test: bypass sign in step, faster #5423
Conversation
WalkthroughThe Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
kyranjamie
force-pushed
the
test/faster-wallet-restore
branch
4 times, most recently
from
9a43a7f to
3de9da6
Compare
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
Review Details
Configuration used: CodeRabbit UI
Review profile: CHILL
Files selected for processing (1)
- tests/page-object-models/onboarding.page.ts (2 hunks)
Additional comments not posted (2)
tests/page-object-models/onboarding.page.ts (2)
282-283: Ensure the hardcoded key does not pose a security risk.#!/bin/bash # Description: Verify that the hardcoded key is not sensitive or used in production environments. # Test: Search for the key usage across the codebase. Expect: No occurrences in production code. rg --type typescript 'd904f412b8d116540017c302f3f7033813c95902af5a067c7befcc34fa5e5290709f157f80548603a1e4f8edc2c0d5d7'
295-307: Verify the loop's logic and ensure it does not lead to infinite loops.#!/bin/bash # Description: Verify the loop's logic by checking for potential conditions that could lead to an infinite loop. # Test: Review the logic manually and ensure there are conditions that will eventually stop the loop. # Manual review needed.
kyranjamie
force-pushed
the
test/faster-wallet-restore
branch
from
7a6b518 to
5954857
Compare
There was a problem hiding this comment.
Actionable comments posted: 3
Review Details
Configuration used: CodeRabbit UI
Review profile: CHILL
Files selected for processing (1)
- tests/page-object-models/onboarding.page.ts (2 hunks)
Additional comments not posted (2)
tests/page-object-models/onboarding.page.ts (2)
282-283: Secure thetestAccountDerivedKeyconstant.
[SECURITY]
- The value of
testAccountDerivedKeyappears to be hardcoded, which could lead to security vulnerabilities if exposed. Consider fetching this key from a secure environment variable or encrypting it before use.
296-305: Review the use of browser storage for sensitive data.
[SECURITY]
- Storing sensitive information such as wallet states and encryption keys in browser storage (local and session) can be risky. Consider encrypting this data before storage or using more secure storage solutions.
| const isSignedIn = async () => { | ||
| const { encryptionKey } = await this.page.evaluate(async () => | ||
| chrome.storage.session.get(['encryptionKey']) | ||
| ); | ||
| const hasSessionKey = encryptionKey === testAccountDerivedKey; | ||
| const hasAssetsTab = this.page.getByText('Assets'); | ||
| const hasActivityTab = this.page.getByText('Activity'); | ||
|
|
||
| return hasSessionKey && hasAssetsTab && hasActivityTab; |
There was a problem hiding this comment.
Improve the robustness of the isSignedIn function.
- Relying solely on UI elements (like 'Assets' and 'Activity' tabs) for sign-in verification can be fragile and prone to break if the UI changes. Consider adding more concrete checks, such as HTTP response statuses or specific API call successes, to verify the sign-in status.
| do { | ||
| await this.page.evaluate( | ||
| async walletState => await chrome.storage.local.set({ 'persist:root': walletState }), | ||
| async walletState => chrome.storage.local.set({ 'persist:root': walletState }), | ||
| testSoftwareAccountDefaultWalletState | ||
| ); | ||
| await this.page.goto(`chrome-extension://${id}/index.html`, { | ||
| waitUntil: 'networkidle', | ||
| }); | ||
| } | ||
| await test.expect(this.page.getByText('Enter your password')).toBeVisible(); | ||
| await this.page.getByRole('textbox').fill(TEST_PASSWORD); | ||
| await this.page.getByRole('button', { name: 'Continue' }).click(); | ||
| await this.page.waitForURL('**' + RouteUrls.Home); | ||
| await this.page.locator('text="Account 1"').waitFor(); | ||
|
|
||
| await this.page.evaluate( | ||
| async encryptionKey => chrome.storage.session.set({ encryptionKey }), | ||
| testAccountDerivedKey | ||
| ); | ||
|
|
||
| await this.page.goto(`chrome-extension://${id}/index.html`, { waitUntil: 'networkidle' }); | ||
| } while (!(await isSignedIn())); |
There was a problem hiding this comment.
Prevent potential infinite loops in the sign-in process.
- The current implementation could potentially lead to an infinite loop if the
isSignedIncondition is never satisfied. Consider adding a maximum iteration count or a timeout mechanism to prevent this scenario.
kyranjamie
force-pushed
the
test/faster-wallet-restore
branch
from
5954857 to
cd0dc59
Compare
Testing alternative sign in step for tests, avoiding the password entry operation entirely
Summary by CodeRabbit
signInWithTestAccountmethod in theOnboardingPageclass to improve the sign-in process for test accounts, enhancing reliability and performance during onboarding.