From 8d28d69250a0eadaf6081fbb9e751eab49c3f1de Mon Sep 17 00:00:00 2001 From: Angel Garbarino Date: Fri, 8 Dec 2023 10:11:26 -0700 Subject: [PATCH] test coverage --- .../backend/kv/kv-v2-workflow-create-test.js | 20 +++++++++++++ .../backend/kv/kv-v2-workflow-delete-test.js | 29 +++++++++++++++++++ ui/tests/helpers/kv/kv-selectors.js | 2 ++ ui/tests/helpers/policy-generator/kv.js | 19 ++++++++++++ 4 files changed, 70 insertions(+) diff --git a/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-create-test.js b/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-create-test.js index a807da07ce04..4bc158567ec3 100644 --- a/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-create-test.js +++ b/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-create-test.js @@ -998,6 +998,26 @@ module('Acceptance | kv-v2 workflow | secret and version create', function (hook }); }); + module('secret-nested-creator persona', function (hooks) { + hooks.beforeEach(async function () { + const token = await runCmd( + tokenWithPolicyCmd('secret-nested-creator', personas.secretNestedCreator(this.backend)) + ); + await authPage.login(token); + clearRecords(this.store); + return; + }); + test('can create a secret from the nested list view (snc)', async function (assert) { + assert.expect(1); + // go to nested secret directory list view + await visit(`/vault/secrets/${this.backend}/kv/list/app/`); + // correct popup menu items appear on list view + const popupSelector = `${PAGE.list.item('first')} ${PAGE.popup}`; + await click(popupSelector); + assert.dom(PAGE.list.listMenuCreate).exists('shows the option to create new version'); + }); + }); + module('enterprise controlled access persona', function (hooks) { hooks.beforeEach(async function () { this.controlGroup = this.owner.lookup('service:control-group'); diff --git a/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-delete-test.js b/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-delete-test.js index 9b42364d18f7..2c226389884b 100644 --- a/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-delete-test.js +++ b/ui/tests/acceptance/secrets/backend/kv/kv-v2-workflow-delete-test.js @@ -35,9 +35,11 @@ module('Acceptance | kv-v2 workflow | delete, undelete, destroy', function (hook this.store = this.owner.lookup('service:store'); this.backend = `kv-delete-${uuidv4()}`; this.secretPath = 'bad-secret'; + this.nestedSecretPath = 'app/nested/bad-secret'; await authPage.login(); await runCmd(mountEngineCmd('kv-v2', this.backend), false); await writeVersionedSecret(this.backend, this.secretPath, 'foo', 'bar', 4); + await writeVersionedSecret(this.backend, this.nestedSecretPath, 'foo', 'bar', 1); await writeVersionedSecret(this.backend, 'nuke', 'foo', 'bar', 2); // Delete latest version for testing undelete for users that can't delete await runCmd(deleteLatestCmd(this.backend, 'nuke')); @@ -348,6 +350,33 @@ module('Acceptance | kv-v2 workflow | delete, undelete, destroy', function (hook }); }); + module('secret-nested-creator persona', function (hooks) { + hooks.beforeEach(async function () { + const token = await runCmd( + tokenWithPolicyCmd('secret-nested-creator', personas.secretNestedCreator(this.backend)) + ); + await authPage.login(token); + clearRecords(this.store); + return; + }); + test('can delete all secret versions from the nested list view (snc)', async function (assert) { + assert.expect(1); + // go to nested secret directory list view + await visit(`/vault/secrets/${this.backend}/kv/list/app/nested`); + // correct popup menu items appear on list view + const popupSelector = `${PAGE.list.item('bad-secret')} ${PAGE.popup}`; + await click(popupSelector); + assert.dom(PAGE.list.listMenuDelete).exists('shows the option to permanently delete'); + }); + test('can not delete all secret versions from root list view (snc)', async function (assert) { + assert.expect(1); + // go to root secret directory list view + await visit(`/vault/secrets/${this.backend}/kv/list`); + // shows overview card and not list view + assert.dom(PAGE.list.overviewCard).exists('renders overview card'); + }); + }); + module('secret-creator persona', function (hooks) { hooks.beforeEach(async function () { const token = await runCmd(tokenWithPolicyCmd('secret-creator', personas.secretCreator(this.backend))); diff --git a/ui/tests/helpers/kv/kv-selectors.js b/ui/tests/helpers/kv/kv-selectors.js index 8728af7bf4c0..11aad70e97fb 100644 --- a/ui/tests/helpers/kv/kv-selectors.js +++ b/ui/tests/helpers/kv/kv-selectors.js @@ -58,6 +58,8 @@ export const PAGE = { createSecret: '[data-test-toolbar-create-secret]', item: (secret) => (!secret ? '[data-test-list-item]' : `[data-test-list-item="${secret}"]`), filter: `[data-test-kv-list-filter]`, + listMenuDelete: `[data-test-popup-metadata-delete]`, + listMenuCreate: `[data-test-popup-create-new-version]`, overviewCard: '[data-test-overview-card-container="View secret"]', overviewInput: '[data-test-view-secret] input', overviewButton: '[data-test-get-secret-detail]', diff --git a/ui/tests/helpers/policy-generator/kv.js b/ui/tests/helpers/policy-generator/kv.js index 7794e0493d03..27848c1ead0e 100644 --- a/ui/tests/helpers/policy-generator/kv.js +++ b/ui/tests/helpers/policy-generator/kv.js @@ -25,6 +25,14 @@ export const dataPolicy = ({ backend, secretPath = '*', capabilities = root }) = `; }; +export const dataNestedPolicy = ({ backend, secretPath = '*', capabilities = root }) => { + return ` + path "${backend}/data/app/${secretPath}" { + capabilities = [${format(capabilities)}] + } + `; +}; + export const metadataPolicy = ({ backend, secretPath = '*', capabilities = root }) => { // "delete" capability on this path can destroy all versions return ` @@ -34,6 +42,14 @@ export const metadataPolicy = ({ backend, secretPath = '*', capabilities = root `; }; +export const metadataNestedPolicy = ({ backend, secretPath = '*', capabilities = root }) => { + return ` + path "${backend}/metadata/app/${secretPath}" { + capabilities = [${format(capabilities)}] + } + `; +}; + export const metadataListPolicy = (backend) => { return ` path "${backend}/metadata" { @@ -76,6 +92,9 @@ export const personas = { deleteVersionsPolicy({ backend }) + undeleteVersionsPolicy({ backend }) + destroyVersionsPolicy({ backend }), + secretNestedCreator: (backend) => + dataNestedPolicy({ backend, capabilities: ['create', 'update'] }) + + metadataNestedPolicy({ backend, capabilities: ['list', 'delete'] }), secretCreator: (backend) => dataPolicy({ backend, capabilities: ['create', 'update'] }) + metadataPolicy({ backend, capabilities: ['delete'] }),