test: enable flow folder reassing test for non-owner
This commit is contained in:
Jakub P
@@ -3,4 +3,9 @@ POSTGRES_USER=automatisch_user
|
||||
POSTGRES_PASSWORD=automatisch_password
|
||||
POSTGRES_PORT=5432
|
||||
POSTGRES_HOST=localhost
|
||||
BACKEND_APP_URL=http://localhost:3000
|
||||
BACKEND_APP_URL=http://localhost:3000
|
||||
LOGIN_EMAIL=user@automatisch.io
|
||||
LOGIN_PASSWORD=sample
|
||||
ENCRYPTION_KEY=sample_encryption_key
|
||||
WEBHOOK_SECRET_KEY=sample_webhook_secret_key
|
||||
LICENSE_KEY=dummy_license_key
|
||||
@@ -2,7 +2,7 @@ const { expect } = require('../fixtures/index');
|
||||
|
||||
export const addFolder = async (apiRequest, token, folderName) => {
|
||||
const addFolderResponse = await apiRequest.post(
|
||||
`${process.env.BACKEND_APP_URL}/api/v1/folders`,
|
||||
`${process.env.BACKEND_APP_URL}/internal/api/v1/folders`,
|
||||
{
|
||||
headers: { Authorization: token },
|
||||
data: { name: folderName },
|
||||
|
||||
@@ -389,9 +389,91 @@ test.describe('Folders', () => {
|
||||
});
|
||||
});
|
||||
|
||||
test.skip('non-owner should not reassing folder of different user', async ({
|
||||
test('non-owner should not reassign folder of different user', async ({
|
||||
page,
|
||||
flowsPage,
|
||||
adminCreateUserPage,
|
||||
}) => {
|
||||
// TODO feature is wip https://github.com/automatisch/automatisch/pull/2420
|
||||
const folderMoveToDialog = new MoveFolderDialog(page);
|
||||
const apiRequest = await request.newContext();
|
||||
const tokenJsonResponse = await getToken(apiRequest);
|
||||
let userTokenJsonResponse;
|
||||
let flowId;
|
||||
|
||||
await test.step('add another user', async () => {
|
||||
adminCreateUserPage.seed(
|
||||
Math.ceil(Math.random() * Number.MAX_SAFE_INTEGER)
|
||||
);
|
||||
const testUser = adminCreateUserPage.generateUser();
|
||||
|
||||
const addUserResponse = await addUser(
|
||||
apiRequest,
|
||||
tokenJsonResponse.data.token,
|
||||
{
|
||||
fullName: testUser.fullName,
|
||||
email: testUser.email,
|
||||
}
|
||||
);
|
||||
|
||||
const acceptToken =
|
||||
addUserResponse.data.acceptInvitationUrl.split('=')[1];
|
||||
await acceptInvitation(apiRequest, {
|
||||
token: acceptToken,
|
||||
password: 'alamakota',
|
||||
});
|
||||
userTokenJsonResponse = await getToken(
|
||||
apiRequest,
|
||||
testUser.email,
|
||||
'alamakota'
|
||||
);
|
||||
});
|
||||
|
||||
await test.step('add folder as an another user', async () => {
|
||||
await addFolder(
|
||||
apiRequest,
|
||||
userTokenJsonResponse.data.token,
|
||||
'anotherUserFolder'
|
||||
);
|
||||
});
|
||||
|
||||
await test.step('add flow as an another user', async () => {
|
||||
const flow = await createFlow(
|
||||
apiRequest,
|
||||
userTokenJsonResponse.data.token
|
||||
);
|
||||
flowId = flow.data.id;
|
||||
await updateFlowName(
|
||||
apiRequest,
|
||||
userTokenJsonResponse.data.token,
|
||||
flowId
|
||||
);
|
||||
await page.reload();
|
||||
});
|
||||
|
||||
await test.step("should not be able to move another user's flow", async () => {
|
||||
await flowsPage.allFlowsFolder.click();
|
||||
await flowsPage.searchInput.fill(flowId);
|
||||
await expect(
|
||||
flowsPage.flowRow.filter({
|
||||
hasText: flowId,
|
||||
})
|
||||
).toHaveCount(1);
|
||||
|
||||
await flowsPage.flowRow
|
||||
.filter({
|
||||
hasText: flowId,
|
||||
})
|
||||
.getByRole('button')
|
||||
.click();
|
||||
await flowsPage.moveTo.click();
|
||||
|
||||
await expect(
|
||||
page.getByText(
|
||||
'A flow can only be moved to a folder by the flow owner.'
|
||||
)
|
||||
).toHaveCount(1);
|
||||
|
||||
await expect(folderMoveToDialog.moveButton).toBeDisabled();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user