nextcloud · susnux · Nov 2, 2023 · Oct 26, 2023 · Oct 26, 2023 · Oct 26, 2023
@@ -1561,36 +1561,6 @@ trigger:
     - pull_request
     - push
 
----
-kind: pipeline
-name: acceptance-access-levels
-
-steps:
-- name: submodules
-  image: ghcr.io/nextcloud/continuous-integration-alpine-git:latest
-  commands:
-    - git submodule update --init
-- name: acceptance-access-levels
-  image: ghcr.io/nextcloud/continuous-integration-acceptance-php8.0:latest
-  commands:
-    - tests/acceptance/run-local.sh --timeout-multiplier 10 --nextcloud-server-domain acceptance-access-levels --selenium-server selenium:4444 allow-git-repository-modifications features/access-levels.feature
-
-services:
-- name: selenium
-  image: ghcr.io/nextcloud/continuous-integration-selenium:3.141.59
-  environment:
-    # Reduce default log level for Selenium server (INFO) as it is too
-    # verbose.
-    JAVA_OPTS: -Dselenium.LOGGER.level=WARNING
-
-trigger:
-  branch:
-    - master
-    - stable*
-  event:
-    - pull_request
-    - push
-
 ---
 kind: pipeline
 name: acceptance-header

@@ -0,0 +1,118 @@
+/**
+ * @copyright Copyright (c) 2023 Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @author Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import { User } from '@nextcloud/cypress'
+import { clearState, getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils'
+
+const admin = new User('admin', 'admin')
+
+describe('Header: Ensure regular users do not have admin settings in the Settings menu', { testIsolation: true }, () => {
+	beforeEach(() => {
+		clearState()
+	})
+
+	it('Regular users can see basic items in the Settings menu', () => {
+		// Given I am logged in
+		cy.createRandomUser().then(($user) => {
+			cy.login($user)
+			cy.visit('/')
+		})
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+
+		getNextcloudUserMenu().find('ul').within(($el) => {
+			// I see the settings menu is open
+			cy.wrap($el).should('be.visible')
+
+			// I see that the Settings menu has only 6 items
+			cy.get('li').should('have.length', 6)
+			// I see that the "View profile" item in the Settings menu is shown
+			cy.contains('li', 'View profile').should('be.visible')
+			// I see that the "Set status" item in the Settings menu is shown
+			cy.contains('li', 'Set status').should('be.visible')
+			// I see that the "Appearance and accessibility" item in the Settings menu is shown
+			cy.contains('li', 'Appearance and accessibility').should('be.visible')
+			// I see that the "Settings" item in the Settings menu is shown
+			cy.contains('li', 'Settings').should('be.visible')
+			// I see that the "Help" item in the Settings menu is shown
+			cy.contains('li', 'Help').should('be.visible')
+			// I see that the "Log out" item in the Settings menu is shown
+			cy.contains('li', 'Log out').should('be.visible')
+		})
+	})
+
+	it('Regular users cannot see admin-level items in the Settings menu', () => {
+		// Given I am logged in
+		cy.createRandomUser().then(($user) => {
+			cy.login($user)
+			cy.visit('/')
+		})
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+
+		getNextcloudUserMenu().find('ul').within(($el) => {
+			// I see the settings menu is open
+			cy.wrap($el).should('be.visible')
+
+			// I see that the "Users" item in the Settings menu is NOT shown
+			cy.contains('li', 'Users').should('not.exist')
+			// I see that the "Administration settings" item in the Settings menu is NOT shown
+			cy.contains('li', 'Administration settings').should('not.exist')
+			cy.get('#admin_settings').should('not.exist')
+		})
+	})
+
+	it('Admin users can see admin-level items in the Settings menu', () => {
+		// Given I am logged in
+		cy.login(admin)
+		cy.visit('/')
+
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+
+		getNextcloudUserMenu().find('ul').within(($el) => {
+			// I see the settings menu is open
+			cy.wrap($el).should('be.visible')
+
+			// I see that the Settings menu has only 9 items
+			cy.get('li').should('have.length', 9)
+			// I see that the "Set status" item in the Settings menu is shown
+			cy.contains('li', 'View profile').should('be.visible')
+			// I see that the "Set status" item in the Settings menu is shown
+			cy.contains('li', 'Set status').should('be.visible')
+			// I see that the "Appearance and accessibility" item in the Settings menu is shown
+			cy.contains('li', 'Appearance and accessibility').should('be.visible')
+			// I see that the "Personal Settings" item in the Settings menu is shown
+			cy.contains('li', 'Personal settings').should('be.visible')
+			// I see that the "Administration settings" item in the Settings menu is shown
+			cy.contains('li', 'Administration settings').should('be.visible')
+			// I see that the "Apps" item in the Settings menu is shown
+			cy.contains('li', 'Apps').should('be.visible')
+			// I see that the "Users" item in the Settings menu is shown
+			cy.contains('li', 'Users').should('be.visible')
+			// I see that the "Help" item in the Settings menu is shown
+			cy.contains('li', 'Help').should('be.visible')
+			// I see that the "Log out" item in the Settings menu is shown
+			cy.contains('li', 'Log out').should('be.visible')
+		})
+	})
+})
@@ -1,4 +1,5 @@
 import type { User } from '@nextcloud/cypress'
+import { getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils'
 
 describe('Login', () => {
 	let user: User
@@ -137,8 +138,8 @@ describe('Login', () => {
 		cy.url().should('match', /apps\/dashboard(\/|$)/)
 
 		// When click logout
-		cy.get('#user-menu > button').should('exist').click()
-		cy.get('#logout a').should('contain.text', 'Log out').click()
+		getNextcloudUserMenuToggle().should('exist').click()
+		getNextcloudUserMenu().contains('a', 'Log out').click()
 
 		// Then I see that the current page is the Login page
 		cy.url().should('match', /\/login/)

@@ -0,0 +1,78 @@
+/**
+ * @copyright Copyright (c) 2023 Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @author Ferdinand Thiessen <opensource@fthiessen.de>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import { User } from '@nextcloud/cypress'
+import { clearState, getNextcloudUserMenu, getNextcloudUserMenuToggle } from '../../support/commonUtils'
+
+const admin = new User('admin', 'admin')
+
+describe('Settings: Ensure only administrator can see the administration settings section', { testIsolation: true }, () => {
+	beforeEach(() => {
+		clearState()
+	})
+
+	it('Regular users cannot see admin-level items on the Settings page', () => {
+		// Given I am logged in
+		cy.createRandomUser().then(($user) => {
+			cy.login($user)
+			cy.visit('/')
+		})
+
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+		// I navigate to the settings panel
+		getNextcloudUserMenu().find('#settings a').click()
+		cy.url().should('match', /\/settings\/user$/)
+
+		cy.get('#app-navigation').should('be.visible').within(() => {
+			// I see the personal section is NOT shown
+			cy.get('#app-navigation-caption-personal').should('not.exist')
+			// I see the admin section is NOT shown
+			cy.get('#app-navigation-caption-administration').should('not.exist')
+
+			// I see that the "Personal info" entry in the settings panel is shown
+			cy.get('[data-section-id="personal-info"]').should('exist').and('be.visible')
+		})
+	})
+
+	it('Admin users can see admin-level items on the Settings page', () => {
+		// Given I am logged in
+		cy.login(admin)
+		cy.visit('/')
+
+		// I open the settings menu
+		getNextcloudUserMenuToggle().click()
+		// I navigate to the settings panel
+		getNextcloudUserMenu().find('#settings a').click()
+		cy.url().should('match', /\/settings\/user$/)
+
+		cy.get('#app-navigation').should('be.visible').within(() => {
+			// I see the personal section is shown
+			cy.get('#app-navigation-caption-personal').should('be.visible')
+			// I see the admin section is shown
+			cy.get('#app-navigation-caption-administration').should('be.visible')
+
+			// I see that the "Personal info" entry in the settings panel is shown
+			cy.get('[data-section-id="personal-info"]').should('exist').and('be.visible')
+		})
+	})
+})
@@ -35,22 +35,6 @@ export function assertNotExistOrNotVisible(element: JQuery<HTMLElement>) {
 	expect(doesNotExist || isNotVisible, 'does not exist or is not visible').to.be.true
 }
 
-/**
- * Helper function ensure users and groups in this tests have a clean state
- */
-export function clearState() {
-	// cleanup ignoring any failures
-	cy.runOccCommand('group:list --output=json').then(($result) => {
-		const groups = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
-		groups.forEach((groupID) => cy.runOccCommand(`group:delete '${groupID}'`))
-	})
-
-	cy.runOccCommand('user:list --output=json').then(($result) => {
-		const users = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
-		users.forEach((userID) => cy.runOccCommand(`user:delete '${userID}'`))
-	})
-}
-
 /**
  * Get the settings users list
  * @return Cypress chainable object

@@ -21,7 +21,8 @@
  */
 
 import { User } from '@nextcloud/cypress'
-import { clearState, getUserListRow } from './usersUtils'
+import { getUserListRow } from './usersUtils'
+import { clearState } from '../../support/commonUtils'
 
 const admin = new User('admin', 'admin')
 

@@ -21,7 +21,8 @@
  */
 
 import { User } from '@nextcloud/cypress'
-import { clearState, getUserListRow, handlePasswordConfirmation, toggleEditButton, waitLoading } from './usersUtils'
+import { getUserListRow, handlePasswordConfirmation, toggleEditButton, waitLoading } from './usersUtils'
+import { clearState } from '../../support/commonUtils'
 
 const admin = new User('admin', 'admin')
 

@@ -0,0 +1,37 @@
+/**
+ * Get the header navigation bar
+ */
+export function getNextcloudHeader() {
+	return cy.get('#header')
+}
+
+/**
+ * Get user menu in the header navigation bar
+ */
+export function getNextcloudUserMenu() {
+	return getNextcloudHeader().find('#user-menu')
+}
+
+/**
+ * Get the user menu toggle in the header navigation bar
+ */
+export function getNextcloudUserMenuToggle() {
+	return getNextcloudUserMenu().find('.header-menu__trigger').should('have.length', 1)
+}
+
+/**
+ * Helper function ensure users and groups in this tests have a clean state
+ * Deletes all users (except admin) and groups
+ */
+export function clearState() {
+	// cleanup ignoring any failures
+	cy.runOccCommand('group:list --output=json').then(($result) => {
+		const groups = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
+		groups.forEach((groupID) => cy.runOccCommand(`group:delete '${groupID}'`))
+	})
+
+	cy.runOccCommand('user:list --output=json').then(($result) => {
+		const users = Object.keys(JSON.parse($result.stdout)).filter((name) => name !== 'admin')
+		users.forEach((userID) => cy.runOccCommand(`user:delete '${userID}'`))
+	})
+}
@@ -1,31 +1,6 @@
 @apache
 Feature: header
 
-  Scenario: admin users can see admin-level items in the Settings menu
-    Given I am logged in as the admin
-    When I open the Settings menu
-    Then I see that the Settings menu is shown
-    And I see that the Settings menu has only 9 items
-    And I see that the "Set status" item in the Settings menu is shown
-    And I see that the "Appearance and accessibility" item in the Settings menu is shown
-    And I see that the "Personal settings" item in the Settings menu is shown
-    And I see that the "Administration settings" item in the Settings menu is shown
-    And I see that the "Apps" item in the Settings menu is shown
-    And I see that the "Users" item in the Settings menu is shown
-    And I see that the "Help" item in the Settings menu is shown
-    And I see that the "Log out" item in the Settings menu is shown
-
-  Scenario: normal users can see basic items in the Settings menu
-    Given I am logged in
-    When I open the Settings menu
-    Then I see that the Settings menu is shown
-    And I see that the Settings menu has only 6 items
-    And I see that the "Set status" item in the Settings menu is shown
-    And I see that the "Appearance and accessibility" item in the Settings menu is shown
-    And I see that the "Settings" item in the Settings menu is shown
-    And I see that the "Help" item in the Settings menu is shown
-    And I see that the "Log out" item in the Settings menu is shown
-
   Scenario: other users are seen in the contacts menu
     Given I am logged in as the admin
     When I open the Contacts menu