fix(course-package): fix teacher UI test cookie injection

Read CurrentUserRole from cookies not localStorage. Add cookies with
.moicen.com domain. Navigate directly to /course-packages after
injection so router guard picks up the auth cookie.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

tests/course-package.spec.ts

@@ -246,21 +246,21 @@ test.describe('课包（course_package）', () => {
       test.skip(true, '当前 unionid 会话未处于可用登录态');
     }
 
-    // Step 2: 从 music-room 提取 auth 数据
+    // Step 2: 从 music-room 提取 auth 数据（JWT 在 localStorage，角色在 cookie）
     const jwt = await page.evaluate(() =>
       window.localStorage.getItem('Authorization'),
     );
     expect(jwt, '应有 JWT').toBeTruthy();
 
-    const currentRole = await page.evaluate(() =>
-      window.localStorage.getItem('CurrentUserRole'),
-    );
     const currentOrgId = await page.evaluate(() =>
       window.localStorage.getItem('CurrentOrgId'),
     );
-    const currentUserName = await page.evaluate(() =>
-      window.localStorage.getItem('CurrentUserName'),
-    );
+
+    const musicRoomCookies = await page.context().cookies();
+    const findCookie = (name: string) =>
+      musicRoomCookies.find((c) => c.name === name)?.value;
+    const currentRole = findCookie('CurrentUserRole') || 'TEACHER';
+    const currentUserName = findCookie('CurrentUserName') || 'e2e-test';
 
     // Step 3: 跳转到 teacher 域名，注入 cookie + localStorage
     await page.goto(`${teacherBase}/`, {
@@ -268,11 +268,11 @@ test.describe('课包（course_package）', () => {
       timeout: 60_000,
     });
 
-    const teacherHost = new URL(teacherBase).hostname;
+    const teacherDomain = '.moicen.com';
     await page.context().addCookies([
-      { name: 'HtyTeacherToken', value: jwt!, domain: teacherHost, path: '/' },
-      { name: 'CurrentUserRole', value: currentRole || 'TEACHER', domain: teacherHost, path: '/' },
-      { name: 'CurrentUserName', value: currentUserName || '', domain: teacherHost, path: '/' },
+      { name: 'HtyTeacherToken', value: jwt!, domain: teacherDomain, path: '/' },
+      { name: 'CurrentUserRole', value: currentRole, domain: teacherDomain, path: '/' },
+      { name: 'CurrentUserName', value: currentUserName, domain: teacherDomain, path: '/' },
     ]);
     await page.evaluate(
       ({ orgId }) => {
@@ -281,21 +281,23 @@ test.describe('课包（course_package）', () => {
       { orgId: currentOrgId },
     );
 
-    // Step 4: 刷新页面，教师端应识别已登录态
+    // Step 4: 刷新，然后直接导航到课包页（路由守卫会读 cookie 放行）
     await page.reload({ waitUntil: 'domcontentloaded', timeout: 60_000 });
     await expect(page.locator('#app')).toBeVisible({ timeout: 60_000 });
 
-    // Step 5: 等待导航栏渲染，检查"课包"入口（仅 TEACHER / SUPERVISOR 可见）
-    // 首次加载可能要等 useUser() 异步 fetch 完成
-    await page.waitForTimeout(5000);
+    // Step 5: 导航到 /course-packages，路由守卫应识别 HtyTeacherToken cookie 并放行
+    await page.goto(`${teacherBase}/course-packages`, {
+      waitUntil: 'domcontentloaded',
+      timeout: 60_000,
+    });
+    await expect(page.locator('#app')).toBeVisible({ timeout: 60_000 });
+
+    // Step 6: 路由守卫异步 fetch 用户信息后，渲染导航栏与课包内容
+    // 等待导航栏渲染（表明已登录），同时检查"课包"入口可见
+    await page.waitForTimeout(3000);
     const navLink = page.locator('nav a').filter({ hasText: '课包' });
     await expect(navLink).toBeVisible({ timeout: 30_000 });
 
-    // Step 6: 点击进入课包管理页
-    await navLink.click();
-    await page.waitForURL('**/course-packages', { timeout: 30_000 });
-    await expect(page.locator('#app')).toBeVisible({ timeout: 30_000 });
-
     // Step 7: 页面应渲染课包列表（含预置种子数据）
     await expect(page.getByText('钢琴一对一课程')).toBeVisible({ timeout: 30_000 });
     await expect(page.getByText('声乐基础训练')).toBeVisible({ timeout: 10_000 });