mirror/LocalAI
1
0
Fork 0
mirror of https://github.com/mudler/LocalAI.git synced 2026-05-30 03:25:42 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
7a4ca8f60dae231ebbdcedc2d596fb85eadee8da
LocalAI/core/http/react-ui/e2e/users-tab-gating.spec.js
Richard Palethorpe 6a80e23733 feat(middleware): Model routing, PII filtering, Cloud model proxies (#9802) 
Add a routing middleware stack and a cloud-proxy backend.

* cloud-proxy: a Go gRPC backend that forwards OpenAI- and
  Anthropic-shaped chat requests to upstream providers, with an
  optional translate mode (OpenAI request -> Anthropic /v1/messages
  -> OpenAI response) and full tool-calling support.

* routing: admission control, content-aware model routing
  (embedding cache + classifier + rerank + Arch-Router score),
  PII detection/redaction (regex + NER) with streaming filter and
  OpenAI/Anthropic adapters, and a per-user/per-key billing recorder
  backed by GORM or in-memory storage.

* middleware: UsageMiddleware records usage via the billing recorder,
  plus admission, route-model, usage-stamp and trace middlewares.

* observability: BackendTrace ring buffer stores full request bodies
  (capped), MITM proxy emits structured trace events, and router
  classifier decisions surface at /api/router/decide.

* gallery: Arch-Router-1.5B (Q4_K_M and Q8_0).

* UI: cloud-proxy model-editor fields, classifier system-prompt and
  score-normalization config, and a Traces page rendering request
  bodies.

Assisted-by: claude-code:claude-opus-4-7 [Read] [Edit] [Bash]

Signed-off-by: Richard Palethorpe <io@richiejp.com>
2026-05-25 09:28:27 +02:00

75 lines
3.0 KiB
JavaScript
Raw Blame History

import { test, expect } from '@playwright/test'
// Two surfaces enforce single-user (no-auth) gating for the Users page:
// 1. Sidebar entry: hidden via the `authOnly: true` flag in Sidebar.jsx
// (filterItem returns false when `!authEnabled`).
// 2. Direct URL navigation: RequireAuthEnabled wrapping the /app/users
// route in router.jsx redirects to /app when authEnabled is false.
//
// Without (2), an old bookmark or pasted URL would land on a page rendered
// against admin-only `/api/auth/admin/users` data — which doesn't exist
// when auth is off — and the user sees a confusing empty/error state.
//
// These specs are the "prevent accidental removal" guarantee — if anyone
// drops the gating, /app/users stays open in single-user mode and the
// test fails on the redirect or the visible sidebar item.
test.describe('Users tab — single-user no-auth mode', () => {
test.beforeEach(async ({ page }) => {
await page.route('**/api/auth/status', (route) =>
route.fulfill({
contentType: 'application/json',
body: JSON.stringify({
authEnabled: false,
staticApiKeyRequired: false,
providers: [],
}),
})
)
})
test('sidebar does not list Users entry', async ({ page }) => {
await page.goto('/app')
const systemSection = page.locator('button.sidebar-section-toggle', { hasText: 'System' })
await systemSection.click()
// The Users page link uses /app/users; if Sidebar's authOnly gate
// regresses (or someone removes the flag), this assertion fails.
const usersLink = page.locator('a.nav-item[href="/app/users"]')
await expect(usersLink).toHaveCount(0)
})
test('direct navigation to /app/users redirects to /app', async ({ page }) => {
await page.goto('/app/users')
// RequireAuthEnabled performs the redirect synchronously, but the URL
// change is async — wait for it before asserting.
await page.waitForURL(/\/app(?!\/users)/, { timeout: 5000 })
expect(page.url()).toMatch(/\/app(\/?$|\/(?!users))/)
})
})
test.describe('Users tab — auth on', () => {
test.beforeEach(async ({ page }) => {
await page.route('**/api/auth/status', (route) =>
route.fulfill({
contentType: 'application/json',
body: JSON.stringify({
authEnabled: true,
staticApiKeyRequired: false,
providers: ['local'],
// Mark the viewer as admin so the sidebar's adminOnly gate also
// passes; the test then exercises the authOnly path in isolation.
user: { id: 'admin-uuid', name: 'Admin', role: 'admin', provider: 'local' },
}),
})
)
})
test('sidebar lists Users entry when auth is on', async ({ page }) => {
await page.goto('/app')
const systemSection = page.locator('button.sidebar-section-toggle', { hasText: 'System' })
await systemSection.click()
const usersLink = page.locator('a.nav-item[href="/app/users"]')
await expect(usersLink).toBeVisible()
})
})
Reference in New Issue View Git Blame Copy Permalink