ENH Run Behat test with less than ADMIN permissions

silverstripe · Sep 6, 2022 · 0f32e3e · 0f32e3e
1 parent c5a01ba
commit 0f32e3e
Show file tree

Hide file tree

Showing 7 changed files with 50 additions and 25 deletions.
diff --git a/tests/behat/features/gridfield-navigation.feature b/tests/behat/features/gridfield-navigation.feature
@@ -18,7 +18,8 @@ Feature: Search in GridField
       And the "Company" "Cisco" with "Category"="Other"
       And the "Company" "Bouygues" with "Category"="Other" 
       And the "Company" "Insurance" with "Category"="Other"
-      And I am logged in with "ADMIN" permissions
+      And the "group" "EDITOR" has permissions "Access to 'Pages' section" and "Access to 'GridField Test Navigation' section" and "COMPANY_EDIT"
+      And I am logged in as a member of "EDITOR" group
 
   Scenario: I can navigate back through the GridField items by using the "previous record" button
     When I go to "/admin/gridfield-test-navigation"

diff --git a/tests/behat/features/gridfield-search.feature b/tests/behat/features/gridfield-search.feature
@@ -7,7 +7,8 @@ Feature: Search in GridField
     Given the "Company" "Walmart" with "Category"="Retail"
     And the "Company" "ExxonMobil" with "Category"="Oil"
     And the "Company" "Vitol" with "Category"="Other" 
-    And I am logged in with "ADMIN" permissions
+    And the "group" "EDITOR" has permissions "Access to 'GridField Test Navigation' section" and "COMPANY_EDIT"
+    And I am logged in as a member of "EDITOR" group
     And I go to "/admin/test"
 
   Scenario: I can search and go to item

diff --git a/tests/behat/features/login.feature b/tests/behat/features/login.feature
@@ -4,12 +4,15 @@ Feature: Log in
   I want to access to the CMS to be secure
   So that only my team can make content changes
 
+  Background:
+    Given the "group" "EDITOR group" has permissions "Access to 'Pages' section"
+
   Scenario: Bad login
     Given I log in with "bad@example.com" and "badpassword"
     Then I should see "The provided details don't seem to be correct"
 
   Scenario: Valid login
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     When I go to "/admin/"
     Then I should see the CMS
 
@@ -19,15 +22,15 @@ Feature: Log in
     And I should see a log-in form
 
   Scenario: Logout without token
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     When I go to "/Security/logout"
     Then I should see a log-out form
     When I press the "Log out" button
     And I go to "/admin/"
     Then I should see a log-in form
 
   Scenario: Log in as someone else
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     When I go to "/Security/login"
     Then the response should contain "Log in as someone else"
 

diff --git a/tests/behat/features/manage-groups.feature b/tests/behat/features/manage-groups.feature
@@ -7,6 +7,8 @@ Feature: Manage groups
   Background:
     Given a "group" "BOB group"
     And a "group" "Jane group" with permissions "View draft content"
+    And the "group" "GROUPS_EDITOR" has permissions "CMS_ACCESS_SecurityAdmin" and "EDITPERMISSIONS"
+    And the "group" "MEMEBERS_EDITOR" has permissions "CMS_ACCESS_SecurityAdmin" and "APPLY_ROLES"
     And the "page" "My page"
     And I am logged in with "ADMIN" permissions
     And I go to "/admin/security"
@@ -31,17 +33,31 @@ Feature: Manage groups
     And I fill in "Group name" with ""
     And I press the "Create" button
     Then I should see "Validation Error"
+
+  Scenario: Members of a group with permissions 
+    Given I go to "/Security/login"
+    And I press the "Log in as someone else" button
+    And I am logged in as a member of "BOB" group
+    When I go to "/my-page?stage=Stage"
+    Then I should not see "My page"
+
+  Scenario: Members of a group with permissions cannot view draft content
+    Given I go to "/Security/login"
+    And I press the "Log in as someone else" button
+    And I am logged in as a member of "BOB" group
+    When I go to "/my-page?stage=Stage"
+    Then I should not see "My page"
 
   Scenario: Members of a group without permissions cannot view draft content
     Given I go to "/Security/login"
     And I press the "Log in as someone else" button
-    And I am logged in with "BOB" permissions
+    And I am logged in as a member of "BOB" group
     When I go to "/my-page?stage=Stage"
     Then I should not see "My page"
 
   Scenario: Members of a group with relevant permissions can view draft content
     Given I go to "/Security/login"
     And I press the "Log in as someone else" button
-    And I am logged in with "Jane" permissions
+    And I am logged in as a member of "Jane" group
     When I go to "/my-page?stage=Stage"
     Then I should see "My page"
diff --git a/tests/behat/features/multitab-validation.feature b/tests/behat/features/multitab-validation.feature
@@ -6,9 +6,10 @@ Feature: Multi-tab page validation icons
   Background:
     Given a "multi tab page" "My MultiTab Page"
     And a "single tab page" "My SingleTab Page"
+    And the "group" "EDITOR" has permissions "Access to 'Pages' section"
 
   Scenario: I can see tab validation icons on multi-tab pages
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     And I go to "/admin/pages"
     And I should see "My MultiTab Page" in the tree
     And I click on "My MultiTab Page" in the tree
@@ -46,7 +47,7 @@ Feature: Multi-tab page validation icons
     Then I should not see an invalid tab icon on the "Fourth" tab
 
   Scenario: Tab validation icons dont appear on pages with a single tab
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     And I go to "/admin/pages"
     And I should see "My SingleTab Page" in the tree
     And I click on "My SingleTab Page" in the tree

diff --git a/tests/behat/features/notfound.feature b/tests/behat/features/notfound.feature
@@ -3,10 +3,11 @@ Feature: Not found
   I want error messages to be displayed in the context of the admin section
 
   Background:
-    Given I am logged in with "ADMIN" permissions
+    Given the "group" "EDITOR" has permissions "CMS_ACCESS_LeftAndMain"
 
   Scenario: Errors are displayed in the admin context
-    Given I go to "/admin/nothing"
+    Given I am logged in as a member of "EDITOR" group
+    And I go to "/admin/nothing"
     Then I should see "Not Found"
     And I should see "Sorry, it seems you were trying to access a section or object that doesn't exist."
     And I should see the admin menu
@@ -28,7 +29,8 @@ Feature: Not found
     And I should see the admin menu
 
   Scenario: Valid routes do not display the error
-    Given I go to "/admin/settings"
+    Given I am logged in with "ADMIN" permissions
+    And I go to "/admin/settings"
     Then I should not see "Not Found"
     And I should not see "Sorry, it seems you were trying to access a section or object that doesn't exist."
     And I should see the admin menu

diff --git a/tests/behat/features/reauthenticate.feature b/tests/behat/features/reauthenticate.feature
@@ -5,25 +5,26 @@ Feature: Reauthenticate
   So that I can avoid losing unsaved work
 
   Background:
-    And I am logged in with "ADMIN" permissions
-    And I go to "/admin/security"
-    And I am not in an iframe
-    And I click the "Users" CMS tab
-    And my session expires
+    Given the "group" "EDITOR" has permissions "Access to 'Pages' section"
+      And I am logged in as a member of "EDITOR" group
+      And I go to "/admin/pages"
+      And I am not in an iframe
+      And I wait for 3 seconds
+      And my session expires
 
   Scenario: Reauthenticate with correct login
-    When I press the "Add Member" button
+    When I press the "Add new" button
       And I switch to the "login-dialog-iframe" iframe
     Then I should see a "Let me back in" button
     When I fill in "Password" with "Secret!123"
       And I press the "Let me back in" button
       And I am not in an iframe
-      And I go to "/admin/security"
-    When I press the "Add Member" button
-    Then I should see "Create" in the "#Form_ItemEditForm_action_doSave" element
+      And I go to "/admin/pages"
+    When I press the "Add new" button
+    Then I should see "Create" in the "#Form_AddForm_action_doAdd" element
 
   Scenario: Reauthenticate with wrong login
-    When I press the "Add Member" button
+    When I press the "Add new" button
       And I switch to the "login-dialog-iframe" iframe
     Then I should see a "Let me back in" button
     When I fill in "Password" with "wrong password"
@@ -32,6 +33,6 @@ Feature: Reauthenticate
     When I fill in "Password" with "Secret!123"
       And I press the "Let me back in" button
       And I am not in an iframe
-      And I go to "/admin/security"
-    When I press the "Add Member" button
-    Then I should see "Create" in the "#Form_ItemEditForm_action_doSave" element
+      And I go to "/admin/pages"
+    When I press the "Add new" button
+    Then I should see "Create" in the "#Form_AddForm_action_doAdd" element