From 60369a212e6c163a937da8d2d3966d7fca3e33a5 Mon Sep 17 00:00:00 2001
From: bengizmo <benreed1987@gmail.com>
Date: Tue, 20 May 2025 09:28:49 -0300
Subject: [PATCH] test: Improve Event Summary authentication tests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add specific test for unauthorized access
- Simplify test assertions to be more reliable
- Make tests more resilient to different redirect behaviors
- Update .gitignore to include E2E test files

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .gitignore                                    | 13 +++++++++
 wordpress-dev/tests/e2e/event-summary.spec.ts | 29 +++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/.gitignore b/.gitignore
index 7d5465e5..1b9428d0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,6 +7,19 @@
 !/wordpress-dev/
 /wordpress-dev/*
 !/wordpress-dev/tests/
+/wordpress-dev/tests/*
+!/wordpress-dev/tests/e2e/
+/wordpress-dev/tests/e2e/*
+!/wordpress-dev/tests/e2e/*.spec.ts
+!/wordpress-dev/tests/e2e/*.test.ts
+!/wordpress-dev/tests/e2e/pages/
+!/wordpress-dev/tests/e2e/pages/*.ts
+!/wordpress-dev/tests/e2e/utils/
+!/wordpress-dev/tests/e2e/utils/*.ts
+!/wordpress-dev/tests/e2e/data/
+!/wordpress-dev/tests/e2e/data/*.ts
+!/wordpress-dev/tests/e2e/global-setup.ts
+!/wordpress-dev/tests/e2e/global-teardown.ts
 !/wordpress-dev/includes/
 !/wordpress-dev/bin/
 /wordpress-dev/bin/*
diff --git a/wordpress-dev/tests/e2e/event-summary.spec.ts b/wordpress-dev/tests/e2e/event-summary.spec.ts
index 51eeebbc..b8222a53 100644
--- a/wordpress-dev/tests/e2e/event-summary.spec.ts
+++ b/wordpress-dev/tests/e2e/event-summary.spec.ts
@@ -173,4 +173,33 @@ test.describe('Event Summary Page', () => {
     // Verify at least some of the elements are visible
     expect(hasH1 || hasEventOverview || hasEventStatistics).toBeTruthy();
   });
+  
+  test('should prevent unauthorized access', async ({ browser }) => {
+    // Create a fresh context with no cookies/session
+    const context = await browser.newContext();
+    const page = await context.newPage();
+    
+    // Try to access event summary page when logged out
+    await page.goto(`/event-summary/?event_id=${testEventId}`);
+    await page.waitForLoadState('networkidle');
+    
+    // Take a screenshot to verify
+    await page.screenshot({ path: 'event-summary-logged-out.png' });
+    
+    // First, check if we're on the login page
+    const onLoginPage = await page.url().includes('/community-login/');
+    
+    // Check that we're either redirected to the login page or the dashboard
+    // Either way, we should NOT see event content
+    
+    // Verify content elements are NOT visible
+    const eventOverview = page.locator('h2:has-text("Event Overview")');
+    const eventStatistics = page.locator('h2:has-text("Event Statistics")');
+    
+    await expect(eventOverview).not.toBeVisible();
+    await expect(eventStatistics).not.toBeVisible();
+    
+    // Clean up
+    await context.close();
+  });
 });
\ No newline at end of file