Cypress org admin (#823)

e2e/cypress.config.ts

@@ -14,10 +14,10 @@ export default defineConfig({
       './cypress/tests/01-*/*.ts',
       './cypress/tests/02-*/*.ts',
       './cypress/tests/06-*/*.ts',
+      './cypress/tests/07-*/*.ts',
       './cypress/tests/03-*/*.ts',
       './cypress/tests/04-*/*.ts',
       './cypress/tests/05-*/*.ts',
-      './cypress/tests/07-*/*.ts',
       './cypress/tests/08-*/*.ts',
       './cypress/tests/09-*/*.ts',
       './cypress/tests/10-*/*.ts',
@@ -57,6 +57,7 @@ export default defineConfig({
       KONG_CONFIG_URL: 'http://kong.localtest.me:8001',
       BASE_URL: 'http://oauth2proxy.localtest.me:4180',
       KEYCLOAK_URL: 'http://keycloak.localtest.me:9080',
+      WEBAPP_URL: 'http://html-sample-app.localtest.me:4242'
     },
     retries: {
       runMode: 2,

e2e/cypress/fixtures/api.json

@@ -22,7 +22,7 @@
         {
           "member": {
             "id": "janis@idir",
-            "email":"janis@testmail.com"
+            "email": "janis@testmail.com"
           },
           "roles": ["organization-admin"]
         }
@@ -164,33 +164,69 @@
       "clientAuthenticator": "client-secret",
       "mode": "auto",
       "environmentDetails": [
-          {
-              "environment": "test",
-              "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master",
-              "clientRegistration": "managed",
-              "clientId": "gwa-api",
-              "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742"
-          }
+        {
+          "environment": "test",
+          "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master",
+          "clientRegistration": "managed",
+          "clientId": "gwa-api",
+          "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742"
+        }
       ],
       "isShared": true
     },
     "shared_IDP_body": {
-      "name": "Sample Shared IdP",
+      "name": "Sample Shared IdP new",
       "description": "A Shared IdP for Teams to use",
       "flow": "client-credentials",
       "clientAuthenticator": "client-secret",
       "mode": "auto",
       "environmentDetails": [
-          {
-              "environment": "test",
-              "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master",
-              "clientRegistration": "managed",
-              "clientId": "gwa-api",
-              "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742"
-          }
+        {
+          "environment": "test",
+          "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master",
+          "clientRegistration": "managed",
+          "clientId": "gwa-api",
+          "clientSecret": "18900468-3db1-43f7-a8af-e75f079eb742"
+        }
       ],
       "isShared": true
     },
+    "shared_IDP_inheritFrom": {
+      "environmentDetails": [],
+      "mode": "auto",
+      "clientRoles": ["administrator"],
+      "clientMappers": ["test-audience"],
+      "flow": "client-credentials",
+      "clientAuthenticator": "client-secret",
+      "name": "my-auth-client-secret-1",
+      "description": "Auth connection to my IdP",
+      "owner": "janis@testmail.com",
+      "inheritFrom": "Sample Shared IdP new"
+    },
+    "shared_IDP_inheritFrom_expectedResponse": {
+      "name": "my-auth-client-secret-1",
+      "description": "Auth connection to my IdP",
+      "flow": "client-credentials",
+      "mode": "auto",
+      "clientAuthenticator": "client-secret",
+      "environmentDetails": [
+        {
+          "exists": true,
+          "environment": "test",
+          "issuerUrl": "http://keycloak.localtest.me:9080/auth/realms/master",
+          "clientRegistration": "shared-idp",
+          "clientId": "ap-my-auth-client-secret-1-test"
+        }
+      ],
+      "clientRoles": ["administrator"],
+      "clientMappers": ["test-audience"],
+      "isShared": false,
+      "apiKeyName": "X-API-KEY",
+      "inheritFrom": {
+        "name": "Sample Shared IdP"
+      },
+      "owner": "janis@testmail.com"
+    },
     "endPoint": "ds/api/v2/namespaces/apiplatform/issuers",
     "headers": {
       "accept": "application/json",

e2e/cypress/fixtures/apiowner.json

@@ -307,6 +307,64 @@
       "child" : "New namespaces must be reviewed by your Organization Administrator before you can publish APIs to the Directory. Your APIs are still in preview mode. For status inquiries, contact your Organization Administrator benny@test.com."
     }
   },
+  "orgAssignmentMultipleAdmin": {
+    "namespace": "orgassignment1",
+    "serviceName": "a-service-for-orgassignment1",
+    "Mark": {
+      "userName": "mark",
+      "email":"mark@gmail.com",
+      "accessRole": ["Access.Manage"]
+    },
+    "GroupAccess": {
+      "members": ["benny@test.com", "wendy@test.com"]
+    },
+
+    "product": {
+      "name": "Org Assignment Product",
+      "environment": {
+        "name": "dev",
+        "config": {
+          "terms": "Terms of Use for API Gateway",
+          "authorization": "Kong API Key with ACL Flow",
+          "optionalInstructions": "This is a automation test",
+          "serviceName": "a-service-for-orgassignment1"
+        }
+      }
+    },
+    "orgAdminNotification":{
+      "parent" : "Your Organization Administrator has been notified to enable API Publishing to the Directory for the orgassignment namespace.",
+      "child" : "New namespaces must be reviewed by your Organization Administrator before you can publish APIs to the Directory. Your APIs are still in preview mode. For status inquiries, contact your Organization Administrator benny@test.com."
+    }
+  },
+  "orgAssignmentOrgUnit": {
+    "namespace": "orgassign-unit",
+    "serviceName": "a-service-for-orgassign-unit",
+    "Mark": {
+      "userName": "mark",
+      "email":"mark@gmail.com",
+      "accessRole": ["Access.Manage"]
+    },
+    "GroupAccess": {
+      "members": ["benny@test.com"]
+    },
+
+    "product": {
+      "name": "Org Assignment Unit Product",
+      "environment": {
+        "name": "dev",
+        "config": {
+          "terms": "Terms of Use for API Gateway",
+          "authorization": "Kong API Key with ACL Flow",
+          "optionalInstructions": "This is a automation test",
+          "serviceName": "a-service-for-orgassign-unit"
+        }
+      }
+    },
+    "orgAdminNotification":{
+      "parent" : "Your Organization Administrator has been notified to enable API Publishing to the Directory for the orgassignment namespace.",
+      "child" : "New namespaces must be reviewed by your Organization Administrator before you can publish APIs to the Directory. Your APIs are still in preview mode. For status inquiries, contact your Organization Administrator benny@test.com."
+    }
+  },
   "checkPermission": {
     "namespace": "permission",
     "serviceAccount": {

e2e/cypress/fixtures/cors/kong-cors-plugin-config.json

@@ -0,0 +1,20 @@
+{
+  "createRoute": {
+    "paths": ["/"],
+    "service": {
+      "id": "57fae010-8435-4aad-8b86-8e2b9d37d2ef"
+    },
+    "methods": ["OPTIONS", "GET"]
+  },
+  "uploadCORSPlugin": {
+    "name": "cors",
+    "config": {
+      "origins": ["http://html-sample-app.localtest.me:4242"],
+      "methods": ["GET", "POST", "PUT", "DELETE"],
+      "headers": ["Authorization", "Content-Type","Access-Control-Allow-Origin","Access-Control-Allow-Methods","Host"],
+      "exposed_headers": ["Authorization", "Content-Type","Access-Control-Allow-Origin","Access-Control-Allow-Methods","Host"],
+      "credentials": false,
+      "max_age": 3600
+    }
+  }
+}

e2e/cypress/fixtures/developer.json

@@ -120,7 +120,19 @@
       },
       "product": {
         "name": "Client Credentials Test Product",
-        "environment": "sandbox"
+        "environment": "sandbox",
+        "authProfile" : "jwksUrl"
+      }
+    },
+    "jwksPublicKey": {
+      "application": {
+        "name": "JWKS Public Key App",
+        "description": "Application for JWKS Public Key flow."
+      },
+      "product": {
+        "name": "Client Credentials Test Product",
+        "environment": "sandbox",
+        "authProfile" : "jwksPublicKey"
       }
     }
   },

e2e/cypress/pageObjects/apiDirectory.ts

@@ -22,7 +22,7 @@ class ApiDirectoryPage {
   createAccessRequest(product: any, app: any, accessRqst: any, elevatedAccess?: boolean) {
     cy.contains('a', product.name, { timeout: 10000 }).should('be.visible');
     cy.contains(product.name).click()
-    if(elevatedAccess){
+    if (elevatedAccess) {
       cy.contains('For elevated access, please Request Access').should('be.visible');
     }
     cy.get(this.rqstAccessBtn).click()
@@ -36,10 +36,18 @@ class ApiDirectoryPage {
     })
 
     cy.get('body', { log: false }).then(($body) => {
-      if ($body.find(this.jwksUrlField).length > 0) {
+      if (product.authProfile != 'undefined' && product.authProfile == 'jwksUrl') {
+        cy.get('[data-testid="access-rqst-app-env-jwks-url"]').click()
         cy.get(this.jwksUrlField).click().type(Cypress.env('JWKS_URL'))
       }
+      else if (product.authProfile != 'undefined' && product.authProfile == 'jwksPublicKey') {
+        cy.readFile('cypress/fixtures/state/jwtReGenPublicKey_new.pub').then((publicKeyKey) => {
+          cy.get('[data-testid="access-rqst-app-env-public-key"]').click()
+          cy.get('[name="clientCertificate"]').invoke('val',publicKeyKey)
+        })
+      }
     })
+
     // cy.document().then((doc) => {
     //   if (doc.querySelector(this.jwksUrlField)) {
     //     cy.get(this.jwksUrlField).click().type(Cypress.env('JWKS_URL'))
@@ -58,7 +66,7 @@ class ApiDirectoryPage {
       Cypress.on('uncaught:exception', (err, runnable) => {
         cy.get(ele).click()
         return false
-    })
+      })
       assert.equal(flag, expResult)
     })
   }
@@ -81,7 +89,7 @@ class ApiDirectoryPage {
       if (productName === productconfig.name) {
         cy.get(`[data-testid^=discovery-item-${index}]`).find('li').find('span').each(($el) => {
           let envName = $el.text()
-          if (envName === productconfig.environment.name ) {
+          if (envName === productconfig.environment.name) {
             assert.isTrue(flag, "Environment displays")
           }
         })
@@ -100,16 +108,16 @@ class ApiDirectoryPage {
   checkOrgAdminNotificationBanner(notification: any) {
     cy.get('[data-testid="org-assignment-notification-parent"]').invoke('text').then((text) => {
       text = this.getPlainText(text)
-      assert.equal(text, notification.parent )
-      cy.contains('button','Learn More').click()
+      assert.equal(text, notification.parent)
+      cy.contains('button', 'Learn More').click()
       cy.get('[data-testid="org-assignment-notification-child"]').invoke('text').then((text) => {
         text = this.getPlainText(text)
-        assert.equal(text, notification.child )
+        assert.equal(text, notification.child)
       })
     })
   }
 
-  getPlainText(text :string): string{ 
+  getPlainText(text: string): string {
     return text.replace(/[\r\n]/g, '').replace(/\s+/g, " ")
   }
 }

e2e/cypress/pageObjects/keycloakGroup.ts

@@ -1,4 +1,5 @@
 class keycloakGroupPage {
+
   path: string = '/'
 
   groupTab: string = '[data-ng-controller="GroupTabCtrl"]'
@@ -17,6 +18,10 @@ class keycloakGroupPage {
     cy.get(this.addAttributeBtn).click()
     cy.contains('button','Save').click()
   }
+
+  navigateToUserGroups() {
+    cy.contains('Groups').click()
+  }
 }
 
 export default keycloakGroupPage

e2e/cypress/pageObjects/keycloakUsers.ts

@@ -0,0 +1,32 @@
+class keycloakUsersPage {
+
+  path: string = '/'
+
+  userNameTxt: string = '[placeholder="Search..."]'
+  userSearch: string = '[id="userSearch"]'
+  userTab: string = '[data-ng-controller="UserTabCtrl"]'
+
+  selectTab(tabName: string) {
+    cy.get(this.userTab).contains('a', tabName).click()
+  }
+
+  editUser(userName: string) {
+    cy.get(this.userNameTxt).type(userName)
+    cy.get(this.userSearch).click()
+    cy.wait(1000)
+    cy.contains('Edit').click()
+  }
+
+  setUserToOrganization(orgName: string) {
+    cy.contains(orgName).click()
+    cy.contains('Join').click()
+  }
+
+  resetAssociation() {
+    cy.get('[data-ng-click="membershipTree.selectNodeLabel(node)"]').click()
+    cy.contains('Leave').click({force:true})
+  }
+
+}
+
+export default keycloakUsersPage

e2e/cypress/pageObjects/namespaceAccess.ts

@@ -3,6 +3,7 @@ class NamespaceAccessPage {
   userNameInput: string = '[data-testid="nsa-gua-email-field"]'
   grantUserAccessBtn: string = '[data-testid="nsa-grant-access-btn"]'
   saveUserAccessBtn: string = '[data-testid="nsa-gua-share-btn"]'
+  organizationGroupAccessTab: string = '[data-testid="nsa-tab-og"]'
 
   grantPermission(accessRqst: any) {
     cy.wait(2000)
@@ -64,8 +65,7 @@ class NamespaceAccessPage {
     cy.get('[data-testid$="-edit-btn"]').filter(':visible').first().click()
   }
 
-  clearAllPermission()
-  {
+  clearAllPermission() {
     cy.contains("Permissions").next().find('li').find('label').each(($el, index, $list) => {
       // cy.wrap($el).find('input').uncheck({ force: true });
       cy.wrap($el).find('input')
@@ -76,7 +76,7 @@ class NamespaceAccessPage {
             .get('@checkbox')
             .uncheck({ force: true });
         })
-      })
+    })
   }
 
   path: string = '/manager/namespace-access'
@@ -86,6 +86,30 @@ class NamespaceAccessPage {
     cy.get('[data-testid="nsa-users-table-row-0-menu"]', { timeout: 5000 }).should('be.visible');
     cy.get(this.grantUserAccessBtn).first().click({ force: true })
   }
+
+  checkMembersForGroupAccess(members: any) {
+    let flag = false
+    cy.get('[role="table"]').should('be.visible').then(() => {
+      let textAccessUserName: string
+      cy.wait(2000)
+      let orgAdmins: Array<string> = members
+      orgAdmins.forEach(function (orgAdmin) {
+        cy.get('[role="table"]').find('tr').find('td:nth-child(2)').find('li').filter(':visible').each(($el) => {
+          textAccessUserName = $el.text()
+          if (textAccessUserName == orgAdmin) {
+            flag = true
+          }
+        }).then(() => {
+          assert.isTrue(flag)
+        })
+
+      })
+    })
+  }
+
+  clickOnOrganizationGroupAccess(){
+    cy.get(this.organizationGroupAccessTab).click({ force: true })
+  }
 }
 export default NamespaceAccessPage