaceholder('Internal users').fill(name);
+
+  if (users.length > 0) {
+    const seedMembers = users.map((u) => `${u.username}:${u.password}`).join('\n');
+    await page.getByLabel('Seed members').fill(seedMembers);
+  }
+
+  await page.getByRole('button', { name: /create access list/i }).click();
+
+  // Wait for the card to appear
+  await expect(page.getByRole('button', { name: /delete list/i })).toBeVisible({ timeout: 10_000 });
+}