fix: update test-post.sh for Grav 1.7.53 / Login 3.x compatibility

- login-form-nonce replaces form-nonce (Login plugin 3.x)
- task value is login.login not login
- login success check uses form presence, not status code (/post returns
  200 unauthenticated)
- entry discovery searches by title, handles .en.md suffix
- cleanup uses docker exec to remove files owned by www-data

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

scripts/test-post.sh

@@ -16,8 +16,13 @@ TEST_SLUG=""
 cleanup() {
     rm -f "$COOKIE_JAR"
     if [ -n "$TEST_SLUG" ] && [ -d "$TRACKER/$TEST_SLUG" ]; then
-        rm -rf "$TRACKER/$TEST_SLUG"
-        echo "  [cleanup] Removed test entry: $TEST_SLUG"
+        # Entry files are created by www-data inside Docker; use docker exec to remove
+        if docker exec intotheeast_grav rm -rf "/var/www/html/$TRACKER/$TEST_SLUG" 2>/dev/null; then
+            echo "  [cleanup] Removed test entry: $TEST_SLUG"
+        else
+            rm -rf "$TRACKER/$TEST_SLUG" 2>/dev/null || \
+                echo "  [cleanup] Warning: could not remove $TEST_SLUG (permission denied — remove manually)"
+        fi
     fi
 }
 trap cleanup EXIT
@@ -37,27 +42,27 @@ echo "────────────────────────
 LOGIN_HTML=$(curl -sf -c "$COOKIE_JAR" -b "$COOKIE_JAR" "$BASE_URL/login") \
     || die "Could not reach $BASE_URL/login"
 
-LOGIN_NONCE=$(echo "$LOGIN_HTML" | grep -o 'name="form-nonce" value="[^"]*"' | head -1 | sed 's/.*value="\([^"]*\)".*/\1/')
+LOGIN_NONCE=$(echo "$LOGIN_HTML" | grep -o 'name="login-form-nonce" value="[^"]*"' | head -1 | sed 's/.*value="\([^"]*\)".*/\1/')
 [ -n "$LOGIN_NONCE" ] || die "Could not extract login form nonce — is the site running?"
 
 # ── Step 2: log in ───────────────────────────────────────────────────────────
 LOGIN_STATUS=$(curl -sf -o /dev/null -w "%{http_code}" \
     -c "$COOKIE_JAR" -b "$COOKIE_JAR" \
     -L \
-    -d "username=${USER}&password=${PASS}&form-nonce=${LOGIN_NONCE}&task=login" \
+    -d "username=${USER}&password=${PASS}&login-form-nonce=${LOGIN_NONCE}&task=login.login" \
     "$BASE_URL/login")
 
-# After login, check we can access /post (302 → 200 means logged in)
-POST_STATUS=$(curl -sf -o /dev/null -w "%{http_code}" \
-    -c "$COOKIE_JAR" -b "$COOKIE_JAR" \
-    "$BASE_URL/post")
+# After login, fetch /post and verify we see the post form (not the login form)
+# /post returns 200 for both auth and unauth users — check for form-nonce to confirm login
+POST_CHECK_HTML=$(curl -sf -c "$COOKIE_JAR" -b "$COOKIE_JAR" "$BASE_URL/post") \
+    || die "Could not reach $BASE_URL/post"
 
-[ "$POST_STATUS" = "200" ] && ok "Login succeeded and /post is accessible" \
-    || die "Login failed or /post returned $POST_STATUS — check GRAV_TEST_USER / GRAV_TEST_PASS"
+POST_STATUS=$(echo "$POST_CHECK_HTML" | grep -c 'name="form-nonce"' || true)
+[ "$POST_STATUS" -gt 0 ] && ok "Login succeeded and /post is accessible" \
+    || die "Login failed (post form not visible) — check GRAV_TEST_USER / GRAV_TEST_PASS"
 
-# ── Step 3: get post form + nonce ────────────────────────────────────────────
-POST_HTML=$(curl -sf -c "$COOKIE_JAR" -b "$COOKIE_JAR" "$BASE_URL/post") \
-    || die "Could not fetch post form"
+# ── Step 3: extract post form nonce from already-fetched HTML ────────────────
+POST_HTML="$POST_CHECK_HTML"
 
 POST_NONCE=$(echo "$POST_HTML" | grep -o 'name="form-nonce" value="[^"]*"' | head -1 | sed 's/.*value="\([^"]*\)".*/\1/')
 [ -n "$POST_NONCE" ] || die "Could not extract post form nonce"
@@ -84,33 +89,31 @@ ok "Form submitted"
 # ── Step 5: verify entry exists on disk ─────────────────────────────────────
 sleep 1  # give Grav a moment to write the file
 
-# Look for the entry — slug might have slight timestamp variation
-FOUND=$(find "$TRACKER" -name "entry.md" -newer "$TRACKER/2026-06-17.entry/entry.md" \
-    -not -path "*/2026-*" 2>/dev/null | head -1)
+# Find an entry containing the test title — search all .md and .en.md files
+# add-page-by-form may produce date-based slugs in various formats
+ENTRY_FILE=$(grep -rl "$TEST_TITLE" "$TRACKER" --include="*.md" 2>/dev/null | head -1)
 
-# Also look for today's dated entries
-FOUND_TODAY=$(find "$TRACKER" -maxdepth 1 -type d -name "$(date '+%Y-%m-%d')*" 2>/dev/null | head -1)
-
-if [ -n "$FOUND_TODAY" ]; then
-    TEST_SLUG=$(basename "$FOUND_TODAY")
+if [ -n "$ENTRY_FILE" ]; then
+    TEST_SLUG=$(basename "$(dirname "$ENTRY_FILE")")
     ok "Entry created on disk: $TEST_SLUG"
 
-    # Verify it has an entry.md inside
-    if [ -f "$TRACKER/$TEST_SLUG/entry.md" ]; then
-        ok "entry.md exists inside the entry folder"
+    # Verify file name is entry.md or entry.en.md (template-named file)
+    ENTRY_BASENAME=$(basename "$ENTRY_FILE")
+    if [ "$ENTRY_BASENAME" = "entry.md" ] || [ "$ENTRY_BASENAME" = "entry.en.md" ]; then
+        ok "Entry file exists: $ENTRY_BASENAME"
     else
-        fail "Entry folder exists but entry.md is missing"
+        fail "Entry file has unexpected name: $ENTRY_BASENAME (expected entry.md or entry.en.md)"
     fi
 
     # Verify the title is in the frontmatter
-    if grep -q "$TEST_TITLE" "$TRACKER/$TEST_SLUG/entry.md"; then
+    if grep -q "$TEST_TITLE" "$ENTRY_FILE"; then
         ok "Title appears in entry frontmatter"
     else
-        fail "Title not found in entry.md — frontmatter may be malformed"
+        fail "Title not found in $ENTRY_BASENAME — frontmatter may be malformed"
     fi
 else
     fail "No entry created on disk — form processing failed silently"
-    echo "    Expected a folder matching: $TRACKER/$(date '+%Y-%m-%d')-*/"
+    echo "    Searched $TRACKER for files containing: $TEST_TITLE"
 fi
 
 # ── Result ───────────────────────────────────────────────────────────────────