Fix/453/admin see all cases

[ethanstrominger]

REVIEW AND MERGE CONFIG ONLY CHANGES PULL REQUEST FIRST

Topics:

• a user form that allows you to put in notes and roles already exists (users+/index.tsx). users+/manage.tsx shows users in a list form, let's you change username, email, name, and mark whether it is admin. Can the old users+/index.tsx be replaced with manage.tsx? See Remove current user screen? #622 (marked as must have)
• playwright by default runs with multiple workers. Multiple tests fail with even 2 workers, which succeed with 1 worker. The place that it fails does not like it could be contention between two tests affecting each other. Commands for playwright in github tracking include --workers=1. Marked as should have. See playwright fails with workers=2 or greater #623.
• Related admin, which can be done as part of a separate pull request. need to seed an admin in prod. See When build production, seed an admin user based on env variables #621 .

Overview of Changes (config-only-changes branch)

This update introduces robust admin role management, UI improvements, and comprehensive Playwright test coverage for user and case management. The changes focus on:

• Enforcing admin-only access for user management routes and UI.
• Adding utility functions for admin role checks.
• Refactoring backend logic to support admin/user distinctions.
• Expanding test coverage for admin/user flows.
• Improving seed and test utilities for consistent test data.

File-by-File Change Explanations

TODO.md
New file.
Tracks tasks related to admin role, user management, and test seeding.

heat-stack/app/components/user-dropdown.tsx
Enhanced user dropdown.

• Added hasAdminRole utility to conditionally show "Manage Users" for admins.
• Improved type safety for user object.
• UI now displays admin-only links.

heat-stack/app/constants/error-messages.ts
New file.
Centralizes error messages, e.g., "Access denied. Admins only."

heat-stack/app/routes/cases+/index.tsx
Admin/user case listing logic.

• Loader now checks if user is admin.
• Admins see all cases with usernames; regular users see only their cases.
• UI conditionally displays username column for admins.

heat-stack/app/routes/users+/$username.tsx
User profile page.

• Loader fetches user roles.
• UI displays if user is admin using hasAdminRole.

heat-stack/app/routes/users+/index.tsx
User list page.

• Enforces admin-only access with error message.
• Uses hasAdminRole and centralized error message.

heat-stack/app/routes/users+/manage.tsx
New file: Admin user management UI.

• Admins can view/edit users, toggle admin role, and update user info.
• Non-admins see access denied.

heat-stack/app/utils/db/case.server.ts
Backend case logic.

• Added getUserFromRequest for session-based user lookup.
• Added getAllCasesWithUsernames for admin case listing.

heat-stack/app/utils/user.ts
User utility functions.

• Added hasAdminRole to check if user has admin privileges.

heat-stack/prisma/seed.ts
Seed script updates.

• Ensures admin user is seeded with only the admin role.
• Improved logging for seed operations.

heat-stack/tests/db-utils.ts
Test utility updates.

• Added getOrInsertUser helper to create/find users with admin role option.

heat-stack/tests/e2e/admin-manage-users.test.ts
New file: Playwright tests for admin user management.

• Tests admin can toggle admin role, edit users, and access management UI.
• Tests access denied for non-admins.

heat-stack/tests/e2e/cases-list-admin-user.test.ts
New file: Playwright tests for case listing.

• Verifies admins see all cases and username column.
• Verifies regular users see only their cases, no username column.

heat-stack/tests/playwright-helper.ts
New file: Playwright login helper.

• Provides UI-based login for Playwright tests, checks session cookie.

heat-stack/tests/playwright-utils.ts
Test utility improvements.

• Added admin user creation helpers.
• Improved user creation and login logic for tests.

heat-stack/tests/seed-test.ts
New file: Test seed data.

• Seeds admin and normal users, plus additional users.
• Creates cases for each user for test consistency.

If you need a deeper diff or want to see the code for a specific file, let me know!