github.com/minio/console@v1.4.1/web-app/tests/permissions-6/resourceTesting.ts (about) 1 // This file is part of MinIO Console Server 2 // Copyright (c) 2022 MinIO, Inc. 3 // 4 // This program is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU Affero General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // This program is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU Affero General Public License for more details. 13 // 14 // You should have received a copy of the GNU Affero General Public License 15 // along with this program. If not, see <http://www.gnu.org/licenses/>. 16 17 import * as roles from "../utils/roles"; 18 import { Selector } from "testcafe"; 19 import * as functions from "../utils/functions"; 20 import { 21 cleanUpNamedBucketAndUploads, 22 namedTestBucketBrowseButtonFor, 23 } from "../utils/functions"; 24 25 fixture("Test resources policy").page("http://localhost:9090/"); 26 27 const bucket1 = "testcondition"; 28 const bucket3 = "my-company"; 29 const test1BucketBrowseButton = namedTestBucketBrowseButtonFor(bucket1); 30 const test3BucketBrowseButton = namedTestBucketBrowseButtonFor(bucket3); 31 export const file = Selector(".ReactVirtualized__Table__rowColumn").withText( 32 "test.txt", 33 ); 34 export const deniedError = 35 Selector(".messageTruncation").withText("Access Denied."); 36 37 test 38 .before(async (t) => { 39 await functions.setUpNamedBucket(t, bucket1); 40 await functions.uploadNamedObjectToBucket( 41 t, 42 bucket1, 43 "test.txt", 44 "web-app/tests/uploads/test.txt", 45 ); 46 await functions.uploadNamedObjectToBucket( 47 t, 48 bucket1, 49 "firstlevel/test.txt", 50 "web-app/tests/uploads/test.txt", 51 ); 52 await functions.uploadNamedObjectToBucket( 53 t, 54 bucket1, 55 "firstlevel/secondlevel/test.txt", 56 "web-app/tests/uploads/test.txt", 57 ); 58 await functions.uploadNamedObjectToBucket( 59 t, 60 bucket1, 61 "firstlevel/secondlevel/thirdlevel/test.txt", 62 "web-app/tests/uploads/test.txt", 63 ); 64 })( 65 "User can only see permitted files in last path as expected", 66 async (t) => { 67 await t 68 .useRole(roles.conditions2) 69 .navigateTo(`http://localhost:9090/browser`) 70 .click(test1BucketBrowseButton) 71 .wait(1500) 72 .click( 73 Selector(".ReactVirtualized__Table__rowColumn").withText( 74 "firstlevel", 75 ), 76 ) 77 .wait(1500) 78 .expect(file.exists) 79 .notOk() 80 .wait(1500) 81 .click( 82 Selector(".ReactVirtualized__Table__rowColumn").withText( 83 "secondlevel", 84 ), 85 ) 86 .wait(1500) 87 .expect(file.exists) 88 .notOk(); 89 }, 90 ) 91 .after(async (t) => { 92 await functions.cleanUpNamedBucketAndUploads(t, bucket1); 93 }); 94 95 test 96 .before(async (t) => { 97 await functions.setUpNamedBucket(t, bucket1); 98 await functions.uploadNamedObjectToBucket( 99 t, 100 bucket1, 101 "test.txt", 102 "web-app/tests/uploads/test.txt", 103 ); 104 await functions.uploadNamedObjectToBucket( 105 t, 106 bucket1, 107 "firstlevel/test.txt", 108 "web-app/tests/uploads/test.txt", 109 ); 110 await functions.uploadNamedObjectToBucket( 111 t, 112 bucket1, 113 "firstlevel/secondlevel/test.txt", 114 "web-app/tests/uploads/test.txt", 115 ); 116 await functions.uploadNamedObjectToBucket( 117 t, 118 bucket1, 119 "firstlevel/secondlevel/thirdlevel/test.txt", 120 "web-app/tests/uploads/test.txt", 121 ); 122 })("User can browse from first level as policy has wildcard", async (t) => { 123 await t 124 .useRole(roles.conditions1) 125 .navigateTo(`http://localhost:9090/browser`) 126 .click(test1BucketBrowseButton) 127 .wait(1500) 128 .click( 129 Selector(".ReactVirtualized__Table__rowColumn").withText("firstlevel"), 130 ) 131 .wait(1500) 132 .expect(file.exists) 133 .ok() 134 .wait(1500) 135 .click( 136 Selector(".ReactVirtualized__Table__rowColumn").withText("secondlevel"), 137 ) 138 .wait(1500) 139 .expect(file.exists) 140 .ok() 141 .wait(1500) 142 .click( 143 Selector(".ReactVirtualized__Table__rowColumn").withText("thirdlevel"), 144 ) 145 .wait(1500) 146 .expect(file.exists) 147 .ok(); 148 }) 149 .after(async (t) => { 150 await functions.cleanUpNamedBucketAndUploads(t, bucket1); 151 }); 152 153 test 154 .before(async (t) => { 155 await functions.setUpNamedBucket(t, bucket3); 156 await functions.uploadNamedObjectToBucket( 157 t, 158 bucket3, 159 "test.txt", 160 "web-app/tests/uploads/test.txt", 161 ); 162 await functions.uploadNamedObjectToBucket( 163 t, 164 bucket3, 165 "home/UserY/test.txt", 166 "web-app/tests/uploads/test.txt", 167 ); 168 await functions.uploadNamedObjectToBucket( 169 t, 170 bucket3, 171 "home/UserX/test.txt", 172 "web-app/tests/uploads/test.txt", 173 ); 174 await functions.uploadNamedObjectToBucket( 175 t, 176 bucket3, 177 "home/User/test.txt", 178 "web-app/tests/uploads/test.txt", 179 ); 180 await functions.uploadNamedObjectToBucket( 181 t, 182 bucket3, 183 "home/User/secondlevel/thirdlevel/test.txt", 184 "web-app/tests/uploads/test.txt", 185 ); 186 })("User can browse from sub levels as policy has wildcard", async (t) => { 187 await t 188 .useRole(roles.conditions3) 189 .navigateTo(`http://localhost:9090/browser`) 190 .click(test3BucketBrowseButton) 191 .wait(1500) 192 .click(Selector(".ReactVirtualized__Table__rowColumn").withText("home")) 193 .wait(1500) 194 .click(Selector(".ReactVirtualized__Table__rowColumn").withText("User")) 195 .wait(1500) 196 .expect(file.exists) 197 .ok() 198 .click( 199 Selector(".ReactVirtualized__Table__rowColumn").withText("secondlevel"), 200 ) 201 .wait(1500) 202 .click( 203 Selector(".ReactVirtualized__Table__rowColumn").withText("thirdlevel"), 204 ) 205 .wait(1500) 206 .expect(file.exists) 207 .ok() 208 .navigateTo(`http://localhost:9090/browser`) 209 .click(test3BucketBrowseButton) 210 .wait(1500) 211 .click(Selector(".ReactVirtualized__Table__rowColumn").withText("home")) 212 .wait(1500) 213 .click(Selector(".ReactVirtualized__Table__rowColumn").withText("UserX")) 214 .expect(deniedError.exists) 215 .ok(); 216 }) 217 .after(async (t) => { 218 await functions.cleanUpNamedBucketAndUploads(t, bucket3); 219 });