Skip to content

Commit 73c429c

Browse files
engcom-Foxtrotengcom-Foxtrot
committed
magento2-login-as-customer/issues/40: "Login into Magento Admin panel as user that does not have access to 'Login as customer' section in System Configuration" test added.
1 parent 3b313a5 commit 73c429c

6 files changed

+193
-0
lines changed

app/code/Magento/LoginAsCustomer/Test/Mftf/ActionGroup/AdminRevokeRoleResourceActionGroup.xml

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<!--
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
-->
8+
9+
<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
10+
xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
11+
<!-- Revoke access to resource from edit role page -->
12+
<actionGroup name="AdminRevokeRoleResourceActionGroup">
13+
<arguments>
14+
<argument name="resourceName" type="string"/>
15+
</arguments>
16+
<selectOption selector="{{AdminEditRoleResourcesSection.resourceAccess}}" userInput="0"
17+
stepKey="selectResourceAccessCustom"/>
18+
<waitForElementVisible selector="{{AdminEditRoleInfoSection.blockName(resourceName)}}"
19+
stepKey="waitForElementVisible"/>
20+
<scrollTo selector="{{AdminEditRoleInfoSection.blockName(resourceName)}}" x="0" y="-80" stepKey="scrollToContentBlock"/>
21+
<click selector="{{AdminEditRoleInfoSection.blockName(resourceName)}}" stepKey="clickContentBlockCheckbox"/>
22+
</actionGroup>
23+
</actionGroups>

app/code/Magento/LoginAsCustomer/Test/Mftf/ActionGroup/AssertAdminLoginAsCustomerConfigNotAvailableDirectlyActionGroup.xml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<!--
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
-->
8+
9+
<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
10+
xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
11+
<!-- Verify Login As Customer config section is not available by direct url -->
12+
<actionGroup name="AssertAdminLoginAsCustomerConfigNotAvailableDirectlyActionGroup">
13+
<amOnPage url="{{AdminLoginAsCustomerConfigPage.url}}" stepKey="navigateToLoginAsCustomerConfigSection"/>
14+
<waitForPageLoad stepKey="waitForPageLoad"/>
15+
<seeInCurrentUrl url="admin/system_config/index" stepKey="seeRedirectToConfigIndexPage"/>
16+
<dontSee userInput="Login As Customer" stepKey="dontSeeLoginAsCustomer"/>
17+
</actionGroup>
18+
</actionGroups>

app/code/Magento/LoginAsCustomer/Test/Mftf/ActionGroup/AssertAdminLoginAsCustomerConfigNotVisibleActionGroup.xml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<!--
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
-->
8+
9+
<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
10+
xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
11+
<!-- Verify no Login As Customer config section available -->
12+
<actionGroup name="AssertAdminLoginAsCustomerConfigNotVisibleActionGroup">
13+
<!-- TODO: update -->
14+
<dontSee userInput="Login As Customer" stepKey="dontSeeLoginAsCustomerItem"/>
15+
</actionGroup>
16+
</actionGroups>

app/code/Magento/LoginAsCustomer/Test/Mftf/Data/UserRoleData.xml

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<!--
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
-->
8+
9+
<entities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
10+
xsi:noNamespaceSchemaLocation="urn:magento:mftf:DataGenerator/etc/dataProfileSchema.xsd">
11+
<!--This Role has access for all resources individually -->
12+
<entity name="customRoleAllResources" type="user_role">
13+
<data key="name" unique="suffix">allAccessRole</data>
14+
<data key="rolename">allAccessRole</data>
15+
<data key="current_password">{{_ENV.MAGENTO_ADMIN_PASSWORD}}</data>
16+
<data key="resourceAccess">Custom</data>
17+
<data key="resource">
18+
[
19+
'Magento_Backend::dashboard',
20+
'Magento_Analytics::analytics',
21+
'Magento_Sales::sales',
22+
'Magento_Catalog::catalog',
23+
'Magento_Customer::customer',
24+
'Magento_Cart::cart',
25+
'Magento_Backend::myaccount',
26+
'Magento_Backend::marketing',
27+
'Magento_Backend::content',
28+
'Magento_Reports::report',
29+
'Magento_Backend::stores',
30+
'Magento_Backend::system',
31+
'Magento_Backend::global_search',
32+
]
33+
</data>
34+
</entity>
35+
</entities>

app/code/Magento/LoginAsCustomer/Test/Mftf/Page/AdminCustomerConfigPage.xml

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
<?xml version="1.0" encoding="utf-8"?>
2+
<!--
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
-->
8+
<pages xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/PageObject.xsd">
9+
<page name="AdminLoginAsCustomerConfigPage" url="admin/system_config/edit/section/mfloginascustomer" area="admin" module="Magento_LoginAsCustomer">
10+
</page>
11+
</pages>

app/code/Magento/LoginAsCustomer/Test/Mftf/Test/AdminNoAccessToLoginAsCustomerConfigurationTest.xml

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<!--
3+
/**
4+
* Copyright © Magento, Inc. All rights reserved.
5+
* See COPYING.txt for license details.
6+
*/
7+
-->
8+
9+
<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
10+
xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
11+
<test name="AdminNoAccessToLoginAsCustomerConfigurationTest">
12+
<annotations>
13+
<features value="Login As Customer"/>
14+
<stories value="Permissions and ACl"/>
15+
<title value="User does not have access to 'Login as customer' section in System Configuration"/>
16+
<description
17+
value="Login into Magento Admin panel as user that does not have access to 'Login as customer' section in System Configuration"/>
18+
<severity value="CRITICAL"/>
19+
<group value="login_as_customer"/>
20+
</annotations>
21+
<before>
22+
<magentoCLI command="config:set {{LoginAsCustomerConfigDataEnabled.path}} 1"
23+
stepKey="enableLoginAsCustomer"/>
24+
<magentoCLI command="cache:flush config" stepKey="flushCacheBeforeTestRun"/>
25+
<createData entity="_defaultCategory" stepKey="createCategory"/>
26+
<createData entity="SimpleProduct" stepKey="createSimpleProduct">
27+
<requiredEntity createDataKey="createCategory"/>
28+
</createData>
29+
<createData entity="Simple_US_Customer" stepKey="createCustomer"/>
30+
<actionGroup ref="LoginAsAdmin" stepKey="loginAsDefaultAdminUserBefore"/>
31+
32+
<!--Create New Role-->
33+
<actionGroup ref="AdminOpenCreateRolePageActionGroup" stepKey="goToNewRolePage"/>
34+
<actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillNewRoleForm">
35+
<argument name="role" value="customRoleAllResources"/>
36+
</actionGroup>
37+
<actionGroup ref="AdminRevokeRoleResourceActionGroup" stepKey="revokeLoginAsCustomerAccess">
38+
<argument name="resourceName" value="Login As Customer Section"/>
39+
</actionGroup>
40+
<actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveNewRole"/>
41+
42+
<!--Create New User-->
43+
<actionGroup ref="AdminCreateUserWithApiRoleActionGroup" stepKey="adminCreateUser">
44+
<argument name="user" value="NewAdminUser"/>
45+
<argument name="role" value="customRoleAllResources"/>
46+
</actionGroup>
47+
</before>
48+
<after>
49+
<deleteData createDataKey="createCustomer" stepKey="deleteCustomer"/>
50+
<deleteData createDataKey="createCategory" stepKey="deleteCategory"/>
51+
<deleteData createDataKey="createSimpleProduct" stepKey="deleteProduct"/>
52+
53+
<!--Delete new User-->
54+
<actionGroup ref="AdminLogoutActionGroup" stepKey="logoutAsSaleRoleUser"/>
55+
<actionGroup ref="LoginAsAdmin" stepKey="loginAsDefaultAdminUserAfter"/>
56+
<actionGroup ref="AdminDeleteCustomUserActionGroup" stepKey="deleteNewUser">
57+
<argument name="user" value="NewAdminUser"/>
58+
</actionGroup>
59+
60+
<!--Delete new Role-->
61+
<actionGroup ref="AdminDeleteUserRoleActionGroup" stepKey="deleteCustomRoleAllResources">
62+
<argument name="roleName" value="{{customRoleAllResources.rolename}}"/>
63+
</actionGroup>
64+
<actionGroup ref="AdminLogoutActionGroup" stepKey="logOut"/>
65+
66+
<magentoCLI command="config:set {{LoginAsCustomerConfigDataEnabled.path}} 0"
67+
stepKey="disableLoginAsCustomer"/>
68+
<magentoCLI command="cache:flush config" stepKey="flushCacheAfterTestRun"/>
69+
</after>
70+
71+
<!-- Login as new User -->
72+
<actionGroup ref="AdminLogoutActionGroup" stepKey="logOutFromAdminPanel"/>
73+
<actionGroup ref="LoginAsAdmin" stepKey="loginAsSaleRoleUser">
74+
<argument name="adminUser" value="NewAdminUser"/>
75+
</actionGroup>
76+
77+
<!-- Navigate to Configuration page and open Customers tab -->
78+
<actionGroup ref="AdminOpenStoreConfigPageActionGroup" stepKey="openStoreConfig"/>
79+
<actionGroup ref="AdminExpandConfigTabActionGroup" stepKey="expandCustomersTab">
80+
<argument name="tabName" value="Customers"/>
81+
</actionGroup>
82+
83+
<!-- Assert no Login As Customer config section visible -->
84+
<actionGroup ref="AssertAdminLoginAsCustomerConfigNotVisibleActionGroup" stepKey="assertConfigNotVisible"/>
85+
86+
<!-- Assert Login As Customer config section is not available by direct url -->
87+
<actionGroup ref="AssertAdminLoginAsCustomerConfigNotAvailableDirectlyActionGroup"
88+
stepKey="assertConfigNotAvailableDirectly"/>
89+
</test>
90+
</tests>

0 commit comments

Comments
 (0)