Add negative test for dashboard RBAC on Model Registry #2039
Conversation
Signed-off-by: lugi0 <[email protected]>
lugi0
added
new test
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
ods_ci/tests/Resources/Page/ModelRegistry/ModelRegistry.resource
Dismissed
Show dismissed
Hide dismissed
Robot Results
|
|
Verified in rhoai-test-flow/1567 |
lugi0
added
verified
| Launch Dashboard ${TEST_USER_3.USERNAME} ${TEST_USER_3.PASSWORD} ${TEST_USER_3.AUTH_TYPE} | ||
| ... ${ODH_DASHBOARD_URL} ${BROWSER.NAME} ${BROWSER.OPTIONS} | ||
| Open Model Registry Dashboard Page allowed_user=${FALSE} | ||
| SeleniumLibrary.Page Should Contain Request access to model registries |
There was a problem hiding this comment.
There was a problem hiding this comment.
It is, but I wanted to surface it as an explicit step in this TC just for clarity when going through the logs
There was a problem hiding this comment.
hm okay, although the step will not run in case of unallowed user cos it would fail in the previous keyword.
Maybe an alternative approach would be to split the permission check from the keyword to open the Registry UI page.
Example
Open Model Registry Dashboard Page
User Should Not Be Allowed
There was a problem hiding this comment.
I think it makes more sense to have it defined this way because if the user is allowed we need to refresh the page in case the permissions have not been reconciled yet, and so the keyword will still need to be passed some variable to define if the user is allowed or not.
Once you have that information in the keyword what makes the most sense IMHO is to have that logic defined in the keyword
|
…services#2039) Signed-off-by: lugi0 <[email protected]>
No description provided.