diff options
Diffstat (limited to 'cypress')
-rw-r--r-- | cypress/e2e/core/header_access-levels.cy.ts | 118 | ||||
-rw-r--r-- | cypress/e2e/login/login.cy.ts | 5 | ||||
-rw-r--r-- | cypress/e2e/settings/access-levels.cy.ts | 78 | ||||
-rw-r--r-- | cypress/e2e/settings/usersUtils.ts | 16 | ||||
-rw-r--r-- | cypress/e2e/settings/users_disable.cy.ts | 3 | ||||
-rw-r--r-- | cypress/e2e/settings/users_modify.cy.ts | 3 | ||||
-rw-r--r-- | cypress/support/commonUtils.ts | 37 |
7 files changed, 240 insertions, 20 deletions
diff --git a/cypress/e2e/core/header_access-levels.cy.ts b/cypress/e2e/core/header_access-levels.cy.ts new file mode 100644 index 00000000000..d1529376cf9 --- /dev/null +++ b/cypress/e2e/core/header_access-levels.cy.ts @@ -0,0 +1,118 @@ +/** + * @copyright Copyright (c) 2023 Ferdinand Thiessen <opensource@fthiessen.de> + * + * @author Ferdinand Thiessen <opensource@fthiessen.de> + * + * @license AGPL-3.0-or-later + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +import { User } from '@nextcloud/cypress' +import { clearState, getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils' + +const admin = new User('admin', 'admin') + +describe('Header: Ensure regular users do not have admin settings in the Settings menu', { testIsolation: true }, () => { + beforeEach(() => { + clearState() + }) + + it('Regular users can see basic items in the Settings menu', () => { + // Given I am logged in + cy.createRandomUser().then(($user) => { + cy.login($user) + cy.visit('/') + }) + // I open the settings menu + getNextcloudUserMenuToggle().click() + + getNextcloudUserMenu().find('ul').within(($el) => { + // I see the settings menu is open + cy.wrap($el).should('be.visible') + + // I see that the Settings menu has only 6 items + cy.get('li').should('have.length', 6) + // I see that the "View profile" item in the Settings menu is shown + cy.contains('li', 'View profile').should('be.visible') + // I see that the "Set status" item in the Settings menu is shown + cy.contains('li', 'Set status').should('be.visible') + // I see that the "Appearance and accessibility" item in the Settings menu is shown + cy.contains('li', 'Appearance and accessibility').should('be.visible') + // I see that the "Settings" item in the Settings menu is shown + cy.contains('li', 'Settings').should('be.visible') + // I see that the "Help" item in the Settings menu is shown + cy.contains('li', 'Help').should('be.visible') + // I see that the "Log out" item in the Settings menu is shown + cy.contains('li', 'Log out').should('be.visible') + }) + }) + + it('Regular users cannot see admin-level items in the Settings menu', () => { + // Given I am logged in + cy.createRandomUser().then(($user) => { + cy.login($user) + cy.visit('/') + }) + // I open the settings menu + getNextcloudUserMenuToggle().click() + + getNextcloudUserMenu().find('ul').within(($el) => { + // I see the settings menu is open + cy.wrap($el).should('be.visible') + + // I see that the "Users" item in the Settings menu is NOT shown + cy.contains('li', 'Users').should('not.exist') + // I see that the "Administration settings" item in the Settings menu is NOT shown + cy.contains('li', 'Administration settings').should('not.exist') + cy.get('#admin_settings').should('not.exist') + }) + }) + + it('Admin users can see admin-level items in the Settings menu', () => { + // Given I am logged in + cy.login(admin) + cy.visit('/') + + // I open the settings menu + getNextcloudUserMenuToggle().click() + + getNextcloudUserMenu().find('ul').within(($el) => { + // I see the settings menu is open + cy.wrap($el).should('be.visible') + + // I see that the Settings menu has only 9 items + cy.get('li').should('have.length', 9) + // I see that the "Set status" item in the Settings menu is shown + cy.contains('li', 'View profile').should('be.visible') + // I see that the "Set status" item in the Settings menu is shown + cy.contains('li', 'Set status').should('be.visible') + // I see that the "Appearance and accessibility" item in the Settings menu is shown + cy.contains('li', 'Appearance and accessibility').should('be.visible') + // I see that the "Personal Settings" item in the Settings menu is shown + cy.contains('li', 'Personal settings').should('be.visible') + // I see that the "Administration settings" item in the Settings menu is shown + cy.contains('li', 'Administration settings').should('be.visible') + // I see that the "Apps" item in the Settings menu is shown + cy.contains('li', 'Apps').should('be.visible') + // I see that the "Users" item in the Settings menu is shown + cy.contains('li', 'Users').should('be.visible') + // I see that the "Help" item in the Settings menu is shown + cy.contains('li', 'Help').should('be.visible') + // I see that the "Log out" item in the Settings menu is shown + cy.contains('li', 'Log out').should('be.visible') + }) + }) +}) diff --git a/cypress/e2e/login/login.cy.ts b/cypress/e2e/login/login.cy.ts index 133e56e0256..478512884f6 100644 --- a/cypress/e2e/login/login.cy.ts +++ b/cypress/e2e/login/login.cy.ts @@ -1,4 +1,5 @@ import type { User } from '@nextcloud/cypress' +import { getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils' describe('Login', () => { let user: User @@ -137,8 +138,8 @@ describe('Login', () => { cy.url().should('match', /apps\/dashboard(\/|$)/) // When click logout - cy.get('#user-menu > button').should('exist').click() - cy.get('#logout a').should('contain.text', 'Log out').click() + getNextcloudUserMenuToggle().should('exist').click() + getNextcloudUserMenu().contains('a', 'Log out').click() // Then I see that the current page is the Login page cy.url().should('match', /\/login/) diff --git a/cypress/e2e/settings/access-levels.cy.ts b/cypress/e2e/settings/access-levels.cy.ts new file mode 100644 index 00000000000..ac02d607de2 --- /dev/null +++ b/cypress/e2e/settings/access-levels.cy.ts @@ -0,0 +1,78 @@ +/** + * @copyright Copyright (c) 2023 Ferdinand Thiessen <opensource@fthiessen.de> + * + * @author Ferdinand Thiessen <opensource@fthiessen.de> + * + * @license AGPL-3.0-or-later + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +import { User } from '@nextcloud/cypress' +import { clearState, getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils' + +const admin = new User('admin', 'admin') + +describe('Settings: Ensure only administrator can see the administration settings section', { testIsolation: true }, () => { + beforeEach(() => { + clearState() + }) + + it('Regular users cannot see admin-level items on the Settings page', () => { + // Given I am logged in + cy.createRandomUser().then(($user) => { + cy.login($user) + cy.visit('/') + }) + + // I open the settings menu + getNextcloudUserMenuToggle().click() + // I navigate to the settings panel + getNextcloudUserMenu().find('#settings a').click() + cy.url().should('match', /\/settings\/user$/) + + cy.get('#app-navigation').should('be.visible').within(() => { + // I see the personal section is NOT shown + cy.get('#app-navigation-caption-personal').should('not.exist') + // I see the admin section is NOT shown + cy.get('#app-navigation-caption-administration').should('not.exist') + + // I see that the "Personal info" entry in the settings panel is shown + cy.get('[data-section-id="personal-info"]').should('exist').and('be.visible') + }) + }) + + it('Admin users can see admin-level items on the Settings page', () => { + // Given I am logged in + cy.login(admin) + cy.visit('/') + + // I open the settings menu + getNextcloudUserMenuToggle().click() + // I navigate to the settings panel + getNextcloudUserMenu().find('#settings a').click() + cy.url().should('match', /\/settings\/user$/) + + cy.get('#app-navigation').should('be.visible').within(() => { + // I see the personal section is shown + cy.get('#app-navigation-caption-personal').should('be.visible') + // I see the admin section is shown + cy.get('#app-navigation-caption-administration').should('be.visible') + + // I see that the "Personal info" entry in the settings panel is shown + cy.get('[data-section-id="personal-info"]').should('exist').and('be.visible') + }) + }) +}) diff --git a/cypress/e2e/settings/usersUtils.ts b/cypress/e2e/settings/usersUtils.ts index 0537f5b0ecb..56eff5e7d7d 100644 --- a/cypress/e2e/settings/usersUtils.ts +++ b/cypress/e2e/settings/usersUtils.ts @@ -36,22 +36,6 @@ export function assertNotExistOrNotVisible(element: JQuery<HTMLElement>) { } /** - * Helper function ensure users and groups in this tests have a clean state - */ -export function clearState() { - // cleanup ignoring any failures - cy.runOccCommand('group:list --output=json').then(($result) => { - const groups = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin') - groups.forEach((groupID) => cy.runOccCommand(`group:delete '${groupID}'`)) - }) - - cy.runOccCommand('user:list --output=json').then(($result) => { - const users = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin') - users.forEach((userID) => cy.runOccCommand(`user:delete '${userID}'`)) - }) -} - -/** * Get the settings users list * @return Cypress chainable object */ diff --git a/cypress/e2e/settings/users_disable.cy.ts b/cypress/e2e/settings/users_disable.cy.ts index e63ba4fc3d6..1218d4f770b 100644 --- a/cypress/e2e/settings/users_disable.cy.ts +++ b/cypress/e2e/settings/users_disable.cy.ts @@ -21,7 +21,8 @@ */ import { User } from '@nextcloud/cypress' -import { clearState, getUserListRow } from './usersUtils' +import { getUserListRow } from './usersUtils' +import { clearState } from '../../support/commonUtils' const admin = new User('admin', 'admin') diff --git a/cypress/e2e/settings/users_modify.cy.ts b/cypress/e2e/settings/users_modify.cy.ts index ee3d1f37c02..b230fb998a5 100644 --- a/cypress/e2e/settings/users_modify.cy.ts +++ b/cypress/e2e/settings/users_modify.cy.ts @@ -21,7 +21,8 @@ */ import { User } from '@nextcloud/cypress' -import { clearState, getUserListRow, handlePasswordConfirmation, toggleEditButton, waitLoading } from './usersUtils' +import { getUserListRow, handlePasswordConfirmation, toggleEditButton, waitLoading } from './usersUtils' +import { clearState } from '../../support/commonUtils' const admin = new User('admin', 'admin') diff --git a/cypress/support/commonUtils.ts b/cypress/support/commonUtils.ts new file mode 100644 index 00000000000..5f0feae4824 --- /dev/null +++ b/cypress/support/commonUtils.ts @@ -0,0 +1,37 @@ +/** + * Get the header navigation bar + */ +export function getNextcloudHeader() { + return cy.get('#header') +} + +/** + * Get user menu in the header navigation bar + */ +export function getNextcloudUserMenu() { + return getNextcloudHeader().find('#user-menu') +} + +/** + * Get the user menu toggle in the header navigation bar + */ +export function getNextcloudUserMenuToggle() { + return getNextcloudUserMenu().find('.header-menu__trigger').should('have.length', 1) +} + +/** + * Helper function ensure users and groups in this tests have a clean state + * Deletes all users (except admin) and groups + */ +export function clearState() { + // cleanup ignoring any failures + cy.runOccCommand('group:list --output=json').then(($result) => { + const groups = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin') + groups.forEach((groupID) => cy.runOccCommand(`group:delete '${groupID}'`)) + }) + + cy.runOccCommand('user:list --output=json').then(($result) => { + const users = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin') + users.forEach((userID) => cy.runOccCommand(`user:delete '${userID}'`)) + }) +} |