From 4b86280c3a36c5d09edb030c400fcf7e03a46cd4 Mon Sep 17 00:00:00 2001
From: Mwale Kalenga <mwale.kalenga@prosites.space>
Date: Mon, 18 Nov 2024 08:19:12 +0200
Subject: [PATCH] Add test to verify enhanced security

---
 .../tests/permissions/disallowExport.spec.js  |  7 -----
 .../enableEnhancedSecurity.spec.js            | 28 +++++++++++++++++++
 2 files changed, 28 insertions(+), 7 deletions(-)
 create mode 100644 tests/E2E/tests/permissions/enableEnhancedSecurity.spec.js

diff --git a/tests/E2E/tests/permissions/disallowExport.spec.js b/tests/E2E/tests/permissions/disallowExport.spec.js
index 6a2689c3c..5ab172e55 100644
--- a/tests/E2E/tests/permissions/disallowExport.spec.js
+++ b/tests/E2E/tests/permissions/disallowExport.spec.js
@@ -10,7 +10,6 @@ import {
 
 test('Verify Disallow Export', async ({ page }, testInfo) => {
 	let noDownload = true;
-
 	page.on('download', (download) => {
 		noDownload = false;
 	});
@@ -27,11 +26,5 @@ test('Verify Disallow Export', async ({ page }, testInfo) => {
 	const downloadUrl = `${viewUrl}csv/`;
 	await checkViewOnFrontEnd(page);
 	await clickDownloadButton(page, downloadUrl);
-	console.log('Yello');
-	console.log('Cold Play');
-	console.log("<a href='#'>Roof</a>");
-
 	expect(noDownload).toBe(true);
-	console.log('NEw');
-	console.log('fresh');
 });
diff --git a/tests/E2E/tests/permissions/enableEnhancedSecurity.spec.js b/tests/E2E/tests/permissions/enableEnhancedSecurity.spec.js
new file mode 100644
index 000000000..604f6ec0b
--- /dev/null
+++ b/tests/E2E/tests/permissions/enableEnhancedSecurity.spec.js
@@ -0,0 +1,28 @@
+import { test, expect } from '@playwright/test';
+import {
+	createPageWithShortcode,
+	createView,
+	gotoAndEnsureLoggedIn,
+	publishView,
+	templates,
+} from '../../helpers/test-helpers';
+
+test('Verify Ehanced Security', async ({ page }, testInfo) => {
+	await gotoAndEnsureLoggedIn(page, testInfo);
+	await createView(page, {
+		formTitle: 'Favorite Color',
+		viewName: 'Verify Ehanced Security Test',
+		template: templates[0],
+	});
+	await publishView(page);
+	const currentUrl = page.url();
+	const params = new URLSearchParams(new URL(currentUrl).search);
+	const viewId = params.get('post');
+	const url = await createPageWithShortcode(page, {
+		shortcode: `gravityview id="${viewId}"`,
+		title: 'Verify Ehanced Security Test Page',
+	});
+	await page.goto(url);
+	const errorMessage = page.locator('text=Invalid View secret provided');
+	await expect(errorMessage).toBeVisible();
+});