This is an automated email from the ASF dual-hosted git repository.
zehnder pushed a commit to branch 3944-improve-permission-handling
in repository https://gitbox.apache.org/repos/asf/streampipes.git
The following commit(s) were added to
refs/heads/3944-improve-permission-handling by this push:
new 5d9efa0649 refactor(#3944): Remove user groups in reset management
5d9efa0649 is described below
commit 5d9efa06498cd20fea752251ca7647ab7cffbd0f
Author: Philipp Zehnder <[email protected]>
AuthorDate: Wed Nov 19 16:16:33 2025 +0100
refactor(#3944): Remove user groups in reset management
---
.../streampipes/rest/impl/ResetResource.java | 9 ++
ui/cypress/support/utils/UserUtils.ts | 25 ++-
ui/cypress/support/utils/user/UserBtns.ts | 16 +-
.../userManagement/testGroupManagement.spec.ts | 13 +-
.../userManagement/testUserRoleConnect.spec.ts | 167 +++++++++++----------
.../edit-user-dialog.component.html | 1 +
.../security-user-config.component.html | 4 +-
7 files changed, 133 insertions(+), 102 deletions(-)
diff --git
a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/ResetResource.java
b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/ResetResource.java
index 4596dbb7b3..bf89dc7778 100644
---
a/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/ResetResource.java
+++
b/streampipes-rest/src/main/java/org/apache/streampipes/rest/impl/ResetResource.java
@@ -43,6 +43,8 @@ public class ResetResource extends
AbstractAuthGuardedRestResource {
public ResponseEntity<SuccessMessage> reset() {
ResetManagement.reset(getAuthenticatedUsername());
var userStorage = getUserStorage();
+
+
// Delete all users other than current user (admin) and their resources
var allUsers = new ArrayList<Principal>(userStorage.getAllUsers());
for (var user : allUsers) {
@@ -52,6 +54,13 @@ public class ResetResource extends
AbstractAuthGuardedRestResource {
userStorage.deleteUser(user.getPrincipalId());
}
}
+
+ // Delete all user Groups
+ var allUserGroups = getNoSqlStorage().getUserGroupStorage().findAll();
+ for (var group : allUserGroups) {
+
getNoSqlStorage().getUserGroupStorage().deleteElementById(group.getElementId());
+ }
+
var message = Notifications.success("Reset of system successfully
performed");
return ok(message);
}
diff --git a/ui/cypress/support/utils/UserUtils.ts
b/ui/cypress/support/utils/UserUtils.ts
index e5557d0ad1..249a2e6322 100644
--- a/ui/cypress/support/utils/UserUtils.ts
+++ b/ui/cypress/support/utils/UserUtils.ts
@@ -20,6 +20,7 @@ import { User } from '../model/User';
import { UserBuilder } from '../builder/UserBuilder';
import { UserRole } from '../../../src/app/_enums/user-role.enum';
import { UserBtns } from './user/UserBtns';
+import { ConfigurationBtns } from './configuration/ConfigurationBtns';
export class UserUtils {
public static adminUser =
UserBuilder.create('[email protected]')
@@ -76,7 +77,7 @@ export class UserUtils {
0,
);
- UserBtns.editUserBtn(user.email);
+ UserBtns.editUserBtn(user.name);
UserBtns.userRoleCheckbox(role).click();
@@ -117,4 +118,26 @@ export class UserUtils {
UserBtns.deleteUserBtn(user.name).click();
UserBtns.confirmDeleteBtn().click();
}
+
+ public static createGroup(name: string, ...roles: UserRole[]) {
+ this.goToUserConfiguration();
+
+ ConfigurationBtns.newUserGroupBtn().click();
+ ConfigurationBtns.inputGroupName(name);
+ roles.forEach(role => {
+ cy.get(`input[value="${role}"]`).check();
+ });
+ UserBtns.saveEditUserBtn().click();
+ }
+
+ public static addGroupToUser(groupName: string, name: string) {
+ this.goToUserConfiguration();
+ UserBtns.editUserBtn(name);
+
+ cy.dataCy('group-' + groupName)
+ .children()
+ .click();
+
+ UserBtns.saveEditUserBtn().click();
+ }
}
diff --git a/ui/cypress/support/utils/user/UserBtns.ts
b/ui/cypress/support/utils/user/UserBtns.ts
index 6aa8c87052..0f75a04eec 100644
--- a/ui/cypress/support/utils/user/UserBtns.ts
+++ b/ui/cypress/support/utils/user/UserBtns.ts
@@ -17,22 +17,18 @@
*/
export class UserBtns {
- public static editUserBtn(username) {
- cy.get('[data-cy="security-user-config"]')
- .find('tr')
- .contains('b', username)
- .closest('tr')
- .within(() => {
- cy.get('[data-cy="user-edit-btn"]')
- .should('be.visible')
- .click();
- });
+ public static editUserBtn(name: string) {
+ cy.dataCy(`user-edit-${name}`).click();
}
public static userRoleCheckbox(role) {
return cy.dataCy('role-' + role).children();
}
+ public static groupCheckbox(group: string) {
+ return cy.dataCy('group-' + group).children();
+ }
+
public static saveEditUserBtn() {
return cy.dataCy('sp-element-edit-user-save');
}
diff --git a/ui/cypress/tests/userManagement/testGroupManagement.spec.ts
b/ui/cypress/tests/userManagement/testGroupManagement.spec.ts
index 97a2302daa..07bdd5daca 100644
--- a/ui/cypress/tests/userManagement/testGroupManagement.spec.ts
+++ b/ui/cypress/tests/userManagement/testGroupManagement.spec.ts
@@ -85,16 +85,9 @@ describe('Test Group Management for Pipelines', () => {
3,
);
- // Add new user group with pipeline admin role
- ConfigurationBtns.newUserGroupBtn().click();
- ConfigurationBtns.inputGroupName('User_Group');
- cy.get('input[value="ROLE_PIPELINE_ADMIN"]').check();
- UserBtns.saveEditUserBtn().click();
-
- // Add first user to group
- UserBtns.firstEditUserBtn().click();
- cy.get('input[type="checkbox"]').eq(0).check();
- UserBtns.saveEditUserBtn().click();
+ UserUtils.createGroup('User_Group', UserRole.ROLE_PIPELINE_ADMIN);
+
+ UserUtils.addGroupToUser('User_Group', user.name);
// Add user group to pipeline
PipelineUtils.goToPipelines();
diff --git a/ui/cypress/tests/userManagement/testUserRoleConnect.spec.ts
b/ui/cypress/tests/userManagement/testUserRoleConnect.spec.ts
index 9d9c37a179..dd0d008f49 100644
--- a/ui/cypress/tests/userManagement/testUserRoleConnect.spec.ts
+++ b/ui/cypress/tests/userManagement/testUserRoleConnect.spec.ts
@@ -42,86 +42,93 @@ describe('Test User Roles for Connect', () => {
);
});
- // it('Adapter is not shared with other users', () => {
- // // set up
- // UserUtils.switchUser(user1);
- // ConnectUtils.addMachineDataSimulator(adapterName);
- //
- // // check admin
- // UserUtils.switchUser(UserUtils.adminUser);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanChangePermissions(adapterName);
- //
- // // check other users
- // UserUtils.switchUser(user2);
- // ConnectUtils.checkAmountOfAdapters(0);
- // });
- //
- //
- // it('Make adapter public', () => {
- // // set up
- // UserUtils.switchUser(user1);
- // ConnectUtils.addMachineDataSimulator(adapterName);
- // PermissionUtils.markElementAsPublic(adapterName);
- //
- // // check admin
- // UserUtils.switchUser(UserUtils.adminUser);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanChangePermissions(adapterName);
- //
- // // check other users
- // UserUtils.switchUser(user2);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanNotChangePermissions(adapterName);
- // });
- //
- // it('Share adapter with other user and change ownership', () => {
- // const user3 = UserUtils.createUser(
- // 'user3',
- // UserRole.ROLE_CONNECT_ADMIN,
- // UserRole.ROLE_PIPELINE_ADMIN,
- // );
- //
- // // set up
- // UserUtils.switchUser(user1);
- // ConnectUtils.addMachineDataSimulator(adapterName);
- // PermissionUtils.authorizeUser(adapterName, user2.email);
- //
- // // check admin
- // UserUtils.switchUser(UserUtils.adminUser);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanChangePermissions(adapterName);
- //
- // // check authorized user
- // UserUtils.switchUser(user2);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanNotChangePermissions(adapterName);
- //
- // UserUtils.switchUser(user3);
- // ConnectUtils.checkAmountOfAdapters(0);
- //
- // // change ownership to user3
- // UserUtils.switchUser(user1);
- // ConnectUtils.goToConnect();
- // PermissionUtils.changeOwnership(adapterName, user3.email);
- // ConnectUtils.checkAmountOfAdapters(0);
- //
- // UserUtils.switchUser(UserUtils.adminUser);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanChangePermissions(adapterName);
- //
- // // check authorized user
- // UserUtils.switchUser(user2);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanNotChangePermissions(adapterName);
- //
- // // validate that user3 is owner now
- // UserUtils.switchUser(user3);
- // validateAdapterIsVisible();
- // PermissionUtils.validateUserCanChangePermissions(adapterName);
- // });
-
- it('Adapter is shared with group', () => {
+ it('Adapter is not shared with other users', () => {
+ // set up
+ UserUtils.switchUser(user1);
+ ConnectUtils.addMachineDataSimulator(adapterName);
+
+ // check admin
+ UserUtils.switchUser(UserUtils.adminUser);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanChangePermissions(adapterName);
+
+ // check other users
+ UserUtils.switchUser(user2);
+ ConnectUtils.checkAmountOfAdapters(0);
+ });
+
+ it('Make adapter public', () => {
+ // set up
+ UserUtils.switchUser(user1);
+ ConnectUtils.addMachineDataSimulator(adapterName);
+ PermissionUtils.markElementAsPublic(adapterName);
+
+ // check admin
+ UserUtils.switchUser(UserUtils.adminUser);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanChangePermissions(adapterName);
+
+ // check other users
+ UserUtils.switchUser(user2);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanNotChangePermissions(adapterName);
+ });
+
+ it('Share adapter with other user and change ownership', () => {
+ const user3 = UserUtils.createUser(
+ 'user3',
+ UserRole.ROLE_CONNECT_ADMIN,
+ UserRole.ROLE_PIPELINE_ADMIN,
+ );
+
+ // set up
+ UserUtils.switchUser(user1);
+ ConnectUtils.addMachineDataSimulator(adapterName);
+ PermissionUtils.authorizeUser(adapterName, user2.email);
+
+ // check admin
+ UserUtils.switchUser(UserUtils.adminUser);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanChangePermissions(adapterName);
+
+ // check authorized user
+ UserUtils.switchUser(user2);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanNotChangePermissions(adapterName);
+
+ UserUtils.switchUser(user3);
+ ConnectUtils.checkAmountOfAdapters(0);
+
+ // change ownership to user3
+ UserUtils.switchUser(user1);
+ ConnectUtils.goToConnect();
+ PermissionUtils.changeOwnership(adapterName, user3.email);
+ ConnectUtils.checkAmountOfAdapters(0);
+
+ UserUtils.switchUser(UserUtils.adminUser);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanChangePermissions(adapterName);
+
+ // check authorized user
+ UserUtils.switchUser(user2);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanNotChangePermissions(adapterName);
+
+ // validate that user3 is owner now
+ UserUtils.switchUser(user3);
+ validateAdapterIsVisible();
+ PermissionUtils.validateUserCanChangePermissions(adapterName);
+ });
+
+ it('Adapter is shared with group for user 2', () => {
+ // Add group with connect admin rights
+ UserUtils.createGroup(
+ 'connect_admin_group',
+ UserRole.ROLE_CONNECT_ADMIN,
+ );
+ UserUtils.addGroupToUser('connect_admin_group', user2.name);
+ // Add group to user2
+
// set up
UserUtils.switchUser(user1);
ConnectUtils.addMachineDataSimulator(adapterName);
diff --git
a/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
b/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
index 3809333f0c..b1bfc9d312 100644
---
a/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
+++
b/ui/src/app/configuration/security-configuration/edit-user-dialog/edit-user-dialog.component.html
@@ -157,6 +157,7 @@
[value]="group.groupId"
[checked]="user.groups.indexOf(group.groupId) > -1"
(change)="changeGroupAssignment($event)"
+ [attr.data-cy]="'group-' + group.groupName"
>
{{ group.groupName }}
</mat-checkbox>
diff --git
a/ui/src/app/configuration/security-configuration/security-user-configuration/security-user-config.component.html
b/ui/src/app/configuration/security-configuration/security-user-configuration/security-user-config.component.html
index 7ddef77d55..a429801b3f 100644
---
a/ui/src/app/configuration/security-configuration/security-user-configuration/security-user-config.component.html
+++
b/ui/src/app/configuration/security-configuration/security-user-configuration/security-user-config.component.html
@@ -104,7 +104,9 @@
class="mat-basic"
[matTooltip]="'Edit user' | translate"
matTooltipPosition="above"
- [attr.data-cy]="'user-edit-btn'"
+ [attr.data-cy]="
+ 'user-edit-' + account.fullName
+ "
(click)="editUser(account)"
>
<i class="material-icons">edit</i>
