Merge pull request #41137 from nextcloud/chore/migrate-access-level-cypress

chore(cypress): Migrate access-level tests from Behat to Cypress
author: Ferdinand Thiessen <opensource@fthiessen.de> 2023-11-02 17:44:52 +0100
committer: GitHub <noreply@github.com> 2023-11-02 17:44:52 +0100
commit: 84421f4c7c82946015efb7ef00985e4f7c0c0428 (patch)
tree: 32d735fbdee063c4fa24707e47d0e831075ced63 /cypress
parent: 81d2828e9085ef3bea1299a977c8f281e938b7c1 (diff)
parent: 8e2824ea24d01908ec9d8f14fa7449353854d476 (diff)
download: nextcloud-server-84421f4c7c82946015efb7ef00985e4f7c0c0428.tar.gz
nextcloud-server-84421f4c7c82946015efb7ef00985e4f7c0c0428.zip
7 files changed, 240 insertions, 20 deletions
diff --git a/cypress/e2e/core/header_access-levels.cy.ts b/cypress/e2e/core/header_access-levels.cy.ts
new file mode 100644
index 00000000000..d1529376cf9
--- /dev/null
+++ b/cypress/e2e/core/header_access-levels.cy.ts
@@ -0,0 +1,118 @@
+/**
+ * @copyright Copyright (c) 2023 Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @author Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import { User } from '@nextcloud/cypress'
+import { clearState, getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils'
+
+const admin = new User('admin', 'admin')
+
+describe('Header: Ensure regular users do not have admin settings in the Settings menu', { testIsolation: true }, () => {
+	beforeEach(() => {
+		clearState()
+	})
+
+	it('Regular users can see basic items in the Settings menu', () => {
+		// Given I am logged in
+		cy.createRandomUser().then(($user) => {
+			cy.login($user)
+			cy.visit('/')
+		})
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+
+		getNextcloudUserMenu().find('ul').within(($el) => {
+			// I see the settings menu is open
+			cy.wrap($el).should('be.visible')
+
+			// I see that the Settings menu has only 6 items
+			cy.get('li').should('have.length', 6)
+			// I see that the "View profile" item in the Settings menu is shown
+			cy.contains('li', 'View profile').should('be.visible')
+			// I see that the "Set status" item in the Settings menu is shown
+			cy.contains('li', 'Set status').should('be.visible')
+			// I see that the "Appearance and accessibility" item in the Settings menu is shown
+			cy.contains('li', 'Appearance and accessibility').should('be.visible')
+			// I see that the "Settings" item in the Settings menu is shown
+			cy.contains('li', 'Settings').should('be.visible')
+			// I see that the "Help" item in the Settings menu is shown
+			cy.contains('li', 'Help').should('be.visible')
+			// I see that the "Log out" item in the Settings menu is shown
+			cy.contains('li', 'Log out').should('be.visible')
+		})
+	})
+
+	it('Regular users cannot see admin-level items in the Settings menu', () => {
+		// Given I am logged in
+		cy.createRandomUser().then(($user) => {
+			cy.login($user)
+			cy.visit('/')
+		})
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+
+		getNextcloudUserMenu().find('ul').within(($el) => {
+			// I see the settings menu is open
+			cy.wrap($el).should('be.visible')
+
+			// I see that the "Users" item in the Settings menu is NOT shown
+			cy.contains('li', 'Users').should('not.exist')
+			// I see that the "Administration settings" item in the Settings menu is NOT shown
+			cy.contains('li', 'Administration settings').should('not.exist')
+			cy.get('#admin_settings').should('not.exist')
+		})
+	})
+
+	it('Admin users can see admin-level items in the Settings menu', () => {
+		// Given I am logged in
+		cy.login(admin)
+		cy.visit('/')
+
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+
+		getNextcloudUserMenu().find('ul').within(($el) => {
+			// I see the settings menu is open
+			cy.wrap($el).should('be.visible')
+
+			// I see that the Settings menu has only 9 items
+			cy.get('li').should('have.length', 9)
+			// I see that the "Set status" item in the Settings menu is shown
+			cy.contains('li', 'View profile').should('be.visible')
+			// I see that the "Set status" item in the Settings menu is shown
+			cy.contains('li', 'Set status').should('be.visible')
+			// I see that the "Appearance and accessibility" item in the Settings menu is shown
+			cy.contains('li', 'Appearance and accessibility').should('be.visible')
+			// I see that the "Personal Settings" item in the Settings menu is shown
+			cy.contains('li', 'Personal settings').should('be.visible')
+			// I see that the "Administration settings" item in the Settings menu is shown
+			cy.contains('li', 'Administration settings').should('be.visible')
+			// I see that the "Apps" item in the Settings menu is shown
+			cy.contains('li', 'Apps').should('be.visible')
+			// I see that the "Users" item in the Settings menu is shown
+			cy.contains('li', 'Users').should('be.visible')
+			// I see that the "Help" item in the Settings menu is shown
+			cy.contains('li', 'Help').should('be.visible')
+			// I see that the "Log out" item in the Settings menu is shown
+			cy.contains('li', 'Log out').should('be.visible')
+		})
+	})
+})
diff --git a/cypress/e2e/login/login.cy.ts b/cypress/e2e/login/login.cy.ts
index 133e56e0256..478512884f6 100644
--- a/cypress/e2e/login/login.cy.ts
+++ b/cypress/e2e/login/login.cy.ts
@@ -1,4 +1,5 @@
 import type { User } from '@nextcloud/cypress'
+import { getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils'
 
 describe('Login', () => {
 	let user: User
@@ -137,8 +138,8 @@ describe('Login', () => {
 		cy.url().should('match', /apps\/dashboard(\/|$)/)
 
 		// When click logout
-		cy.get('#user-menu > button').should('exist').click()
-		cy.get('#logout a').should('contain.text', 'Log out').click()
+		getNextcloudUserMenuToggle().should('exist').click()
+		getNextcloudUserMenu().contains('a', 'Log out').click()
 
 		// Then I see that the current page is the Login page
 		cy.url().should('match', /\/login/)
diff --git a/cypress/e2e/settings/access-levels.cy.ts b/cypress/e2e/settings/access-levels.cy.ts
new file mode 100644
index 00000000000..ac02d607de2
--- /dev/null
+++ b/cypress/e2e/settings/access-levels.cy.ts
@@ -0,0 +1,78 @@
+/**
+ * @copyright Copyright (c) 2023 Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @author Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import { User } from '@nextcloud/cypress'
+import { clearState, getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils'
+
+const admin = new User('admin', 'admin')
+
+describe('Settings: Ensure only administrator can see the administration settings section', { testIsolation: true }, () => {
+	beforeEach(() => {
+		clearState()
+	})
+
+	it('Regular users cannot see admin-level items on the Settings page', () => {
+		// Given I am logged in
+		cy.createRandomUser().then(($user) => {
+			cy.login($user)
+			cy.visit('/')
+		})
+
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+		// I navigate to the settings panel
+		getNextcloudUserMenu().find('#settings a').click()
+		cy.url().should('match', /\/settings\/user$/)
+
+		cy.get('#app-navigation').should('be.visible').within(() => {
+			// I see the personal section is NOT shown
+			cy.get('#app-navigation-caption-personal').should('not.exist')
+			// I see the admin section is NOT shown
+			cy.get('#app-navigation-caption-administration').should('not.exist')
+
+			// I see that the "Personal info" entry in the settings panel is shown
+			cy.get('[data-section-id="personal-info"]').should('exist').and('be.visible')
+		})
+	})
+
+	it('Admin users can see admin-level items on the Settings page', () => {
+		// Given I am logged in
+		cy.login(admin)
+		cy.visit('/')
+
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+		// I navigate to the settings panel
+		getNextcloudUserMenu().find('#settings a').click()
+		cy.url().should('match', /\/settings\/user$/)
+
+		cy.get('#app-navigation').should('be.visible').within(() => {
+			// I see the personal section is shown
+			cy.get('#app-navigation-caption-personal').should('be.visible')
+			// I see the admin section is shown
+			cy.get('#app-navigation-caption-administration').should('be.visible')
+
+			// I see that the "Personal info" entry in the settings panel is shown
+			cy.get('[data-section-id="personal-info"]').should('exist').and('be.visible')
+		})
+	})
+})
diff --git a/cypress/e2e/settings/usersUtils.ts b/cypress/e2e/settings/usersUtils.ts
index 0537f5b0ecb..56eff5e7d7d 100644
--- a/cypress/e2e/settings/usersUtils.ts
+++ b/cypress/e2e/settings/usersUtils.ts
@@ -36,22 +36,6 @@ export function assertNotExistOrNotVisible(element: JQuery<HTMLElement>) {
 }
 
 /**
- * Helper function ensure users and groups in this tests have a clean state
- */
-export function clearState() {
-	// cleanup ignoring any failures
-	cy.runOccCommand('group:list --output=json').then(($result) => {
-		const groups = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
-		groups.forEach((groupID) => cy.runOccCommand(`group:delete '${groupID}'`))
-	})
-
-	cy.runOccCommand('user:list --output=json').then(($result) => {
-		const users = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
-		users.forEach((userID) => cy.runOccCommand(`user:delete '${userID}'`))
-	})
-}
-
-/**
  * Get the settings users list
  * @return Cypress chainable object
  */
diff --git a/cypress/e2e/settings/users_disable.cy.ts b/cypress/e2e/settings/users_disable.cy.ts
index e63ba4fc3d6..1218d4f770b 100644
--- a/cypress/e2e/settings/users_disable.cy.ts
+++ b/cypress/e2e/settings/users_disable.cy.ts
@@ -21,7 +21,8 @@
  */
 
 import { User } from '@nextcloud/cypress'
-import { clearState, getUserListRow } from './usersUtils'
+import { getUserListRow } from './usersUtils'
+import { clearState } from '../../support/commonUtils'
 
 const admin = new User('admin', 'admin')
 
diff --git a/cypress/e2e/settings/users_modify.cy.ts b/cypress/e2e/settings/users_modify.cy.ts
index ee3d1f37c02..b230fb998a5 100644
--- a/cypress/e2e/settings/users_modify.cy.ts
+++ b/cypress/e2e/settings/users_modify.cy.ts
@@ -21,7 +21,8 @@
  */
 
 import { User } from '@nextcloud/cypress'
-import { clearState, getUserListRow, handlePasswordConfirmation, toggleEditButton, waitLoading } from './usersUtils'
+import { getUserListRow, handlePasswordConfirmation, toggleEditButton, waitLoading } from './usersUtils'
+import { clearState } from '../../support/commonUtils'
 
 const admin = new User('admin', 'admin')
 
diff --git a/cypress/support/commonUtils.ts b/cypress/support/commonUtils.ts
new file mode 100644
index 00000000000..5f0feae4824
--- /dev/null
+++ b/cypress/support/commonUtils.ts
@@ -0,0 +1,37 @@
+/**
+ * Get the header navigation bar
+ */
+export function getNextcloudHeader() {
+	return cy.get('#header')
+}
+
+/**
+ * Get user menu in the header navigation bar
+ */
+export function getNextcloudUserMenu() {
+	return getNextcloudHeader().find('#user-menu')
+}
+
+/**
+ * Get the user menu toggle in the header navigation bar
+ */
+export function getNextcloudUserMenuToggle() {
+	return getNextcloudUserMenu().find('.header-menu__trigger').should('have.length', 1)
+}
+
+/**
+ * Helper function ensure users and groups in this tests have a clean state
+ * Deletes all users (except admin) and groups
+ */
+export function clearState() {
+	// cleanup ignoring any failures
+	cy.runOccCommand('group:list --output=json').then(($result) => {
+		const groups = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
+		groups.forEach((groupID) => cy.runOccCommand(`group:delete '${groupID}'`))
+	})
+
+	cy.runOccCommand('user:list --output=json').then(($result) => {
+		const users = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
+		users.forEach((userID) => cy.runOccCommand(`user:delete '${userID}'`))
+	})
+}
author	Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-02 17:44:52 +0100
committer	GitHub <noreply@github.com>	2023-11-02 17:44:52 +0100
commit	84421f4c7c82946015efb7ef00985e4f7c0c0428 (patch)
tree	32d735fbdee063c4fa24707e47d0e831075ced63 /cypress
parent	81d2828e9085ef3bea1299a977c8f281e938b7c1 (diff)
parent	8e2824ea24d01908ec9d8f14fa7449353854d476 (diff)
download	nextcloud-server-84421f4c7c82946015efb7ef00985e4f7c0c0428.tar.gz nextcloud-server-84421f4c7c82946015efb7ef00985e4f7c0c0428.zip