test: enable flow folder reassing test for non-owner

2025-05-03 23:53:55 +02:00
parent c5b2e6027f
commit 2ebe05e55a
3 changed files with 91 additions and 4 deletions
--- a/packages/e2e-tests/.env-example
+++ b/packages/e2e-tests/.env-example
@@ -3,4 +3,9 @@ POSTGRES_USER=automatisch_user
 POSTGRES_PASSWORD=automatisch_password
 POSTGRES_PORT=5432
 POSTGRES_HOST=localhost
-BACKEND_APP_URL=http://localhost:3000
+BACKEND_APP_URL=http://localhost:3000
 LOGIN_EMAIL=user@automatisch.io
 LOGIN_PASSWORD=sample
 ENCRYPTION_KEY=sample_encryption_key
 WEBHOOK_SECRET_KEY=sample_webhook_secret_key
 LICENSE_KEY=dummy_license_key
--- a/packages/e2e-tests/helpers/folder-api-helper.js
+++ b/packages/e2e-tests/helpers/folder-api-helper.js
@@ -2,7 +2,7 @@ const { expect } = require('../fixtures/index');
 export const addFolder = async (apiRequest, token, folderName) => {
  const addFolderResponse = await apiRequest.post(
-    `${process.env.BACKEND_APP_URL}/api/v1/folders`,
+    `${process.env.BACKEND_APP_URL}/internal/api/v1/folders`,
    {
      headers: { Authorization: token },
      data: { name: folderName },
--- a/packages/e2e-tests/tests/flow-folders/flow-folder.spec.js
+++ b/packages/e2e-tests/tests/flow-folders/flow-folder.spec.js
@@ -389,9 +389,91 @@ test.describe('Folders', () => {
    });
  });
-  test.skip('non-owner should not reassing folder of different user', async ({
+  test('non-owner should not reassign folder of different user', async ({
    page,
    flowsPage,
    adminCreateUserPage,
  }) => {
-    // TODO feature is wip https://github.com/automatisch/automatisch/pull/2420
+    const folderMoveToDialog = new MoveFolderDialog(page);
    const apiRequest = await request.newContext();
    const tokenJsonResponse = await getToken(apiRequest);
    let userTokenJsonResponse;
    let flowId;
    await test.step('add another user', async () => {
      adminCreateUserPage.seed(
        Math.ceil(Math.random() * Number.MAX_SAFE_INTEGER)
      );
      const testUser = adminCreateUserPage.generateUser();
      const addUserResponse = await addUser(
        apiRequest,
        tokenJsonResponse.data.token,
        {
          fullName: testUser.fullName,
          email: testUser.email,
        }
      );
      const acceptToken =
        addUserResponse.data.acceptInvitationUrl.split('=')[1];
      await acceptInvitation(apiRequest, {
        token: acceptToken,
        password: 'alamakota',
      });
      userTokenJsonResponse = await getToken(
        apiRequest,
        testUser.email,
        'alamakota'
      );
    });
    await test.step('add folder as an another user', async () => {
      await addFolder(
        apiRequest,
        userTokenJsonResponse.data.token,
        'anotherUserFolder'
      );
    });
    await test.step('add flow as an another user', async () => {
      const flow = await createFlow(
        apiRequest,
        userTokenJsonResponse.data.token
      );
      flowId = flow.data.id;
      await updateFlowName(
        apiRequest,
        userTokenJsonResponse.data.token,
        flowId
      );
      await page.reload();
    });
    await test.step("should not be able to move another user's flow", async () => {
      await flowsPage.allFlowsFolder.click();
      await flowsPage.searchInput.fill(flowId);
      await expect(
        flowsPage.flowRow.filter({
          hasText: flowId,
        })
      ).toHaveCount(1);
      await flowsPage.flowRow
        .filter({
          hasText: flowId,
        })
        .getByRole('button')
        .click();
      await flowsPage.moveTo.click();
      await expect(
        page.getByText(
          'A flow can only be moved to a folder by the flow owner.'
        )
      ).toHaveCount(1);
      await expect(folderMoveToDialog.moveButton).toBeDisabled();
    });
  });
 });