Merge branch '383-lock-admin-creating-role' of https://github.com/Leandry/magento-functional-tests-migration into community-tests-migration-pr

Author: okolesnyk

app/code/Magento/Backend/Test/Mftf/ActionGroup/AssertMessageInAdminPanelActionGroup.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AssertMessageInAdminPanelActionGroup">
+        <arguments>
+            <argument name="message" type="string" />
+            <argument name="messageType" type="string" defaultValue="success" />
+        </arguments>
+
+        <waitForElementVisible selector="{{AdminMessagesSection.messageByType(messageType)}}" stepKey="waitForMessageVisible" />
+        <see userInput="{{message}}" selector="{{AdminMessagesSection.messageByType(messageType)}}" stepKey="verifyMessage" />
+    </actionGroup>
+</actionGroups>

app/code/Magento/Backend/Test/Mftf/Section/AdminMessagesSection.xml

@@ -13,5 +13,6 @@
         <element name="nthSuccess" type="text" selector=".message.message-success.success:nth-of-type({{n}})>div" parameterized="true"/>
         <element name="error" type="text" selector="#messages div.message-error"/>
         <element name="notice" type="text" selector=".message.message-notice.notice"/>
+        <element name="messageByType" type="text" selector="#messages div.message-{{messageType}}" parameterized="true" />
     </section>
 </sections>

app/code/Magento/Security/Test/Mftf/Test/AdminLockAdminUserWhenCreatingNewRoleTest.xml

@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="AdminLockAdminUserWhenCreatingNewRoleTest">
+        <annotations>
+            <features value="Security"/>
+            <stories value="Runs Lock admin user when creating new admin role test."/>
+            <title value="Lock admin user when creating new admin role"/>
+            <description value="Runs Lock admin user when creating new admin role test."/>
+            <severity value="CRITICAL"/>
+            <testCaseId value="MC-14384" />
+            <group value="security"/>
+            <group value="mtf_migrated"/>
+        </annotations>
+        <before>
+            <!-- Log in to Admin Panel -->
+            <actionGroup ref="LoginAsAdmin" stepKey="loginAsAdmin"/>
+        </before>
+        <after>
+            <!-- Unlock Admin user -->
+            <magentoCLI command="admin:user:unlock {{_ENV.MAGENTO_ADMIN_USERNAME}}" stepKey="unlockAdminUser"/>
+        </after>
+        <!-- Perform add new role 6 specified number of times. -->
+        <actionGroup ref="AdminOpenCreateRolePageActionGroup" stepKey="openCreateRolePage"/>
+
+        <actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillFieldFirstAttempt">
+            <argument name="role" value="roleAdministrator" />
+            <argument name="currentAdminPassword" value="{{_ENV.MAGENTO_ADMIN_PASSWORD}}INVALID" />
+        </actionGroup>
+        <actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveRoleFirstAttempt"/>
+        <actionGroup ref="AssertMessageInAdminPanelActionGroup" stepKey="checkFirstSaveRoleError">
+            <argument name="message" value="The password entered for the current user is invalid. Verify the password and try again." />
+            <argument name="messageType" value="error" />
+        </actionGroup>
+        
+        <actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillFieldSecondAttempt">
+            <argument name="role" value="roleAdministrator" />
+            <argument name="currentAdminPassword" value="{{_ENV.MAGENTO_ADMIN_PASSWORD}}INVALID" />
+        </actionGroup>
+        <actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveRoleSecondAttempt"/>
+        <actionGroup ref="AssertMessageInAdminPanelActionGroup" stepKey="checkSecondSaveRoleError">
+            <argument name="message" value="The password entered for the current user is invalid. Verify the password and try again." />
+            <argument name="messageType" value="error" />
+        </actionGroup>
+
+        <actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillFieldThirdAttempt">
+            <argument name="role" value="roleAdministrator" />
+            <argument name="currentAdminPassword" value="{{_ENV.MAGENTO_ADMIN_PASSWORD}}INVALID" />
+        </actionGroup>
+        <actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveRoleThirdAttempt"/>
+        <actionGroup ref="AssertMessageInAdminPanelActionGroup" stepKey="checkThirdSaveRoleError">
+            <argument name="message" value="The password entered for the current user is invalid. Verify the password and try again." />
+            <argument name="messageType" value="error" />
+        </actionGroup>
+
+        <actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillFieldFourthAttempt">
+            <argument name="role" value="roleAdministrator" />
+            <argument name="currentAdminPassword" value="{{_ENV.MAGENTO_ADMIN_PASSWORD}}INVALID" />
+        </actionGroup>
+        <actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveRoleFourthAttempt"/>
+        <actionGroup ref="AssertMessageInAdminPanelActionGroup" stepKey="checkFourthSaveRoleError">
+            <argument name="message" value="The password entered for the current user is invalid. Verify the password and try again." />
+            <argument name="messageType" value="error" />
+        </actionGroup>
+
+        <actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillFieldFifthAttempt">
+            <argument name="role" value="roleAdministrator" />
+            <argument name="currentAdminPassword" value="{{_ENV.MAGENTO_ADMIN_PASSWORD}}INVALID" />
+        </actionGroup>
+        <actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveRoleFifthAttempt"/>
+        <actionGroup ref="AssertMessageInAdminPanelActionGroup" stepKey="checkFifthSaveRoleError">
+            <argument name="message" value="The password entered for the current user is invalid. Verify the password and try again." />
+            <argument name="messageType" value="error" />
+        </actionGroup>
+
+        <actionGroup ref="AdminFillUserRoleFormActionGroup" stepKey="fillFieldSixthAttempt">
+            <argument name="role" value="roleAdministrator" />
+            <argument name="currentAdminPassword" value="{{_ENV.MAGENTO_ADMIN_PASSWORD}}INVALID" />
+        </actionGroup>
+        <actionGroup ref="AdminClickSaveButtonOnUserRoleFormActionGroup" stepKey="saveRoleSixthAttempt"/>
+        <actionGroup ref="AssertMessageOnAdminLoginActionGroup" stepKey="checkFifthError">
+            <argument name="message" value="Your account is temporarily disabled. Please try again later."/>
+        </actionGroup>
+
+        <!-- Try to login as admin and check error message -->
+        <actionGroup ref="LoginAsAdmin" stepKey="loginAsLockedAdmin"/>
+        <actionGroup ref="AssertMessageOnAdminLoginActionGroup" stepKey="checkLoginMessage"/>
+    </test>
+</tests>

app/code/Magento/User/Test/Mftf/ActionGroup/AdminClickSaveButtonOnUserRoleFormActionGroup.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AdminClickSaveButtonOnUserRoleFormActionGroup">
+        <click selector="{{AdminCreateRoleSection.save}}" stepKey="saveRole"/>
+        <waitForPageLoad stepKey="waitForSaveResultLoad"/>
+    </actionGroup>
+</actionGroups>

app/code/Magento/User/Test/Mftf/ActionGroup/AdminFillUserRoleFormActionGroup.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AdminFillUserRoleFormActionGroup">
+        <arguments>
+            <argument name="role" type="entity" />
+            <argument name="currentAdminPassword" type="string" defaultValue="{{_ENV.MAGENTO_ADMIN_PASSWORD}}" />
+        </arguments>
+
+        <fillField selector="{{AdminCreateRoleSection.name}}" userInput="{{role.name}}" stepKey="fillRoleName"/>
+        <fillField selector="{{AdminCreateRoleSection.password}}" userInput="{{currentAdminPassword}}" stepKey="fillCurrentUserPassword"/>
+
+        <click selector="{{AdminCreateRoleSection.roleResources}}" stepKey="clickToOpenRoleResources"/>
+        <waitForPageLoad stepKey="waitForRoleResourceTab" />
+        
+        <selectOption userInput="{{role.resourceAccess}}" selector="{{AdminCreateRoleSection.resourceAccess}}" stepKey="selectResourceAccess" />
+        <performOn stepKey="checkNeededResources" selector="{{AdminCreateRoleSection.resourceTree}}" function="function($I,$userRoles={{role.resources}}){foreach($userRoles as $userRole){$I->conditionalClick('//li[@data-id=\'' . $userRole . '\']//*[@class=\'jstree-checkbox\']','//li[@data-id=\'' . $userRole . '\' and contains(@class, \'jstree-checked\')]',false);}}" />
+    </actionGroup>
+</actionGroups>

app/code/Magento/User/Test/Mftf/ActionGroup/AdminOpenCreateRolePageActionGroup.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AdminOpenCreateRolePageActionGroup">
+        <amOnPage url="{{AdminEditRolePage.url}}" stepKey="amOnNewAdminRolePage"/>
+        <waitForPageLoad stepKey="waitForNewAdminRolePageLoad"/>
+    </actionGroup>
+</actionGroups>

app/code/Magento/User/Test/Mftf/Data/UserRoleData.xml

@@ -13,4 +13,15 @@
         <data key="scope">1</data>
         <data key="access">1</data>
     </entity>
+
+    <entity name="roleAdministrator" type="role">
+        <data key="name" unique="suffix">Administrator </data>
+        <data key="resourceAccess">All</data>
+        <data key="resources">[]</data>
+    </entity>
+    <entity name="roleSales" type="role">
+        <data key="name" unique="suffix">Role Sales </data>
+        <data key="resourceAccess">Custom</data>
+        <data key="resources">['Magento_Sales::sales','Magento_Sales::sales_operation','Magento_Sales::actions','Magento_Sales::sales_order','Magento_Sales::create','Magento_Sales::actions_view','Magento_Sales::email','Magento_Sales::reorder','Magento_Sales::actions_edit','Magento_Sales::cancel','Magento_Sales::review_payment','Magento_Sales::capture','Magento_Sales::invoice','Magento_Sales::creditmemo','Magento_Sales::hold','Magento_Sales::unhold','Magento_Sales::ship','Magento_Sales::comment','Magento_Sales::emails','Magento_Backend::system','Magento_Backend::system_other_settings','Magento_AdminNotification::adminnotification','Magento_AdminNotification::show_list']</data>
+    </entity>
 </entities>

app/code/Magento/User/Test/Mftf/Section/AdminCreateRoleSection.xml

@@ -12,6 +12,9 @@
         <element name="create" type="button" selector="#add"/>
         <element name="name" type="button" selector="#role_name"/>
         <element name="password" type="input" selector="#current_password"/>
+        <element name="resourceAccess" type="select" selector="[data-ui-id='adminhtml-user-editroles-tab-content-account'] [name='all']"/>
+        <element name="resourceTree" type="block" selector="[data-ui-id='adminhtml-user-editroles-tab-content-account'] [data-role='resource-tree']"/>
+
         <element name="roleResources" type="button" selector="#role_info_tabs_account"/>
         <element name="roleResource" type="button" selector="#gws_is_all"/>
         <element name="resourceValue" type="button" selector="//*[text()='{{arg1}}']" parameterized="true"/>

dev/tests/functional/tests/app/Magento/Security/Test/TestCase/LockAdminUserWhenCreatingNewRoleTest.xml

@@ -8,7 +8,7 @@
 <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="../../../../../../vendor/magento/mtf/etc/variations.xsd">
     <testCase name="Magento\Security\Test\TestCase\LockAdminUserWhenCreatingNewRoleTest" summary="Lock admin user after entering incorrect password while creating new role">
         <variation name="LockAdminUserWhenCreatingNewRoleTestVariation1">
-            <data name="tag" xsi:type="string">severity:S2</data>
+            <data name="tag" xsi:type="string">severity:S2, mftf_migrated:yes</data>
             <data name="configData" xsi:type="string">user_lockout_failures</data>
             <data name="customAdmin/dataset" xsi:type="string">custom_admin_with_default_role</data>
             <data name="role/data/rolename" xsi:type="string">AdminRole%isolation%</data>