Add two-user RBAC test

swadeley · swadeley · commit 3badb409bef9 · 2025-04-29T11:51:56.000+01:00
diff --git a/tests/Integration/twouserRBACTest.spec.ts b/tests/Integration/twouserRBACTest.spec.ts
@@ -0,0 +1,79 @@
+import { expect, test } from "@playwright/test";
+import { navigateToRepositories } from "../UI/helpers/navHelpers";
+import { switchToUser, logInWithUsernameAndPassword } from "../helpers/loginHelpers";
+import { randomName, randomUrl } from '../UI/helpers/repoHelpers';
+import { closePopupsIfExist, getRowByNameOrUrl } from '../UI/helpers/helpers';
+import { deleteAllRepos } from '../UI/helpers/deleteRepositories';
+
+
+
+
+const repoNamePrefix = 'Repo-RBAC';
+const repoName = `${repoNamePrefix}-${randomName()}`;
+
+const url = randomUrl();
+
+
+
+test.describe("Run as first user", { tag: "@admin" }, async () => {
+    test("Login as user 1", async ({ page }) => {
+        await test.step('Navigate to the repository page', async () => {
+            await switchToUser(page, process.env.USER1USERNAME!);
+            await logInWithUsernameAndPassword(page, process.env.USER1USERNAME!, process.env.USER1PASSWORD!);
+            await navigateToRepositories(page);
+            await closePopupsIfExist(page);
+          });
+          await test.step('Delete any test repos that exist', async () => {
+            await deleteAllRepos(page, `&search=${repoNamePrefix}`);
+          });
+          await test.step('Create a repository', async () => {
+            // Click on the 'Add repositories' button
+            // HMS-5268 There are two buttons on the ZeroState page
+            await page.getByRole('button', { name: 'Add repositories' }).first().click();
+            await expect(page.getByRole('dialog', { name: 'Add custom repositories' })).toBeVisible();
+      
+            // Fill in the repository details
+            await page.getByLabel('Name').fill(`${repoName}`);
+            await page.getByLabel('Introspect only').click();
+            await page.getByLabel('URL').fill(url);
+            await page.getByRole('button', { name: 'Save', exact: true }).click();
+          });
+          await test.step('Read the repo', async () => {
+            // Search for the created repo
+            const row = await getRowByNameOrUrl(page, repoName);
+            await expect(row.getByText('Valid')).toBeVisible();
+            await row.getByLabel('Kebab toggle').click();
+            // Click on the Edit button to see the repo
+            await row.getByRole('menuitem', { name: 'Edit' }).click();
+            await expect(page.getByRole('dialog', { name: 'Edit custom repository' })).toBeVisible();
+            // Assert we can read some values
+            await expect(page.getByPlaceholder('Enter name', { exact: true })).toHaveValue(`${repoName}`);
+            await expect(page.getByPlaceholder('https://', { exact: true })).toHaveValue(`${url}`);
+          });
+          await test.step('Update the repository', async () => {
+            await page.getByPlaceholder('Enter name', { exact: true }).fill(`${repoName}-Edited`);
+            await page.getByRole('button', { name: 'Save changes', exact: true }).click();
+          });
+    });
+});
+test.describe("Run as second user", { tag: "@read-only" }, async () => {
+    test("Login as user 2", async ({ page }) => {
+        await test.step('Navigate to the repository page', async () => {
+            await switchToUser(page, process.env.STAGE_RO_USER_USERNAME!);
+            await logInWithUsernameAndPassword(page, process.env.STAGE_RO_USER_USERNAME!, process.env.STAGE_RO_USER_PASSWORD!)
+            await navigateToRepositories(page);
+            await closePopupsIfExist(page);
+          });
+        await test.step('Read the repo', async () => {
+        // Search for the created repo
+        const row = await getRowByNameOrUrl(page, repoName);
+        await expect(row.getByText('Valid')).toBeVisible({ timeout: 60000 });
+        await row.getByLabel('Kebab toggle').click();
+        // Assert we cannot click on the Edit button to see the repo
+        // You do not have the required permissions to perform this action. 
+        await row.getByRole('menuitem', { name: 'Edit' }).click();
+        await expect(page.getByText('You do not have the required permissions to perform this action')).toBeVisible();
+        await expect(page.getByRole('dialog', { name: 'Edit custom repository' })).not.toBeVisible();
+        });
+    });
+});
