Merge branch 'qa-shl-restrict-ip-address-spec-logging' into 'master'

Use dynamic top-level group for restrict_by_ip_address_spec

See merge request gitlab-org/gitlab!28413

app/views/admin/groups/_form.html.haml

@@ -32,7 +32,7 @@
 
   - else
     .form-actions
-      = f.submit _('Save changes'), class: "btn btn-success"
+      = f.submit _('Save changes'), class: "btn btn-success", data: { qa_selector: 'save_changes_button' }
       = link_to  _('Cancel'), admin_group_path(@group), class: "btn btn-cancel"
 
 = render_if_exists 'ldap_group_links/ldap_syncrhonizations', group: @group

app/views/admin/groups/_group.html.haml

 - group = local_assigns.fetch(:group)
 - css_class = 'no-description' if group.description.blank?
 
-%li.group-row.py-3{ class: css_class }
+%li.group-row.py-3{ class: css_class, data: { qa_selector: 'group_row_content' } }
   .controls
     = link_to _('Edit'), admin_group_edit_path(group), id: "edit_#{dom_id(group)}", class: 'btn'
     = link_to _('Delete'), [:admin, group], data: { confirm: _("Are you sure you want to remove %{group_name}?") % { group_name: group.name } }, method: :delete, class: 'btn btn-remove'
@@ -26,7 +26,7 @@
   .avatar-container.rect-avatar.s40
     = group_icon(group, class: "avatar s40 d-none d-sm-block")
   .title
-    = link_to [:admin, group], class: 'group-name' do
+    = link_to [:admin, group], class: 'group-name', data: { qa_selector: 'group_name_link' } do
       = group.full_name
 
   - if group.description.present?

app/views/admin/groups/index.html.haml

@@ -7,7 +7,7 @@
       .search-holder
         - project_name = params[:name].present? ? params[:name] : nil
         .search-field-holder
-          = search_field_tag :name, project_name, class: "form-control search-text-input js-search-input", autofocus: true, spellcheck: false, placeholder: 'Search by name'
+          = search_field_tag :name, project_name, class: "form-control search-text-input js-search-input", autofocus: true, spellcheck: false, placeholder: 'Search by name', data: { qa_selector: 'group_search_field' }
           = icon("search", class: "search-icon")
         = render "shared/groups/dropdown", options_hash: admin_groups_sort_options_hash
         = link_to new_admin_group_path, class: "btn btn-success" do

app/views/admin/groups/show.html.haml

@@ -4,7 +4,7 @@
 %h3.page-title
   = _('Group: %{group_name}') % { group_name: @group.full_name }
 
-  = link_to admin_group_edit_path(@group), class: "btn float-right" do
+  = link_to admin_group_edit_path(@group), class: "btn float-right", data: { qa_selector: 'edit_group_link' } do
     %i.fa.fa-pencil-square-o
     = _('Edit')
 %hr

app/views/layouts/nav/sidebar/_admin.html.haml

@@ -28,11 +28,11 @@
               %span
                 = _('Projects')
           = nav_link(controller: :users) do
-            = link_to admin_users_path, title: _('Users') , data: { qa_selector: 'users_overview_link' } do
+            = link_to admin_users_path, title: _('Users'), data: { qa_selector: 'users_overview_link' } do
               %span
                 = _('Users')
           = nav_link(controller: :groups) do
-            = link_to admin_groups_path, title: _('Groups') do
+            = link_to admin_groups_path, title: _('Groups'), data: { qa_selector: 'groups_overview_link' } do
               %span
                 = _('Groups')
           = nav_link path: 'jobs#index' do

ee/app/views/admin/_namespace_plan.html.haml

@@ -8,4 +8,4 @@
     = f.fields_for :gitlab_subscription do |f|
       = f.select :hosted_plan_id, Plan.pluck(:title, :id),
         { include_blank: 'No plan' },
-        class: 'form-control'
+        class: 'form-control', data: { qa_selector: 'plan_dropdown' }

qa/qa.rb

@@ -369,6 +369,12 @@ module QA
           autoload :Index, 'qa/page/admin/overview/users/index'
           autoload :Show, 'qa/page/admin/overview/users/show'
         end
+
+        module Groups
+          autoload :Index, 'qa/page/admin/overview/groups/index'
+          autoload :Show, 'qa/page/admin/overview/groups/show'
+          autoload :Edit, 'qa/page/admin/overview/groups/edit'
+        end
       end
     end
 

qa/qa/ee.rb

@@ -77,6 +77,12 @@ module QA
             autoload :Elasticsearch, 'qa/ee/page/admin/settings/component/elasticsearch'
           end
         end
+
+        module Overview
+          module Groups
+            autoload :Edit, 'qa/ee/page/admin/overview/groups/edit'
+          end
+        end
       end
 
       module Profile

qa/qa/ee/page/admin/overview/groups/edit.rb

+# frozen_string_literal: true
+
+module QA
+  module EE
+    module Page
+      module Admin
+        module Overview
+          module Groups
+            module Edit
+              def self.included(page)
+                page.class_eval do
+                  view 'ee/app/views/admin/_namespace_plan.html.haml' do
+                    element :plan_dropdown
+                  end
+                end
+              end
+
+              def select_plan(plan)
+                select_element(:plan_dropdown, plan)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/ee/page/group/settings/general.rb

@@ -57,12 +57,18 @@ module QA
             end
 
             def set_ip_address_restriction(ip_address)
+              QA::Runtime::Logger.debug(%Q[Setting ip address restriction to: #{ip_address}])
               expand_section(:permission_lfs_2fa_section)
               find_element(:ip_restriction_field).send_keys([:command, 'a'], :backspace)
               find_element(:ip_restriction_field).set ip_address
               click_element :save_permissions_changes_button
             end
 
+            def restricted_ip_address
+              expand_section(:permission_lfs_2fa_section)
+              find_element(:ip_restriction_field).value
+            end
+
             def set_membership_lock_enabled
               expand_section :permission_lfs_2fa_section
               check_element :membership_lock_checkbox

qa/qa/page/admin/menu.rb

@@ -16,9 +16,7 @@ module QA
           element :admin_sidebar_monitoring_submenu_content
           element :admin_sidebar_overview_submenu_content
           element :users_overview_link
-        end
-
-        view 'app/views/layouts/nav/sidebar/_admin.html.haml' do
+          element :groups_overview_link
           element :integration_settings_link
         end
 
@@ -76,6 +74,12 @@ module QA
           end
         end
 
+        def go_to_groups_overview
+          within_submenu(:admin_sidebar_overview_submenu_content) do
+            click_element :groups_overview_link
+          end
+        end
+
         private
 
         def hover_element(element)

qa/qa/page/admin/overview/groups/edit.rb

+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Overview
+        module Groups
+          class Edit < QA::Page::Base
+            view 'app/views/admin/groups/_form.html.haml' do
+              element :save_changes_button, required: true
+            end
+
+            def click_save_changes_button
+              click_element :save_changes_button, Groups::Show
+            end
+          end
+        end
+      end
+    end
+  end
+end
+
+QA::Page::Admin::Overview::Groups::Edit.prepend_if_ee('QA::EE::Page::Admin::Overview::Groups::Edit')

qa/qa/page/admin/overview/groups/index.rb

+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Overview
+        module Groups
+          class Index < QA::Page::Base
+            view 'app/views/admin/groups/index.html.haml' do
+              element :group_search_field, required: true
+            end
+
+            view 'app/views/admin/groups/_group.html.haml' do
+              element :group_row_content
+              element :group_name_link
+            end
+
+            def search_group(group_name)
+              find_element(:group_search_field).set(group_name).send_keys(:return)
+            end
+
+            def click_group(group_name)
+              within_element(:group_row_content, text: group_name) do
+                click_element(:group_name_link)
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/page/admin/overview/groups/show.rb

+# frozen_string_literal: true
+
+module QA
+  module Page
+    module Admin
+      module Overview
+        module Groups
+          class Show < QA::Page::Base
+            view 'app/views/admin/groups/show.html.haml' do
+              element :edit_group_link, required: true
+            end
+
+            def click_edit_group_link
+              click_element :edit_group_link, Groups::Edit
+            end
+          end
+        end
+      end
+    end
+  end
+end

qa/qa/runtime/env.rb

@@ -23,6 +23,10 @@ module QA
         SUPPORTED_FEATURES
       end
 
+      def dot_com?
+        Runtime::Scenario.gitlab_address.include?(".com")
+      end
+
       def additional_repository_storage
         ENV['QA_ADDITIONAL_REPOSITORY_STORAGE']
       end

qa/qa/specs/features/ee/browser_ui/1_manage/group/restrict_by_ip_address_spec.rb

@@ -8,7 +8,7 @@ module QA
 
       before(:all) do
         @sandbox_group = Resource::Sandbox.fabricate! do |sandbox_group|
-          sandbox_group.path = 'gitlab-qa-ip-restricted-sandbox-group'
+          sandbox_group.path = "gitlab-qa-ip-restricted-sandbox-group-#{SecureRandom.hex(8)}"
         end
 
         @user = Resource::User.fabricate_or_use(Runtime::Env.gitlab_qa_username_1, Runtime::Env.gitlab_qa_password_1)
@@ -17,26 +17,26 @@ module QA
           group.path = "ip-address-restricted-group-#{SecureRandom.hex(8)}"
           group.sandbox = @sandbox_group
         end
+
+        enable_plan_on_group(@group.name, "Gold") if Runtime::Env.dot_com?
       end
 
       after(:all) do
-        @group.remove_via_api!
+        @sandbox_group.remove_via_api!
       end
 
-      context 'when restricted by another ip address' do
-        it 'denies access' do
-          Flow::Login.while_signed_in_as_admin do
-            @group.sandbox.visit!
+      before do
+        page.visit Runtime::Scenario.gitlab_address
 
-            Page::Group::Menu.perform(&:click_group_general_settings_item)
+        set_ip_address_restriction_to(ip_address)
 
-            Page::Group::Settings::General.perform do |settings|
-              settings.set_ip_address_restriction(get_next_ip_address(fetch_current_ip_address))
-            end
+        Flow::Login.sign_in(as: @user)
       end
 
-          Flow::Login.sign_in(as: @user)
+      context 'when restricted by another ip address' do
+        let(:ip_address) { get_next_ip_address(fetch_current_ip_address) }
 
+        it 'denies access' do
           @group.sandbox.visit!
           expect(page).to have_text('Page Not Found')
           page.go_back
@@ -48,24 +48,41 @@ module QA
       end
 
       context 'when restricted by user\'s ip address' do
+        let(:ip_address) { fetch_current_ip_address }
+
         it 'allows access' do
+          @group.sandbox.visit!
+          expect(page).to have_text(@group.sandbox.path)
+
+          @group.visit!
+          expect(page).to have_text(@group.path)
+        end
+      end
+
+      private
+
+      def set_ip_address_restriction_to(ip_address)
         Flow::Login.while_signed_in_as_admin do
           @group.sandbox.visit!
 
           Page::Group::Menu.perform(&:click_group_general_settings_item)
 
           Page::Group::Settings::General.perform do |settings|
-              settings.set_ip_address_restriction(fetch_current_ip_address)
-            end
+            settings.set_ip_address_restriction(ip_address)
           end
 
-          Flow::Login.sign_in(as: @user)
+          # TODO: On un-quarantine, re-evaluate if this is needed.
+          ensure_ip_address_set_to(ip_address)
+        end
+      end
 
+      def ensure_ip_address_set_to(ip_address)
         @group.sandbox.visit!
-          expect(page).to have_text(@group.sandbox.path)
 
-          @group.visit!
-          expect(page).to have_text(@group.path)
+        Page::Group::Menu.perform(&:click_group_general_settings_item)
+
+        Page::Group::Settings::General.perform do |settings|
+          expect(settings.restricted_ip_address).to eq ip_address
         end
       end
 
@@ -76,6 +93,25 @@ module QA
 
         current_ip_address.split(".")[0...-1].push(updated_last_part).join(".")
       end
+
+      def enable_plan_on_group(group, plan)
+        Flow::Login.while_signed_in_as_admin do
+          Page::Main::Menu.perform(&:go_to_admin_area)
+          Page::Admin::Menu.perform(&:go_to_groups_overview)
+
+          Page::Admin::Overview::Groups::Index.perform do |index|
+            index.search_group(group)
+            index.click_group(group)
+          end
+
+          Page::Admin::Overview::Groups::Show.perform(&:click_edit_group_link)
+
+          Page::Admin::Overview::Groups::Edit.perform do |edit|
+            edit.select_plan(plan)
+            edit.click_save_changes_button
+          end
+        end
+      end
     end
   end
 end

qa/spec/runtime/env_spec.rb

@@ -340,4 +340,18 @@ describe QA::Runtime::Env do
       end
     end
   end
+
+  describe '.dot_com?' do
+    it 'returns true when url has .com' do
+      QA::Runtime::Scenario.define(:gitlab_address, "https://staging.gitlab.com")
+
+      expect(described_class.dot_com?).to be_truthy
+    end
+
+    it 'returns false when url does not have .com' do
+      QA::Runtime::Scenario.define(:gitlab_address, "https://gitlab.test")
+
+      expect(described_class.dot_com?).to be_falsy
+    end
+  end
 end