From 5914e8e1acc7a89ba887b7b68c743a18573339d4 Mon Sep 17 00:00:00 2001
From: carlosjr <carlosjr@verdnatura.es>
Date: Thu, 25 Nov 2021 11:30:55 +0100
Subject: [PATCH] fixed e2e by adding acls where needed

---
 db/changes/10390-constitution/00-acl.sql      |  5 +-
 .../01_create_and_basic_data.spec.js          |  7 ++-
 .../03_role_create_and_basic_data.spec.js     |  6 +--
 modules/account/back/models/mail-alias.json   |  8 ++-
 modules/account/front/index/index.html        | 52 +++++++++----------
 modules/account/front/role/index/index.html   | 42 +++++++--------
 modules/account/front/routes.json             | 19 ++++---
 7 files changed, 75 insertions(+), 64 deletions(-)

diff --git a/db/changes/10390-constitution/00-acl.sql b/db/changes/10390-constitution/00-acl.sql
index e85f58edd9..f887a57f00 100644
--- a/db/changes/10390-constitution/00-acl.sql
+++ b/db/changes/10390-constitution/00-acl.sql
@@ -8,8 +8,11 @@ INSERT INTO `salix`.`ACL`
         ('AccessToken', '*', '*', 'ALLOW', 'ROLE', 'developer'),
         ('MailAliasAccount', '*', '*', 'ALLOW', 'ROLE', 'marketing'),
         ('MailAliasAccount', '*', '*', 'ALLOW', 'ROLE', 'hr'),
+        ('MailAlias', '*', '*', 'ALLOW', 'ROLE', 'hr'),
         ('MailForward', '*', '*', 'ALLOW', 'ROLE', 'marketing'),
         ('MailForward', '*', '*', 'ALLOW', 'ROLE', 'hr'),
+        ('RoleInherit', '*', '*', 'ALLOW', 'ROLE', 'it'),
+        ('RoleRole', '*', '*', 'ALLOW', 'ROLE', 'it'),
         ('AccountConfig', '*', '*', 'ALLOW', 'ROLE', 'sysadmin');
 
 UPDATE `salix`.`ACL`
@@ -20,5 +23,5 @@ DELETE FROM `salix`.`ACL`
     WHERE id IN (280, 281);
 
 UPDATE `salix`.`ACL`
-    SET accessType='*'
+    SET accessType='*', principalId='marketing'
     WHERE id=279;
diff --git a/e2e/paths/14-account/01_create_and_basic_data.spec.js b/e2e/paths/14-account/01_create_and_basic_data.spec.js
index d6c185b062..42d5b2f682 100644
--- a/e2e/paths/14-account/01_create_and_basic_data.spec.js
+++ b/e2e/paths/14-account/01_create_and_basic_data.spec.js
@@ -1,7 +1,7 @@
 import selectors from '../../helpers/selectors.js';
 import getBrowser from '../../helpers/puppeteer';
 
-fdescribe('Account create and basic data path', () => {
+describe('Account create and basic data path', () => {
     let browser;
     let page;
 
@@ -59,13 +59,12 @@ fdescribe('Account create and basic data path', () => {
         await page.accessToSection('account.card.roles');
         const rolesCount = await page.countElement(selectors.accountRoles.anyResult);
 
-        expect(rolesCount).toEqual(4);
+        expect(rolesCount).toEqual(3);
     });
 
     describe('Descriptor option', () => {
         describe('Edit role', () => {
             it('should edit the role using the descriptor menu', async() => {
-                await page.waitForTimeout(1000); // sometimes descriptor fails to load it's functionalities without this timeout
                 await page.waitToClick(selectors.accountDescriptor.menuButton);
                 await page.waitToClick(selectors.accountDescriptor.changeRole);
                 await page.autocompleteSearch(selectors.accountDescriptor.newRole, 'adminBoss');
@@ -76,7 +75,7 @@ fdescribe('Account create and basic data path', () => {
             });
 
             it('should reload the roles section to see now there are more roles', async() => {
-                // when role updated the db takes a while to return the changes, without this timeout the result would have been 4
+                // when role updates db takes time to return changes, without this timeout the result would have been 3
                 await page.waitForTimeout(1000);
                 await page.reloadSection('account.card.roles');
                 const rolesCount = await page.countElement(selectors.accountRoles.anyResult);
diff --git a/e2e/paths/14-account/03_role_create_and_basic_data.spec.js b/e2e/paths/14-account/03_role_create_and_basic_data.spec.js
index c2c5645efa..294a500ca7 100644
--- a/e2e/paths/14-account/03_role_create_and_basic_data.spec.js
+++ b/e2e/paths/14-account/03_role_create_and_basic_data.spec.js
@@ -8,7 +8,7 @@ describe('Account Role create and basic data path', () => {
     beforeAll(async() => {
         browser = await getBrowser();
         page = browser.page;
-        await page.loginAndModule('developer', 'account');
+        await page.loginAndModule('it', 'account');
         await page.accessToSection('account.role');
     });
 
@@ -76,11 +76,11 @@ describe('Account Role create and basic data path', () => {
         expect(subrolesCount).toEqual(1);
     });
 
-    it('should search for the employee role group then access to the roles inheritance section then check the roles listed are the expected ones', async() => {
+    it('should access the employee roles inheritance then check the roles listed are the expected ones', async() => {
         await page.accessToSearchResult('employee');
         await page.accessToSection('account.role.card.inherited');
         const rolesCount = await page.countElement(selectors.accountRoleInheritance.anyResult);
 
-        expect(rolesCount).toEqual(7);
+        expect(rolesCount).toEqual(6);
     });
 });
diff --git a/modules/account/back/models/mail-alias.json b/modules/account/back/models/mail-alias.json
index a5970bd3f7..417a343b39 100644
--- a/modules/account/back/models/mail-alias.json
+++ b/modules/account/back/models/mail-alias.json
@@ -29,5 +29,11 @@
 			"foreignKey": "mailAlias",
 			"property": "id"
 		}
-	}
+	},
+    "acls": [{
+        "accessType": "READ",
+        "principalType": "ROLE",
+        "principalId": "$everyone",
+        "permission": "ALLOW"
+    }]
 }
diff --git a/modules/account/front/index/index.html b/modules/account/front/index/index.html
index d236a14571..d067c8c372 100644
--- a/modules/account/front/index/index.html
+++ b/modules/account/front/index/index.html
@@ -5,32 +5,32 @@
     model="model"
     class="vn-w-sm">
     <vn-card>
-    <div class="vn-list separated">
-    <a
-        ng-repeat="user in model.data track by user.id"
-        ui-sref="account.card.summary(::{id: user.id})"
-        translate-attr="{title: 'View user'}"
-        class="vn-item search-result">
-        <vn-item-section>
-            <h6>{{::user.nickname}}</h6>
-            <vn-label-value
-                label="Id" 
-                value="{{::user.id}}">
-            </vn-label-value>
-            <vn-label-value
-                label="User" 
-                value="{{::user.name}}">
-            </vn-label-value>
-        </vn-item-section>
-        <vn-item-section side>
-            <vn-icon-button
-                vn-click-stop="$ctrl.preview(user)"
-                vn-tooltip="Preview"
-                icon="preview">
-            </vn-icon-button>
-        </vn-item-section>
-    </a>
-    </div>
+        <div class="vn-list separated">
+            <a
+                ng-repeat="user in model.data track by user.id"
+                ui-sref="account.card.summary(::{id: user.id})"
+                translate-attr="{title: 'View user'}"
+                class="vn-item search-result">
+                <vn-item-section>
+                    <h6>{{::user.nickname}}</h6>
+                    <vn-label-value
+                        label="Id" 
+                        value="{{::user.id}}">
+                    </vn-label-value>
+                    <vn-label-value
+                        label="User" 
+                        value="{{::user.name}}">
+                    </vn-label-value>
+                </vn-item-section>
+                <vn-item-section side>
+                    <vn-icon-button
+                        vn-click-stop="$ctrl.preview(user)"
+                        vn-tooltip="Preview"
+                        icon="preview">
+                    </vn-icon-button>
+                </vn-item-section>
+            </a>
+        </div>
     </vn-card>
 </vn-data-viewer>
 <vn-popup vn-id="summary">
diff --git a/modules/account/front/role/index/index.html b/modules/account/front/role/index/index.html
index c58c395e42..4c4c6b0adf 100644
--- a/modules/account/front/role/index/index.html
+++ b/modules/account/front/role/index/index.html
@@ -6,26 +6,26 @@
     model="model"
     class="vn-w-sm">
     <vn-card>
-    <div class="vn-list separated">
-    <a
-        ng-repeat="role in model.data track by role.id"
-        ui-sref="account.role.card.summary(::{id: role.id})"
-        ui-sref-opts="{inherit: false}"
-        translate-attr="{title: 'View role'}"
-        class="vn-item search-result">
-        <vn-item-section>
-            <h6>{{::role.name}}</h6>
-            <div>{{::role.description}}</div>
-        </vn-item-section>
-        <vn-item-section side>
-            <vn-icon-button
-                vn-click-stop="$ctrl.preview(role)"
-                vn-tooltip="Preview"
-                icon="preview">
-            </vn-icon-button>
-        </vn-item-section>
-    </a>
-    </div>
+        <div class="vn-list separated">
+            <a
+                ng-repeat="role in model.data track by role.id"
+                ui-sref="account.role.card.summary(::{id: role.id})"
+                ui-sref-opts="{inherit: false}"
+                translate-attr="{title: 'View role'}"
+                class="vn-item search-result">
+                <vn-item-section>
+                    <h6>{{::role.name}}</h6>
+                    <div>{{::role.description}}</div>
+                </vn-item-section>
+                <vn-item-section side>
+                    <vn-icon-button
+                        vn-click-stop="$ctrl.preview(role)"
+                        vn-tooltip="Preview"
+                        icon="preview">
+                    </vn-icon-button>
+                </vn-item-section>
+            </a>
+        </div>
     </vn-card>
 </vn-data-viewer>
 <vn-popup vn-id="summary">
@@ -35,7 +35,7 @@
     ui-sref-opts="{inherit: false}"
     vn-tooltip="New role"
     vn-bind="+"
-    vn-acl="developer"
+    vn-acl="it"
     vn-acl-action="remove"
     fixed-bottom-right>
     <vn-float-button icon="add"></vn-float-button>
diff --git a/modules/account/front/routes.json b/modules/account/front/routes.json
index d22cab7917..66b26f4276 100644
--- a/modules/account/front/routes.json
+++ b/modules/account/front/routes.json
@@ -97,7 +97,7 @@
             "state": "account.card.aliases",
             "component": "vn-user-aliases",
             "description": "Mail aliases",
-            "acl": ["marketing"]
+            "acl": ["marketing", "hr"]
         },
         {
             "url": "/role?q",
@@ -110,7 +110,8 @@
             "url": "/create",
             "state": "account.role.create",
             "component": "vn-role-create",
-            "description": "New role"
+            "description": "New role",
+            "acl": ["it"]
         },
         {
             "url": "/:id",
@@ -126,30 +127,32 @@
             "description": "Summary",
             "params": {
                 "role": "$ctrl.role"
-            }
+            },
+            "acl": ["it"]
         },
         {
             "url": "/basic-data",
             "state": "account.role.card.basicData",
             "component": "vn-role-basic-data",
             "description": "Basic data",
-            "acl": ["developer"],
             "params": {
                 "role": "$ctrl.role"
-            }
+            },
+            "acl": ["it"]
         },
         {
             "url": "/subroles",
             "state": "account.role.card.subroles",
             "component": "vn-role-subroles",
-            "acl": ["developer"],
-            "description": "Subroles"
+            "description": "Subroles",
+            "acl": ["it"]
         },
         {
             "url": "/inherited",
             "state": "account.role.card.inherited",
             "component": "vn-role-inherited",
-            "description": "Inherited roles"
+            "description": "Inherited roles",
+            "acl": ["it"]
         },
         {
             "url": "/alias?q",