Files
user-system/docs/superpowers/specs/2026-04-24-profile-page-local-closure-design.md
long-agent 2a18a6fb47 fix(n+1): 批量查询替代循环单查
- IsAdminBootstrapRequired: userRepo.GetByID 循环 → GetByIDs 批量
- AssignRoles: roleRepo.GetByID 循环 → GetByIDs 批量
- 在 userRepositoryInterface 补充 GetByIDs 方法签名
2026-05-08 08:05:26 +08:00

2.3 KiB

Profile Page Local Closure Design

Date: 2026-04-24

Goal: Extend the supported browser-level acceptance path so /profile itself is covered by a real user-facing browser scenario, not only /profile/security.

Scope

  • Add one new supported browser scenario: profile-management.
  • Cover real user login, /profile load, visible account data verification, basic profile update, and the in-page navigation path from /profile to /profile/security.
  • Reuse the existing Playwright CDP runner and current admin-created test-user flow.
  • Keep assertions aligned with current page semantics: route, heading, stable placeholders, submit button, and visible account info.

Non-Goals

  • No third-party OAuth live verification.
  • No new product features for profile editing.
  • No attempt to prove OS-level automation.

Approach

  • Treat /profile as a separate supported browser scenario instead of folding it into profile-and-security.
  • Use the existing admin login plus real user creation path to avoid depending on pre-seeded normal-user fixtures.
  • If the scenario exposes a product defect, add the smallest affected regression test first and then fix the product behavior.

Required Browser Flow

  1. Log in as a real admin through the supported login surface.
  2. Open /users and create a normal user with a known password.
  3. Reset the browser session to the public login surface.
  4. Log in as the created user and confirm landing on /profile.
  5. Verify /profile heading and visible account data render from real API responses.
  6. Update editable profile fields through the real save action and wait for the real update API response.
  7. Verify the updated values appear in the visible page state.
  8. Follow the /profile to /profile/security navigation entry and confirm the security page loads.
  9. Reset back to login so the scenario leaves no authenticated browser state behind.

Verification

  • Targeted red/green loop:
    • cd frontend/admin && $env:E2E_SCENARIOS='profile-management'; npm.cmd run e2e:full:win
  • If product code changes:
    • run the directly affected Vitest files first
    • then cd frontend/admin && npm.cmd run lint
    • then cd frontend/admin && npm.cmd run build
  • Final acceptance:
    • cd frontend/admin && npm.cmd run e2e:full:win