chore: add e2e tests for organization auditors (coder#16899)

aslilac · web-flow · commit 49a35e378433 · 2025-03-18T09:10:42.000-06:00
diff --git a/site/e2e/api.ts b/site/e2e/api.ts
@@ -38,15 +38,25 @@ export const createUser = async (...orgIds: string[]) => {
 	return user;
 };
 
-export const createOrganizationMember = async (
-	orgRoles: Record<string, string[]>,
-): Promise<LoginOptions> => {
+type CreateOrganizationMemberOptions = {
+	username?: string;
+	email?: string;
+	password?: string;
+	orgRoles: Record<string, string[]>;
+};
+
+export const createOrganizationMember = async ({
+	username = randomName(),
+	email = `${username}@coder.com`,
+	password = defaultPassword,
+	orgRoles,
+}: CreateOrganizationMemberOptions): Promise<LoginOptions> => {
 	const name = randomName();
 	const user = await API.createUser({
-		email: `${name}@coder.com`,
-		username: name,
-		name: name,
-		password: defaultPassword,
+		email,
+		username,
+		name: username,
+		password,
 		login_type: "password",
 		organization_ids: Object.keys(orgRoles),
 		user_status: null,
@@ -59,7 +69,7 @@ export const createOrganizationMember = async (
 	return {
 		username: user.username,
 		email: user.email,
-		password: defaultPassword,
+		password,
 	};
 };
 
@@ -74,8 +84,7 @@ export const createGroup = async (orgId: string) => {
 	return group;
 };
 
-export const createOrganization = async () => {
-	const name = randomName();
+export const createOrganization = async (name = randomName()) => {
 	const org = await API.createOrganization({
 		name,
 		display_name: `Org ${name}`,
diff --git a/site/e2e/tests/organizationGroups.spec.ts b/site/e2e/tests/organizationGroups.spec.ts
@@ -34,7 +34,9 @@ test("create group", async ({ page }) => {
 	// Create a new organization
 	const org = await createOrganization();
 	const orgUserAdmin = await createOrganizationMember({
-		[org.id]: ["organization-user-admin"],
+		orgRoles: {
+			[org.id]: ["organization-user-admin"],
+		},
 	});
 
 	await login(page, orgUserAdmin);
@@ -99,7 +101,9 @@ test("change quota settings", async ({ page }) => {
 	const org = await createOrganization();
 	const group = await createGroup(org.id);
 	const orgUserAdmin = await createOrganizationMember({
-		[org.id]: ["organization-user-admin"],
+		orgRoles: {
+			[org.id]: ["organization-user-admin"],
+		},
 	});
 
 	// Go to settings
diff --git a/site/e2e/tests/organizations/auditLogs.spec.ts b/site/e2e/tests/organizations/auditLogs.spec.ts
@@ -0,0 +1,92 @@
+import { type Page, expect, test } from "@playwright/test";
+import {
+	createOrganization,
+	createOrganizationMember,
+	setupApiCalls,
+} from "../../api";
+import { defaultPassword, users } from "../../constants";
+import { login, randomName, requiresLicense } from "../../helpers";
+import { beforeCoderTest } from "../../hooks";
+
+test.describe.configure({ mode: "parallel" });
+
+const orgName = randomName();
+
+const orgAuditor = {
+	username: `org-auditor-${orgName}`,
+	password: defaultPassword,
+	email: `org-auditor-${orgName}@coder.com`,
+};
+
+test.beforeEach(({ page }) => {
+	beforeCoderTest(page);
+});
+
+test.describe("organization scoped audit logs", () => {
+	requiresLicense();
+
+	test.beforeAll(async ({ browser }) => {
+		const context = await browser.newContext();
+		const page = await context.newPage();
+
+		await login(page);
+		await setupApiCalls(page);
+
+		const org = await createOrganization(orgName);
+		await createOrganizationMember({
+			...orgAuditor,
+			orgRoles: {
+				[org.id]: ["organization-auditor"],
+			},
+		});
+
+		await context.close();
+	});
+
+	test("organization auditors cannot see logins", async ({ page }) => {
+		// Go to the audit history
+		await login(page, orgAuditor);
+		await page.goto("/audit");
+		const username = orgAuditor.username;
+
+		const loginMessage = `${username} logged in`;
+		// Make sure those things we did all actually show up
+		await expect(page.getByText(loginMessage).first()).not.toBeVisible();
+	});
+
+	test("creating organization is logged", async ({ page }) => {
+		await login(page, orgAuditor);
+
+		// Go to the audit history
+		await page.goto("/audit", { waitUntil: "domcontentloaded" });
+
+		const auditLogText = `${users.owner.username} created organization ${orgName}`;
+		const org = page.locator(".MuiTableRow-root", {
+			hasText: auditLogText,
+		});
+		await org.scrollIntoViewIfNeeded();
+		await expect(org).toBeVisible();
+
+		await org.getByLabel("open-dropdown").click();
+		await expect(org.getByText(`icon: "/emojis/1f957.png"`)).toBeVisible();
+	});
+
+	test("assigning an organization role is logged", async ({ page }) => {
+		await login(page, orgAuditor);
+
+		// Go to the audit history
+		await page.goto("/audit", { waitUntil: "domcontentloaded" });
+
+		const auditLogText = `${users.owner.username} updated organization member ${orgAuditor.username}`;
+		const member = page.locator(".MuiTableRow-root", {
+			hasText: auditLogText,
+		});
+		await member.scrollIntoViewIfNeeded();
+		await expect(member).toBeVisible();
+
+		await member.getByLabel("open-dropdown").click();
+		await expect(
+			member.getByText(`roles: ["organization-auditor"]`),
+		).toBeVisible();
+	});
+});
diff --git a/site/e2e/tests/roles.spec.ts b/site/e2e/tests/roles.spec.ts
@@ -106,7 +106,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org template admin can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgTemplateAdmin = await createOrganizationMember({
-			[org.id]: ["organization-template-admin"],
+			orgRoles: {
+				[org.id]: ["organization-template-admin"],
+			},
 		});
 
 		await login(page, orgTemplateAdmin);
@@ -118,7 +120,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org user admin can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgUserAdmin = await createOrganizationMember({
-			[org.id]: ["organization-user-admin"],
+			orgRoles: {
+				[org.id]: ["organization-user-admin"],
+			},
 		});
 
 		await login(page, orgUserAdmin);
@@ -130,7 +134,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org auditor can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgAuditor = await createOrganizationMember({
-			[org.id]: ["organization-auditor"],
+			orgRoles: {
+				[org.id]: ["organization-auditor"],
+			},
 		});
 
 		await login(page, orgAuditor);
@@ -142,7 +148,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org admin can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgAdmin = await createOrganizationMember({
-			[org.id]: ["organization-admin"],
+			orgRoles: {
+				[org.id]: ["organization-admin"],
+			},
 		});
 
 		await login(page, orgAdmin);
