Skip to content

chore: use org-scoped roles for organization groups and members e2e tests #16691

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Feb 27, 2025
Merged

chore: use org-scoped roles for organization groups and members e2e tests #16691

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
40a26e9
chore: use tighter permissions in e2e workspace tests
aslilac Feb 24, 2025
94206c6
:^)
aslilac Feb 24, 2025
c5e3af1
chore: use org-scoped roles for organization groups and members e2e t…
aslilac Feb 24, 2025
a9b68f2
mhm
aslilac Feb 24, 2025
3a2f2b0
Merge branch 'main' into lilac/some-org-scopes-roles-e2e-tests
aslilac Feb 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
chore: use org-scoped roles for organization groups and members e2e t… 
…ests
  • Loading branch information
@aslilac
aslilac committed Feb 24, 2025
commit c5e3af1105805c3773f11d33d685cd269e79f56b
32 changes: 29 additions & 3 deletions site/e2e/api.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ import { expect } from "@playwright/test";
import { API, type DeploymentConfig } from "api/api";
import type { SerpentOption } from "api/typesGenerated";
import { formatDuration, intervalToDuration } from "date-fns";
import { coderPort } from "./constants";
import { findSessionToken, randomName } from "./helpers";
import { coderPort, defaultPassword } from "./constants";
import { findSessionToken, type LoginOptions, randomName } from "./helpers";

let currentOrgId: string;

Expand All @@ -29,14 +29,40 @@ export const createUser = async (...orgIds: string[]) => {
email: `${name}@coder.com`,
username: name,
name: name,
password: "s3cure&password!",
password: defaultPassword,
login_type: "password",
organization_ids: orgIds,
user_status: null,
});

return user;
};

export const createOrganizationMember = async (
orgRoles: Record<string, string[]>,
): Promise<LoginOptions> => {
const name = randomName();
const user = await API.createUser({
email: `${name}@coder.com`,
username: name,
name: name,
password: defaultPassword,
login_type: "password",
organization_ids: Object.keys(orgRoles),
user_status: null,
});

for (const [org, roles] of Object.entries(orgRoles)) {
API.updateOrganizationMemberRoles(org, user.id, roles);
}

return {
username: user.username,
email: user.email,
password: defaultPassword,
};
};

export const createGroup = async (orgId: string) => {
const name = randomName();
const group = await API.createGroup(orgId, {
Expand Down
7 changes: 7 additions & 0 deletions site/e2e/constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ export const coderdPProfPort = 6062;

// The name of the organization that should be used by default when needed.
export const defaultOrganizationName = "coder";
export const defaultOrganizationId = "00000000-0000-0000-0000-000000000000";
export const defaultPassword = "SomeSecurePassword!";

// Credentials for users
Expand All @@ -30,6 +31,12 @@ export const users = {
email: "templateadmin@coder.com",
roles: ["Template Admin"],
},
userAdmin: {
username: "user-admin",
password: defaultPassword,
email: "useradmin@coder.com",
roles: ["User Admin"],
},
auditor: {
username: "auditor",
password: defaultPassword,
Expand Down
29 changes: 28 additions & 1 deletion site/e2e/helpers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ export function requireTerraformProvisioner() {
test.skip(!requireTerraformTests);
}

type LoginOptions = {
export type LoginOptions = {
username: string;
email: string;
password: string;
Expand Down Expand Up @@ -1127,3 +1127,30 @@ export async function createOrganization(page: Page): Promise<{

return { name, displayName, description };
}

/**
* @param organization organization name
* @param user user email or username
*/
export async function addUserToOrganization(
page: Page,
organization: string,
user: string,
roles: string[] = [],
): Promise<void> {
await page.goto(`/organizations/${organization}`, {
waitUntil: "domcontentloaded",
});

await page.getByPlaceholder("User email or username").fill(user);
await page.getByRole("option", { name: user }).click();
await page.getByRole("button", { name: "Add user" }).click();
const addedRow = page.locator("tr", { hasText: user });
await expect(addedRow).toBeVisible();

await addedRow.getByLabel("Edit user roles").click();
for (const role of roles) {
await page.getByText(role).click();
}
await page.mouse.click(10, 10); // close the popover by clicking outside of it
}
15 changes: 12 additions & 3 deletions site/e2e/tests/organizationGroups.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,11 @@ import { expect, test } from "@playwright/test";
import {
createGroup,
createOrganization,
createOrganizationMember,
createUser,
setupApiCalls,
} from "../api";
import { defaultOrganizationName } from "../constants";
import { defaultOrganizationId, defaultOrganizationName } from "../constants";
import { expectUrl } from "../expectUrl";
import { login, randomName, requiresLicense } from "../helpers";
import { beforeCoderTest } from "../hooks";
Expand All @@ -32,6 +33,11 @@ test("create group", async ({ page }) => {

// Create a new organization
const org = await createOrganization();
const orgUserAdmin = await createOrganizationMember({
[org.id]: ["organization-user-admin"],
});

await login(page, orgUserAdmin);
await page.goto(`/organizations/${org.name}`);

// Navigate to groups page
Expand Down Expand Up @@ -64,8 +70,7 @@ test("create group", async ({ page }) => {
await expect(addedRow).toBeVisible();

// Ensure we can't add a user who isn't in the org
const otherOrg = await createOrganization();
const personToReject = await createUser(otherOrg.id);
const personToReject = await createUser(defaultOrganizationId);
await page
.getByPlaceholder("User email or username")
.fill(personToReject.email);
Expand Down Expand Up @@ -93,8 +98,12 @@ test("change quota settings", async ({ page }) => {
// Create a new organization and group
const org = await createOrganization();
const group = await createGroup(org.id);
const orgUserAdmin = await createOrganizationMember({
[org.id]: ["organization-user-admin"],
});

// Go to settings
await login(page, orgUserAdmin);
await page.goto(`/organizations/${org.name}/groups/${group.name}`);
await page.getByRole("button", { name: "Settings", exact: true }).click();
expectUrl(page).toHavePathName(
Expand Down
20 changes: 9 additions & 11 deletions site/e2e/tests/organizationMembers.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import { expect, test } from "@playwright/test";
import { setupApiCalls } from "../api";
import {
addUserToOrganization,
createOrganization,
createUser,
login,
Expand All @@ -18,25 +19,22 @@ test("add and remove organization member", async ({ page }) => {
requiresLicense();

// Create a new organization
const { displayName } = await createOrganization(page);
const { name: orgName, displayName } = await createOrganization(page);

// Navigate to members page
await page.getByRole("link", { name: "Members" }).click();
await expect(page).toHaveTitle(`Members - ${displayName} - Coder`);

// Add a user to the org
const personToAdd = await createUser(page);
await page.getByPlaceholder("User email or username").fill(personToAdd.email);
await page.getByRole("option", { name: personToAdd.email }).click();
await page.getByRole("button", { name: "Add user" }).click();
const addedRow = page.locator("tr", { hasText: personToAdd.email });
await expect(addedRow).toBeVisible();
// This must be done as an admin, because you can't assign a role that has more
// permissions than you, even if you have the ability to assign roles.
await addUserToOrganization(page, orgName, personToAdd.email, [
"Organization User Admin",
"Organization Template Admin",
]);

// Give them a role
await addedRow.getByLabel("Edit user roles").click();
await page.getByText("Organization User Admin").click();
await page.getByText("Organization Template Admin").click();
await page.mouse.click(10, 10); // close the popover by clicking outside of it
const addedRow = page.locator("tr", { hasText: personToAdd.email });
await expect(addedRow.getByText("Organization User Admin")).toBeVisible();
await expect(addedRow.getByText("+1 more")).toBeVisible();

Expand Down