chore: acl tests

astandrik · astandrik · commit e5d80e23522e · 2024-12-28T14:38:28.000+03:00
diff --git a/tests/suites/tenant/summary/ObjectSummary.ts b/tests/suites/tenant/summary/ObjectSummary.ts
@@ -18,6 +18,9 @@ export class ObjectSummary {
     private treeRows: Locator;
     private primaryKeys: Locator;
     private actionsMenu: ActionsMenu;
+    private aclWrapper: Locator;
+    private aclList: Locator;
+    private effectiveAclList: Locator;
 
     constructor(page: Page) {
         this.tree = page.locator('.ydb-object-summary__tree');
@@ -26,6 +29,49 @@ export class ObjectSummary {
         this.schemaViewer = page.locator('.schema-viewer');
         this.primaryKeys = page.locator('.schema-viewer__keys_type_primary');
         this.actionsMenu = new ActionsMenu(page.locator('.g-popup.g-popup_open'));
+        this.aclWrapper = page.locator('.ydb-acl');
+        this.aclList = this.aclWrapper.locator('dl.gc-definition-list').first();
+        this.effectiveAclList = this.aclWrapper.locator('dl.gc-definition-list').last();
+    }
+
+    async waitForAclVisible() {
+        await this.aclWrapper.waitFor({state: 'visible', timeout: VISIBILITY_TIMEOUT});
+        return true;
+    }
+
+    async getAccessRights(): Promise<{user: string; rights: string}[]> {
+        await this.waitForAclVisible();
+        const items = await this.aclList.locator('.gc-definition-list__item').all();
+        const result = [];
+
+        for (const item of items) {
+            const user =
+                (await item.locator('.gc-definition-list__term-wrapper span').textContent()) || '';
+            const definitionContent = await item.locator('.gc-definition-list__definition').first();
+            const rights = (await definitionContent.textContent()) || '';
+            result.push({user: user.trim(), rights: rights.trim()});
+        }
+
+        return result;
+    }
+
+    async getEffectiveAccessRights(): Promise<{group: string; permissions: string[]}[]> {
+        await this.waitForAclVisible();
+        const items = await this.effectiveAclList.locator('.gc-definition-list__item').all();
+        const result = [];
+
+        for (const item of items) {
+            const group =
+                (await item.locator('.gc-definition-list__term-wrapper span').textContent()) || '';
+            const definitionContent = await item.locator('.gc-definition-list__definition').first();
+            const permissionElements = await definitionContent.locator('span').all();
+            const permissions = await Promise.all(
+                permissionElements.map(async (el) => ((await el.textContent()) || '').trim()),
+            );
+            result.push({group: group.trim(), permissions});
+        }
+
+        return result;
     }
 
     async isTreeVisible() {
diff --git a/tests/suites/tenant/summary/objectSummary.test.ts b/tests/suites/tenant/summary/objectSummary.test.ts
@@ -160,4 +160,43 @@ test.describe('Object Summary', async () => {
         // Verify the column lists are different
         expect(vslotsColumns).not.toEqual(storagePoolsColumns);
     });
+
+    test.only('ACL tab shows correct access rights', async ({page}) => {
+        const pageQueryParams = {
+            schema: '/local/.sys_health',
+            database: '/local',
+            summaryTab: 'acl',
+            tenantPage: 'query',
+        };
+        const tenantPage = new TenantPage(page);
+        await tenantPage.goto(pageQueryParams);
+
+        const objectSummary = new ObjectSummary(page);
+        await objectSummary.waitForAclVisible();
+
+        // Check Access Rights
+        const accessRights = await objectSummary.getAccessRights();
+        expect(accessRights).toEqual([{user: 'root@builtin', rights: 'Owner'}]);
+
+        // Check Effective Access Rights
+        const effectiveRights = await objectSummary.getEffectiveAccessRights();
+        expect(effectiveRights).toEqual([
+            {group: 'USERS', permissions: ['ConnectDatabase']},
+            {group: 'METADATA-READERS', permissions: ['List']},
+            {group: 'DATA-READERS', permissions: ['SelectRow']},
+            {group: 'DATA-WRITERS', permissions: ['UpdateRow', 'EraseRow']},
+            {
+                group: 'DDL-ADMINS',
+                permissions: [
+                    'WriteAttributes',
+                    'CreateDirectory',
+                    'CreateTable',
+                    'RemoveSchema',
+                    'AlterSchema',
+                ],
+            },
+            {group: 'ACCESS-ADMINS', permissions: ['GrantAccessRights']},
+            {group: 'DATABASE-ADMINS', permissions: ['Manage']},
+        ]);
+    });
 });
