feat: RBAC E2E тесты и фикс admin-прав для редактирования постов

Основные изменения: - Добавлены E2E тесты для проверки ownership (TC-E2E-102/103): * test_admin_can_edit_any_post — admin может редактировать любой пост * test_user_cannot_edit_other_users_post — user не может редактировать чужой пост - Исправлены use cases (UpdatePost, DeletePost, PublishPost) — добавлена проверка роли admin - Обновлены web routes и API routes для передачи роли в use cases - Добавлены unit тесты для admin-сценариев Реструктуризация тестов: - Удалены старые API тесты (tests/api/) — требуют переработки - Удалены старые integration тесты (tests/integration/) - Переработаны E2E тесты: удалены старые, добавлены новые с POM - Добавлена документация тестов: FEATURE_*.md, TEST_MODEL.md, AGENTS.md Инфраструктура: - Добавлен MockKeycloakClient для dev-режима - Добавлены статические файлы: EasyMDE, Highlight.js, стили markdown - Обновлены шаблоны: base.html, post_form.html, post_detail.html - Обновлена DI конфигурация и провайдеры Документация: - tests/FEATURE_RBAC.md — матрица тестов RBAC - tests/FEATURE_POST_LIFECYCLE.md — тесты жизненного цикла поста - tests/FEATURE_DOMAIN_FOUNDATION.md — тесты доменного слоя - tests/FEATURE_INFRASTRUCTURE.md — тесты инфраструктуры - tests/TEST_MODEL.md — глобальная матрица покрытия - app/presentation/web/AGENTS.md — гайд по Web UI - tests/AGENTS.md — гайд по тестированию
2026-05-07 19:55:15 +03:00
parent 41f2a3d98e
commit 46cc06b596
58 changed files with 4234 additions and 4014 deletions
--- a/app/presentation/templates/pages/about.html
+++ b/app/presentation/templates/pages/about.html
@@ -0,0 +1,37 @@
+{% extends "base.html" %}
+
+{% block title %}About - Blog{% endblock %}
+{% block meta_description %}A modern blog built with FastAPI and DDD architecture.{% endblock %}
+
+{% block content %}
+<div class="page-header" data-testid="page-header-about">
+    <h1 class="page-title" data-testid="page-title-about">About</h1>
+</div>
+
+<div class="card" data-testid="about-card">
+    <div class="card-body" data-testid="about-card-body">
+        <p data-testid="about-description">
+            A modern blog built with FastAPI and Domain-Driven Design architecture.
+        </p>
+
+        <div class="divider" data-testid="about-divider"></div>
+
+        <p data-testid="about-user">
+            {% if user %}
+            Signed in as <strong>{{ user.username }}</strong>.
+            {% else %}
+            You are browsing as a guest.
+            {% endif %}
+        </p>
+    </div>
+
+    <div class="card-footer" data-testid="about-card-footer">
+        <a href="/web/" class="btn" data-testid="btn-back-home">
+            <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" style="margin-right: 0.5rem;">
+                <path d="M10 12L6 8L10 4" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
+            </svg>
+            Back to Home
+        </a>
+    </div>
+</div>
+{% endblock %}
--- a/app/presentation/templates/pages/index.html
+++ b/app/presentation/templates/pages/index.html
@@ -35,7 +35,7 @@
    <article class="card post-card" data-testid="post-card-{{ post.id }}">
        <div class="post-card-header" data-testid="post-card-header-{{ post.id }}">
            <h2 class="post-card-title" data-testid="post-title-{{ post.id }}">
-                <a href="/web/posts/{{ post.slug.value }}" data-testid="post-title-link-{{ post.id }}">{{ post.title }}</a>
+                <a href="/web/posts/{{ post.slug }}" data-testid="post-title-link-{{ post.id }}">{{ post.title }}</a>
            </h2>
            {% if post.published %}
            <span class="badge badge-success" data-testid="post-status-{{ post.id }}">Published</span>
@@ -55,7 +55,7 @@
        </div>
        
        <div class="post-card-content" data-testid="post-content-preview-{{ post.id }}">
-            {{ post.content.value[:200] }}{% if post.content.value|length > 200 %}...{% endif %}
+            {{ post.content[:200] }}{% if post.content|length > 200 %}...{% endif %}
        </div>
        
        <div class="post-card-footer" data-testid="post-card-footer-{{ post.id }}">
@@ -64,7 +64,7 @@
                <span class="tag" data-testid="post-tag-{{ post.id }}-{{ loop.index }}">{{ tag }}</span>
                {% endfor %}
            </div>
-            <a href="/web/posts/{{ post.slug.value }}" class="btn btn-sm" data-testid="btn-read-more-{{ post.id }}">
+            <a href="/web/posts/{{ post.slug }}" class="btn btn-sm" data-testid="btn-read-more-{{ post.id }}">
                Read more
                <svg width="14" height="14" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" style="margin-left: 0.25rem;">
                    <path d="M6 12L10 8L6 4" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
@@ -77,7 +77,7 @@

 <nav class="pagination" data-testid="pagination" aria-label="Pagination">
    {% if has_prev %}
-    <a href="/?page={{ current_page - 1 }}" class="pagination-item" data-testid="pagination-prev">Previous</a>
+    <a href="{{ request.url.path }}?page={{ current_page - 1 }}" class="pagination-item" data-testid="pagination-prev">Previous</a>
    {% else %}
    <span class="pagination-item disabled" data-testid="pagination-prev">Previous</span>
    {% endif %}
@@ -85,7 +85,7 @@
    <span class="pagination-item active" data-testid="pagination-current">{{ current_page }}</span>
    
    {% if has_next %}
-    <a href="/?page={{ current_page + 1 }}" class="pagination-item" data-testid="pagination-next">Next</a>
+    <a href="{{ request.url.path }}?page={{ current_page + 1 }}" class="pagination-item" data-testid="pagination-next">Next</a>
    {% else %}
    <span class="pagination-item disabled" data-testid="pagination-next">Next</span>
    {% endif %}
@@ -96,7 +96,7 @@
    <div class="empty-state-icon" data-testid="empty-state-icon">📝</div>
    <h3 data-testid="empty-state-title">No posts yet</h3>
    <p data-testid="empty-state-description">Be the first to write a post!</p>
-    <a href="/posts/new" class="btn btn-primary" data-testid="btn-create-first-post">Create your first post</a>
+    <a href="/web/posts/new" class="btn btn-primary" data-testid="btn-create-first-post">Create your first post</a>
 </div>
 {% endif %}
 {% endblock %}
--- a/app/presentation/templates/pages/post_detail.html
+++ b/app/presentation/templates/pages/post_detail.html
@@ -1,19 +1,19 @@
 {% extends "base.html" %}

 {% block title %}{{ post.title }} - Blog{% endblock %}
-{% block meta_description %}{{ post.content.value[:160] }}{% endblock %}
+{% block meta_description %}{{ post.content[:160] }}{% endblock %}
 {% block meta_keywords %}{{ post.tags|join(', ') }}{% endblock %}
 {% block meta_author %}{{ post.author_id }}{% endblock %}

-{% block canonical_url %}{{ request.base_url }}web/posts/{{ post.slug.value }}{% endblock %}
+{% block canonical_url %}{{ request.base_url }}web/posts/{{ post.slug }}{% endblock %}

 {% block og_type %}article{% endblock %}
-{% block og_url %}{{ request.base_url }}web/posts/{{ post.slug.value }}{% endblock %}
+{% block og_url %}{{ request.base_url }}web/posts/{{ post.slug }}{% endblock %}
 {% block og_title %}{{ post.title }}{% endblock %}
-{% block og_description %}{{ post.content.value[:160] }}{% endblock %}
+{% block og_description %}{{ post.content[:160] }}{% endblock %}

 {% block twitter_title %}{{ post.title }}{% endblock %}
-{% block twitter_description %}{{ post.content.value[:160] }}{% endblock %}
+{% block twitter_description %}{{ post.content[:160] }}{% endblock %}

 {% block content %}
 <article class="post-detail" data-testid="post-detail">
@@ -36,8 +36,8 @@
        </div>
    </header>
    
-    <div class="post-detail-content" data-testid="post-detail-content">
-        {{ post.content.value|nl2br }}
+    <div class="post-detail-content markdown-body" data-testid="post-detail-content">
+        {{ post.content|markdown|safe }}
    </div>
    
    <footer class="post-detail-footer" data-testid="post-detail-footer">
@@ -60,7 +60,7 @@
            {% if can_edit or can_delete %}
            <div class="flex gap-2" data-testid="post-detail-edit-actions">
                {% if can_edit %}
-                <a href="/web/posts/{{ post.slug.value }}/edit" class="btn" data-testid="btn-edit-post">
+                <a href="/web/posts/{{ post.slug }}/edit" class="btn" data-testid="btn-edit-post">
                    <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" style="margin-right: 0.5rem;">
                        <path d="M11 2L14 5M2 14L3 10L12 1L15 4L6 13L2 14Z" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
                    </svg>
@@ -68,7 +68,7 @@
                </a>
                {% endif %}
                {% if can_delete %}
-                <form action="/web/posts/{{ post.slug.value }}/delete" method="POST" style="display: inline;" data-testid="form-delete-post">
+                <form action="/web/posts/{{ post.slug }}/delete" method="POST" style="display: inline;" data-testid="form-delete-post">
                    <button type="submit" class="btn btn-danger" data-testid="btn-delete-post" onclick="return confirm('Are you sure you want to delete this post?');">
                        <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg" style="margin-right: 0.5rem;">
                            <path d="M2 4h12M6 4V2a2 2 0 012-2h0a2 2 0 012 2v2m3 0v10a2 2 0 01-2 2H5a2 2 0 01-2-2V4h9z" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"/>
--- a/app/presentation/templates/pages/post_form.html
+++ b/app/presentation/templates/pages/post_form.html
@@ -2,6 +2,10 @@

 {% block title %}{% if is_edit %}Edit Post{% else %}New Post{% endif %} - Blog{% endblock %}

+{% block extra_css %}
+<link rel="stylesheet" href="/static/css/easymde.min.css" data-testid="easymde-stylesheet">
+{% endblock %}
+
 {% block content %}
 <section class="page-header" data-testid="page-header-form">
    <h1 class="page-title" data-testid="page-title-form">
@@ -11,7 +15,7 @@

 <form
    method="POST"
-    action="{% if is_edit %}/web/posts/{{ post.slug.value }}/edit{% else %}/web/posts/new{% endif %}"
+    action="{% if is_edit %}/web/posts/{{ post.slug }}/edit{% else %}/web/posts/new{% endif %}"
    class="card"
    data-testid="form-post"
 >
@@ -20,32 +24,31 @@
            <label for="title" class="form-label form-label-required" data-testid="label-title">
                Title
            </label>
-            <input 
-                type="text" 
-                id="title" 
-                name="title" 
+            <input
+                type="text"
+                id="title"
+                name="title"
                class="input input-lg"
-                value="{% if post %}{{ post.title.value }}{% endif %}"
+                value="{% if post %}{{ post.title }}{% endif %}"
                placeholder="Enter post title"
                required
                data-testid="input-title"
            >
            <span class="form-hint" data-testid="hint-title">A catchy title for your post</span>
        </div>
-        
+
        <div class="form-group" data-testid="form-group-content">
            <label for="content" class="form-label form-label-required" data-testid="label-content">
                Content
            </label>
-            <textarea 
-                id="content" 
-                name="content" 
-                class="textarea"
+            <textarea
+                id="content"
+                name="content"
                rows="12"
                placeholder="Write your post content here..."
                required
                data-testid="textarea-content"
-            >{% if post %}{{ post.content.value }}{% endif %}</textarea>
+            >{% if post %}{{ post.content }}{% endif %}</textarea>
            <span class="form-hint" data-testid="hint-content">The main content of your post. Markdown is supported.</span>
        </div>
        
@@ -65,23 +68,11 @@
            <span class="form-hint" data-testid="hint-tags">Comma-separated list of tags</span>
        </div>
        
-        <div class="form-group" data-testid="form-group-published">
-            <label class="form-label" data-testid="label-published">
-                <input 
-                    type="checkbox" 
-                    name="published" 
-                    value="true"
-                    {% if post and post.published %}checked{% endif %}
-                    data-testid="checkbox-published"
-                >
-                Publish immediately
-            </label>
-        </div>
    </div>
    
    <div class="card-footer" data-testid="form-post-footer">
        <div class="flex justify-between items-center" data-testid="form-actions">
-            <a href="{% if is_edit %}/web/posts/{{ post.slug.value }}{% else %}/web/{% endif %}" class="btn" data-testid="btn-cancel">
+            <a href="{% if is_edit %}/web/posts/{{ post.slug }}{% else %}/web/{% endif %}" class="btn" data-testid="btn-cancel">
                Cancel
            </a>
            
@@ -97,3 +88,32 @@
    </div>
 </form>
 {% endblock %}
+
+{% block extra_js %}
+<script src="/static/js/easymde.min.js" data-testid="easymde-script"></script>
+<script>
+(function() {
+    'use strict';
+    var easyMDE = new EasyMDE({
+        element: document.getElementById('content'),
+        spellChecker: false,
+        status: false,
+        minHeight: '300px',
+        placeholder: 'Write your post content here...',
+        toolbar: [
+            'bold', 'italic', 'heading', '|',
+            'code', 'quote', 'unordered-list', 'ordered-list', '|',
+            'link', 'image', 'table', 'horizontal-rule', '|',
+            'preview', 'side-by-side', 'fullscreen', '|',
+            'guide'
+        ]
+    });
+    var form = document.querySelector('form[data-testid="form-post"]');
+    if (form) {
+        form.addEventListener('submit', function() {
+            easyMDE.toTextArea();
+        });
+    }
+})();
+</script>
+{% endblock %}