test: Non admin members cannot create team in org (#11525)

Co-authored-by: Peer Richelsen <peeroke@gmail.com>
2023-10-16 14:36:08 +05:30 · 2023-10-16 14:36:08 +05:30 · bab72a5d2e
parent e4011b4a23
commit bab72a5d2e
4 changed files with 53 additions and 1 deletions
--- a/apps/web/pages/teams/index.tsx
+++ b/apps/web/pages/teams/index.tsx
@ -26,6 +26,7 @@ function Teams() {
      CTA={
        (!user.organizationId || user.organization.isOrgAdmin) && (
          <Button
+            data-testid="new-team-btn"
            variant="fab"
            StartIcon={Plus}
            type="button"
--- a/apps/web/playwright/fixtures/users.ts
+++ b/apps/web/playwright/fixtures/users.ts
@ -7,6 +7,7 @@ import type { API } from "mailhog";
 import dayjs from "@calcom/dayjs";
 import stripe from "@calcom/features/ee/payments/server/stripe";
 import { DEFAULT_SCHEDULE, getAvailabilityFromSchedule } from "@calcom/lib/availability";
+import { WEBAPP_URL } from "@calcom/lib/constants";
 import { prisma } from "@calcom/prisma";
 import { MembershipRole, SchedulingType } from "@calcom/prisma/enums";

@ -288,6 +289,7 @@ export const createUsersFixture = (page: Page, emails: API | undefined, workerIn
        const teamEvent = await createTeamEventType(user, team, scenario);
        if (scenario.teammates) {
          // Create Teammate users
+          const teamMatesIds = [];
          for (const teammateObj of scenario.teammates) {
            const teamUser = await prisma.user.create({
              data: createUser(workerInfo, teammateObj),
@ -319,8 +321,22 @@ export const createUsersFixture = (page: Page, emails: API | undefined, workerIn
              }),
              store.page
            );
+            teamMatesIds.push(teamUser.id);
            store.users.push(teammateFixture);
          }
+          // Add Teammates to OrgUsers
+          if (scenario.isOrg) {
+            await prisma.team.update({
+              where: {
+                id: team.id,
+              },
+              data: {
+                orgUsers: {
+                  connect: teamMatesIds.map((userId) => ({ id: userId })).concat([{ id: user.id }]),
+                },
+              },
+            });
+          }
        }
      }
      const userFixture = createUserFixture(user, store.page);
@ -543,7 +559,7 @@ export async function apiLogin(
  const data = {
    email: user.email ?? `${user.username}@example.com`,
    password: user.password ?? user.username,
-    callbackURL: "http://localhost:3000/",
+    callbackURL: WEBAPP_URL,
    redirect: "false",
    json: "true",
    csrfToken,
--- a/apps/web/playwright/teams.e2e.ts
+++ b/apps/web/playwright/teams.e2e.ts
@ -135,6 +135,40 @@ test.describe("Teams", () => {
    expect(teamMatesObj.some(({ name }) => name === chosenUser)).toBe(true);
    // TODO: Assert whether the user received an email
  });
+  test("Non admin team members cannot create team in org", async ({ page, users }) => {
+    const teamMateName = "teammate-1";
+
+    const owner = await users.create(undefined, {
+      hasTeam: true,
+      isOrg: true,
+      teammates: [{ name: teamMateName }],
+    });
+
+    const allUsers = await users.get();
+    const memberUser = allUsers.find((user) => user.name === teamMateName);
+
+    // eslint-disable-next-line playwright/no-conditional-in-test
+    if (memberUser) {
+      await memberUser.apiLogin();
+
+      await page.goto("/teams");
+      await expect(page.locator("[data-testid=new-team-btn]")).toBeHidden();
+      await expect(page.locator("[data-testid=create-team-btn]")).toHaveAttribute("disabled", "");
+
+      const uniqueName = "test-unique-team-name";
+
+      // Go directly to the create team page
+      await page.goto("/settings/teams/new");
+      // Fill input[name="name"]
+      await page.locator('input[name="name"]').fill(uniqueName);
+      await page.locator("text=Continue").click();
+      await expect(page.locator("[data-testid=alert]")).toBeVisible();
+
+      // cleanup
+      const org = await owner.getOrg();
+      await prisma.team.delete({ where: { id: org.teamId } });
+    }
+  });
  test("Can create team with same name as user", async ({ page, users }) => {
    // Name to be used for both user and team
    const uniqueName = "test-unique-name";
--- a/packages/features/ee/teams/components/TeamsListing.tsx
+++ b/packages/features/ee/teams/components/TeamsListing.tsx
@ -133,6 +133,7 @@ export function TeamsListing() {
            buttonRaw={
              <Button
                color="secondary"
+                data-testid="create-team-btn"
                disabled={!!isCreateTeamButtonDisabled}
                tooltip={
                  isCreateTeamButtonDisabled ? t("org_admins_can_create_new_teams") : t("create_new_team")