Verify-suite work (this session):

- M  package.json — added typecheck, test:e2e, verify scripts; added @playwright/test devDep
  - M  pnpm-lock.yaml
  - M  .gitignore — Playwright artifacts
  - M  tsconfig.json — auto-modified by Next.js include path
  - ??  e2e/ — config + fixtures + 3 specs
  - ??  playwright.config.ts
  - ??  scripts/verify.sh, scripts/db-test-truncate.sql

e2e/admin.spec.ts

@@ -0,0 +1,25 @@
+import { expect, test } from "@playwright/test";
+import { signInAs } from "./fixtures/auth";
+
+test("admin signs in and reaches each admin section", async ({ page }) => {
+  await signInAs(page, "admin", "/admin");
+  await page.goto("/admin");
+  await expect(page).toHaveURL(/\/admin\/bookings$/);
+
+  for (const [label, urlRe] of [
+    ["bookings", /\/admin\/bookings/],
+    ["services", /\/admin\/services/],
+    ["rooms", /\/admin\/rooms/],
+    ["therapists", /\/admin\/therapists/],
+  ] as const) {
+    await page.getByRole("link", { name: new RegExp(`^${label}$`, "i") }).click();
+    await expect(page).toHaveURL(urlRe);
+    await expect(page.getByRole("heading", { level: 1 })).toBeVisible();
+  }
+});
+
+test("non-admin (therapist) hitting /admin sees the deny screen", async ({ page }) => {
+  await signInAs(page, "therapist", "/admin");
+  await page.goto("/admin");
+  await expect(page.getByRole("heading", { name: /not authorized/i })).toBeVisible();
+});