e2e(FR-2173): add E2E tests for password expiry flow

[ironAiken2]

Resolves #5785

Summary

• Add 6 Playwright E2E tests for the password expiry modal flow (FR-2173)
• Test plan document at e2e/.agent-output/test-plan-password-expiry-fr2173.md
• Tests cover: modal appearance, non-blocking behavior, cancel flow, empty submission validation, same-password rejection, and full password change flow with real user creation

Test Scenarios

1. Password change modal appears when password is expired
2. Login modal does not block the password change modal
3. User can cancel and return to login form
4. Empty submission shows validation error
5. Same-as-current password is rejected
6. Full flow: admin creates user → mock expired login → password change → verify modal closes

Test plan

• All 6 tests pass on Chromium (pnpm exec playwright test e2e/auth/password-expiry.spec.ts --project chromium)

🤖 Generated with Claude Code

Test Recordings

Test	Recording
user sees the password change modal when their password has expired
the login modal does not block the password change modal when password has expired
user can cancel the password change modal and return to the login form
password change form shows a validation error when submitted empty
password change form rejects a new password that is the same as the current one
user can complete the password change flow with a real account and re-login is attempted

[ironAiken2]

• e2e(FR-2173): add E2E tests for password expiry flow #5786 👈 (View in Graphite)
• fix(FR-2173): fix password change modal blocked by login modal on password expiry #5655 : 1 other dependent PR (#5777 )
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• flow:merge-queue - adds this PR to the back of the merge queue
• flow:hotfix - for urgent changes, fast-track this PR to the front of the merge queue

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has required the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[Copilot]

Pull request overview

Adds Playwright E2E coverage for the FR-2173 password-expiry flow in the WebUI authentication experience, ensuring the reset-password modal is shown and remains interactive even when the login modal is open.

Changes:

• Added a new Playwright spec with 6 scenarios covering password-expiry modal visibility, interactivity, validation, cancel behavior, and a full flow that creates/purges a real user.
• Added an accompanying test plan document describing the flow, mocks, and assertions.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
e2e/auth/password-expiry.spec.ts	Implements password-expiry E2E scenarios using route interception and an admin-driven real-user flow with cleanup.
e2e/.agent-output/test-plan-password-expiry-fr2173.md	Documents test scenarios, mock strategy, and implementation notes for the new E2E coverage.

---

You can also share your feedback on Copilot code review. Take the survey.

[agatha197]

Code Review — e2e(FR-2173)

Well-structured tests overall. Good mock strategy and scenario coverage.

MEDIUM

1. KeyPairModal Page Object not used (password-expiry.spec.ts)
A KeyPairModal class is already exported from UserSettingModal.ts. Currently the key pair dialog is handled with inline selectors — using the existing Page Object would improve maintainability.

2. afterEach UI-based cleanup is flakiness-prone
The real-account test (test 6) cleanup performs multi-step UI interactions (navigate → deactivate → purge). If cleanup itself fails, orphaned test users remain.
→ Consider using Backend.AI admin API calls directly for more reliable cleanup.

3. Empty catch block masks errors

} catch {
  // Key pair modal did not appear - continue
}

This silently swallows all errors, not just the "not visible" case. If the dialog appears but fails to close for a different reason, subsequent assertions will fail with misleading messages.
→ Check visibility first, then handle close failure separately.

LOW

4. Mock endpoint does not validate request payload
The update-password-no-auth mock always returns { result: 'ok' } without verifying the request body contains new_password. Adding a payload assertion would catch frontend regressions.

5. .ant-form-item-explain-error CSS class selector
Depends on Ant Design internal implementation. Consider getByRole('alert') or text-based selectors where possible.

6. Coverage report missing 6th test
Only 5 features were added to the table, but 6 tests exist. The "full password change flow" entry is missing.

7. Document loginCallCount late registration intent
Add a comment explaining why the mock is registered late (to avoid background requests consuming the first-call intercept).

[ironAiken2]

Response to @agatha197's review

Thanks for the thorough review! Applied fixes in the latest commit:

MEDIUM

1. KeyPairModal PO not used — Fixed. Now using the existing KeyPairModal class from UserSettingModal.ts instead of inline selectors.
2. afterEach UI-based cleanup — Valid concern. Keeping UI-based cleanup for now as it exercises the same paths users would, but acknowledged as a future improvement to use admin API for more reliable cleanup.
3. Empty catch block — Fixed. Replaced try/catch with a visibility check (isVisible().catch(() => false)) so only the "not visible" case is handled silently.

LOW

4. Mock endpoint payload validation — Acknowledged as future improvement. Current focus is on the UI flow; adding payload assertions would be a good follow-up.
5. .ant-form-item-explain-error CSS selector — Fixed. Replaced with getByRole('alert').
6. Coverage report missing 6th test — Fixed. Added "Full password change flow (real account)" entry, updated counts to 77/279 (28%).
7. Document loginCallCount late registration — Fixed. Added a comment explaining why the mock is registered after page load and form fill.

[agatha197]

LGTM

[nowgnuesLee]

LGTM

[graphite-app]

Merge activity

• Mar 10, 4:53 AM UTC: ironAiken2 added this pull request to the Graphite merge queue.
• Mar 10, 4:55 AM UTC: Merged by the Graphite merge queue.