chore(rbac): migrate RBAC plugin tests from RHDH

Signed-off-by: Patrick Knight <pknight@redhat.com>

Author: PatAKnight

workspaces/rbac/e2e-tests/.yarnrc.yml

@@ -0,0 +1 @@
+nodeLinker: node-modules

workspaces/rbac/e2e-tests/eslint.config.js

@@ -0,0 +1,3 @@
+import { createEslintConfig } from "@red-hat-developer-hub/e2e-test-utils/eslint";
+
+export default createEslintConfig(import.meta.dirname);

workspaces/rbac/e2e-tests/package.json

@@ -0,0 +1,38 @@
+{
+  "name": "rbac-e2e-tests",
+  "version": "1.0.0",
+  "private": true,
+  "type": "module",
+  "engines": {
+    "node": ">=22",
+    "yarn": ">=3"
+  },
+  "packageManager": "yarn@3.8.7",
+  "description": "E2E tests for RBAC",
+  "scripts": {
+    "test": "playwright test",
+    "report": "playwright show-report",
+    "test:ui": "playwright test --ui",
+    "test:headed": "playwright test --headed",
+    "lint:check": "eslint .",
+    "lint:fix": "eslint . --fix",
+    "prettier:check": "prettier --check .",
+    "prettier:fix": "prettier --write .",
+    "tsc:check": "tsc --noEmit",
+    "check": "tsc --noEmit && yarn lint:check && yarn prettier:check"
+  },
+  "devDependencies": {
+    "@backstage-community/plugin-rbac-common": "1.23.0",
+    "@eslint/js": "^9.39.2",
+    "@playwright/test": "1.57.0",
+    "@red-hat-developer-hub/e2e-test-utils": "1.1.10",
+    "@types/node": "^24.10.1",
+    "dotenv": "^16.4.7",
+    "eslint": "^9.39.2",
+    "eslint-plugin-check-file": "^3.3.1",
+    "eslint-plugin-playwright": "^2.4.0",
+    "prettier": "^3.7.4",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.50.0"
+  }
+}

workspaces/rbac/e2e-tests/playwright.config.ts

@@ -0,0 +1,12 @@
+import { defineConfig } from "@red-hat-developer-hub/e2e-test-utils/playwright-config";
+import dotenv from "dotenv";
+
+dotenv.config({ path: `${import.meta.dirname}/.env` });
+
+export default defineConfig({
+  projects: [
+    {
+      name: "rbac",
+    },
+  ],
+});

workspaces/rbac/e2e-tests/support/api/rbac-api-structure.ts

@@ -0,0 +1,11 @@
+export interface Policy {
+  entityReference: string;
+  permission: string;
+  policy: string;
+  effect: string;
+}
+
+export interface Role {
+  memberReferences: string[];
+  name: string;
+}

workspaces/rbac/e2e-tests/support/api/rbac-api.ts

@@ -0,0 +1,77 @@
+import { APIRequestContext, APIResponse, request } from "@playwright/test";
+import { Policy } from "./rbac-api-structure";
+
+export default class RhdhRbacApi {
+  private readonly apiUrl = process.env.baseURL + "/api/permission/";
+  private readonly authHeader: {
+    // eslint-disable-next-line @typescript-eslint/naming-convention
+    Accept: "application/json";
+    // eslint-disable-next-line @typescript-eslint/naming-convention
+    Authorization: string;
+  };
+  private myContext!: APIRequestContext;
+
+  private constructor(private readonly token: string) {
+    this.authHeader = {
+      Accept: "application/json",
+      Authorization: `Bearer ${this.token}`,
+    };
+  }
+
+  public static async build(token: string): Promise<RhdhRbacApi> {
+    const instance = new RhdhRbacApi(token);
+    instance.myContext = await request.newContext({
+      baseURL: instance.apiUrl,
+      extraHTTPHeaders: instance.authHeader,
+    });
+    return instance;
+  }
+
+  // Used during the afterAll to ensure we clean up any roles that are left over due to failing tests
+  public async deleteRole(role: string): Promise<APIResponse> {
+    return await this.myContext.delete(`roles/role/default/${role}`);
+  }
+
+  // Used during the afterAll to ensure we clean up any policies that are left over due to failing tests
+  public async getPoliciesByRole(policy: string): Promise<APIResponse> {
+    return await this.myContext.get(`policies/role/default/${policy}`);
+  }
+
+  // Used during the afterAll to ensure we clean up any policies that are left over due to failing tests
+  public async deletePolicy(policy: string, policies: Policy[]) {
+    return await this.myContext.delete(`policies/role/default/${policy}`, {
+      data: policies,
+    });
+  }
+}
+
+export class Response {
+  static async removeMetadataFromResponse(
+    response: APIResponse,
+  ): Promise<unknown[]> {
+    try {
+      const responseJson = await response.json();
+
+      // Validate that the response is an array
+      if (!Array.isArray(responseJson)) {
+        console.warn(
+          `Expected an array but received: ${JSON.stringify(responseJson)}`,
+        );
+        return []; // Return an empty array as a fallback
+      }
+
+      // Clean metadata from the response
+      const responseClean = responseJson.map((item: { metadata: unknown }) => {
+        if (item.metadata) {
+          delete item.metadata;
+        }
+        return item;
+      });
+
+      return responseClean;
+    } catch (error) {
+      console.error("Error processing API response:", error);
+      throw new Error("Failed to process the API response");
+    }
+  }
+}

workspaces/rbac/e2e-tests/support/api/rhdh-auth-api-hack.ts

@@ -0,0 +1,38 @@
+import { Page } from "@red-hat-developer-hub/e2e-test-utils/test";
+
+// here, we spy on the request to get the Backstage token to use APIs
+export class RhdhAuthApiHack {
+  static async getToken(
+    page: Page,
+    provider: "oidc" = "oidc",
+    environment: string = "production",
+  ) {
+    try {
+      const response = await page.request.get(
+        `/api/auth/${provider}/refresh?optional=&scope=&env=${environment}`,
+        {
+          headers: {
+            // eslint-disable-next-line @typescript-eslint/naming-convention
+            "x-requested-with": "XMLHttpRequest",
+          },
+        },
+      );
+
+      if (!response.ok()) {
+        throw new Error(`HTTP error! Status: ${response.status()}`);
+      }
+
+      const body = await response.json();
+
+      if (typeof body?.backstageIdentity?.token === "string") {
+        return body.backstageIdentity.token;
+      } else {
+        throw new TypeError("Token not found in response body");
+      }
+    } catch (error) {
+      console.error("Failed to retrieve the token:", error);
+
+      throw error;
+    }
+  }
+}

workspaces/rbac/e2e-tests/support/pages/rbac-obj.ts

@@ -0,0 +1,118 @@
+import { Locator, Page } from "@playwright/test";
+
+/**
+ * ROLES_PAGE_COMPONENTS - Roles list page: edit and delete buttons
+ */
+export const ROLES_PAGE_COMPONENTS = {
+  getEditRoleButton: (page: Page, name: string): Locator =>
+    page.getByTestId(`edit-role-${name}`),
+
+  getDeleteRoleButton: (page: Page, name: string): Locator =>
+    page.getByTestId(`delete-role-${name}`),
+
+  getFilterInput: (page: Page): Locator => page.getByPlaceholder("Filter"),
+};
+
+/**
+ * DELETE_ROLE_COMPONENTS - Delete role confirmation dialog
+ */
+export const DELETE_ROLE_COMPONENTS = {
+  getRoleNameInput: (page: Page): Locator =>
+    page.locator('input[name="delete-role"]'),
+};
+
+/**
+ * ROLE_OVERVIEW_COMPONENTS - Role overview page action buttons
+ */
+export const ROLE_OVERVIEW_COMPONENTS = {
+  getUpdatePoliciesButton: (page: Page): Locator =>
+    page.getByTestId("update-policies"),
+
+  getUpdateMembersButton: (page: Page): Locator =>
+    page.getByTestId("update-members"),
+};
+
+/**
+ * ROLE_FORM_COMPONENTS - Role creation / edit form fields
+ */
+export const ROLE_FORM_COMPONENTS = {
+  getRoleNameInput: (page: Page): Locator => page.locator('input[name="name"]'),
+
+  getRoleOwnerInput: (page: Page): Locator =>
+    page.locator('textarea[name="owner"]'),
+
+  getUsersAndGroupsField: (page: Page): Locator =>
+    page.locator('input[name="add-users-and-groups"]'),
+
+  getMemberOption: (page: Page, label: string): Locator =>
+    page.locator(`span[data-testid="${label}"]`),
+
+  getDropdownToggle: (page: Page): Locator =>
+    page.getByTestId("ArrowDropDownIcon"),
+
+  getSelectPluginsCombobox: (page: Page): Locator =>
+    page.getByRole("combobox", { name: "Select plugins" }),
+
+  getExpandCatalogRow: (page: Page): Locator =>
+    page.getByTestId("expand-row-catalog"),
+
+  getNextButton2: (page: Page): Locator =>
+    page.getByTestId("nextButton-2").first(),
+
+  getPermissionsSelectPlaceholder: (page: Page): Locator =>
+    page.getByText("Select..."),
+};
+
+/**
+ * CONDITIONAL_RULE_COMPONENTS - Conditions sidebar and rule builder
+ */
+export const CONDITIONAL_RULE_COMPONENTS = {
+  getRulesSidebar: (page: Page): Locator => page.getByTestId("rules-sidebar"),
+
+  getSaveConditionsButton: (page: Page): Locator =>
+    page.getByTestId("save-conditions"),
+
+  getAnyOfButton: (page: Page): Locator =>
+    page.getByRole("button", { name: "AnyOf" }),
+
+  getNotButton: (page: Page): Locator =>
+    page.getByRole("button", { name: "Not" }),
+
+  getAddRuleButton: (page: Page): Locator =>
+    page.getByRole("button", { name: "Add rule" }),
+
+  getAddNestedConditionButton: (page: Page): Locator =>
+    page.getByRole("button", { name: "Add Nested Condition" }),
+
+  getHasSpecButton: (page: Page): Locator => page.getByText("HAS_SPEC"),
+
+  getHasAnnotationButton: (page: Page): Locator =>
+    page.getByText("HAS_ANNOTATION"),
+
+  getHasLabelButton: (page: Page): Locator => page.getByText("HAS_LABEL"),
+
+  getIsEntityKindButton: (page: Page): Locator =>
+    page.getByText("IS_ENTITY_KIND"),
+
+  getIsOwnerButton: (page: Page): Locator => page.getByText("IS_OWNER"),
+
+  getKeyInput: (page: Page): Locator => page.getByLabel("key *"),
+
+  getAnnotationInput: (page: Page): Locator => page.getByLabel("annotation *"),
+
+  getLabelInput: (page: Page): Locator => page.getByLabel("label *"),
+
+  getRuleBadge: (page: Page, count: string): Locator =>
+    page.locator('span[class*="MuiBadge-badge"]').filter({ hasText: count }),
+};
+
+/**
+ * SEARCH_COMPONENTS - Search inputs on the roles list page
+ */
+export const SEARCH_COMPONENTS = {
+  getAriaLabelSearchInput: (page: Page): Locator =>
+    page.locator('input[aria-label="Search"]'),
+
+  getPlaceholderSearchInput: (page: Page): Locator =>
+    page.locator('input[placeholder="Search"]'),
+};