-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Read-only tenant mode tests (opensearch-project#792)
* feat: introduces read-only tenant mode tests Signed-off-by: Kajetan Nobel <k.nobel@routegroup.pl> * feat: move loadSampleData to before Signed-off-by: Kajetan Nobel <k.nobel@routegroup.pl> * fix: add data to correct tenant, fix for version 2.9.0 Signed-off-by: Kajetan Nobel <k.nobel@routegroup.pl> * feat: retest and improve switching tenant Signed-off-by: Kajetan Nobel <kajetan.nobel@eliatra.com> --------- Signed-off-by: Kajetan Nobel <k.nobel@routegroup.pl> Signed-off-by: Kajetan Nobel <kajetan.nobel@eliatra.com> (cherry picked from commit 941f2de)
- Loading branch information
1 parent
dd0986a
commit 9db0c1f
Showing
3 changed files
with
156 additions
and
0 deletions.
There are no files selected for viewing
95 changes: 95 additions & 0 deletions
95
cypress/integration/plugins/security-dashboards-plugin/readonly.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,95 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
import roleWithoutTestJson from '../../../fixtures/plugins/security-dashboards-plugin/roles/roleWithoutTest'; | ||
import { BASE_PATH } from '../../../utils/base_constants'; | ||
import { ADMIN_AUTH, CURRENT_TENANT } from '../../../utils/commands'; | ||
import { switchTenantTo } from './switch_tenant'; | ||
|
||
const TEST_CONFIG = { | ||
role: { | ||
name: 'test_readonly_role', | ||
json: Object.assign({}, roleWithoutTestJson, { | ||
tenant_permissions: [ | ||
{ | ||
tenant_patterns: ['test_readonly_tenant'], | ||
allowed_actions: ['kibana_all_read'], | ||
}, | ||
], | ||
}), | ||
}, | ||
tenant: { | ||
name: 'test_readonly_tenant', | ||
description: 'Testing read-only tenant mode', | ||
}, | ||
user: { | ||
username: 'test_readonly_user', | ||
password: 'testUserPassword123', | ||
}, | ||
}; | ||
|
||
if (Cypress.env('SECURITY_ENABLED')) { | ||
describe('Read Only mode', () => { | ||
before(() => { | ||
cy.server(); | ||
|
||
cy.createTenant(TEST_CONFIG.tenant.name, { | ||
description: TEST_CONFIG.tenant.description, | ||
}); | ||
|
||
cy.createInternalUser(TEST_CONFIG.user.username, { | ||
password: TEST_CONFIG.user.password, | ||
}); | ||
|
||
cy.createRole(TEST_CONFIG.role.name, TEST_CONFIG.role.json); | ||
|
||
cy.createRoleMapping(TEST_CONFIG.role.name, { | ||
users: [ADMIN_AUTH.username, TEST_CONFIG.user.username], | ||
}); | ||
|
||
/* Add sample data to testing tenant */ | ||
CURRENT_TENANT.newTenant = TEST_CONFIG.tenant.name; | ||
cy.visit(BASE_PATH, { | ||
onBeforeLoad(window) { | ||
window.sessionStorage.setItem( | ||
'opendistro::security::tenant::show_popup', | ||
false | ||
); | ||
window.localStorage.setItem( | ||
'opendistro::security::tenant::saved', | ||
`"${TEST_CONFIG.tenant.name}"` | ||
); | ||
window.localStorage.setItem('home:newThemeModal:show', false); | ||
}, | ||
}); | ||
cy.waitForLoader(); | ||
switchTenantTo(TEST_CONFIG.tenant.name); | ||
cy.loadSampleData('logs'); | ||
}); | ||
|
||
it('should be able to modify the dashboard as admin', () => { | ||
cy.visit(BASE_PATH); | ||
cy.waitForLoader(); | ||
|
||
cy.visitDashboard('[Logs] Web Traffic'); | ||
|
||
cy.getElementByTestId('dashboardClone').should('exist'); | ||
cy.getElementByTestId('dashboardEditMode').should('exist'); | ||
}); | ||
|
||
it('should not be able to modify the dashboard when is performing as a custom readonly tenant', () => { | ||
ADMIN_AUTH.newUser = TEST_CONFIG.user.username; | ||
ADMIN_AUTH.newPassword = TEST_CONFIG.user.password; | ||
|
||
cy.visit(BASE_PATH); | ||
cy.waitForLoader(); | ||
|
||
cy.visitDashboard('[Logs] Web Traffic'); | ||
|
||
cy.getElementByTestId('dashboardClone').should('not.exist'); | ||
cy.getElementByTestId('dashboardEditMode').should('not.exist'); | ||
}); | ||
}); | ||
} |
52 changes: 52 additions & 0 deletions
52
cypress/integration/plugins/security-dashboards-plugin/switch_tenant.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
/* | ||
* Copyright OpenSearch Contributors | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
export function switchTenantTo(newTenant) { | ||
cy.getElementByTestId('account-popover').click(); | ||
cy.intercept({ | ||
method: 'GET', | ||
url: '/api/v1/auth/dashboardsinfo', | ||
}).as('waitForDashboardsInfo'); | ||
|
||
cy.intercept({ | ||
method: 'GET', | ||
url: '/api/v1/configuration/account', | ||
}).as('waitForAccountInfo'); | ||
|
||
cy.getElementByTestId('switch-tenants').click(); | ||
|
||
if (['global', 'private'].includes(newTenant)) { | ||
cy.get('[id="' + newTenant + '"][name="tenantSwitchRadios"]').should( | ||
'be.enabled' | ||
); | ||
cy.get('.euiRadio__label[for="' + newTenant + '"]').click(); | ||
} else { | ||
cy.get('[id="custom"][name="tenantSwitchRadios"]').should('be.enabled'); | ||
|
||
cy.getElementByTestId('tenant-switch-modal') | ||
.find('[data-test-subj="comboBoxInput"]') | ||
.click(); | ||
|
||
// typo in data-test-subj | ||
cy.getElementByTestId('comboBoxOptionsList ') | ||
.find(`[title="${newTenant}"]`) | ||
.click(); | ||
} | ||
|
||
cy.intercept({ | ||
method: 'POST', | ||
url: '/api/v1/multitenancy/tenant', | ||
}).as('waitForUpdatingTenants'); | ||
cy.getElementByTestId('tenant-switch-modal') | ||
.find('[data-test-subj="confirm"]') | ||
.click(); | ||
|
||
cy.wait('@waitForUpdatingTenants'); | ||
|
||
// Make sure dashboards has really reloaded. | ||
// @waitForReloadAfterTenantSwitch should be triggered twice | ||
cy.wait('@waitForDashboardsInfo'); | ||
cy.wait('@waitForDashboardsInfo'); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters