fix: add public profiles tests

2025-11-09 20:12:31 +10:00 · 2025-02-19 16:07:04 +11:00
parent 5ce2bae39d
commit a319ea0f5e
26 changed files with 187 additions and 41 deletions
--- a/apps/remix/app/routes/_authenticated+/settings+/public-profile+/index.tsx
+++ b/apps/remix/app/routes/_authenticated+/settings+/public-profile+/index.tsx
@ -60,7 +60,7 @@ export default function PublicProfilePage({ loaderData }: Route.ComponentProps)
  const { _ } = useLingui();
  const { toast } = useToast();

-  const { user } = useSession();
+  const { user, refreshSession } = useSession();
  const team = useOptionalCurrentTeam();

  const [isPublicProfileVisible, setIsPublicProfileVisible] = useState(profile.enabled);
@ -96,6 +96,9 @@ export default function PublicProfilePage({ loaderData }: Route.ComponentProps)
      });
    } else {
      await updateUserProfile(data);
+
+      // Need to refresh session because we're editing the user's profile.
+      await refreshSession();
    }

    if (data.enabled === undefined && !isPublicProfileVisible) {
--- a/apps/remix/app/routes/_profile+/_layout.tsx
+++ b/apps/remix/app/routes/_profile+/_layout.tsx
@ -7,7 +7,7 @@ import { ChevronLeft } from 'lucide-react';
 import { Link, Outlet } from 'react-router';

 import LogoIcon from '@documenso/assets/logo_icon.png';
-import { useSession } from '@documenso/lib/client-only/providers/session';
+import { useOptionalSession } from '@documenso/lib/client-only/providers/session';
 import { cn } from '@documenso/ui/lib/utils';
 import { Button } from '@documenso/ui/primitives/button';

@ -21,7 +21,7 @@ export function meta() {
 }

 export default function PublicProfileLayout() {
-  const session = useSession();
+  const { sessionData } = useOptionalSession();

  const [scrollY, setScrollY] = useState(0);

@ -37,8 +37,8 @@ export default function PublicProfileLayout() {

  return (
    <div className="min-h-screen">
-      {session ? (
-        <AuthenticatedHeader user={session.user} teams={session.teams} />
+      {sessionData ? (
+        <AuthenticatedHeader user={sessionData.user} teams={sessionData.teams} />
      ) : (
        <header
          className={cn(
--- a/apps/remix/app/routes/_profile+/p.$url.tsx
+++ b/apps/remix/app/routes/_profile+/p.$url.tsx
@ -44,7 +44,6 @@ export async function loader({ params }: Route.LoaderArgs) {
    profileUrl,
  }).catch(() => null);

-  // Todo: Test
  if (!publicProfile || !publicProfile.profile.enabled) {
    throw new Response('Not Found', { status: 404 });
  }
--- a/apps/remix/app/routes/_recipient+/_layout.tsx
+++ b/apps/remix/app/routes/_recipient+/_layout.tsx
@ -29,7 +29,7 @@ export default function RecipientLayout() {
  );
 }

-// Todo: Use generic error boundary.
+// Todo: (RR7) Use generic error boundary.
 export function ErrorBoundary() {
  return (
    <div className="mx-auto flex min-h-[80vh] w-full items-center justify-center py-32">
--- a/apps/remix/app/routes/_unauthenticated+/share.$slug.opengraph.tsx
+++ b/apps/remix/app/routes/_unauthenticated+/share.$slug.opengraph.tsx
@ -1,4 +1,4 @@
-// Todo: Test, used AI to migrate this component from NextJS to Remix.
+// Todo: (RR7) Test, used AI to migrate this component from NextJS to Remix.
 import satori from 'satori';
 import sharp from 'sharp';
 import { P, match } from 'ts-pattern';
--- a/apps/remix/app/routes/_unauthenticated+/share.$slug.tsx
+++ b/apps/remix/app/routes/_unauthenticated+/share.$slug.tsx
@ -4,7 +4,7 @@ import { NEXT_PUBLIC_MARKETING_URL, NEXT_PUBLIC_WEBAPP_URL } from '@documenso/li

 import type { Route } from './+types/share.$slug';

-// Todo: Test meta.
+// Todo: (RR7) Test meta.
 export function meta({ params: { slug } }: Route.MetaArgs) {
  return [
    { title: 'Documenso - Share' },
--- a/apps/remix/app/routes/api+/share.ts
+++ b/apps/remix/app/routes/api+/share.ts
@ -6,7 +6,7 @@ export type ShareHandlerAPIResponse =
  | Awaited<ReturnType<typeof getRecipientOrSenderByShareLinkSlug>>
  | { error: string };

-// Todo: Test
+// Todo: (RR7) Test
 export async function loader({ request }: Route.LoaderArgs) {
  try {
    const url = new URL(request.url);
--- a/apps/remix/app/routes/api+/stripe.webhook.ts
+++ b/apps/remix/app/routes/api+/stripe.webhook.ts
@ -1,6 +1,6 @@
 import { stripeWebhookHandler } from '@documenso/ee/server-only/stripe/webhook/handler';

-// Todo
+// Todo: (RR7)
 // export const config = {
 //   api: { bodyParser: false },
 // };
--- a/apps/remix/app/routes/api+/webhook.trigger.ts
+++ b/apps/remix/app/routes/api+/webhook.trigger.ts
@ -2,7 +2,7 @@ import { handlerTriggerWebhooks } from '@documenso/lib/server-only/webhooks/trig

 import type { Route } from './+types/webhook.trigger';

-// Todo
+// Todo: (RR7)
 // export const config = {
 //   maxDuration: 300,
 //   api: {
--- a/apps/remix/app/routes/embed+/_layout.tsx
+++ b/apps/remix/app/routes/embed+/_layout.tsx
@ -6,7 +6,7 @@ import { EmbedPaywall } from '~/components/embed/embed-paywall';

 import type { Route } from './+types/_layout';

-// Todo: Test
+// Todo: (RR7) Test
 export function headers({ loaderHeaders }: Route.HeadersArgs) {
  const origin = loaderHeaders.get('Origin') ?? '*';

--- a/apps/remix/server/api/files.ts
+++ b/apps/remix/server/api/files.ts
@ -33,7 +33,7 @@ export const filesRoute = new Hono<HonoEnv>()
        return c.json({ error: 'No file provided' }, 400);
      }

-      // Todo: This is new.
+      // Todo: (RR7) This is new.
      // Add file size validation.
      // Convert MB to bytes (1 MB = 1024 * 1024 bytes)
      const MAX_FILE_SIZE = APP_DOCUMENT_UPLOAD_SIZE_LIMIT * 1024 * 1024;
@ -54,7 +54,7 @@ export const filesRoute = new Hono<HonoEnv>()
        throw new AppError('INVALID_DOCUMENT_FILE');
      }

-      // Todo: Test this.
+      // Todo: (RR7) Test this.
      if (!file.name.endsWith('.pdf')) {
        Object.defineProperty(file, 'name', {
          writable: true,
--- a/apps/remix/server/router.ts
+++ b/apps/remix/server/router.ts
@ -37,13 +37,13 @@ app.route('/api/auth', auth);
 // Files route.
 app.route('/api/files', filesRoute);

-// API servers. Todo: Configure max durations, etc?
+// API servers. Todo: (RR7) Configure max durations, etc?
 app.route('/api/v1', tsRestHonoApp);
 app.use('/api/jobs/*', jobsClient.getApiHandler());
 app.use('/api/trpc/*', reactRouterTrpcServer);

 // Unstable API server routes. Order matters for these two.
 app.get(`${API_V2_BETA_URL}/openapi.json`, (c) => c.json(openApiDocument));
-app.use(`${API_V2_BETA_URL}/*`, async (c) => openApiTrpcServerHandler(c)); // Todo: Add next()?
+app.use(`${API_V2_BETA_URL}/*`, async (c) => openApiTrpcServerHandler(c)); // Todo: (RR7) Add next()?

 export default app;
--- a/apps/remix/server/trpc/hono-trpc-open-api.ts
+++ b/apps/remix/server/trpc/hono-trpc-open-api.ts
@ -11,8 +11,8 @@ export const openApiTrpcServerHandler = async (c: Context) => {
  return createOpenApiFetchHandler<typeof appRouter>({
    endpoint: API_V2_BETA_URL,
    router: appRouter,
-    // Todo: Test this, since it's not using the createContext params.
-    // Todo: Reduce calls since we fetch on most request? maybe
+    // Todo: (RR7) Test this, since it's not using the createContext params.
+    // Todo: (RR7) Reduce calls since we fetch on most request? maybe
    createContext: async () => createTrpcContext({ c, requestSource: 'apiV2' }),
    req: c.req.raw,
    onError: (opts) => handleTrpcRouterError(opts, 'apiV2'),
--- a/packages/api/hono.ts
+++ b/packages/api/hono.ts
@ -18,8 +18,8 @@ tsRestHonoApp
  .get('/openapi.json', (c) => c.json(OpenAPIV1))
  .get('/me', async (c) => testCredentialsHandler(c.req.raw));

-// Zapier. Todo: Check methods. Are these get/post/update requests?
-// Todo: Is there really no validations?
+// Zapier. Todo: (RR7) Check methods. Are these get/post/update requests?
+// Todo: (RR7) Is there really no validations?
 tsRestHonoApp
  .all('/zapier/list-documents', async (c) => listDocumentsHandler(c.req.raw))
  .all('/zapier/subscribe', async (c) => subscribeHandler(c.req.raw))
--- a/packages/api/v1/middleware/authenticated.ts
+++ b/packages/api/v1/middleware/authenticated.ts
@ -52,7 +52,7 @@ export const authenticatedMiddleware = <
      }

      const metadata: ApiRequestMetadata = {
-        requestMetadata: extractRequestMetadata(request), // Todo: Test
+        requestMetadata: extractRequestMetadata(request), // Todo: (RR7) Test
        source: 'apiV1',
        auth: 'api',
        auditUser: {
--- a/packages/app-tests/e2e/public-profiles/public-profiles.spec.ts
+++ b/packages/app-tests/e2e/public-profiles/public-profiles.spec.ts
@ -0,0 +1,144 @@
+import { expect, test } from '@playwright/test';
+
+import { NEXT_PUBLIC_WEBAPP_URL } from '@documenso/lib/constants/app';
+import { seedTeam } from '@documenso/prisma/seed/teams';
+import { seedDirectTemplate } from '@documenso/prisma/seed/templates';
+import { seedUser } from '@documenso/prisma/seed/users';
+
+import { apiSignin } from '../fixtures/authentication';
+
+test.describe.configure({ mode: 'parallel' });
+
+test('[PUBLIC_PROFILE]: create profile', async ({ page }) => {
+  const user = await seedUser();
+
+  // Create direct template.
+  const directTemplate = await seedDirectTemplate({
+    userId: user.id,
+  });
+
+  await apiSignin({
+    page,
+    email: user.email,
+    redirectPath: '/settings/public-profile',
+  });
+
+  const publicProfileUrl = Date.now().toString();
+  const publicProfileBio = `public-profile-bio`;
+
+  await page.getByRole('textbox', { name: 'Public profile URL' }).click();
+  await page.getByRole('textbox', { name: 'Public profile URL' }).fill(publicProfileUrl);
+
+  await page.getByRole('textbox', { name: 'Bio' }).click();
+  await page.getByRole('textbox', { name: 'Bio' }).fill(publicProfileBio);
+
+  await page.getByRole('button', { name: 'Update' }).click();
+
+  await expect(page.getByRole('status').first()).toContainText(
+    'Your public profile has been updated.',
+  );
+
+  // Link direct template to public profile.
+  await page.getByRole('button', { name: 'Link template' }).click();
+  await page.getByRole('cell', { name: directTemplate.title }).click();
+  await page.getByRole('button', { name: 'Continue' }).click();
+
+  await page.getByRole('textbox', { name: 'Title *' }).fill('public-direct-template-title');
+  await page
+    .getByRole('textbox', { name: 'Description *' })
+    .fill('public-direct-template-description');
+  await page.getByRole('button', { name: 'Update' }).click();
+
+  // Check that public profile is disabled.
+  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/p/${publicProfileUrl}`);
+  await expect(page.locator('body')).toContainText('404 Profile not found');
+
+  // Go back to public profile page.
+  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/settings/public-profile`);
+  await page.getByRole('switch').click();
+
+  // Assert values.
+  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/p/${publicProfileUrl}`);
+  await expect(page.getByRole('main')).toContainText(publicProfileBio);
+  await expect(page.locator('body')).toContainText('public-direct-template-title');
+  await expect(page.locator('body')).toContainText('public-direct-template-description');
+
+  await page.getByRole('link', { name: 'Sign' }).click();
+  await page.getByRole('button', { name: 'Continue' }).click();
+  await page.getByRole('button', { name: 'Complete' }).click();
+  await page.getByRole('button', { name: 'Sign' }).click();
+
+  await expect(page.getByRole('heading', { name: 'Document Signed' })).toBeVisible();
+  await expect(page.getByRole('heading')).toContainText('Document Signed');
+});
+
+test('[PUBLIC_PROFILE]: create team profile', async ({ page }) => {
+  const team = await seedTeam({
+    createTeamMembers: 1,
+  });
+
+  const user = team.owner;
+
+  // Create direct template.
+  const directTemplate = await seedDirectTemplate({
+    userId: user.id,
+    teamId: team.id,
+  });
+
+  // Create non team template to make sure you can only see the team one.
+  // Will be indirectly asserted because test should fail when 2 elements appear.
+  await seedDirectTemplate({
+    userId: user.id,
+  });
+
+  await apiSignin({
+    page,
+    email: user.email,
+    redirectPath: `/t/${team.url}/settings/public-profile`,
+  });
+
+  const publicProfileUrl = team.url;
+  const publicProfileBio = `public-profile-bio`;
+
+  await page.getByRole('textbox', { name: 'Bio' }).click();
+  await page.getByRole('textbox', { name: 'Bio' }).fill(publicProfileBio);
+
+  await page.getByRole('button', { name: 'Update' }).click();
+
+  await expect(page.getByRole('status').first()).toContainText(
+    'Your public profile has been updated.',
+  );
+
+  // Link direct template to public profile.
+  await page.getByRole('button', { name: 'Link template' }).click();
+  await page.getByRole('cell', { name: directTemplate.title }).click();
+  await page.getByRole('button', { name: 'Continue' }).click();
+
+  await page.getByRole('textbox', { name: 'Title *' }).fill('public-direct-template-title');
+  await page
+    .getByRole('textbox', { name: 'Description *' })
+    .fill('public-direct-template-description');
+  await page.getByRole('button', { name: 'Update' }).click();
+
+  // Check that public profile is disabled.
+  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/p/${publicProfileUrl}`);
+  await expect(page.locator('body')).toContainText('404 Profile not found');
+
+  // Go back to public profile page.
+  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/t/${team.url}/settings/public-profile`);
+  await page.getByRole('switch').click();
+
+  // Assert values.
+  await page.goto(`${NEXT_PUBLIC_WEBAPP_URL()}/p/${publicProfileUrl}`);
+  await expect(page.getByRole('main')).toContainText(publicProfileBio);
+  await expect(page.locator('body')).toContainText('public-direct-template-title');
+  await expect(page.locator('body')).toContainText('public-direct-template-description');
+
+  await page.getByRole('link', { name: 'Sign' }).click();
+  await page.getByRole('button', { name: 'Continue' }).click();
+  await page.getByRole('button', { name: 'Complete' }).click();
+  await page.getByRole('button', { name: 'Sign' }).click();
+
+  await expect(page.getByRole('heading', { name: 'Document Signed' })).toBeVisible();
+  await expect(page.getByRole('heading')).toContainText('Document Signed');
+});
--- a/packages/auth/server/lib/session/session-cookies.ts
+++ b/packages/auth/server/lib/session/session-cookies.ts
@ -30,10 +30,10 @@ const getAuthSecret = () => {
 export const sessionCookieOptions = {
  httpOnly: true,
  path: '/',
-  sameSite: useSecureCookies ? 'none' : 'lax', // Todo: This feels wrong?
+  sameSite: useSecureCookies ? 'none' : 'lax', // Todo: (RR7) This feels wrong?
  secure: useSecureCookies,
  domain: getCookieDomain(),
-  // Todo: Max age for specific auth cookies.
+  // Todo: (RR7) Max age for specific auth cookies.
 } as const;

 export const extractSessionCookieFromHeaders = (headers: Headers): string | null => {
--- a/packages/auth/server/lib/utils/get-session.ts
+++ b/packages/auth/server/lib/utils/get-session.ts
@ -38,7 +38,7 @@ export const getOptionalSession = async (
 };

 /**
- * Todo: Rethink, this is pretty sketchy.
+ * Todo: (RR7) Rethink, this is pretty sketchy.
 */
 const mapRequestToContextForCookie = (c: Context | Request) => {
  if (c instanceof Request) {
--- a/packages/auth/server/lib/utils/handle-oauth-callback-url.ts
+++ b/packages/auth/server/lib/utils/handle-oauth-callback-url.ts
@ -144,7 +144,7 @@ export const handleOAuthCallbackUrl = async (options: HandleOAuthCallbackUrlOpti
          },
          data: {
            emailVerified: new Date(),
-            password: null, // Todo: Check this
+            password: null, // Todo: (RR7) Check this
          },
        });
      }
@ -182,7 +182,7 @@ export const handleOAuthCallbackUrl = async (options: HandleOAuthCallbackUrlOpti
  });

  await onCreateUserHook(createdUser).catch((err) => {
-    // Todo: Add logging.
+    // Todo: (RR7) Add logging.
    console.error(err);
  });

--- a/packages/auth/server/routes/email-password.ts
+++ b/packages/auth/server/routes/email-password.ts
@ -50,7 +50,7 @@ export const emailPasswordRoute = new Hono<HonoAuthContext>()

    const csrfCookieToken = await getCsrfCookie(c);

-    // Todo: Add logging here.
+    // Todo: (RR7) Add logging here.
    if (csrfToken !== csrfCookieToken || !csrfCookieToken) {
      throw new AppError(AuthenticationErrorCode.InvalidRequest, {
        message: 'Invalid CSRF token',
--- a/packages/ee/server-only/stripe/webhook/handler.ts
+++ b/packages/ee/server-only/stripe/webhook/handler.ts
@ -51,7 +51,7 @@ export const stripeWebhookHandler = async (req: Request) => {
      );
    }

-    // Todo: I'm not sure about this.
+    // Todo: (RR7) I'm not sure about this.
    const clonedReq = req.clone();
    const rawBody = await clonedReq.arrayBuffer();
    const body = Buffer.from(rawBody);
--- a/packages/lib/client-only/providers/session.tsx
+++ b/packages/lib/client-only/providers/session.tsx
@ -40,7 +40,7 @@ export const useSession = () => {

  return {
    ...context.sessionData,
-    refresh: context.refresh,
+    refreshSession: context.refresh,
  };
 };

@ -68,7 +68,7 @@ export const SessionProvider = ({ children, initialSession }: SessionProviderPro
    }

    const teams = await trpc.team.getTeams.query().catch(() => {
-      // Todo: Log
+      // Todo: (RR7) Log
      return [];
    });

--- a/packages/lib/jobs/client/inngest.ts
+++ b/packages/lib/jobs/client/inngest.ts
@ -92,7 +92,7 @@ export class InngestJobProvider extends BaseJobProvider {
  //   };
  // }

-  // Todo: Do we need to handle the above?
+  // Todo: (RR7) Do we need to handle the above?
  public getApiHandler() {
    return async (context: HonoContext) => {
      const handler = createHonoPagesRoute({
--- a/packages/lib/server-only/user/create-user.ts
+++ b/packages/lib/server-only/user/create-user.ts
@ -52,18 +52,18 @@ export const createUser = async ({ name, email, password, signature, url }: Crea
      data: {
        name,
        email: email.toLowerCase(),
-        password: hashedPassword, // Todo: Drop password.
+        password: hashedPassword, // Todo: (RR7) Drop password.
        signature,
        url,
      },
    });

-    // Todo: Migrate to use this after RR7.
+    // Todo: (RR7) Migrate to use this after RR7.
    // await tx.account.create({
    //   data: {
    //     userId: user.id,
-    //     type: 'emailPassword', // Todo
-    //     provider: 'DOCUMENSO', // Todo: Enums
+    //     type: 'emailPassword', // Todo: (RR7)
+    //     provider: 'DOCUMENSO', // Todo: (RR7) Enums
    //     providerAccountId: user.id.toString(),
    //     password: hashedPassword,
    //   },
@ -73,7 +73,7 @@ export const createUser = async ({ name, email, password, signature, url }: Crea
  });

  await onCreateUserHook(user).catch((err) => {
-    // Todo: Add logging.
+    // Todo: (RR7) Add logging.
    console.error(err);
  });

--- a/packages/prisma/schema.prisma
+++ b/packages/prisma/schema.prisma
@ -23,7 +23,7 @@ datasource db {
  directUrl = env("NEXT_PRIVATE_DIRECT_DATABASE_URL")
 }

-// Todo: Remove after RR7 migration.
+// Todo: (RR7) Remove after RR7 migration.
 enum IdentityProvider {
  DOCUMENSO
  GOOGLE
@ -41,14 +41,14 @@ model User {
  customerId       String?          @unique
  email            String           @unique
  emailVerified    DateTime?
-  password         String? // Todo: Remove after RR7 migration.
+  password         String? // Todo: (RR7) Remove after RR7 migration.
  source           String?
  signature        String?
  createdAt        DateTime         @default(now())
  updatedAt        DateTime         @default(now()) @updatedAt
  lastSignedIn     DateTime         @default(now())
  roles            Role[]           @default([USER])
-  identityProvider IdentityProvider @default(DOCUMENSO) // Todo: Remove after RR7 migration.
+  identityProvider IdentityProvider @default(DOCUMENSO) // Todo: (RR7) Remove after RR7 migration.
  avatarImageId    String?
  disabled         Boolean          @default(false)

--- a/packages/ui/primitives/lazy-pdf-viewer.tsx
+++ b/packages/ui/primitives/lazy-pdf-viewer.tsx
@ -1,4 +1,4 @@
-// Todo: Not sure if this actually makes it client-only.
+// Todo: (RR7) Not sure if this actually makes it client-only.
 import { Suspense, lazy } from 'react';

 import { Trans } from '@lingui/react/macro';