admin/honeyDueKMP
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c0032ab7e15e0609f5e8b07ca66b481a63250a5b
honeyDueKMP/iosApp/HoneyDueUITests/Framework/AuthenticatedUITestCase.swift
T
Trey T d11cc82fec Perf: inject auth token at launch to skip the UI login (~26-50% faster) 
Measured: ~half of every authenticated test was fixed setup, dominated by the
UI login (typing email+password, keyboard/SecureField dance, ~8-12s). The test
already creates the account via API and holds its real Kratos session token —
so instead of typing credentials, pass the token as a launch arg and boot the
app already authenticated.

- App (UITestRuntime + iOSApp): reads --ui-test-session-token; after the
  --reset-state clear, calls DataManager.setAuthToken(token) and replicates the
  post-login init the UI login path runs (getCurrentUser + initializeLookups +
  getMyResidences + getTasks) so owner-gated/data-gated screens (residence
  detail delete + manage-users, pickers, lists) work on boot. Guarded by
  UITestRuntime.isEnabled — no effect on production.
- AuthenticatedUITestCase: in fresh-account mode, create the account + seed its
  preconditions BEFORE launch, expose the token via additionalLaunchArguments,
  and drop the UI login. Legacy (usesFreshAccount=false) suites still UI-login.

Measured per-test medians: Contractor 34s -> 25s; Task (uses lookups) ~34s ->
16s. TESTING.md updated. All affected suites pass; 0 leaked accounts.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-06 00:27:39 -05:00

397 lines
18 KiB
Swift
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
import XCTest
/// Base class for all tests that require a logged-in user.
class AuthenticatedUITestCase: BaseUITestCase {
// MARK: - Configuration (override in subclasses)
var testCredentials: (username: String, password: String) {
("testuser", "TestPass123!")
}
var needsAPISession: Bool { false }
/// Authenticated suites test the post-onboarding app. A freshly-seeded user
/// has no residence, so without this the app routes to the onboarding flow
/// after login instead of the main tabs. Launch with --complete-onboarding
/// (sets OnboardingState.hasCompletedOnboarding) so login lands on main tabs.
override var completeOnboarding: Bool { true }
/// Per-test isolation relaunches the app fresh for every test. With
/// --reset-state this lands on the login screen, so each test logs in as its
/// own fresh account WITHOUT a fragile UI logout between tests (the old
/// logout-via-profile path was the #1 source of flakes under load).
override var relaunchBetweenTests: Bool { true }
/// In fresh-account mode the app boots already authenticated via the
/// account's real Kratos token (the app reads `--ui-test-session-token` in
/// UITestRuntime) skipping the slow, flaky UI login (~8-12s/test). The
/// account is created before the launch (see setUpWithError), so its token
/// is available here when BaseUITestCase assembles the launch arguments.
override var additionalLaunchArguments: [String] {
if usesFreshAccount, let token = account?.token {
return ["--ui-test-session-token", token]
}
return []
}
/// Credentials for the Kratos APP identity used to seed data over the API.
///
/// TWO DIFFERENT "admin@honeydue.com" EXIST do NOT "fix" Test1234 to password123:
/// (a) Kratos APP identity admin@honeydue.com / Test1234. Created by this class's
/// `setUp` (and re-seeded by SuiteZZ). Used here for API data-seeding and login.
/// (b) Admin-PANEL SQL super-admin admin@honeydue.com / password123. A separate
/// system, used ONLY by SuiteZZ_CleanupTests to call /admin/settings/clear-all-data.
/// They happen to share an email but are unrelated. Changing Test1234 here would break
/// all API seeding; changing password123 in SuiteZZ would break the data wipe.
var apiCredentials: (username: String, password: String) {
("admin", "Test1234")
}
// MARK: - Account isolation
/// When `true` (default), each test mints its OWN unique, pre-verified
/// Kratos account, logs in as it, seeds under its token, and deletes it in
/// teardown so suites are fully independent and parallel-safe. Override to
/// `false` only in suites that must log in as a SPECIFIC seeded account
/// (then also override `testCredentials`).
var usesFreshAccount: Bool { true }
/// Short slug used in generated account emails (uit_<domain>_<uuid>@...),
/// cosmetic for debugging. Defaults to the test class name.
var accountDomain: String { String(describing: type(of: self)) }
/// The per-test isolated account (non-nil in fresh-account mode).
private(set) var account: TestAccount?
/// Set `true` in suites whose UI gates on a residence existing (e.g. task
/// or document creation). Seeds one residence BEFORE login so the app loads
/// it on its post-login fetch; available to the test body as `seededResidence`.
var requiresResidence: Bool { false }
/// The residence seeded as a precondition (when `requiresResidence`).
private(set) var seededResidence: TestResidence?
/// Seed baseline data the UI gates on for this test's fresh account, BEFORE
/// the app logs in (a fresh account is otherwise empty, so anything seeded
/// after login is invisible until a manual refresh). Override to seed a full
/// scenario (residence + tasks/documents); call `super` to keep the
/// `requiresResidence` convenience.
func seedAccountPreconditions(_ account: TestAccount) {
if requiresResidence {
seededResidence = account.seedResidence(name: "Precondition Home")
}
}
// MARK: - API Session
/// The authenticated session used for API seeding. In fresh-account mode
/// this is the test's own account; in legacy mode it's `apiCredentials`.
private(set) var session: TestSession!
private(set) var cleaner: TestDataCleaner!
// MARK: - Lifecycle
override class func setUp() {
super.setUp()
guard TestAccountAPIClient.isBackendReachable() else { return }
// Ensure both known test accounts exist (covers all subclass credential overrides).
// Kratos uses the EMAIL as the login identifier, so log in by email.
// NOTE: the admin@honeydue.com / Test1234 created here is the Kratos APP identity
// (system (a) in the `apiCredentials` doc above) NOT the admin-panel SQL
// super-admin (admin@honeydue.com / password123) that SuiteZZ uses for the data
// wipe. Same email, separate systems; keep Test1234 here.
if TestAccountAPIClient.login(username: "testuser@honeydue.com", password: "TestPass123!") == nil {
_ = TestAccountAPIClient.createVerifiedAccount(username: "testuser", email: "testuser@honeydue.com", password: "TestPass123!")
}
if TestAccountAPIClient.login(username: "admin@honeydue.com", password: "Test1234") == nil {
_ = TestAccountAPIClient.createVerifiedAccount(username: "admin", email: "admin@honeydue.com", password: "Test1234")
}
}
/// When `true`, every test in the suite forces a logout login cycle
/// in `setUp`, guaranteeing a freshly-issued auth token on each run.
///
/// Default is `false`: tests reuse the existing logged-in session
/// from the previous test in the same suite much faster (one login
/// per suite, not one per test) and resilient to suites where the
/// current screen has no logout affordance (`UITestHelpers.ensureLoggedOut`
/// times out the test fails before its body runs).
///
/// Override to `true` in suites that have observed transient
/// `Invalid token` 401s on POST/PATCH while reads continue to work.
/// The recipe was added after a 2026-05 incident where the API
/// container was rebuilt mid-suite and in-memory tokens went stale.
/// In normal CI runs against a stable API + freshly-erased simulator,
/// session reuse is the correct default.
var forceFreshLoginPerTest: Bool { false }
override func setUpWithError() throws {
guard TestAccountAPIClient.isBackendReachable() else {
throw XCTSkip("Backend not reachable at \(TestAccountAPIClient.baseURL)")
}
if usesFreshAccount {
// Per-test isolation WITHOUT a UI login: create the account and seed
// its UI-gated data via API BEFORE the app launches, then boot the
// app already authenticated via the injected session token (see
// `additionalLaunchArguments`). relaunchBetweenTests gives every test
// a fresh launch, so each boots as its own account; the account is
// deleted in teardown (cascading all its data).
let acct = TestAccount.create(domain: accountDomain)
account = acct
session = acct.session
cleaner = TestDataCleaner(token: acct.token)
seedAccountPreconditions(acct)
try super.setUpWithError() // launches with --ui-test-session-token
waitForMainApp()
return
}
try super.setUpWithError()
// Legacy path: log in as a SPECIFIC seeded account (testCredentials),
// optionally opening a separate API session (apiCredentials).
let tabBar = app.tabBars.firstMatch
let alreadyLoggedIn = tabBar.waitForExistence(timeout: defaultTimeout)
if forceFreshLoginPerTest {
UITestHelpers.ensureLoggedOut(app: app)
loginToMainApp()
} else if !alreadyLoggedIn {
UITestHelpers.ensureLoggedOut(app: app)
loginToMainApp()
}
if needsAPISession {
// Kratos uses the EMAIL as the login identifier. Subclasses still
// declare seeded `apiCredentials` by short username (e.g. "admin"),
// so normalize bare usernames to their "<username>@honeydue.com" email.
let identifier = apiCredentials.username.contains("@")
? apiCredentials.username
: "\(apiCredentials.username)@honeydue.com"
guard let apiSession = TestAccountManager.loginSeededAccount(
username: identifier,
password: apiCredentials.password
) else {
XCTFail("Could not login API account '\(apiCredentials.username)'")
return
}
session = apiSession
cleaner = TestDataCleaner(token: apiSession.token)
}
}
override func tearDownWithError() throws {
// Deleting the per-test account cascades all of its data and clears the
// Kratos identity in one call. In legacy mode there's no account, so
// fall back to tracked-resource cleanup.
if let account {
account.delete()
} else {
cleaner?.cleanAll()
}
try super.tearDownWithError()
}
// MARK: - Login
func loginToMainApp() {
let creds = testCredentials
UITestHelpers.ensureOnLoginScreen(app: app)
let login = LoginScreenObject(app: app)
login.waitForLoad(timeout: loginTimeout)
// Kratos uses the EMAIL as the login identifier. Subclasses still declare
// testCredentials by short username (e.g. "admin"/"testuser"), so normalize
// a bare username to "<username>@honeydue.com" for the app's login form.
let identifier = creds.username.contains("@")
? creds.username
: "\(creds.username)@honeydue.com"
login.enterUsername(identifier)
login.enterPassword(creds.password)
let loginButton = app.buttons[AccessibilityIdentifiers.Authentication.loginButton]
loginButton.waitForExistenceOrFail(timeout: defaultTimeout)
loginButton.tap()
waitForMainApp()
}
func waitForMainApp() {
let tabBar = app.tabBars.firstMatch
let verification = VerificationScreen(app: app)
let deadline = Date().addingTimeInterval(loginTimeout)
while Date() < deadline {
if tabBar.exists { break }
if verification.codeField.exists {
verification.enterCode(TestAccountAPIClient.debugVerificationCode)
verification.submitCode()
_ = tabBar.waitForExistence(timeout: loginTimeout)
break
}
RunLoop.current.run(until: Date().addingTimeInterval(0.5))
}
if !tabBar.exists {
XCTFail("Expected tab bar after login with '\(testCredentials.username)'. " +
"Root state: " + Self.diagnoseRootState(app))
}
}
/// Diagnostic: report which RootView branch the app is parked on when
/// the tab bar fails to appear after login. Helps distinguish a failed login
/// (parked on ui.root.login) from a stuck verify-email gate.
static func diagnoseRootState(_ app: XCUIApplication) -> String {
let login = app.otherElements["ui.root.login"].exists
let onboarding = app.otherElements["ui.root.onboarding"].exists
let mainTabs = app.otherElements["ui.root.mainTabs"].exists
let verifyCode = app.textFields[AccessibilityIdentifiers.Authentication.verificationCodeField].exists
|| app.textFields[AccessibilityIdentifiers.Onboarding.verificationCodeField].exists
let usernameField = app.textFields[AccessibilityIdentifiers.Authentication.usernameField].exists
return "login=\(login) onboarding=\(onboarding) mainTabs=\(mainTabs) " +
"verifyCodeField=\(verifyCode) usernameField=\(usernameField)"
}
// MARK: - Tab Navigation
func navigateToTab(_ label: String) {
let tabBar = app.tabBars.firstMatch
tabBar.waitForExistenceOrFail(timeout: navigationTimeout)
let tab = tabBar.buttons.containing(
NSPredicate(format: "label CONTAINS[c] %@", label)
).firstMatch
tab.waitForExistenceOrFail(timeout: navigationTimeout)
tab.tap()
// Verify navigation happened wait for isSelected (best effort, won't fail)
// sidebarAdaptable tabs sometimes need a moment
let selected = NSPredicate(format: "isSelected == true")
let exp = XCTNSPredicateExpectation(predicate: selected, object: tab)
let result = XCTWaiter().wait(for: [exp], timeout: navigationTimeout)
// If first tap didn't register, tap again
if result != .completed {
tab.tap()
_ = XCTWaiter().wait(for: [XCTNSPredicateExpectation(predicate: selected, object: tab)], timeout: navigationTimeout)
}
}
func navigateToResidences() { navigateToTab("Residences") }
func navigateToTasks() { navigateToTab("Tasks") }
func navigateToContractors() { navigateToTab("Contractors") }
func navigateToDocuments() { navigateToTab("Doc") }
func navigateToProfile() { navigateToTab("Profile") }
// MARK: - Pull to Refresh
func pullToRefresh() {
let scrollable = app.collectionViews.firstMatch.exists
? app.collectionViews.firstMatch
: app.scrollViews.firstMatch
guard scrollable.waitForExistence(timeout: defaultTimeout) else { return }
let start = scrollable.coordinate(withNormalizedOffset: CGVector(dx: 0.5, dy: 0.15))
let end = scrollable.coordinate(withNormalizedOffset: CGVector(dx: 0.5, dy: 0.85))
start.press(forDuration: 0.3, thenDragTo: end)
_ = app.activityIndicators.firstMatch.waitForNonExistence(timeout: navigationTimeout)
}
func pullToRefreshUntilVisible(_ element: XCUIElement, maxRetries: Int = 3) {
for _ in 0..<maxRetries {
if element.waitForExistence(timeout: defaultTimeout) { return }
pullToRefresh()
}
}
/// Tap the refresh button on the Tasks/Kanban screen (no pull-to-refresh on kanban).
func refreshTasks() {
let refreshButton = app.buttons[AccessibilityIdentifiers.Task.refreshButton]
if refreshButton.waitForExistence(timeout: defaultTimeout) && refreshButton.isEnabled {
refreshButton.tap()
_ = app.activityIndicators.firstMatch.waitForNonExistence(timeout: navigationTimeout)
}
}
// MARK: - Preconditions (Rule 17: validate assumptions via API before tests run)
/// Ensure at least one residence exists for the current user.
/// Required precondition for: task creation, document creation.
func ensureResidenceExists() {
guard let token = session?.token else { return }
if let residences = TestAccountAPIClient.listResidences(token: token),
!residences.isEmpty { return }
// No residence create one via API
let _ = TestDataSeeder.createResidence(token: token, name: "Precondition Home \(Int(Date().timeIntervalSince1970))")
}
/// Ensure the current user has a specific minimum of residences.
func ensureResidenceCount(minimum: Int) {
guard let token = session?.token else { return }
let existing = TestAccountAPIClient.listResidences(token: token) ?? []
for i in existing.count..<minimum {
let _ = TestDataSeeder.createResidence(token: token, name: "Precondition Home \(i) \(Int(Date().timeIntervalSince1970))")
}
}
// MARK: - Shared Helpers
/// Fill a text field by accessibility identifier. The ONE way to type into fields.
func fillTextField(identifier: String, text: String, file: StaticString = #filePath, line: UInt = #line) {
let field = app.textFields[identifier].firstMatch
field.waitForExistenceOrFail(timeout: defaultTimeout, file: file, line: line)
field.focusAndType(text, app: app, file: file, line: line)
}
/// Dismiss keyboard using the Return key or toolbar Done button.
func dismissKeyboard() {
KeyboardDismisser.dismiss(app: app, timeout: defaultTimeout)
}
}
/// Robust keyboard dismissal. Numeric keyboards (postal, year, cost) often lack
/// Return/Done keys, so we fall back through swipe-down and tap-above strategies.
enum KeyboardDismisser {
static func dismiss(app: XCUIApplication, timeout: TimeInterval = 5) {
let keyboard = app.keyboards.firstMatch
guard keyboard.exists else { return }
// 1. Prefer the keyboard-toolbar "Done" button (SwiftUI ToolbarItemGroup
// on .keyboard placement). Tapping it sets focusedField = nil, which
// reliably commits TextField bindings before the keyboard dismisses.
// We look outside app.keyboards.buttons because the toolbar is
// rendered on the keyboard layer, not inside it.
if keyboard.exists {
let toolbarDone = app.toolbars.buttons["Done"]
if toolbarDone.exists && toolbarDone.isHittable {
toolbarDone.tap()
if keyboard.waitForNonExistence(timeout: 1.0) { return }
}
}
// 2. Tap above the keyboard. This dismisses via focus-loss on the
// underlying UITextField, which propagates the typed text to the
// SwiftUI binding. Works for numeric keyboards too.
if keyboard.exists {
app.coordinate(withNormalizedOffset: CGVector(dx: 0.5, dy: 0.2)).tap()
if keyboard.waitForNonExistence(timeout: 1.0) { return }
}
// 3. Last resort: keyboard Return/Done key. Avoid this first on
// SwiftUI text fields the Return keystroke can dismiss the keyboard
// before the binding catches up with the final typed characters.
for keyName in ["Return", "return", "Done", "done"] {
let button = app.keyboards.buttons[keyName]
if button.exists && button.isHittable {
button.tap()
if keyboard.waitForNonExistence(timeout: 1.0) { return }
}
}
_ = keyboard.waitForNonExistence(timeout: timeout)
}
}
Reference in New Issue View Git Blame Copy Permalink