admin_role_test.rb 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264
  1. # Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. require 'browser_test_helper'
  3. class AdminRoleTest < TestCase
  4. def test_role_device
  5. @browser = browser_instance
  6. login(
  7. username: 'admin@example.com',
  8. password: 'test',
  9. url: browser_url,
  10. )
  11. tasks_close_all
  12. rand = SecureRandom.uuid
  13. login = "agent-role-#{rand}"
  14. firstname = "Role#{rand}"
  15. lastname = "Module#{rand}"
  16. email = "agent-role-#{rand}@example.com"
  17. password = 'agentpw'
  18. user_create(
  19. data: {
  20. login: login,
  21. firstname: firstname,
  22. lastname: lastname,
  23. email: email,
  24. password: password,
  25. },
  26. )
  27. name = "somerole#{rand}"
  28. role_create(
  29. data: {
  30. name: name,
  31. default_at_signup: false,
  32. permission: [
  33. 'admin.group',
  34. 'user_preferences.device',
  35. ],
  36. member: [login],
  37. }
  38. )
  39. logout
  40. # flanky
  41. login(
  42. username: email,
  43. password: password,
  44. url: browser_url,
  45. )
  46. tasks_close_all
  47. click(css: 'a[href="#current_user"]')
  48. click(css: 'a[href="#profile"]')
  49. match(
  50. css: '.content .NavBarProfile',
  51. value: 'Password',
  52. )
  53. match(
  54. css: '.content .NavBarProfile',
  55. value: 'Language',
  56. )
  57. match_not(
  58. css: '.content .NavBarProfile',
  59. value: 'Notifications',
  60. )
  61. match_not(
  62. css: '.content .NavBarProfile',
  63. value: 'Calendar',
  64. )
  65. match_not(
  66. css: '.content .NavBarProfile',
  67. value: 'Token Access',
  68. )
  69. match(
  70. css: '.content .NavBarProfile',
  71. value: 'Devices',
  72. )
  73. logout
  74. login(
  75. username: 'admin@example.com',
  76. password: 'test',
  77. url: browser_url,
  78. )
  79. role_edit(
  80. data: {
  81. name: name,
  82. active: false,
  83. }
  84. )
  85. logout
  86. login(
  87. username: email,
  88. password: password,
  89. url: browser_url,
  90. )
  91. tasks_close_all
  92. click(css: 'a[href="#current_user"]')
  93. click(css: 'a[href="#profile"]')
  94. match(
  95. css: '.content .NavBarProfile',
  96. value: 'Password',
  97. )
  98. match(
  99. css: '.content .NavBarProfile',
  100. value: 'Language',
  101. )
  102. match_not(
  103. css: '.content .NavBarProfile',
  104. value: 'Notifications',
  105. )
  106. match_not(
  107. css: '.content .NavBarProfile',
  108. value: 'Calendar',
  109. )
  110. match_not(
  111. css: '.content .NavBarProfile',
  112. value: 'Token Access',
  113. )
  114. match_not(
  115. css: '.content .NavBarProfile',
  116. value: 'Devices',
  117. )
  118. end
  119. def test_role_admin_user
  120. @browser = browser_instance
  121. login(
  122. username: 'agent1@example.com',
  123. password: 'test',
  124. url: browser_url,
  125. )
  126. # check if admin exists
  127. exists_not(css: '[href="#manage"]')
  128. logout
  129. # add admin.user to agent role
  130. login(
  131. username: 'admin@example.com',
  132. password: 'test',
  133. url: browser_url,
  134. )
  135. tasks_close_all
  136. role_edit(
  137. data: {
  138. name: 'Agent',
  139. active: true,
  140. permission: {
  141. 'admin.user' => true,
  142. 'chat.agent' => true,
  143. 'cti.agent' => true,
  144. 'ticket.agent' => true,
  145. 'user_preferences' => true,
  146. },
  147. }
  148. )
  149. logout
  150. # check if admin exists
  151. login(
  152. username: 'agent1@example.com',
  153. password: 'test',
  154. url: browser_url,
  155. )
  156. tasks_close_all
  157. # create user
  158. random = SecureRandom.uuid
  159. user_email = "admin.user.#{random}@example.com"
  160. user_create(
  161. data: {
  162. # login: "some login #{random}",
  163. firstname: "Admin.User Firstname #{random}",
  164. lastname: "Admin.User Lastname #{random}",
  165. email: user_email,
  166. password: 'some-pass',
  167. },
  168. )
  169. # create ticket for user
  170. ticket_create(
  171. data: {
  172. customer: user_email,
  173. group: 'Users',
  174. title: 'some changes',
  175. body: 'some body 123äöü - admin.user',
  176. },
  177. )
  178. # revoke admin.user
  179. logout
  180. login(
  181. username: 'admin@example.com',
  182. password: 'test',
  183. url: browser_url,
  184. )
  185. tasks_close_all
  186. role_edit(
  187. data: {
  188. name: 'Agent',
  189. active: true,
  190. permission: {
  191. 'admin.user' => false,
  192. 'chat.agent' => true,
  193. 'cti.agent' => true,
  194. 'ticket.agent' => true,
  195. 'user_preferences' => true,
  196. },
  197. }
  198. )
  199. logout
  200. login(
  201. username: 'agent1@example.com',
  202. password: 'test',
  203. url: browser_url,
  204. )
  205. # check if admin exists
  206. exists_not(css: '[href="#manage"]')
  207. end
  208. # regression test for issue #2332 - Role-Filter shows inactive Roles
  209. def test_inactive_roles_do_not_show_in_role_filter
  210. name = "some role #{SecureRandom.uuid}"
  211. @browser = browser_instance
  212. login(
  213. username: 'admin@example.com',
  214. password: 'test',
  215. url: browser_url,
  216. )
  217. tasks_close_all
  218. role_create(
  219. data: {
  220. name: name,
  221. permission: [
  222. 'admin.group',
  223. 'user_preferences.device',
  224. ],
  225. active: false
  226. }
  227. )
  228. click(
  229. css: '.content.active a[href="#manage/users"]',
  230. )
  231. # an inactive role should not appear in the role filter tabs
  232. match_not(
  233. css: '.content.active .userSearch',
  234. value: name,
  235. )
  236. end
  237. end