arcodange-org/erp - erp - Arcodange repositories

arcodange-org/erp

Fork 0

Commit Graph

Author	SHA1	Message	Date
Gabriel Radureau	18c5d0ebda	fix(test): persist generated API key + anchor rights selector + idempotent createUser First real run against the sandbox revealed three issues in userSetup.ts: 1. generateApiKey generated the key client-side and read it into the file but never submitted the edit form, so Dolibarr never persisted api_key (DB stayed NULL → the key could not authenticate). Now it clicks Save after generating. 2. assignRights matched `rights=<id>` as an href substring, so a short id like 12 (facture creer) also matched rights=121 / rights=1232 and .first() clicked the wrong link — facture creer was never granted. Anchored with a trailing "&" (rights=<id>&) for an exact match. 3. createUser was not idempotent: a re-run hit the existing login and failed to parse a new id. Added findUserId (look up by login via the user list) and return the existing id instead of creating a duplicate. Verified the symptoms live: ai_agent_sandbox (rowid 4) had api_key NULL and was missing only facture/creer among the 11 intended rights. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-06-29 14:30:36 +02:00
Gabriel Radureau	523f0cf001	feat(test): provision erp-sandbox via Playwright (REST API + write-scoped ai_agent_sandbox user) Extend the Deno + Playwright UI-automation POC to provision the erp-sandbox Dolibarr for the AI agent: - moduleSetup.ts: add enableApiModule(ctx) — toggles the REST API / Web services module on /admin/modules.php (kanban). Resilient: tries the fr_FR card label "API/Web services REST (serveur)" first, falls back to a /API.REST\|REST.API/i title match if the exact label is absent. - userSetup.ts (new): createUser (returns the new numeric id), assignRights (clicks each addrights link on /user/perms.php, idempotent), generateApiKey (triggers Dolibarr's generate control on the user card and reads the value back). - provisionSandbox.ts (new entrypoint, main.ts untouched): login → enable API → create ai_agent_sandbox (non-admin) → grant write rights → generate API key, then write the key to test/.ai_agent_sandbox.key (gitignored) instead of printing it. - .gitignore (new), .env.example + README.md: sandbox vars, the deno run --allow-all provisionSandbox.ts command, and kubectl one-liners to pull DOLI_ADMIN_PASSWORD (secretkv) / DOLI_DB_PASSWORD (vso-db-credentials) from the erp-sandbox namespace. Why UI not SQL: API keys are encrypted with the instance's DOLI_INSTANCE_UNIQUE_ID, so the key must be generated by the sandbox itself, not INSERTed raw. deno check passes for provisionSandbox.ts and scripts/admin/userSetup.ts. NOT run end-to-end: the sandbox Dolibarr is not installed yet (empty DB / fresh install wizard), so the selectors are best-effort Dolibarr 22 conventions and must be confirmed on the first real run. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-06-29 07:34:21 +02:00

Author

SHA1

Message

Date

Gabriel Radureau

18c5d0ebda

fix(test): persist generated API key + anchor rights selector + idempotent createUser

First real run against the sandbox revealed three issues in userSetup.ts:

1. generateApiKey generated the key client-side and read it into the file but
   never submitted the edit form, so Dolibarr never persisted api_key (DB stayed
   NULL → the key could not authenticate). Now it clicks Save after generating.

2. assignRights matched `rights=<id>` as an href substring, so a short id like
   12 (facture creer) also matched rights=121 / rights=1232 and .first() clicked
   the wrong link — facture creer was never granted. Anchored with a trailing
   "&" (rights=<id>&) for an exact match.

3. createUser was not idempotent: a re-run hit the existing login and failed to
   parse a new id. Added findUserId (look up by login via the user list) and
   return the existing id instead of creating a duplicate.

Verified the symptoms live: ai_agent_sandbox (rowid 4) had api_key NULL and was
missing only facture/creer among the 11 intended rights.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-06-29 14:30:36 +02:00

Gabriel Radureau

523f0cf001

feat(test): provision erp-sandbox via Playwright (REST API + write-scoped ai_agent_sandbox user)

Extend the Deno + Playwright UI-automation POC to provision the erp-sandbox
Dolibarr for the AI agent:

- moduleSetup.ts: add enableApiModule(ctx) — toggles the REST API / Web services
  module on /admin/modules.php (kanban). Resilient: tries the fr_FR card label
  "API/Web services REST (serveur)" first, falls back to a /API.*REST|REST.*API/i
  title match if the exact label is absent.
- userSetup.ts (new): createUser (returns the new numeric id), assignRights
  (clicks each addrights link on /user/perms.php, idempotent), generateApiKey
  (triggers Dolibarr's generate control on the user card and reads the value back).
- provisionSandbox.ts (new entrypoint, main.ts untouched): login → enable API →
  create ai_agent_sandbox (non-admin) → grant write rights → generate API key,
  then write the key to test/.ai_agent_sandbox.key (gitignored) instead of
  printing it.
- .gitignore (new), .env.example + README.md: sandbox vars, the
  deno run --allow-all provisionSandbox.ts command, and kubectl one-liners to
  pull DOLI_ADMIN_PASSWORD (secretkv) / DOLI_DB_PASSWORD (vso-db-credentials)
  from the erp-sandbox namespace.

Why UI not SQL: API keys are encrypted with the instance's DOLI_INSTANCE_UNIQUE_ID,
so the key must be generated by the sandbox itself, not INSERTed raw.

deno check passes for provisionSandbox.ts and scripts/admin/userSetup.ts.
NOT run end-to-end: the sandbox Dolibarr is not installed yet (empty DB / fresh
install wizard), so the selectors are best-effort Dolibarr 22 conventions and
must be confirmed on the first real run.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-06-29 07:34:21 +02:00

2 Commits