Skip to content

Plugin E2E: Interact with Grafana http api on behalf of logged in user #965

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Jun 24, 2024
Merged

Plugin E2E: Interact with Grafana http api on behalf of logged in user #965

merged 7 commits into from
Jun 24, 2024

Conversation

sunker
Copy link
Contributor

@sunker sunker commented Jun 18, 2024
edited
Loading

What this PR does / why we need it:

If a plugin has implemented RBAC, it may be necessary to run different tests suites for different user roles. Plugin-e2e offers a declarative way to create new users with a role in a setup project. In the following example, a new users with Viewer role is created in the setup project, and all tests in the run-tests-for-viewer project starts already authenticated as that user.

//playwright.config.ts
projects: [
      {
        name: 'createViewerUserAndAuthenticate',
        testDir: pluginE2eAuth,
        testMatch: [/.*auth\.setup\.ts/],
        use: {
          user: {
            user: 'viewer',
            password: 'password',
            role: 'Viewer',
          },
        },
      },
      {
        name: 'run-tests-for-viewer',
        testDir: './tests/viewer',
        use: {
          ...devices['Desktop Chrome'],
          // @grafana/plugin-e2e writes the auth state to this file,
          // the path should not be modified
          storageState: 'playwright/.auth/viewer.json',
        },
        dependencies: ['createViewerUserAndAuthenticate'],
      },
  ]

It's important to keep in mind that two different users (or credentials) are in play here. First, it's the credentials used to call the Grafana Http API to create the new user. These credentials requires elevated permissions. Secondly, it's the user being used to run the tests, which in this case has restricted permissions (viewer role).

Until now, the admin user used to interact with the Grafana http api has been using basic auth. This is not ideal since basic auth is disabled for scaffolded plugins. This PR changes that so that any interaction with the Grafana http api is done on behalf of a logged in user. Additionally, I've refactored the code so that all interactions with the Grafana api is encapsulated in a GrafanaAPIClient file. This helps separating the two concepts.

Which issue(s) this PR fixes:

Fixes ##968

Special notes for your reviewer:

📦 Published PR as canary version: Canary Versions

✨ Test out this PR locally via:

npm install @grafana/[email protected]
npm install @grafana/[email protected]
# or 
yarn add @grafana/[email protected]
yarn add @grafana/[email protected]

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 18, 2024
edited
Loading

Hello! 👋 This repository uses Auto for releasing packages using PR labels.

✨ This PR can be merged and will trigger a new minor release.
NOTE: When merging a PR with the release label please avoid merging another PR. For further information see here.

@sunker sunker added minor Increment the minor version when merged release Create a release when this pr is merged labels Jun 18, 2024
@sunker sunker requested review from mckn and Ukochka June 19, 2024 14:50
@sunker sunker marked this pull request as ready for review June 19, 2024 14:50
@sunker sunker requested a review from a team as a code owner June 19, 2024 14:50
@sunker sunker changed the title Plugin E2E: Introduce admin api client fixture Plugin E2E: Interact with Grafana http api on behalf of logged in user Jun 19, 2024
@sunker sunker mentioned this pull request Jun 20, 2024
Merged
Ukochka
Ukochka approved these changes Jun 20, 2024
View reviewed changes
Copy link
Contributor

@Ukochka Ukochka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@sunker sunker merged commit 85d81fc into main Jun 24, 2024
@sunker sunker deleted the plugin-e2e/admin-api-client branch June 24, 2024 06:17
@grafana-plugins-platform-bot
Copy link
Contributor

🚀 PR was released in @grafana/[email protected], @grafana/[email protected] 🚀

@grafana-plugins-platform-bot grafana-plugins-platform-bot bot added the released This issue/pull request has been released. label Jun 24, 2024
@sunker sunker mentioned this pull request Jun 25, 2024
Closed
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ukochka Ukochka Ukochka approved these changes

@mckn mckn Awaiting requested review from mckn

Assignees
No one assigned
Labels
minor Increment the minor version when merged release Create a release when this pr is merged released This issue/pull request has been released.
Projects
Plugins Platform / Grafana Community
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sunker @Ukochka