diff --git a/app/components/header.hbs b/app/components/header.hbs index ccf0a2f9afc..1f0097bc72d 100644 --- a/app/components/header.hbs +++ b/app/components/header.hbs @@ -22,7 +22,7 @@ {{#if this.session.isSudoEnabled}} -
🧙
+
🧙
{{/if}} {{ this.session.currentUser.name }} @@ -35,12 +35,12 @@ {{#if this.session.isAdmin}} {{#if this.session.isSudoEnabled}} - {{else}} - {{/if}} diff --git a/app/components/privileged-action.hbs b/app/components/privileged-action.hbs index 6ae2746c1f2..11fc46c85eb 100644 --- a/app/components/privileged-action.hbs +++ b/app/components/privileged-action.hbs @@ -9,7 +9,7 @@ {{else}}
-
+
{{yield}}
diff --git a/tests/acceptance/sudo-test.js b/tests/acceptance/sudo-test.js new file mode 100644 index 00000000000..428069a1bfa --- /dev/null +++ b/tests/acceptance/sudo-test.js @@ -0,0 +1,113 @@ +import { click, find, waitFor } from '@ember/test-helpers'; +import { module, test } from 'qunit'; + +import format from 'date-fns/format'; + +import { setupApplicationTest } from 'crates-io/tests/helpers'; + +import { visit } from '../helpers/visit-ignoring-abort'; + +module('Acceptance | sudo', function (hooks) { + setupApplicationTest(hooks); + + function prepare(context, isAdmin) { + const user = context.server.create('user', { + login: 'johnnydee', + name: 'John Doe', + email: 'john@doe.com', + avatar: 'https://avatars2.githubusercontent.com/u/1234567?v=4', + isAdmin, + }); + + const crate = context.server.create('crate', { + name: 'foo', + newest_version: '0.1.0', + }); + + const version = context.server.create('version', { + crate, + num: '0.1.0', + }); + + context.authenticateAs(user); + return { user, crate, version }; + } + + test('non-admin users do not see any controls', async function (assert) { + prepare(this, false); + + await visit('/crates/foo/versions'); + + // Test the various header elements. + assert.dom('[data-test-wizard-hat]').doesNotExist(); + assert.dom('[data-test-disable-admin-actions]').doesNotExist(); + assert.dom('[data-test-enable-admin-actions]').doesNotExist(); + + // Assert that there's no yank button, disabled, enabled, or in any state. + assert.dom('[data-test-version-yank-button="0.1.0"]').doesNotExist(); + }); + + test('admin user is not initially in sudo mode', async function (assert) { + prepare(this, true); + + await visit('/crates/foo/versions'); + + // Test the various header elements. + assert.dom('[data-test-wizard-hat]').doesNotExist(); + assert.dom('[data-test-disable-admin-actions]').doesNotExist(); + assert.dom('[data-test-enable-admin-actions]').exists(); + + // Test that the fieldset is present and disabled. + assert.dom('[data-test-placeholder-fieldset]').exists().isDisabled(); + + // From the perspective of the actual button, it isn't disabled, even though + // the fieldset effectively makes it unclickable. + assert.dom('[data-test-version-yank-button="0.1.0"]').exists(); + }); + + test('admin user can enter sudo mode', async function (assert) { + prepare(this, true); + + await visit('/crates/foo/versions'); + + const untilAbout = Date.now() + 6 * 60 * 60 * 1000; + await click('[data-test-enable-admin-actions]'); + + // Test the various header elements. + assert.dom('[data-test-wizard-hat]').exists(); + assert.dom('[data-test-disable-admin-actions]').exists(); + assert.dom('[data-test-enable-admin-actions]').doesNotExist(); + + // Test that the expiry time is sensible. We'll allow a minute either way in + // case of slow tests or slightly wonky clocks. + const disable = find('[data-test-disable-admin-actions] > div'); + let seen = 0; + for (const ts of [untilAbout - 60 * 1000, untilAbout, untilAbout + 60 * 1000]) { + const time = format(new Date(ts), 'HH:mm'); + if (disable.textContent.includes(time)) { + seen += 1; + } + } + assert.strictEqual(seen, 1); + + // Test that the fieldset is not present. + assert.dom('[data-test-placeholder-fieldset]').doesNotExist(); + assert.dom('[data-test-version-yank-button="0.1.0"]').exists(); + }); + + test('admin can yank a crate in sudo mode', async function (assert) { + prepare(this, true); + + await visit('/crates/foo/versions'); + await click('[data-test-enable-admin-actions]'); + + await click('[data-test-version-yank-button="0.1.0"]'); + + await waitFor('[data-test-version-unyank-button="0.1.0"]'); + assert.dom('[data-test-version-unyank-button="0.1.0"]').exists(); + await click('[data-test-version-unyank-button="0.1.0"]'); + + await waitFor('[data-test-version-yank-button="0.1.0"]'); + assert.dom('[data-test-version-yank-button="0.1.0"]').exists(); + }); +});