diff --git a/site/e2e/api.ts b/site/e2e/api.ts index 902485b7b15b6..0dc9e46831708 100644 --- a/site/e2e/api.ts +++ b/site/e2e/api.ts @@ -3,8 +3,8 @@ import { expect } from "@playwright/test"; import { API, type DeploymentConfig } from "api/api"; import type { SerpentOption } from "api/typesGenerated"; import { formatDuration, intervalToDuration } from "date-fns"; -import { coderPort } from "./constants"; -import { findSessionToken, randomName } from "./helpers"; +import { coderPort, defaultPassword } from "./constants"; +import { type LoginOptions, findSessionToken, randomName } from "./helpers"; let currentOrgId: string; @@ -29,14 +29,40 @@ export const createUser = async (...orgIds: string[]) => { email: `${name}@coder.com`, username: name, name: name, - password: "s3cure&password!", + password: defaultPassword, login_type: "password", organization_ids: orgIds, user_status: null, }); + return user; }; +export const createOrganizationMember = async ( + orgRoles: Record, +): Promise => { + const name = randomName(); + const user = await API.createUser({ + email: `${name}@coder.com`, + username: name, + name: name, + password: defaultPassword, + login_type: "password", + organization_ids: Object.keys(orgRoles), + user_status: null, + }); + + for (const [org, roles] of Object.entries(orgRoles)) { + API.updateOrganizationMemberRoles(org, user.id, roles); + } + + return { + username: user.username, + email: user.email, + password: defaultPassword, + }; +}; + export const createGroup = async (orgId: string) => { const name = randomName(); const group = await API.createGroup(orgId, { diff --git a/site/e2e/constants.ts b/site/e2e/constants.ts index 4fcada0e6d15b..4d2d9099692d5 100644 --- a/site/e2e/constants.ts +++ b/site/e2e/constants.ts @@ -15,6 +15,7 @@ export const coderdPProfPort = 6062; // The name of the organization that should be used by default when needed. export const defaultOrganizationName = "coder"; +export const defaultOrganizationId = "00000000-0000-0000-0000-000000000000"; export const defaultPassword = "SomeSecurePassword!"; // Credentials for users @@ -30,6 +31,12 @@ export const users = { email: "templateadmin@coder.com", roles: ["Template Admin"], }, + userAdmin: { + username: "user-admin", + password: defaultPassword, + email: "useradmin@coder.com", + roles: ["User Admin"], + }, auditor: { username: "auditor", password: defaultPassword, diff --git a/site/e2e/helpers.ts b/site/e2e/helpers.ts index 5692909355fca..24b46d47a151b 100644 --- a/site/e2e/helpers.ts +++ b/site/e2e/helpers.ts @@ -61,7 +61,7 @@ export function requireTerraformProvisioner() { test.skip(!requireTerraformTests); } -type LoginOptions = { +export type LoginOptions = { username: string; email: string; password: string; @@ -1127,3 +1127,30 @@ export async function createOrganization(page: Page): Promise<{ return { name, displayName, description }; } + +/** + * @param organization organization name + * @param user user email or username + */ +export async function addUserToOrganization( + page: Page, + organization: string, + user: string, + roles: string[] = [], +): Promise { + await page.goto(`/organizations/${organization}`, { + waitUntil: "domcontentloaded", + }); + + await page.getByPlaceholder("User email or username").fill(user); + await page.getByRole("option", { name: user }).click(); + await page.getByRole("button", { name: "Add user" }).click(); + const addedRow = page.locator("tr", { hasText: user }); + await expect(addedRow).toBeVisible(); + + await addedRow.getByLabel("Edit user roles").click(); + for (const role of roles) { + await page.getByText(role).click(); + } + await page.mouse.click(10, 10); // close the popover by clicking outside of it +} diff --git a/site/e2e/tests/organizationGroups.spec.ts b/site/e2e/tests/organizationGroups.spec.ts index dff12ab91c453..6e8aa74a4bf8b 100644 --- a/site/e2e/tests/organizationGroups.spec.ts +++ b/site/e2e/tests/organizationGroups.spec.ts @@ -2,10 +2,11 @@ import { expect, test } from "@playwright/test"; import { createGroup, createOrganization, + createOrganizationMember, createUser, setupApiCalls, } from "../api"; -import { defaultOrganizationName } from "../constants"; +import { defaultOrganizationId, defaultOrganizationName } from "../constants"; import { expectUrl } from "../expectUrl"; import { login, randomName, requiresLicense } from "../helpers"; import { beforeCoderTest } from "../hooks"; @@ -32,6 +33,11 @@ test("create group", async ({ page }) => { // Create a new organization const org = await createOrganization(); + const orgUserAdmin = await createOrganizationMember({ + [org.id]: ["organization-user-admin"], + }); + + await login(page, orgUserAdmin); await page.goto(`/organizations/${org.name}`); // Navigate to groups page @@ -64,8 +70,7 @@ test("create group", async ({ page }) => { await expect(addedRow).toBeVisible(); // Ensure we can't add a user who isn't in the org - const otherOrg = await createOrganization(); - const personToReject = await createUser(otherOrg.id); + const personToReject = await createUser(defaultOrganizationId); await page .getByPlaceholder("User email or username") .fill(personToReject.email); @@ -93,8 +98,12 @@ test("change quota settings", async ({ page }) => { // Create a new organization and group const org = await createOrganization(); const group = await createGroup(org.id); + const orgUserAdmin = await createOrganizationMember({ + [org.id]: ["organization-user-admin"], + }); // Go to settings + await login(page, orgUserAdmin); await page.goto(`/organizations/${org.name}/groups/${group.name}`); await page.getByRole("button", { name: "Settings", exact: true }).click(); expectUrl(page).toHavePathName( diff --git a/site/e2e/tests/organizationMembers.spec.ts b/site/e2e/tests/organizationMembers.spec.ts index 9edb2eb922ab8..51c3491ae3d62 100644 --- a/site/e2e/tests/organizationMembers.spec.ts +++ b/site/e2e/tests/organizationMembers.spec.ts @@ -1,6 +1,7 @@ import { expect, test } from "@playwright/test"; import { setupApiCalls } from "../api"; import { + addUserToOrganization, createOrganization, createUser, login, @@ -18,7 +19,7 @@ test("add and remove organization member", async ({ page }) => { requiresLicense(); // Create a new organization - const { displayName } = await createOrganization(page); + const { name: orgName, displayName } = await createOrganization(page); // Navigate to members page await page.getByRole("link", { name: "Members" }).click(); @@ -26,17 +27,14 @@ test("add and remove organization member", async ({ page }) => { // Add a user to the org const personToAdd = await createUser(page); - await page.getByPlaceholder("User email or username").fill(personToAdd.email); - await page.getByRole("option", { name: personToAdd.email }).click(); - await page.getByRole("button", { name: "Add user" }).click(); - const addedRow = page.locator("tr", { hasText: personToAdd.email }); - await expect(addedRow).toBeVisible(); + // This must be done as an admin, because you can't assign a role that has more + // permissions than you, even if you have the ability to assign roles. + await addUserToOrganization(page, orgName, personToAdd.email, [ + "Organization User Admin", + "Organization Template Admin", + ]); - // Give them a role - await addedRow.getByLabel("Edit user roles").click(); - await page.getByText("Organization User Admin").click(); - await page.getByText("Organization Template Admin").click(); - await page.mouse.click(10, 10); // close the popover by clicking outside of it + const addedRow = page.locator("tr", { hasText: personToAdd.email }); await expect(addedRow.getByText("Organization User Admin")).toBeVisible(); await expect(addedRow.getByText("+1 more")).toBeVisible();