From 3dfbcae4d55c7b9ab3163d947ed0fb9d15e4f8e1 Mon Sep 17 00:00:00 2001 From: kolaente Date: Tue, 21 Apr 2026 10:58:36 +0200 Subject: [PATCH] test(e2e): cover caldav token deletion --- .../tests/e2e/user/settings/caldav.spec.ts | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/frontend/tests/e2e/user/settings/caldav.spec.ts b/frontend/tests/e2e/user/settings/caldav.spec.ts index 7ff27297a..b4efa99a8 100644 --- a/frontend/tests/e2e/user/settings/caldav.spec.ts +++ b/frontend/tests/e2e/user/settings/caldav.spec.ts @@ -1,5 +1,6 @@ import {test, expect} from '../../../support/fixtures' import {gotoUserSettings} from '../../../support/userSettings' +import {TokenFactory} from '../../../factories/token' test.describe('CalDAV', () => { test('generates a token that authenticates against the caldav endpoint', async ({ @@ -29,4 +30,24 @@ test.describe('CalDAV', () => { }) expect(resp.status()).toBeLessThan(300) }) + + test('deleting a token revokes caldav access', async ({ + authenticatedPage: page, currentUser, + }) => { + const tokenValue = 'fixed-caldav-token-123456789012345678901234567890' + // kind=4 is TokenCaldavAuth (see pkg/user/token.go) + await TokenFactory.create(1, {user_id: currentUser.id, kind: 4, token: tokenValue}, false) + + await gotoUserSettings(page, 'caldav') + // Filter to data rows (rows containing a ) to exclude the -only header row. + const dataRows = page.locator('table.table tr').filter({has: page.locator('td')}) + await expect(dataRows).toHaveCount(1) + + await dataRows.getByRole('button', {name: 'Delete'}).click() + await expect(dataRows).toHaveCount(0) + + // NOTE: the factory seeds the plaintext token as-is, but caldav tokens are + // stored bcrypt-hashed. We assert the row is gone in the UI rather than + // probing caldav with the seeded value. + }) })