IFC-758 Add roles, groups and permissions in demo data

backend/infrahub/core/protocols.py

@@ -216,7 +216,7 @@ class CoreAccount(LineageOwner, LineageSource, CoreGenericAccount):
     pass
 
 
-class CoreAccountGroup(CoreGroup):
+class CoreAccountGroup(LineageOwner, LineageSource, CoreGroup):
     roles: RelationshipManager
 
 

backend/infrahub/core/schema/definitions/core.py

@@ -2264,7 +2264,7 @@
             "display_labels": ["name__value"],
             "human_friendly_id": ["name__value"],
             "generate_profile": False,
-            "inherit_from": [InfrahubKind.GENERICGROUP],
+            "inherit_from": [InfrahubKind.LINEAGEOWNER, InfrahubKind.LINEAGESOURCE, InfrahubKind.GENERICGROUP],
             "branch": BranchSupportType.AGNOSTIC.value,
             "relationships": [
                 {

docs/docs/tutorials/getting-started/readme.mdx

@@ -79,12 +79,18 @@ Refer to [User management](/topics/auth/) page for more information regarding th
 
 To follow the tutorial you should use the `admin` account but you can try the other accounts too to see how the interface behaves with different permission levels.
 
-| name          | username        | password      | role       |
-| ------------- | --------------- | ------------- | ---------- |
-| Administrator | `admin`         | `infrahub`    | admin      |
-| Chloe O'Brian | `Chloe O'Brian` | `Password123` | read-write |
-| David Palmer  | `David Palmer`  | `Password123` | read-write |
-| Jack Bauer    | `Jack Bauer`    | `Password123` | read-only  |
+| name            | username        | password      | group                |
+| --------------- | --------------- | ------------- | -------------------- |
+| Administrator   | `admin`         | `infrahub`    | Super Administrators |
+| Sue Dough       | `sudo`          | `Password123` | Administrators       |
+| Chloe O'Brian   | `cobrian`       | `Password123` | Engineering Team     |
+| Sofia Hernandez | `shernandez`    | `Password123` | Engineering Team     |
+| Ryan Patel      | `rpatel`        | `Password123` | Engineering Team     |
+| Jack Bauer      | `jbauer`        | `Password123` | Operations Team      |
+| Emily Lawson    | `elawson`       | `Password123` | Operations Team      |
+| Jacob Thompson  | `jthompson`     | `Password123` | Operations Team      |
+| David Palmer    | `dpalmer`       | `Password123` | Architecture Team    |
+| Olivia Carter   | `ocarter`       | `Password123` | Architecture Team    |
 
 ## Access the Infrahub interfaces
 

frontend/app/tests/constants.ts

@@ -4,12 +4,17 @@ export const ADMIN_CREDENTIALS = {
 };
 
 export const READ_WRITE_CREDENTIALS = {
-  username: "Chloe O'Brian",
+  username: "cobrian",
   password: "Password123",
 };
 
 export const READ_ONLY_CREDENTIALS = {
-  username: "Jack Bauer",
+  username: "jbauer",
+  password: "Password123",
+};
+
+export const ENG_TEAM_ONLY_CREDENTIALS = {
+  username: "shernandez",
   password: "Password123",
 };
 

frontend/app/tests/e2e/objects/object-metadata.spec.ts

@@ -38,8 +38,8 @@ test.describe("Object metadata", () => {
 
     // Select Architecture team
     await page.getByText("Owner Kind ?").getByLabel("Kind").first().click();
-    await page.getByRole("option", { name: "Account" }).click();
-    await page.getByText("Owner Kind ?").getByLabel("Account").click();
+    await page.getByRole("option", { name: "Account group" }).click();
+    await page.getByText("Owner Kind ?").getByLabel("Account group").click();
     await page.getByRole("option", { name: "Architecture Team" }).click();
 
     // Save
@@ -61,7 +61,7 @@ test.describe("Object metadata", () => {
     await metadataTooltipUpdated.getByTestId("edit-metadata-button").click();
 
     // Source should be Account + Pop-Builder
-    await expect(page.getByTestId("select-input").nth(0)).toHaveValue("Account");
+    await expect(page.getByTestId("select-input").nth(0)).toHaveValue("Account group");
     await expect(page.getByTestId("select-input").nth(1)).toHaveValue("Architecture Team");
 
     // Is protected should be checked

frontend/app/tests/e2e/profile/profile.spec.ts

@@ -52,7 +52,7 @@ test.describe("/profile", () => {
         await expect(
           page.getByRole("heading", { name: "Chloe O'Brian", exact: true })
         ).toBeVisible();
-        await expect(page.getByText("NameChloe O'Brian")).toBeVisible();
+        await expect(page.getByText("LabelChloe O'Brian")).toBeVisible();
         await expect(page.getByText("Roleread-write")).toBeVisible();
       });
     });
@@ -70,7 +70,7 @@ test.describe("/profile", () => {
 
       await test.step("display account details", async () => {
         await expect(page.getByRole("heading", { name: "Jack Bauer", exact: true })).toBeVisible();
-        await expect(page.getByText("NameJack Bauer")).toBeVisible();
+        await expect(page.getByText("LabelJack Bauer")).toBeVisible();
         await expect(page.getByText("Roleread-only")).toBeVisible();
       });
     });

frontend/app/tests/e2e/proposed-changes/proposed-changes.spec.ts

@@ -71,8 +71,8 @@ test.describe("/proposed-changes", () => {
         await page.getByLabel("Name *").fill(pcName);
         await page.getByTestId("codemirror-editor").getByRole("textbox").fill("My description");
         await page.getByTestId("select-open-option-button").click();
-        await page.getByRole("option", { name: "Architecture Team" }).click();
-        await page.getByRole("option", { name: "Crm Synchronization" }).click();
+        await page.getByRole("option", { name: "Olivia Carter" }).click();
+        await page.getByRole("option", { name: "CRM Synchronization" }).click();
         await page.getByTestId("select-open-option-button").click();
 
         await page.getByRole("button", { name: "Create proposed change" }).click();
@@ -103,7 +103,7 @@ test.describe("/proposed-changes", () => {
 
           await expect(page.getByRole("heading", { name: pcNameEdit, exact: true })).toBeVisible();
           await expect(page.getByTestId("pc-description")).toContainText("My description edit");
-          await expect(page.getByText("ReviewersAT")).toBeVisible();
+          await expect(page.getByText("ReviewersOC")).toBeVisible();
         });
       });
 

frontend/app/tests/e2e/role-management/read.spec.ts

@@ -10,11 +10,11 @@ test.describe("Role management - READ", () => {
     });
 
     await test.step("check counts", async () => {
-      await expect(page.getByRole("link", { name: "Accounts 9" })).toBeVisible();
-      await expect(page.getByRole("link", { name: "Groups 2" })).toBeVisible();
-      await expect(page.getByRole("link", { name: "Roles 3" })).toBeVisible();
+      await expect(page.getByRole("link", { name: "Accounts 12" })).toBeVisible();
+      await expect(page.getByRole("link", { name: "Groups 6" })).toBeVisible();
+      await expect(page.getByRole("link", { name: "Roles 7" })).toBeVisible();
       await expect(page.getByRole("link", { name: "Global Permissions 8" })).toBeVisible();
-      await expect(page.getByRole("link", { name: "Object Permissions 3" })).toBeVisible();
+      await expect(page.getByRole("link", { name: "Object Permissions 4" })).toBeVisible();
     });
 
     await test.step("check accounts view", async () => {
@@ -23,22 +23,24 @@ test.describe("Role management - READ", () => {
     });
 
     await test.step("check groups view", async () => {
-      await page.getByRole("link", { name: "Groups 2" }).click();
-      await expect(page.getByRole("cell", { name: "Super Administrators" }).first()).toBeVisible();
-      await expect(page.getByRole("button", { name: "+4" })).toBeVisible();
+      await page.getByRole("link", { name: "Groups 6" }).click();
+      await expect(page.getByRole("cell", { name: "Operations Team" })).toBeVisible();
+      // Need to create more user to trigger this
+      // await expect(page.getByRole("cell", { name: "+ 4" })).toBeVisible();
     });
 
     await test.step("check roles view", async () => {
-      await page.getByRole("link", { name: "Roles 3" }).click();
+      await page.getByRole("link", { name: "Roles 7" }).click();
       await expect(page.getByText("General Access")).toBeVisible();
       await expect(page.getByText("Infrahub Users")).toBeVisible();
-      await expect(page.getByText("global:manage_repositories:")).toBeVisible();
+      await expect(page.getByText("global:edit_default_branch:")).toBeVisible();
+      await expect(page.getByRole("cell", { name: "1" }).first()).toBeVisible();
     });
 
     await test.step("check global permissions view", async () => {
       await page.getByRole("link", { name: "Global Permissions" }).click();
       await expect(page.getByRole("cell", { name: "super_admin", exact: true })).toBeVisible();
-      await expect(page.getByText("global:super_admin:allow")).toBeVisible();
+      await expect(page.getByText("global:super_admin:")).toBeVisible();
     });
   });
 });

frontend/app/tests/e2e/tutorial/tutorial-2_data-lineage-and-metadata.spec.ts

@@ -28,7 +28,7 @@ test.describe("Getting started with Infrahub - Data lineage and metadata", () =>
     await test.step("Update Description attribute to make it protected", async () => {
       await page.getByTestId("edit-metadata-button").click();
       await page.getByLabel("Kind").first().click();
-      await page.getByRole("option", { name: "Account" }).click();
+      await page.getByRole("option", { name: "Account" }).first().click();
       await page.getByLabel("Account").click();
       await page.getByRole("option", { name: "Admin" }).click();
       await page.getByLabel("is protected *").check();