diff --git a/qa-core/src/config/internal-api/TestConfiguration/userManagement.ts b/qa-core/src/config/internal-api/TestConfiguration/userManagement.ts index b10eafa217..12a52034cc 100644 --- a/qa-core/src/config/internal-api/TestConfiguration/userManagement.ts +++ b/qa-core/src/config/internal-api/TestConfiguration/userManagement.ts @@ -1,5 +1,5 @@ import { Response } from "node-fetch" -import { Role, User, UserDeletedEvent } from "@budibase/types" +import { Role, User, UserDeletedEvent, UserRoles } from "@budibase/types" import InternalAPIClient from "./InternalAPIClient" import { responseMessage } from "../fixtures/types/responseMessage" @@ -87,7 +87,6 @@ export default class UserManagementApi { const response = await this.api.get(`/roles`) const json = await response.json() expect(response).toHaveStatusCode(200) - expect(json.length).toEqual(4) return [response, json] } @@ -124,4 +123,11 @@ export default class UserManagementApi { expect(json._rev).not.toEqual(body._rev) return [response, json] } + + async createRole(body: Partial): Promise<[Response, UserRoles]> { + const response = await this.api.post(`/roles`, { body }) + const json = await response.json() + expect(response).toHaveStatusCode(200) + return [response, json] + } } \ No newline at end of file diff --git a/qa-core/src/tests/internal-api/userManagement/appSpecificRoles.spec.ts b/qa-core/src/tests/internal-api/userManagement/appSpecificRoles.spec.ts index cda597bb8c..d27e846b22 100644 --- a/qa-core/src/tests/internal-api/userManagement/appSpecificRoles.spec.ts +++ b/qa-core/src/tests/internal-api/userManagement/appSpecificRoles.spec.ts @@ -252,72 +252,376 @@ describe("Internal API - App Specific Roles & Permissions", () => { }) it("Check Screen access for POWER role", async () => { + // Set up user const appUser = generateUser() expect(appUser[0].builder?.global).toEqual(false) expect(appUser[0].admin?.global).toEqual(false) const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + // Create App const app = await config.applications.create(generateApp()) - config.applications.api.appId = app.appId + // Update user roles const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID const body: User = { ...userInfoJson, roles: { - [app.appId!]: "POWER", + [prodAppId]: "POWER", } } await config.users.updateInfo(body) const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) - expect(changedUserInfoJson.roles[app.appId!]).toBeDefined() - expect(changedUserInfoJson.roles[app.appId!]).toEqual("POWER") + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual("POWER") await config.screen.create(generateScreen("BASIC")) await config.screen.create(generateScreen("POWER")) await config.screen.create(generateScreen("ADMIN")) await config.applications.publish(app.url) - const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId!) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) expect(firstappPackageJson.screens).toBeDefined() expect(firstappPackageJson.screens.length).toEqual(3) + // login with POWER user await config.login(appUser[0].email!, appUser[0].password!) - const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) expect(appPackageJson.screens).toBeDefined() expect(appPackageJson.screens.length).toEqual(2) }) it("Check Screen access for ADMIN role", async () => { + // Set up user const appUser = generateUser() expect(appUser[0].builder?.global).toEqual(false) expect(appUser[0].admin?.global).toEqual(false) const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + // Create App const app = await config.applications.create(generateApp()) config.applications.api.appId = app.appId + // Update user roles const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID const body: User = { ...userInfoJson, roles: { - [app.appId]: "ADMIN", + [prodAppId]: "ADMIN", } } await config.users.updateInfo(body) const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) - expect(changedUserInfoJson.roles[app.appId]).toBeDefined() - expect(changedUserInfoJson.roles[app.appId]).toEqual("ADMIN") + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual("ADMIN") + + await config.screen.create(generateScreen("BASIC")) + await config.screen.create(generateScreen("POWER")) + await config.screen.create(generateScreen("ADMIN")) + + await config.applications.publish(app.url) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) + expect(firstappPackageJson.screens).toBeDefined() + expect(firstappPackageJson.screens.length).toEqual(3) + + // login with ADMIN user + await config.login(appUser[0].email!, appUser[0].password!) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) + expect(appPackageJson.screens).toBeDefined() + expect(appPackageJson.screens.length).toEqual(3) }) }) - describe.skip("Screen Access for custom roles", () => { - it("Custom role access for level 1 permissions", async () => { }) - it("Custom role access for level 2 permissions", async () => { }) - it("Custom role access for level 3 permissions", async () => { }) - it("Custom role access for level 4 permissions", async () => { }) - it("Custom role access for level 5 permissions", async () => { }) + describe("Screen Access for custom roles", () => { + it("Custom role access for level 1 permissions", async () => { + // Set up user + const appUser = generateUser() + expect(appUser[0].builder?.global).toEqual(false) + expect(appUser[0].admin?.global).toEqual(false) + const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + + // Create App + const app = await config.applications.create(generateApp()) + config.applications.api.appId = app.appId + + //Create level 1 role + const role = { + inherits: "BASIC", + permissionId: "public", + name: "level 1" + } + const [createRoleResponse, createRoleJson] = await config.users.createRole(role) + + + + // Update user roles + const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID + const body: User = { + ...userInfoJson, + roles: { + [prodAppId]: createRoleJson._id, + } + } + await config.users.updateInfo(body) + + const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual(createRoleJson._id) + + await config.screen.create(generateScreen("BASIC")) + await config.screen.create(generateScreen("POWER")) + await config.screen.create(generateScreen("ADMIN")) + + await config.applications.publish(app.url) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) + expect(firstappPackageJson.screens).toBeDefined() + expect(firstappPackageJson.screens.length).toEqual(3) + + // login with level 1 user + await config.login(appUser[0].email!, appUser[0].password!) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) + expect(appPackageJson.screens).toBeDefined() + expect(appPackageJson.screens.length).toEqual(1) + }) + it("Custom role access for level 2 permissions", async () => {// Set up user + const appUser = generateUser() + expect(appUser[0].builder?.global).toEqual(false) + expect(appUser[0].admin?.global).toEqual(false) + const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + + // Create App + const app = await config.applications.create(generateApp()) + config.applications.api.appId = app.appId + + //Create level 1 role + const role = { + inherits: "BASIC", + permissionId: "read_only", + name: "level 2" + } + const [createRoleResponse, createRoleJson] = await config.users.createRole(role) + + + + // Update user roles + const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID + const body: User = { + ...userInfoJson, + roles: { + [prodAppId]: createRoleJson._id, + } + } + await config.users.updateInfo(body) + + const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual(createRoleJson._id) + + await config.screen.create(generateScreen("BASIC")) + await config.screen.create(generateScreen("POWER")) + await config.screen.create(generateScreen("ADMIN")) + + await config.applications.publish(app.url) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) + expect(firstappPackageJson.screens).toBeDefined() + expect(firstappPackageJson.screens.length).toEqual(3) + + // login with level 1 user + await config.login(appUser[0].email!, appUser[0].password!) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) + expect(appPackageJson.screens).toBeDefined() + expect(appPackageJson.screens.length).toEqual(1) + }) + it("Custom role access for level 3 permissions", async () => { + const appUser = generateUser() + expect(appUser[0].builder?.global).toEqual(false) + expect(appUser[0].admin?.global).toEqual(false) + const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + + // Create App + const app = await config.applications.create(generateApp()) + config.applications.api.appId = app.appId + + //Create level 1 role + const role = { + inherits: "BASIC", + permissionId: "write", + name: "level 3" + } + const [createRoleResponse, createRoleJson] = await config.users.createRole(role) + + + + // Update user roles + const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID + const body: User = { + ...userInfoJson, + roles: { + [prodAppId]: createRoleJson._id, + } + } + await config.users.updateInfo(body) + + const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual(createRoleJson._id) + + await config.screen.create(generateScreen("BASIC")) + await config.screen.create(generateScreen("POWER")) + await config.screen.create(generateScreen("ADMIN")) + + await config.applications.publish(app.url) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) + expect(firstappPackageJson.screens).toBeDefined() + expect(firstappPackageJson.screens.length).toEqual(3) + + // login with level 1 user + await config.login(appUser[0].email!, appUser[0].password!) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) + expect(appPackageJson.screens).toBeDefined() + expect(appPackageJson.screens.length).toEqual(1) + }) + it("Custom role access for level 4 permissions", async () => { + const appUser = generateUser() + expect(appUser[0].builder?.global).toEqual(false) + expect(appUser[0].admin?.global).toEqual(false) + const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + + // Create App + const app = await config.applications.create(generateApp()) + config.applications.api.appId = app.appId + + //Create level 1 role + const role = { + inherits: "BASIC", + permissionId: "power", + name: "level 4" + } + const [createRoleResponse, createRoleJson] = await config.users.createRole(role) + + + + // Update user roles + const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID + const body: User = { + ...userInfoJson, + roles: { + [prodAppId]: createRoleJson._id, + } + } + await config.users.updateInfo(body) + + const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual(createRoleJson._id) + + await config.screen.create(generateScreen("BASIC")) + await config.screen.create(generateScreen("POWER")) + await config.screen.create(generateScreen("ADMIN")) + + await config.applications.publish(app.url) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) + expect(firstappPackageJson.screens).toBeDefined() + expect(firstappPackageJson.screens.length).toEqual(3) + + // login with level 1 user + await config.login(appUser[0].email!, appUser[0].password!) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) + expect(appPackageJson.screens).toBeDefined() + expect(appPackageJson.screens.length).toEqual(1) + }) + it("Custom role access for level 5 permissions", async () => { + const appUser = generateUser() + expect(appUser[0].builder?.global).toEqual(false) + expect(appUser[0].admin?.global).toEqual(false) + const [createUserResponse, createUserJson] = await config.users.addMultiple(appUser) + + // Create App + const app = await config.applications.create(generateApp()) + config.applications.api.appId = app.appId + + //Create level 1 role + const role = { + inherits: "BASIC", + permissionId: "admin", + name: "level 5" + } + const [createRoleResponse, createRoleJson] = await config.users.createRole(role) + + + + // Update user roles + const [userInfoResponse, userInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + const prodAppId = db.getProdAppID(app.appId!) + + // Roles must always be set with prod appID + const body: User = { + ...userInfoJson, + roles: { + [prodAppId]: createRoleJson._id, + } + } + await config.users.updateInfo(body) + + const [changedUserInfoResponse, changedUserInfoJson] = await config.users.getInfo(createUserJson.created.successful[0]._id) + expect(changedUserInfoJson.roles[prodAppId]).toBeDefined() + expect(changedUserInfoJson.roles[prodAppId]).toEqual(createRoleJson._id) + + await config.screen.create(generateScreen("BASIC")) + await config.screen.create(generateScreen("POWER")) + await config.screen.create(generateScreen("ADMIN")) + + await config.applications.publish(app.url) + const [firstappPackageResponse, firstappPackageJson] = await config.applications.getAppPackage(app.appId) + expect(firstappPackageJson.screens).toBeDefined() + expect(firstappPackageJson.screens.length).toEqual(3) + + // login with level 1 user + await config.login(appUser[0].email!, appUser[0].password!) + const [selfInfoResponse, selfInfoJson] = await config.users.getSelf() + + // fetch app package + const [appPackageResponse, appPackageJson] = await config.applications.getAppPackage(app.appId!) + expect(appPackageJson.screens).toBeDefined() + expect(appPackageJson.screens.length).toEqual(1) + }) }) })