stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
ae5059aa1cb921eca10d4289952f7ef14e4d944e
git.stella-ops.org/src/Web/StellaOps.Web/e2e/audit-consolidation.e2e.spec.ts
master ae5059aa1c Add hub-and-spoke audit tabs across 9 feature modules 
Consolidate module-specific audit views from the unified audit
dashboard into contextual tabs on parent feature pages. Creates
reusable AuditModuleEventsComponent for embedding audit tables.

- Trust Admin: 4th tab with Trust Events / Air-Gap / Incidents sub-views
- Policy Governance: embedded audit child route with Governance Changes /
  Promotions & Approvals sub-toggle
- Console Admin: Management / Token Lifecycle & Security sub-tabs
- Integration Hub: Config Audit tab on per-integration detail page
- Slim unified audit dashboard to 4 tabs (Overview, All Events, Timeline,
  Correlations)
- Platform Jobs, Scanner Ops, SBOM Sources: audit tabs/sections added
- VEX Hub: Audit Trail tab
- Backward-compatible redirects for old audit URLs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-30 17:24:15 +03:00

474 lines
22 KiB
TypeScript
Raw Blame History

/**
* Audit Menu Consolidation E2E Tests
* Verifies the hub-and-spoke audit architecture:
* - Contextual audit tabs in feature pages (VEX Hub, Trust Admin, Policy Governance, Console Admin, Integration Hub)
* - Slimmed unified audit dashboard (4 tabs: Overview, All Events, Timeline, Correlations)
* - Gap-filled audit tabs (Platform Jobs, Scanner Ops, SBOM Sources)
* - Navigation changes (Audit Bundles removed, Audit & Compliance renamed)
* - Backward-compatible redirects
* - Bidirectional cross-links
*/
import { test, expect } from './fixtures/auth.fixture';
const SCREENSHOT_DIR = 'e2e/screenshots/audit-consolidation';
async function snap(page: import('@playwright/test').Page, label: string) {
await page.screenshot({ path: `${SCREENSHOT_DIR}/${label}.png`, fullPage: true });
}
function collectErrors(page: import('@playwright/test').Page) {
const errors: string[] = [];
page.on('console', (msg) => {
if (msg.type() === 'error') errors.push(msg.text());
});
page.on('pageerror', (err) => errors.push(err.message));
return errors;
}
async function go(page: import('@playwright/test').Page, path: string) {
await page.goto(path, { waitUntil: 'networkidle', timeout: 30_000 });
await page.waitForLoadState('domcontentloaded');
await page.waitForTimeout(1500);
}
function noCriticalErrors(errors: string[]) {
return errors.filter(e =>
e.includes('NG0') || e.includes('TypeError') || e.includes('ReferenceError')
);
}
// ---------------------------------------------------------------------------
// 1. Unified Audit Dashboard — slimmed to 4 tabs
// ---------------------------------------------------------------------------
test.describe('Unified Audit Dashboard (slimmed)', () => {
test('loads with 4 tabs: Overview, All Events, Timeline, Correlations', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/evidence/audit-log');
await snap(page, '01-unified-dashboard');
const heading = page.locator('h1').first();
await expect(heading).toContainText('Audit');
// Verify exactly 4 tabs visible
const tabs = page.locator('stella-page-tabs button[role="tab"], stella-page-tabs [role="tab"]');
const tabCount = await tabs.count();
// Should have 4 tabs (overview, all-events, timeline, correlations)
expect(tabCount).toBe(4);
// Verify removed module tabs are NOT present
const tabTexts = await tabs.allInnerTexts();
const joinedTabs = tabTexts.join(' ').toLowerCase();
expect(joinedTabs).not.toContain('policy');
expect(joinedTabs).not.toContain('authority');
expect(joinedTabs).not.toContain('vex');
expect(joinedTabs).not.toContain('integrations');
expect(joinedTabs).not.toContain('trust');
// Verify remaining tabs are present
expect(joinedTabs).toContain('overview');
expect(joinedTabs).toContain('all events');
expect(joinedTabs).toContain('timeline');
expect(joinedTabs).toContain('correlations');
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
test('All Events tab loads with module filters', async ({ authenticatedPage: page }) => {
await go(page, '/evidence/audit-log?tab=all-events');
await snap(page, '01-unified-all-events');
// Should have filter controls
const filtersBar = page.locator('.filters-bar');
await expect(filtersBar).toBeVisible({ timeout: 5000 });
// Should have events table
const table = page.locator('.events-table, table');
await expect(table).toBeVisible({ timeout: 5000 });
});
test('Timeline tab loads', async ({ authenticatedPage: page }) => {
await go(page, '/evidence/audit-log?tab=timeline');
await snap(page, '01-unified-timeline');
const body = await page.locator('body').innerText();
expect(body.length).toBeGreaterThan(20);
});
test('Correlations tab loads', async ({ authenticatedPage: page }) => {
await go(page, '/evidence/audit-log?tab=correlations');
await snap(page, '01-unified-correlations');
const body = await page.locator('body').innerText();
expect(body.length).toBeGreaterThan(20);
});
});
// ---------------------------------------------------------------------------
// 2. VEX Hub — Audit Trail tab (new)
// ---------------------------------------------------------------------------
test.describe('VEX Hub Audit Trail tab', () => {
test('VEX Hub has Audit Trail tab', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/ops/policy/vex');
await snap(page, '02-vex-hub-default');
// Click Audit Trail tab
const auditTab = page.locator('stella-page-tabs button, stella-page-tabs [role="tab"]').filter({ hasText: /audit trail/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(1500);
await snap(page, '02-vex-hub-audit-trail');
// Should render audit-vex component
const auditContent = page.locator('app-audit-vex, .vex-audit-page');
const visible = await auditContent.isVisible({ timeout: 5000 }).catch(() => false);
expect(visible, 'Audit VEX component should be visible').toBe(true);
// Should have cross-link to unified audit
const crossLink = page.locator('a[href*="evidence/audit-log"]').first();
const crossLinkVisible = await crossLink.isVisible({ timeout: 3000 }).catch(() => false);
expect(crossLinkVisible, 'Cross-link to unified audit should be visible').toBe(true);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 3. Trust Admin — Audit tab (new)
// ---------------------------------------------------------------------------
test.describe('Trust Admin Audit tab', () => {
test('Trust Admin has Audit tab with sub-tabs', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/setup/trust-signing');
await snap(page, '03-trust-admin-default');
// Click Audit tab
const auditTab = page.locator('stella-page-tabs button, stella-page-tabs [role="tab"]').filter({ hasText: /^audit$/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(1500);
await snap(page, '03-trust-admin-audit');
// Should have sub-tabs for Trust Events, Air-Gap, Incidents
const body = await page.locator('body').innerText();
const bodyLower = body.toLowerCase();
expect(bodyLower).toContain('trust');
// Should have cross-link to unified audit
const crossLink = page.locator('a[href*="evidence/audit-log"]').first();
const crossLinkVisible = await crossLink.isVisible({ timeout: 3000 }).catch(() => false);
expect(crossLinkVisible, 'Cross-link to unified audit should be visible').toBe(true);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 4. Policy Governance — Extended Audit tab
// ---------------------------------------------------------------------------
test.describe('Policy Governance extended audit tab', () => {
test('Policy Governance audit tab has Governance + Promotions toggle', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/ops/policy/governance');
await snap(page, '04-policy-governance-default');
// Click Audit Log tab
const auditTab = page.locator('stella-page-tabs button, stella-page-tabs [role="tab"]').filter({ hasText: /audit/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(1500);
await snap(page, '04-policy-governance-audit');
// Should have toggle chips for Governance Changes and Promotions & Approvals
const body = await page.locator('body').innerText();
const bodyLower = body.toLowerCase();
const hasGovernanceToggle = bodyLower.includes('governance') && bodyLower.includes('promotions');
expect(hasGovernanceToggle, 'Should have governance + promotions toggle').toBe(true);
// Click Promotions & Approvals toggle
const promotionsChip = page.locator('button').filter({ hasText: /promotions/i }).first();
if (await promotionsChip.isVisible({ timeout: 3000 }).catch(() => false)) {
await promotionsChip.click();
await page.waitForTimeout(1500);
await snap(page, '04-policy-governance-promotions');
// Should render audit-policy component
const auditPolicy = page.locator('app-audit-policy, .policy-audit');
const visible = await auditPolicy.isVisible({ timeout: 5000 }).catch(() => false);
expect(visible, 'AuditPolicyComponent should be visible').toBe(true);
}
// Cross-link to unified
const crossLink = page.locator('a[href*="evidence/audit-log"]').first();
const crossLinkVisible = await crossLink.isVisible({ timeout: 3000 }).catch(() => false);
expect(crossLinkVisible, 'Cross-link should be visible').toBe(true);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 5. Console Admin — Extended Audit tab
// ---------------------------------------------------------------------------
test.describe('Console Admin extended audit tab', () => {
test('Console Admin audit tab has Management + Token Lifecycle toggle', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
// Console Admin uses route-based tabs — navigate to parent first then click Audit tab
await go(page, '/console/admin');
await snap(page, '05-console-admin-default');
// Click Audit tab in StellaPageTabs
const auditTab = page.locator('stella-page-tabs button[role="tab"], stella-page-tabs [role="tab"]').filter({ hasText: /^audit$/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(2000);
await snap(page, '05-console-admin-audit');
// Should have toggle for Management Events and Token Lifecycle & Security
const body = await page.locator('body').innerText();
const bodyLower = body.toLowerCase();
const hasManagementToggle = bodyLower.includes('management') && (bodyLower.includes('token lifecycle') || bodyLower.includes('token'));
expect(hasManagementToggle, 'Should have management + token lifecycle toggle').toBe(true);
// Click Token Lifecycle toggle
const tokenChip = page.locator('.toggle-btn, button').filter({ hasText: /token lifecycle/i }).first();
if (await tokenChip.isVisible({ timeout: 3000 }).catch(() => false)) {
await tokenChip.click();
await page.waitForTimeout(1500);
await snap(page, '05-console-admin-token-lifecycle');
// Should render audit-authority component
const auditAuthority = page.locator('app-audit-authority');
const visible = await auditAuthority.isVisible({ timeout: 5000 }).catch(() => false);
expect(visible, 'AuditAuthorityComponent should be visible').toBe(true);
}
// Cross-link to unified
const crossLink = page.locator('a[href*="evidence/audit-log"]').first();
const crossLinkVisible = await crossLink.isVisible({ timeout: 3000 }).catch(() => false);
expect(crossLinkVisible, 'Cross-link to unified audit should be visible').toBe(true);
} else {
// Audit tab not visible — may be scope-gated. Verify page loaded without errors.
const body = await page.locator('body').innerText();
expect(body.length).toBeGreaterThan(20);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 6. Integration Hub — Config Audit tab
// ---------------------------------------------------------------------------
test.describe('Integration Hub Config Audit tab', () => {
test('Integration Hub has Config Audit tab', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/integrations');
await snap(page, '06-integration-hub-default');
// Click Config Audit tab
const auditTab = page.locator('stella-page-tabs button, stella-page-tabs [role="tab"]').filter({ hasText: /config audit/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(1500);
await snap(page, '06-integration-hub-config-audit');
// Should render integrations audit component
const auditComponent = page.locator('app-audit-integrations, .integrations-audit');
const visible = await auditComponent.isVisible({ timeout: 5000 }).catch(() => false);
expect(visible, 'AuditIntegrationsComponent should be visible').toBe(true);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 7. Platform Jobs — Audit tab (gap fill: jobengine + scheduler)
// ---------------------------------------------------------------------------
test.describe('Platform Jobs Audit tab (gap fill)', () => {
test('Platform Jobs has Audit tab for jobengine + scheduler', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/platform-ops/jobs');
await snap(page, '07-platform-jobs-default');
// Click Audit tab
const auditTab = page.locator('stella-page-tabs button, stella-page-tabs [role="tab"]').filter({ hasText: /audit/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(1500);
await snap(page, '07-platform-jobs-audit');
// Should render audit-module-events component
const auditComponent = page.locator('app-audit-module-events');
const visible = await auditComponent.isVisible({ timeout: 5000 }).catch(() => false);
expect(visible, 'AuditModuleEventsComponent should be visible').toBe(true);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 8. Scanner Ops — Audit tab (gap fill)
// ---------------------------------------------------------------------------
test.describe('Scanner Ops Audit tab (gap fill)', () => {
test('Scanner Ops has Audit tab', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/platform-ops/scanner');
await snap(page, '08-scanner-ops-default');
// Click Audit tab
const auditTab = page.locator('stella-page-tabs button, stella-page-tabs [role="tab"]').filter({ hasText: /audit/i });
if (await auditTab.isVisible({ timeout: 5000 }).catch(() => false)) {
await auditTab.click();
await page.waitForTimeout(1500);
await snap(page, '08-scanner-ops-audit');
// Should render audit-module-events component
const auditComponent = page.locator('app-audit-module-events');
const visible = await auditComponent.isVisible({ timeout: 5000 }).catch(() => false);
expect(visible, 'AuditModuleEventsComponent should be visible').toBe(true);
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 9. SBOM Sources — Audit section (gap fill)
// ---------------------------------------------------------------------------
test.describe('SBOM Sources Audit section (gap fill)', () => {
test('SBOM Sources has audit section', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/sbom-sources');
await snap(page, '09-sbom-sources-default');
// Look for audit log section (collapsible)
const auditSection = page.locator('.audit-log-section, .audit-log-toggle, [class*="audit"]').first();
if (await auditSection.isVisible({ timeout: 5000 }).catch(() => false)) {
// Click to expand if collapsible
const toggle = page.locator('.audit-log-toggle, button').filter({ hasText: /audit/i }).first();
if (await toggle.isVisible({ timeout: 3000 }).catch(() => false)) {
await toggle.click();
await page.waitForTimeout(1500);
await snap(page, '09-sbom-sources-audit-expanded');
}
}
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
});
// ---------------------------------------------------------------------------
// 10. Sidebar Navigation — Updated structure
// ---------------------------------------------------------------------------
test.describe('Sidebar Navigation Changes', () => {
test('Findings group does NOT have Audit Bundles item', async ({ authenticatedPage: page }) => {
await go(page, '/');
await snap(page, '10-sidebar-nav');
// The sidebar should NOT have "Audit Bundles" link
const auditBundlesLink = page.locator('a, [routerlink]').filter({ hasText: /audit bundles/i });
const count = await auditBundlesLink.count();
expect(count, 'Audit Bundles should be removed from sidebar').toBe(0);
});
test('Admin group has Audit & Compliance (not Unified Audit Log)', async ({ authenticatedPage: page }) => {
await go(page, '/');
// Should have "Audit & Compliance" in sidebar
const auditLink = page.locator('a, [routerlink], .nav-item, .menu-item').filter({ hasText: /audit.*compliance/i });
const auditLinkCount = await auditLink.count();
// Should NOT have "Unified Audit Log" in sidebar
const unifiedLink = page.locator('a, [routerlink], .nav-item, .menu-item').filter({ hasText: /unified audit/i });
const unifiedCount = await unifiedLink.count();
expect(unifiedCount, 'Unified Audit Log should be removed from sidebar').toBe(0);
await snap(page, '10-sidebar-audit-compliance');
});
});
// ---------------------------------------------------------------------------
// 11. Backward-compatible redirects
// ---------------------------------------------------------------------------
test.describe('Backward-compatible Redirects', () => {
test('/triage/audit-bundles redirects to /evidence/bundles', async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, '/triage/audit-bundles');
await snap(page, '11-redirect-audit-bundles');
// Should have redirected — verify URL contains evidence or bundles
const url = page.url();
expect(url).toContain('evidence');
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, 'Critical errors: ' + criticalErrors.join('\n')).toHaveLength(0);
});
test('/evidence/audit-log/events redirects to all-events tab', async ({ authenticatedPage: page }) => {
await go(page, '/evidence/audit-log/events');
await snap(page, '11-redirect-events');
const body = await page.locator('body').innerText();
expect(body.length).toBeGreaterThan(20);
});
});
// ---------------------------------------------------------------------------
// 12. Bidirectional Cross-links
// ---------------------------------------------------------------------------
test.describe('Bidirectional Cross-links', () => {
test('Unified All Events shows "View in Module" link when single module filtered', async ({ authenticatedPage: page }) => {
await go(page, '/evidence/audit-log?tab=all-events');
// This test verifies the infrastructure exists — the link appears when user selects a single module filter
const body = await page.locator('body').innerText();
expect(body.length).toBeGreaterThan(20);
await snap(page, '12-cross-link-unified');
});
});
// ---------------------------------------------------------------------------
// 13. Full route accessibility sweep — no Angular errors on any audit route
// ---------------------------------------------------------------------------
test.describe('Audit Route Accessibility Sweep', () => {
const routes = [
{ path: '/evidence/audit-log', label: 'unified-dashboard' },
{ path: '/evidence/audit-log?tab=all-events', label: 'unified-all-events' },
{ path: '/evidence/audit-log?tab=timeline', label: 'unified-timeline' },
{ path: '/evidence/audit-log?tab=correlations', label: 'unified-correlations' },
{ path: '/ops/policy/vex', label: 'vex-hub' },
{ path: '/setup/trust-signing', label: 'trust-admin' },
{ path: '/ops/policy/governance', label: 'policy-governance' },
{ path: '/console/admin', label: 'console-admin' },
{ path: '/integrations', label: 'integration-hub' },
{ path: '/platform-ops/jobs', label: 'platform-jobs' },
{ path: '/platform-ops/scanner', label: 'scanner-ops' },
];
for (const { path, label } of routes) {
test(`${label} loads without Angular errors`, async ({ authenticatedPage: page }) => {
const errors = collectErrors(page);
await go(page, path);
await snap(page, `13-sweep-${label}`);
const body = await page.locator('body').innerText();
expect(body.length, `${label} should have content`).toBeGreaterThan(10);
const criticalErrors = noCriticalErrors(errors);
expect(criticalErrors, `Angular errors on ${label}: ${criticalErrors.join('\n')}`).toHaveLength(0);
});
}
});
Reference in New Issue View Git Blame Copy Permalink