Merge pull request #14 from elAlmani/feature/add-features-for-projects

add permission feature

e2e/playwright-tests/features/@permissions/vulnerability-management.feature

@@ -0,0 +1,10 @@
+Feature:
+  Scenario: Without VULNERABILITY_MANAGEMENT Permission The User Cannot See The Vulnerability Create Button
+    Given the user "test-user_VP_PERMS" logs in to DependencyTrack
+    When the user navigates to "vulnerabilitiesTab" page and verifies
+    Then the create-vulnerability button should not be visible
+
+  Scenario: With VULNERABILITY_MANAGEMENT Permission The User Can See The Vulnerability Create Button
+    Given the user "test-user_VP_VM_PERMS" logs in to DependencyTrack
+    When the user navigates to "vulnerabilitiesTab" page and verifies
+    Then the create-vulnerability button should be visible

e2e/playwright-tests/fixtures/fixtures.ts

@@ -27,8 +27,16 @@ import {
     ProjectComponentsPage, ProjectDependencyGraphPage, ProjectExploitPredictionsPage,
     ProjectPage, ProjectPolicyViolationsPage, ProjectServicesPage, SelectedProjectPage
 } from "../page-objects/project.pom";
-import {LicenceGroupPage, PolicyPage} from "../page-objects/policy-management.pom";
-import {TagsPage} from "../page-objects/tags.pom";
+import {
+    LicenceGroupPage,
+    PolicyPage
+} from "../page-objects/policy-management.pom";
+import {
+    TagsPage
+} from "../page-objects/tags.pom";
+import {
+    VulnerabilitiesPage
+} from "../page-objects/vulnerabilities.pom";
 
 // export custom test fixtures
 export const test = base.extend<
@@ -56,6 +64,7 @@ export const test = base.extend<
         policyPage: PolicyPage;
         licenceGroupPage: LicenceGroupPage;
         tagsPage: TagsPage;
+        vulnerabilitiesPage: VulnerabilitiesPage;
     }>({
     administrationPage: async ({ page }, use) => {
         await use(new AdministrationPage(page));
@@ -126,6 +135,9 @@ export const test = base.extend<
     tagsPage: async ({ page }, use) => {
         await use(new TagsPage(page));
     },
+    vulnerabilitiesPage: async ({ page }, use) => {
+        await use(new VulnerabilitiesPage(page));
+    },
 });
 
 // export changes

e2e/playwright-tests/page-objects/notification-toast.pom.ts

@@ -106,4 +106,10 @@ export class NotificationToast {
         await expect(this.errorToast).toContainText(/Unauthorized \(401\)/i);
         await this.errorToast.click();
     }
+
+    async verifySuccessfulVulnerabilityCreatedToast() {
+        await expect(this.successToast).toBeVisible();
+        await expect(this.successToast).toContainText(getValue("message", "vulnerability_created"));
+        await this.successToast.click();
+    }
 }

e2e/playwright-tests/page-objects/project.pom.ts

@@ -59,9 +59,11 @@ export class ProjectPage extends ProjectModal {
 
     async clickOnCreateProject() {
         await this.createProjectButton.click();
+        await expect(this.modalContent).toBeVisible();
     }
 
     async createProject(projectName: string, projectClassifier: string, version?: string, isLastVersion?: boolean, team?: string, parent?: string, description?: string, tag?: string) {
+        await expect(this.modalContent).toBeVisible();
         await this.projectNameInput.fill(projectName);
         await this.projectClassifierSelect.selectOption(projectClassifier);
 

e2e/playwright-tests/page-objects/tags.pom.ts

@@ -2,17 +2,28 @@ import {Page, Locator } from '@playwright/test';
 
 export class TagsPage {
     page: Page;
-    tagsTableView: Locator;
     toolbar: Locator;
-    tagsList: Locator;
+    searchFieldInput: Locator;
     deleteButton: Locator;
+    tagsList: Locator;
 
     constructor(page: Page) {
         this.page = page;
-        this.tagsTableView = page.locator('.container-fluid');
-        this.toolbar = this.tagsTableView.locator('.fixed-table-toolbar');
-        this.tagsList = this.tagsTableView.locator('tbody');
-        this.deleteButton = this.tagsTableView.locator('.fa-trash');
+        this.toolbar = page.locator('.fixed-table-toolbar');
+
+        this.deleteButton = this.toolbar.locator('.fa-trash');
+        this.searchFieldInput = this.toolbar.locator('.search-input');
+
+        this.tagsList = page.locator('tbody');
     }
 
+    async fillSearchFieldInput(search: string) {
+        await this.searchFieldInput.clear();
+        await this.searchFieldInput.pressSequentially(search);
+        await this.page.waitForTimeout(1000);
+    }
+
+    async ClearSearchFieldInput() {
+        await this.searchFieldInput.clear();
+    }
 }

e2e/playwright-tests/page-objects/vulnerabilities.pom.ts

@@ -0,0 +1,111 @@
+import {Page, Locator, expect} from '@playwright/test';
+import { getValue } from "../utilities/utils";
+
+export class VulnerabilityModal {
+    page: Page;
+    modalContent: Locator;
+    tabPanel: Locator;
+
+    modalTab: Record<string, Locator>;
+
+    vulnerabilityIdInput: Locator;
+    titleInput: Locator;
+    severitySelect: Locator;
+    cvssSeveritySelect: Locator;
+    owaspRiskRatingSeveritySelect: Locator;
+    cweButton: Locator;
+    descriptionField: Locator;
+
+    closeButton: Locator;
+    createButton: Locator;
+
+    constructor(page: Page) {
+        this.modalContent = page.locator('.modal-content');
+        this.tabPanel = this.modalContent.locator('.tab-pane.active');
+
+        this.modalTab = {
+            generalTab: this.tabPanel.getByRole('tab', { name: getValue("message", "general") }),
+            extendedTab: this.tabPanel.getByRole('tab', { name: getValue("message", "extended") }),
+            cvssV2Tab: this.tabPanel.getByRole('tab', { name: getValue("message", "cvss_v2") }),
+            cvssV3Tab: this.tabPanel.getByRole('tab', { name: getValue("message", "cvss_v3") }),
+            owaspRiskRatingTab: this.tabPanel.getByRole('tab', { name: getValue("message", "owasp_rr") }),
+            affectedComponentsTab: this.tabPanel.getByRole('tab', { name: getValue("message", "affected_components") }),
+            datesTab: this.tabPanel.getByRole('tab', { name: getValue("message", "dates") })
+        };
+
+        this.vulnerabilityIdInput = this.tabPanel.locator('#vulnerability-id-input-input');
+        this.titleInput = this.tabPanel.locator('#vulnerability-title-input-input');
+        this.severitySelect = this.tabPanel.locator('#undefined-input').nth(0);
+        this.cvssSeveritySelect = this.tabPanel.locator('#undefined-input').nth(1);
+        this.owaspRiskRatingSeveritySelect = this.tabPanel.locator('#undefined-input').nth(2);
+        this.cweButton = this.tabPanel.locator('.fa-plus-square');
+        this.descriptionField = this.tabPanel.locator('#vulnerability-description-description');
+
+        this.closeButton = this.tabPanel.getByRole('button', { name: getValue("message", "close") });
+        this.createButton = this.tabPanel.getByRole('button', { name: getValue("message", "create") });
+    }
+
+    async clickOnTab(tabName: string) {
+        const tab = this.modalTab[tabName];
+        if (!tab) {
+            throw new Error(`Tab '${tabName}' does not exist.`);
+        }
+        await tab.click();
+        await this.page.waitForTimeout(1000);
+        await expect(tab).toHaveClass(/active/);
+    }
+
+    async createVulnerability(vulnerabilityId: string, severity: string, cvssSeverity?: string, owaspRiskRating?: string, cwe?: string, decription?: string) {
+        await expect(this.modalContent).toBeVisible();
+        await this.vulnerabilityIdInput.fill(vulnerabilityId);
+        await this.severitySelect.selectOption(severity);
+
+        if(cvssSeverity) {
+            await this.cvssSeveritySelect.selectOption(cvssSeverity);
+        }
+        if(owaspRiskRating) {
+            await this.owaspRiskRatingSeveritySelect.selectOption(owaspRiskRating);
+        }
+        if(cwe) {
+            await this.cweButton.click();
+            const cweModal = this.page.locator('#selectCweModal___BV_modal_content_');
+            await cweModal.locator('.search-input').pressSequentially(cwe);
+            await this.page.waitForTimeout(1000);
+            await cweModal.locator('tbody').locator('.bs-checkbox ').getByRole('checkbox').check();
+            await cweModal.locator('.btn-primary').click();
+        }
+        if(decription) {
+            await this.descriptionField.fill(decription);
+        }
+        await this.createButton.click();
+    }
+}
+
+export class VulnerabilitiesPage extends VulnerabilityModal {
+    page: Page;
+    toolbar: Locator;
+    createVulnerabilityButton: Locator;
+    searchFieldInput: Locator;
+
+    constructor(page: Page) {
+        super(page);
+
+        this.page = page;
+        this.toolbar = page.locator('.fixed-table-toolbar');
+        this.createVulnerabilityButton = this.toolbar.getByRole('button', { name: getValue("message", "create_vulnerability") });
+    }
+
+    async fillSearchFieldInput(search: string) {
+        await this.searchFieldInput.clear();
+        await this.searchFieldInput.pressSequentially(search);
+        await this.page.waitForTimeout(1000);
+    }
+
+    async ClearSearchFieldInput() {
+        await this.searchFieldInput.clear();
+    }
+
+    async clickOnCreateVulnerability() {
+        await this.createVulnerabilityButton.click();
+    }
+}

e2e/playwright-tests/steps/vulnerabilities.steps.ts

@@ -0,0 +1,10 @@
+import { Then } from '../fixtures/fixtures';
+import {expect} from "@playwright/test";
+
+Then('the create-vulnerability button should not be visible', async ({ vulnerabilitiesPage }) => {
+    await expect(vulnerabilitiesPage.createVulnerabilityButton).not.toBeVisible();
+});
+
+Then('the create-vulnerability button should be visible', async ({ vulnerabilitiesPage }) => {
+    await expect(vulnerabilitiesPage.createVulnerabilityButton).toBeVisible();
+});