Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

fix: fix deployment settings navigation issues#16780

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
aslilac merged 3 commits intomainfromlilac/patches
Mar 3, 2025
Merged
Show file tree
Hide file tree
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
157 changes: 157 additions & 0 deletionssite/e2e/tests/roles.spec.ts
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,157 @@
import { type Page, expect, test } from "@playwright/test";
import {
createOrganization,
createOrganizationMember,
setupApiCalls,
} from "../api";
import { license, users } from "../constants";
import { login, requiresLicense } from "../helpers";
import { beforeCoderTest } from "../hooks";

test.beforeEach(async ({ page }) => {
beforeCoderTest(page);
});

type AdminSetting = (typeof adminSettings)[number];

const adminSettings = [
"Deployment",
"Organizations",
"Healthcheck",
"Audit Logs",
] as const;

async function hasAccessToAdminSettings(page: Page, settings: AdminSetting[]) {
// Organizations and Audit Logs both require a license to be visible
const visibleSettings = license
? settings
: settings.filter((it) => it !== "Organizations" && it !== "Audit Logs");
const adminSettingsButton = page.getByRole("button", {
name: "Admin settings",
});
if (visibleSettings.length < 1) {
await expect(adminSettingsButton).not.toBeVisible();
return;
}

await adminSettingsButton.click();

for (const name of visibleSettings) {
await expect(page.getByText(name, { exact: true })).toBeVisible();
}

const hiddenSettings = adminSettings.filter(
(it) => !visibleSettings.includes(it),
);
for (const name of hiddenSettings) {
await expect(page.getByText(name, { exact: true })).not.toBeVisible();
}
}

test.describe("roles admin settings access", () => {
test("member cannot see admin settings", async ({ page }) => {
await login(page, users.member);
await page.goto("/", { waitUntil: "domcontentloaded" });

// None, "Admin settings" button should not be visible
await hasAccessToAdminSettings(page, []);
});

test("template admin can see admin settings", async ({ page }) => {
await login(page, users.templateAdmin);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, ["Deployment", "Organizations"]);
});

test("user admin can see admin settings", async ({ page }) => {
await login(page, users.userAdmin);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, ["Deployment", "Organizations"]);
});

test("auditor can see admin settings", async ({ page }) => {
await login(page, users.auditor);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, [
"Deployment",
"Organizations",
"Audit Logs",
]);
});

test("admin can see admin settings", async ({ page }) => {
await login(page, users.admin);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, [
"Deployment",
"Organizations",
"Healthcheck",
"Audit Logs",
]);
});
});

test.describe("org-scoped roles admin settings access", () => {
requiresLicense();

test.beforeEach(async ({ page }) => {
await login(page);
await setupApiCalls(page);
});

test("org template admin can see admin settings", async ({ page }) => {
const org = await createOrganization();
const orgTemplateAdmin = await createOrganizationMember({
[org.id]: ["organization-template-admin"],
});

await login(page, orgTemplateAdmin);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, ["Organizations"]);
});

test("org user admin can see admin settings", async ({ page }) => {
const org = await createOrganization();
const orgUserAdmin = await createOrganizationMember({
[org.id]: ["organization-user-admin"],
});

await login(page, orgUserAdmin);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, ["Deployment", "Organizations"]);
});

test("org auditor can see admin settings", async ({ page }) => {
const org = await createOrganization();
const orgAuditor = await createOrganizationMember({
[org.id]: ["organization-auditor"],
});

await login(page, orgAuditor);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, ["Organizations", "Audit Logs"]);
});

test("org admin can see admin settings", async ({ page }) => {
const org = await createOrganization();
const orgAdmin = await createOrganizationMember({
[org.id]: ["organization-admin"],
});

await login(page, orgAdmin);
await page.goto("/", { waitUntil: "domcontentloaded" });

await hasAccessToAdminSettings(page, [
"Deployment",
"Organizations",
"Audit Logs",
]);
});
});
17 changes: 0 additions & 17 deletionssite/src/api/queries/organizations.ts
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -6,10 +6,8 @@ import type {
UpdateOrganizationRequest,
} from "api/typesGenerated";
import {
type AnyOrganizationPermissions,
type OrganizationPermissionName,
type OrganizationPermissions,
anyOrganizationPermissionChecks,
organizationPermissionChecks,
} from "modules/management/organizationPermissions";
import type { QueryClient } from "react-query";
Expand DownExpand Up@@ -266,21 +264,6 @@ export const organizationsPermissions = (
};
};

export const anyOrganizationPermissionsKey = [
"authorization",
"anyOrganization",
];

export const anyOrganizationPermissions = () => {
return {
queryKey: anyOrganizationPermissionsKey,
queryFn: () =>
API.checkAuthorization({
checks: anyOrganizationPermissionChecks,
}) as Promise<AnyOrganizationPermissions>,
};
};

export const getOrganizationIdpSyncClaimFieldValuesKey = (
organization: string,
field: string,
Expand Down
6 changes: 3 additions & 3 deletionssite/src/contexts/auth/AuthProvider.tsx
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -18,7 +18,7 @@ import {
useContext,
} from "react";
import { useMutation, useQuery, useQueryClient } from "react-query";
import { type Permissions,permissionsToCheck } from "./permissions";
import { type Permissions,permissionChecks } from "./permissions";

export type AuthContextValue = {
isLoading: boolean;
Expand DownExpand Up@@ -50,13 +50,13 @@ export const AuthProvider: FC<PropsWithChildren> = ({ children }) => {
const hasFirstUserQuery = useQuery(hasFirstUser(userMetadataState));

const permissionsQuery = useQuery({
...checkAuthorization({ checks:permissionsToCheck }),
...checkAuthorization({ checks:permissionChecks }),
enabled: userQuery.data !== undefined,
});

const queryClient = useQueryClient();
const loginMutation = useMutation(
login({ checks:permissionsToCheck }, queryClient),
login({ checks:permissionChecks }, queryClient),
);

const logoutMutation = useMutation(logout(queryClient));
Expand Down
Loading
Loading
[8]ページ先頭
©2009-2025 Movatter.jp