feat(e2e): Playwright E2E test suite (#57)

[harshtandiya]

Summary

Closes #57. Implements the full Playwright E2E test suite for the four critical user flows, plus the CI workflow that gates merges on test passage.

• 13 tests across 5 spec files — all pass cleanly with 0 flakes in the final run
• Runs against a real Frappe bench (no mocking) — same philosophy as the existing Python integration tests
• CI workflow blocks PR merges via UI Tests / Playwright E2E

What's tested

Spec	Tests	Flow
smoke.spec.ts	1	Auth session works; lands on dashboard
form-creation.spec.ts	5	Dashboard → builder → add field → publish/unpublish
form-submission.spec.ts	2	Public form loads; guest submits and sees success message
submission-view.spec.ts	2	Admin sees empty state; sees submission row after submit
team-invite.spec.ts	3	Invite dialog opens; email input/send present; invite sends

Key design decisions

• API fixtures for test data — forms/submissions created via REST API, not UI, with automatic teardown after each test
• Semantic selectors — getByRole, getByLabel, getByText using pre-existing data-form-builder-component attributes for scoping; no new data-testid pollution in production components
• Guest context — browser.newContext() (no storageState) simulates a real anonymous user for public form submission
• Reliability — TeamPage.goto() waits for networkidle so Vue API calls finish; openInviteDialog() waits for the email input (not just the dialog shell); smoke test reloads once on Frappe 500 under parallel startup load

Test plan

• yarn test:e2e — 13/13 pass locally with 5 parallel workers
• Pre-commit hooks pass (prettier, ruff)
• CI workflow passes on this PR

🤖 Generated with Claude Code

Summary by CodeRabbit

• Tests

  • Added a comprehensive Playwright E2E suite with fixtures, page objects, global setup, reporters, and npm scripts to cover form creation, builder workflows, publish/unpublish, submissions, submission viewing, team invites, and a smoke test.

• Chores

  • New CI workflow to run UI tests on PRs, develop pushes, and manually; uploads test reports/artifacts and ignores generated test output in VCS.

• Bug Fixes

  • Improved admin/team setup reliability and narrowed cache refresh to reduce side effects.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds Playwright end-to-end tests and CI: a GitHub Actions UI Tests workflow, Playwright config/scripts, global auth setup, typed fixtures, page-object helpers, multiple E2E test suites, .gitignore updates, and small backend changes for admin team setup and narrower cache invalidation.

Changes

Cohort / File(s)	Summary
CI / Workflow \.github/workflows/ui-tests.yml	New "UI Tests" GitHub Actions workflow: provisions MariaDB+Redis containers, sets up Python/Node, initializes bench, starts app, runs Playwright E2E, uploads reports/artifacts, and prints logs on failure.
Ignore Patterns \.gitignore	Ignore Playwright artifacts: frontend/e2e/auth/storageState.json, frontend/e2e/test-results/, frontend/e2e/playwright-report/.
Playwright Config & Scripts frontend/playwright.config.ts, frontend/package.json	Add Playwright config (globalSetup, reporters, results dir, Chromium project), test scripts (test:e2e, test:e2e:ui, test:e2e:debug), and devDeps (@playwright/test, @types/node).
Global Setup frontend/e2e/global-setup.ts	Persist authenticated storageState by logging in via API and saving e2e/auth/storageState.json.
Fixtures frontend/e2e/fixtures/test-data.fixture.ts	Typed Playwright fixtures: apiContext, getTeamId, createForm, createPublishedForm, submitForm with teardown to delete created forms; re-exports expect.
Page Object Helpers frontend/e2e/helpers/... frontend/e2e/helpers/dashboard.ts, .../form-builder.ts, .../submission.ts, .../team.ts	Add DashboardPage, FormBuilderPage, SubmissionPage, TeamPage classes encapsulating navigation and common interactions (selectors, publish/unpublish, invite flow).
E2E Test Suites frontend/e2e/specs/... frontend/e2e/specs/*.spec.ts	Five new Playwright suites: smoke, form-creation, form-submission, submission-view, and team-invite covering create/publish/submit/view/invite flows.
Backend helpers & utils forms_pro/install.py, forms_pro/utils/form_generator.py	Ensure Administrator has a default team during test setup; narrow cache clearing to the generated DocType instead of clearing global cache.
TypeScript config for E2E frontend/e2e/tsconfig.json	Add TS config for Playwright tests (strict, noEmit, module resolution, type acquisition).

Sequence Diagram(s)

sequenceDiagram
  participant GH as "GitHub Actions"
  participant Dock as "Containers (MariaDB, Redis)"
  participant Bench as "Bench / setup"
  participant App as "App (forms.test:8000)"
  participant PW as "Playwright Runner"
  participant Art as "Artifacts"

  GH->>Dock: start MariaDB & Redis containers
  GH->>Bench: checkout, install deps, init bench, install apps
  Bench->>Dock: health-check DB (mariadb-admin ping)
  Bench->>App: start server (bench start)
  GH->>App: poll until http reachable
  GH->>PW: run tests (uses storageState, BASE_URL)
  PW->>App: browser/API interactions (create/publish/submit/etc.)
  PW->>Art: upload html report & failure artifacts
  GH->>Bench: on failure fetch logs

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• feat: team creation & team switcher functionality #37 — Overlaps forms_pro/install.py changes around test user and admin/default-team setup.
• feat: user submission management v1 #10 — Related modifications to forms_pro/utils/form_generator.py and cache invalidation behavior.
• feat: team management pages #46 — Related team management/invite APIs and UX exercised by the new TeamPage helpers and invite tests.

Poem

🐇
I stitched a storageState by moonlit code,
seeded forms where tiny answers flowed.
Builders click, and guests arrive,
CI hums — the tests survive.
A rabbit hops; the green checks glow.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly identifies the primary change: implementing a Playwright E2E test suite. It is concise, specific, and directly reflects the main objective.
Linked Issues check	✅ Passed	The PR implements all initial flows from issue #57: form creation with field addition and publish [#57], public form submission [#57], submission dashboard viewing [#57], and team member invitation [#57]. The CI workflow blocks merges on test failure as required.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to E2E testing implementation: GitHub Actions workflow, Playwright configuration, test fixtures, test helpers, test specs, dependencies, and minor config updates. One change to forms_pro/utils/form_generator.py narrows cache invalidation scope, which is a reasonable performance optimization supporting test reliability.
Description check	✅ Passed	PR description comprehensively covers the implemented changes, testing details, design decisions, and CI integration.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/test-e2e

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (8)

frontend/e2e/helpers/submission.ts (1)

6-8: Normalize route before building the public URL.

This avoids edge-case double slashes when API-provided routes include a leading /.

♻️ Suggested fix

   async goto(route: string) {
-    await this.page.goto(`/forms/p/${route}`);
+    const normalizedRoute = route.replace(/^\/+/, "");
+    await this.page.goto(`/forms/p/${normalizedRoute}`);
   }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/helpers/submission.ts` around lines 6 - 8, The goto helper
builds a public URL using the passed route but doesn't normalize it, which can
produce double slashes when route starts with '/'; update the async goto(route:
string) function to normalize the route (e.g., strip any leading slashes or use
a safe join) before calling this.page.goto(`/forms/p/${route}`) so the resulting
URL never contains `//`; ensure the change is applied to the goto method and any
callers expecting the same behavior.

frontend/e2e/specs/smoke.spec.ts (1)

4-8: Make startup 500 handling bounded-retry instead of single-retry.

A single reload can still leave this smoke test flaky under parallel cold starts.

♻️ Suggested reliability tweak

-  const response = await page.goto("/forms");
+  let response = await page.goto("/forms");
   // Frappe dev server can 500 on the very first request under parallel test startup
-  if (response?.status() === 500) {
-    await page.reload({ waitUntil: "networkidle" });
+  for (let attempt = 0; attempt < 3 && response?.status() === 500; attempt++) {
+    response = await page.reload({ waitUntil: "networkidle" });
+  }
+  if (response?.status() === 500) {
+    throw new Error("Dashboard remained unavailable after retries");
   }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/specs/smoke.spec.ts` around lines 4 - 8, Replace the single
conditional reload with a bounded-retry loop around the initial navigation: call
page.goto("/forms") up to a small maxRetries (e.g., 3-5) while checking
response?.status() === 500, and on 500 perform page.reload({ waitUntil:
"networkidle" }) with a short delay/backoff between attempts; if all retries are
exhausted still returning 500, fail the test by throwing an error or asserting
the status. Use variables like maxRetries, attempt, and the existing response
variable to implement the loop so page.goto and page.reload logic is preserved
but retried deterministically.

frontend/e2e/specs/form-submission.spec.ts (1)

24-40: Guarantee guest context cleanup on failure paths.

If an assertion fails before Line 40, the guest context may remain open for the worker.

♻️ Suggested fix

-    const guestCtx = await browser.newContext();
-    const guestPage = await guestCtx.newPage();
-    const submissionPage = new SubmissionPage(guestPage);
-
-    await submissionPage.goto(route);
-    await expect(guestPage.getByRole("button", { name: "Submit" })).toBeVisible(
-      { timeout: 10000 }
-    );
-
-    await submissionPage.submit();
-
-    // Success section appears with the default thank-you copy
-    await expect(submissionPage.successMessage()).toBeVisible({
-      timeout: 10000,
-    });
-
-    await guestCtx.close();
+    const guestCtx = await browser.newContext();
+    try {
+      const guestPage = await guestCtx.newPage();
+      const submissionPage = new SubmissionPage(guestPage);
+
+      await submissionPage.goto(route);
+      await expect(
+        guestPage.getByRole("button", { name: "Submit" })
+      ).toBeVisible({ timeout: 10000 });
+
+      await submissionPage.submit();
+
+      // Success section appears with the default thank-you copy
+      await expect(submissionPage.successMessage()).toBeVisible({
+        timeout: 10000,
+      });
+    } finally {
+      await guestCtx.close();
+    }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/specs/form-submission.spec.ts` around lines 24 - 40, The test
creates a browser context (guestCtx) and page (guestPage) and may leak the
context if an assertion fails before the explicit guestCtx.close(); wrap the
interaction and assertions that use guestCtx/guestPage (e.g., the calls to new
SubmissionPage(guestPage), submissionPage.goto(route), expect(...).toBeVisible,
submissionPage.submit(), and submissionPage.successMessage()) in a try/finally
and always call guestCtx.close() in the finally block so the context is closed
on both success and failure.

frontend/e2e/helpers/team.ts (1)

29-31: Consider scoping memberRows() to exclude header rows.

getByRole("row") will match all table rows including any header row. If this method is intended to return only member data rows, you may want to scope it more precisely (e.g., within tbody or filter by content).

This is minor since the method isn't currently used in the test specs.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/helpers/team.ts` around lines 29 - 31, The memberRows() helper
currently returns all rows via getByRole("row"), which includes header rows;
update memberRows() to scope to only data rows by querying within the table body
or filtering out header rows—for example, use a locator like
this.page.locator("tbody").getByRole("row") or call getByRole("row") and filter
by excluding rows that contain header cells (th) or known header text; modify
the memberRows() function accordingly so it returns only member data rows.

frontend/e2e/fixtures/test-data.fixture.ts (3)

15-22: Consider adding response status validation.

fetchTeamId doesn't verify the response status before parsing JSON. If the API returns an error (4xx/5xx), the JSON parsing or property access may fail with an unclear error.

Proposed fix

 async function fetchTeamId(apiContext: APIRequestContext): Promise<string> {
   const res = await apiContext.get(
     "/api/method/forms_pro.api.user.get_user_teams"
   );
+  if (!res.ok()) {
+    throw new Error(`Failed to fetch teams: ${res.status()}`);
+  }
   const { message } = await res.json();
   if (!message?.length) throw new Error("No team found for test user");
   return message[0].name as string;
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/fixtures/test-data.fixture.ts` around lines 15 - 22, The
function fetchTeamId should validate the HTTP response before parsing JSON:
check res.ok (or res.status) after apiContext.get and, if not OK,
read/res.text() or res.json() for details and throw a descriptive Error
including the status and response body; then proceed to parse JSON and validate
message length as currently implemented. Update fetchTeamId to use the
APIRequestContext response (res) for the status check and include the
status/response content in the thrown error to make failures clear.

---

87-95: Add response validation to submitForm fixture.

Similar to other fixtures, submitForm doesn't validate the response. A failed submission would go unnoticed, potentially causing confusing test failures downstream.

Proposed fix

   submitForm: async ({ apiContext }, use) => {
     await use(async (formId: string) => {
-      await apiContext.post(
+      const res = await apiContext.post(
         "/api/method/forms_pro.api.submission.submit_form_response",
         { data: { form_id: formId, form_data: [] } }
       );
+      if (!res.ok()) {
+        throw new Error(`Failed to submit form: ${res.status()}`);
+      }
     });
   },

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/fixtures/test-data.fixture.ts` around lines 87 - 95, The
submitForm fixture currently fires apiContext.post in submitForm but does not
validate the response; update the submitForm implementation to capture the
response from apiContext.post, assert the HTTP status is successful (e.g.,
response.ok()/status 2xx) and validate the returned JSON payload contains the
expected success/identifier fields for a submission before returning; reference
the submitForm fixture function and the apiContext.post call and ensure tests
fail fast when submission fails by throwing or using the test runner assertion
on bad status or unexpected response shape.

---

38-57: Add response validation to prevent silent failures during test setup.

The createForm fixture doesn't validate the API response status. If form creation fails (e.g., permission error, server error), the test will proceed with invalid data and fail with a confusing error later.

Proposed fix

     await use(async () => {
       const teamId = await fetchTeamId(apiContext);
       const res = await apiContext.post(
         "/api/method/forms_pro.utils.form_generator.create_form",
         { data: { team_id: teamId } }
       );
+      if (!res.ok()) {
+        throw new Error(`Failed to create form: ${res.status()}`);
+      }
       const { message } = await res.json();
       const formId = message.form_document as string;

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/fixtures/test-data.fixture.ts` around lines 38 - 57, The
createForm fixture currently assumes the POST succeeded; add response validation
after the apiContext.post call in the createForm async fixture: check res.ok (or
status) and throw or fail the fixture with a clear error including status and
body if not ok, then validate that the parsed response contains
message.form_document and that it's a string before pushing to the created array
and returning formId; ensure the teardown loop remains but only runs for IDs
actually pushed into created so you don't attempt to delete undefined IDs (refer
to symbols createForm, apiContext.post, res, message, formId, created and the
endpoint "/api/method/forms_pro.utils.form_generator.create_form").

.github/workflows/ui-tests.yml (1)

86-86: Pin frappe_factory_bot to a specific commit SHA for reproducibility.

The workflow references an external repository using the main branch, which can change unexpectedly and cause CI failures. Use a commit SHA instead of --branch main to ensure deterministic builds.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/ui-tests.yml at line 86, The workflow currently installs
the external repo using the mutable branch flag in the bench command (bench
get-app frappe_factory_bot ... --branch main); replace the branch reference with
a specific commit SHA to pin the dependency (e.g., use the bench get-app
invocation with a --commit <COMMIT_SHA> or equivalent option) so the CI uses a
deterministic, reproducible version of frappe_factory_bot; update the command
that references frappe_factory_bot to target that commit SHA and remove or
replace the --branch main argument.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ui-tests.yml:
- Around line 9-11: The concurrency group currently uses ui-tests-${{
github.event.number }} which is undefined for push events and causes collisions;
update the concurrency group expression (the concurrency: group value where
ui-tests-${{ github.event.number }} is used) to use a stable identifier that
exists for all events, e.g. prefer github.run_id or a fallback to pull_request
number (use an expression like using github.event.pull_request.number with
fallback to github.run_id) so each workflow run gets a unique concurrency group
across push and pull_request events.

In `@frontend/e2e/global-setup.ts`:
- Around line 19-27: Ensure the login POST via page.request.post is validated
before persisting session: check the response (e.g., response.ok or
response.status === 200 and any expected body fields) from page.request.post and
throw or exit on failure so context.storageState({ path: AUTH_FILE }) and
browser.close() only run for a successful login; include failure context
(status/text) in the thrown error or log to make the cause clear.

---

Nitpick comments:
In @.github/workflows/ui-tests.yml:
- Line 86: The workflow currently installs the external repo using the mutable
branch flag in the bench command (bench get-app frappe_factory_bot ... --branch
main); replace the branch reference with a specific commit SHA to pin the
dependency (e.g., use the bench get-app invocation with a --commit <COMMIT_SHA>
or equivalent option) so the CI uses a deterministic, reproducible version of
frappe_factory_bot; update the command that references frappe_factory_bot to
target that commit SHA and remove or replace the --branch main argument.

In `@frontend/e2e/fixtures/test-data.fixture.ts`:
- Around line 15-22: The function fetchTeamId should validate the HTTP response
before parsing JSON: check res.ok (or res.status) after apiContext.get and, if
not OK, read/res.text() or res.json() for details and throw a descriptive Error
including the status and response body; then proceed to parse JSON and validate
message length as currently implemented. Update fetchTeamId to use the
APIRequestContext response (res) for the status check and include the
status/response content in the thrown error to make failures clear.
- Around line 87-95: The submitForm fixture currently fires apiContext.post in
submitForm but does not validate the response; update the submitForm
implementation to capture the response from apiContext.post, assert the HTTP
status is successful (e.g., response.ok()/status 2xx) and validate the returned
JSON payload contains the expected success/identifier fields for a submission
before returning; reference the submitForm fixture function and the
apiContext.post call and ensure tests fail fast when submission fails by
throwing or using the test runner assertion on bad status or unexpected response
shape.
- Around line 38-57: The createForm fixture currently assumes the POST
succeeded; add response validation after the apiContext.post call in the
createForm async fixture: check res.ok (or status) and throw or fail the fixture
with a clear error including status and body if not ok, then validate that the
parsed response contains message.form_document and that it's a string before
pushing to the created array and returning formId; ensure the teardown loop
remains but only runs for IDs actually pushed into created so you don't attempt
to delete undefined IDs (refer to symbols createForm, apiContext.post, res,
message, formId, created and the endpoint
"/api/method/forms_pro.utils.form_generator.create_form").

In `@frontend/e2e/helpers/submission.ts`:
- Around line 6-8: The goto helper builds a public URL using the passed route
but doesn't normalize it, which can produce double slashes when route starts
with '/'; update the async goto(route: string) function to normalize the route
(e.g., strip any leading slashes or use a safe join) before calling
this.page.goto(`/forms/p/${route}`) so the resulting URL never contains `//`;
ensure the change is applied to the goto method and any callers expecting the
same behavior.

In `@frontend/e2e/helpers/team.ts`:
- Around line 29-31: The memberRows() helper currently returns all rows via
getByRole("row"), which includes header rows; update memberRows() to scope to
only data rows by querying within the table body or filtering out header
rows—for example, use a locator like this.page.locator("tbody").getByRole("row")
or call getByRole("row") and filter by excluding rows that contain header cells
(th) or known header text; modify the memberRows() function accordingly so it
returns only member data rows.

In `@frontend/e2e/specs/form-submission.spec.ts`:
- Around line 24-40: The test creates a browser context (guestCtx) and page
(guestPage) and may leak the context if an assertion fails before the explicit
guestCtx.close(); wrap the interaction and assertions that use
guestCtx/guestPage (e.g., the calls to new SubmissionPage(guestPage),
submissionPage.goto(route), expect(...).toBeVisible, submissionPage.submit(),
and submissionPage.successMessage()) in a try/finally and always call
guestCtx.close() in the finally block so the context is closed on both success
and failure.

In `@frontend/e2e/specs/smoke.spec.ts`:
- Around line 4-8: Replace the single conditional reload with a bounded-retry
loop around the initial navigation: call page.goto("/forms") up to a small
maxRetries (e.g., 3-5) while checking response?.status() === 500, and on 500
perform page.reload({ waitUntil: "networkidle" }) with a short delay/backoff
between attempts; if all retries are exhausted still returning 500, fail the
test by throwing an error or asserting the status. Use variables like
maxRetries, attempt, and the existing response variable to implement the loop so
page.goto and page.reload logic is preserved but retried deterministically.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 06329ea7-e563-4ddd-bc76-3ef2332433a7

📥 Commits

Reviewing files that changed from the base of the PR and between dea2f7c and 6464422.

⛔ Files ignored due to path filters (1)

• frontend/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (15)

• .github/workflows/ui-tests.yml
• .gitignore
• frontend/e2e/fixtures/test-data.fixture.ts
• frontend/e2e/global-setup.ts
• frontend/e2e/helpers/dashboard.ts
• frontend/e2e/helpers/form-builder.ts
• frontend/e2e/helpers/submission.ts
• frontend/e2e/helpers/team.ts
• frontend/e2e/specs/form-creation.spec.ts
• frontend/e2e/specs/form-submission.spec.ts
• frontend/e2e/specs/smoke.spec.ts
• frontend/e2e/specs/submission-view.spec.ts
• frontend/e2e/specs/team-invite.spec.ts
• frontend/package.json
• frontend/playwright.config.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Fail fast if login request fails before writing storage state.

Right now, Line 19-Line 27 can persist an unauthenticated state when login fails, which turns into opaque downstream test failures.

🛠️ Suggested fix

-  await page.request.post(`${baseURL}/api/method/login`, {
+  const loginRes = await page.request.post(`${baseURL}/api/method/login`, {
     form: {
       usr: "Administrator",
       pwd: process.env.TEST_ADMIN_PASSWORD ?? "admin",
     },
   });
+  if (!loginRes.ok()) {
+    throw new Error(
+      `Global setup login failed: ${loginRes.status()} ${loginRes.statusText()}`
+    );
+  }
 
   await context.storageState({ path: AUTH_FILE });

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@frontend/e2e/global-setup.ts` around lines 19 - 27, Ensure the login POST via
page.request.post is validated before persisting session: check the response
(e.g., response.ok or response.status === 200 and any expected body fields) from
page.request.post and throw or exit on failure so context.storageState({ path:
AUTH_FILE }) and browser.close() only run for a successful login; include
failure context (status/text) in the thrown error or log to make the cause
clear.

[coderabbitai]

🧹 Nitpick comments (1)

forms_pro/install.py (1)

28-35: Guarantee current_team initialization after team creation.

create_default_team_for_user() may set defaults for the creator/owner context, not necessarily Administrator. To make this helper’s contract deterministic, re-fetch teams after creation so get_user_teams("Administrator") can initialize current_team when needed.

Proposed hardening

 def _ensure_admin_has_default_team():
     from forms_pro.overrides.roles import create_default_team_for_user
     from forms_pro.utils.teams import get_user_teams

     if get_user_teams("Administrator"):
         return
     admin = frappe.get_doc("User", "Administrator")
     create_default_team_for_user(admin)
+    # Ensure current_team default is initialized for Administrator.
+    get_user_teams("Administrator")

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@forms_pro/install.py` around lines 28 - 35, The helper
_ensure_admin_has_default_team can leave Administrator without an initialized
current_team because create_default_team_for_user may set defaults on the
creator context; after calling create_default_team_for_user(admin) re-call
get_user_teams("Administrator") (or otherwise reload the Administrator user's
teams) to re-fetch and ensure current_team is initialized deterministically;
update _ensure_admin_has_default_team to fetch teams again after team creation
so get_user_teams initializes current_team reliably.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@forms_pro/install.py`:
- Around line 28-35: The helper _ensure_admin_has_default_team can leave
Administrator without an initialized current_team because
create_default_team_for_user may set defaults on the creator context; after
calling create_default_team_for_user(admin) re-call
get_user_teams("Administrator") (or otherwise reload the Administrator user's
teams) to re-fetch and ensure current_team is initialized deterministically;
update _ensure_admin_has_default_team to fetch teams again after team creation
so get_user_teams initializes current_team reliably.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: fa097140-d4e3-43f7-8fff-29647248a12e

📥 Commits

Reviewing files that changed from the base of the PR and between 46993c1 and 10720fe.

📒 Files selected for processing (3)

• .github/workflows/ui-tests.yml
• forms_pro/install.py
• forms_pro/utils/form_generator.py

✅ Files skipped from review due to trivial changes (1)

• .github/workflows/ui-tests.yml

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

forms_pro/install.py (1)

47-61: ⚠️ Potential issue | 🟠 Major

create_test_user() is not idempotent for existing users.

The early return at Line 47-48 skips role cleanup and password reset for pre-existing users, so reused sites can retain stale privileges/credentials and break deterministic E2E auth.

Suggested change

 def create_test_user():
     from frappe.utils.password import update_password

-    if frappe.db.exists("User", FORMS_PRO_TEST_USER):
-        return
-
-    user: User = frappe.new_doc("User")
-    user.email = FORMS_PRO_TEST_USER
-    user.first_name = "Test"
-    user.last_name = "Forms Pro User"
-    user.insert(ignore_permissions=True)
+    if frappe.db.exists("User", FORMS_PRO_TEST_USER):
+        user: User = frappe.get_doc("User", FORMS_PRO_TEST_USER)
+    else:
+        user = frappe.new_doc("User")
+        user.email = FORMS_PRO_TEST_USER
+        user.first_name = "Test"
+        user.last_name = "Forms Pro User"
+        user.insert(ignore_permissions=True)

     # Frappe auto-assigns System User on insert; replace with only Forms Pro User
     user.roles = []
     user.append("roles", {"role": FORMS_PRO_ROLE})
     user.save(ignore_permissions=True)

     update_password(FORMS_PRO_TEST_USER, "testforms123")

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@forms_pro/install.py` around lines 47 - 61, The current create_test_user()
exits early when the User exists, skipping role normalization and password
reset; instead, if frappe.db.exists("User", FORMS_PRO_TEST_USER) is True, load
the existing user doc (frappe.get_doc("User", FORMS_PRO_TEST_USER)), clear its
roles (set user.roles = [] or remove non-FORMS_PRO_ROLE entries), append the
Forms Pro role via user.append("roles", {"role": FORMS_PRO_ROLE}), save with
ignore_permissions=True, and still call update_password(FORMS_PRO_TEST_USER,
"testforms123") so both newly created and pre-existing users are normalized and
reset idempotently.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@forms_pro/install.py`:
- Around line 29-33: get_user_teams is a helper that can create defaults and
must not be called for a simple existence check in the install hook; replace the
predicate usage of get_user_teams("Administrator") with a read-only existence
check (e.g., a new helper like team_role_exists("Administrator") or a direct
non-mutating DB query against the Team/Role model) so the install hook doesn't
trigger side effects, update imports accordingly, and leave
create_default_team_for_user for actual creation logic only.

---

Outside diff comments:
In `@forms_pro/install.py`:
- Around line 47-61: The current create_test_user() exits early when the User
exists, skipping role normalization and password reset; instead, if
frappe.db.exists("User", FORMS_PRO_TEST_USER) is True, load the existing user
doc (frappe.get_doc("User", FORMS_PRO_TEST_USER)), clear its roles (set
user.roles = [] or remove non-FORMS_PRO_ROLE entries), append the Forms Pro role
via user.append("roles", {"role": FORMS_PRO_ROLE}), save with
ignore_permissions=True, and still call update_password(FORMS_PRO_TEST_USER,
"testforms123") so both newly created and pre-existing users are normalized and
reset idempotently.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ea3d8528-d019-49fd-a0c7-9b491cfada62

📥 Commits

Reviewing files that changed from the base of the PR and between 10720fe and c92f4cd.

⛔ Files ignored due to path filters (1)

• frontend/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (5)

• .github/workflows/ui-tests.yml
• forms_pro/install.py
• frontend/e2e/global-setup.ts
• frontend/e2e/tsconfig.json
• frontend/package.json

✅ Files skipped from review due to trivial changes (2)

• frontend/e2e/tsconfig.json
• .github/workflows/ui-tests.yml

🚧 Files skipped from review as they are similar to previous changes (2)

• frontend/e2e/global-setup.ts
• frontend/package.json

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Avoid side-effecting helper calls for existence checks in install hooks.

Line 32 uses get_user_teams("Administrator") as a predicate, but that helper can mutate defaults. For setup hooks, prefer a read-only existence check.

Suggested change

 def _ensure_admin_has_default_team():
     from forms_pro.overrides.roles import create_default_team_for_user
-    from forms_pro.utils.teams import get_user_teams

-    if get_user_teams("Administrator"):
+    if frappe.db.exists("FP Team Member", {"user": "Administrator"}):
         return
     admin = frappe.get_doc("User", "Administrator")
     create_default_team_for_user(admin)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	from forms_pro.overrides.roles import create_default_team_for_user
	from forms_pro.utils.teams import get_user_teams
	if get_user_teams("Administrator"):
	return
	from forms_pro.overrides.roles import create_default_team_for_user
	if frappe.db.exists("FP Team Member", {"user": "Administrator"}):
	return

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@forms_pro/install.py` around lines 29 - 33, get_user_teams is a helper that
can create defaults and must not be called for a simple existence check in the
install hook; replace the predicate usage of get_user_teams("Administrator")
with a read-only existence check (e.g., a new helper like
team_role_exists("Administrator") or a direct non-mutating DB query against the
Team/Role model) so the install hook doesn't trigger side effects, update
imports accordingly, and leave create_default_team_for_user for actual creation
logic only.