add tests

frontend/e2e/helpers.cafe.ts

@@ -35,6 +35,24 @@ export const waitForElementVisible = async (selector: string) => {
     .ok(`waitForElementVisible(${selector})`, { timeout: LONG_TIMEOUT })
 }
 
+export const waitForElementNotClickable = async (selector: string) => {
+  logUsingLastSection(`Waiting element visible ${selector}`)
+  await t
+    .expect(Selector(selector).visible)
+    .ok(`waitForElementVisible(${selector})`, { timeout: LONG_TIMEOUT })
+  await t
+      .expect(Selector(selector).hasAttribute('disabled')).ok()
+}
+
+export const waitForElementClickable = async (selector: string) => {
+  logUsingLastSection(`Waiting element visible ${selector}`)
+  await t
+    .expect(Selector(selector).visible)
+    .ok(`waitForElementVisible(${selector})`, { timeout: LONG_TIMEOUT })
+  await t
+      .expect(Selector(selector).hasAttribute('disabled')).notOk()
+}
+
 export const logResults = async (requests: LoggedRequest[], t) => {
   if (!t.testRun?.errs?.length) {
     log('Finished without errors')
@@ -88,6 +106,16 @@ export const click = async (selector: string) => {
     .click(selector)
 }
 
+export const clickByText = async (text:string) => {
+  const selector = Selector('button').withText(text);
+  await t
+      .scrollIntoView(selector)
+      .expect(Selector(selector).hasAttribute('disabled'))
+      .notOk('ready for testing', { timeout: 5000 })
+      .hover(selector)
+      .click(selector)
+}
+
 export const gotoSegments = async () => {
   await click('#segments-link')
 }

frontend/e2e/init.cafe.js

@@ -134,15 +134,15 @@ test('Organisation-permission', async () => {
   await logout()
 })
 
-test('Project-permission', async () => {
-  await projectPermissionTest()
-  await logout()
-})
-
-test('Environment-permission', async () => {
-  await environmentPermissionTest()
-  await logout()
-})
+// test('Project-permission', async () => {
+//   await projectPermissionTest()
+//   await logout()
+// })
+//
+// test('Environment-permission', async () => {
+//   await environmentPermissionTest()
+//   await logout()
+// })
 
 // test('Roles', async () => {
 //   await rolesTest()

frontend/e2e/tests/organisation-permission-test.ts

@@ -1,13 +1,17 @@
 import {
   byId,
-  click,
+  click, clickByText,
   closeModal,
   log,
-  login,
-  setText,
+  login, logout,
+  setText, waitForElementClickable, waitForElementNotClickable,
   waitForElementVisible,
-} from '../helpers.cafe'
-import { PASSWORD, E2E_NON_ADMIN_USER_WITH_ORG_PERMISSIONS } from '../config'
+} from '../helpers.cafe';
+import {
+  PASSWORD,
+  E2E_NON_ADMIN_USER_WITH_ORG_PERMISSIONS,
+  E2E_NON_ADMIN_USER_WITH_PROJECT_PERMISSIONS,
+} from '../config';
 import { Selector, t } from 'testcafe'
 
 export default async function () {
@@ -19,34 +23,18 @@ export default async function () {
     .expect(Selector('#project-select-0').exists)
     .notOk('The element"#project-select-0" should not be present')
   log('User with permissions can Create a Project')
-  await click('.btn-project-create')
-  await setText(byId('projectName'), projectName)
-  await click(byId('create-project-btn'))
-  log('User without permissions cannot updata the Project Settings')
-  await waitForElementVisible(byId('features-page'))
-  await t
-    .expect(Selector('#project-settings-link').exists)
-    .notOk('The element #project-settings-link should not be present')
-  log('User with permissions can see the Permissions')
-  await click(byId('org-settings-link'))
+  await waitForElementClickable( byId('create-first-project-btn'))
+
+  log('User can manage groups')
   await click(byId('users-and-permissions'))
-  await click(byId('user-0'))
-  await t
-    .expect(Selector('#no-organisation-permissions').exists)
-    .notOk('The element #no-organisation-permissions should not be present')
-  await click(byId('project-permissions-tab'))
-  await waitForElementVisible(byId('permissions-list-item-project-0'))
-  await click(byId('permissions-list-item-project-0'))
-  await waitForElementVisible(byId('admin-switch-project'))
-  await Selector(byId('admin-switch-project')).hasClass('rc-switch-checked')
-  await click(byId('environment-permissions-tab'))
-  log('User with permissions can see any group')
-  await closeModal()
-  await waitForElementVisible(byId('tab-item-groups'))
-  await click(byId('tab-item-groups'))
-  await waitForElementVisible(byId('user-item-0'))
-  await click(byId('user-item-0'))
-  await click(byId('add-user-select'))
-  await click(byId('add-user-select-option-1'))
-  await click(byId('update-group-btn'))
+  await clickByText('Groups')
+  await waitForElementClickable("#btn-invite-groups")
+
+  log('Login as project user')
+  await logout(t)
+  await login(E2E_NON_ADMIN_USER_WITH_PROJECT_PERMISSIONS, PASSWORD)
+  log('User cannot manage users or groups')
+  await click(byId('users-and-permissions'))
+  await clickByText('Groups')
+  await waitForElementNotClickable("#btn-invite-groups")
 }

frontend/web/components/pages/UsersAndPermissionsPage.tsx

@@ -38,6 +38,7 @@ import Icon from 'components/Icon'
 import RolesTable from 'components/RolesTable'
 import UsersGroups from 'components/UsersGroups'
 import PlanBasedBanner, { getPlanBasedOption } from 'components/PlanBasedAccess'
+import { useHasPermission } from 'common/providers/Permission'
 
 type UsersAndPermissionsPageType = {
   router: RouterChildContext['router']
@@ -68,15 +69,22 @@ const UsersAndPermissionsInner: FC<UsersAndPermissionsInnerType> = ({
   subscriptionMeta,
   users,
 }) => {
-  const orgId = AccountStore.getOrganisation().id
 
   const paymentsEnabled = Utils.getFlagsmithHasFeature('payments_enabled')
   const verifySeatsLimit = Utils.getFlagsmithHasFeature(
     'verify_seats_limit_for_invite_links',
   )
-  const permissionsError = !(
-    AccountStore.getUser() && AccountStore.getOrganisationRole() === 'ADMIN'
-  )
+  const manageUsersPermission = useHasPermission({
+    id: AccountStore.getOrganisation()?.id,
+    level: 'organisation',
+    permission: 'MANAGE_USERS',
+  })
+  const manageGroupsPermission = useHasPermission({
+    id: AccountStore.getOrganisation()?.id,
+    level: 'organisation',
+    permission: 'MANAGE_USER_GROUPS',
+  })
+
   const roleChanged = (id: number, { value: role }: { value: string }) => {
     AppActions.updateUserRole(id, role)
   }
@@ -222,11 +230,12 @@ const UsersAndPermissionsInner: FC<UsersAndPermissionsInnerType> = ({
                       <Row space className='mt-4'>
                         <h5 className='mb-0'>Team Members</h5>
                         {Utils.renderWithPermission(
-                          !permissionsError,
+                          !manageUsersPermission.permission,
                           Constants.organisationPermissions('Admin'),
                           <Button
                             disabled={
-                              needsUpgradeForAdditionalSeats || permissionsError
+                              needsUpgradeForAdditionalSeats ||
+                              !manageUsersPermission.permission
                             }
                             id='btn-invite'
                             onClick={() =>
@@ -712,11 +721,13 @@ const UsersAndPermissionsInner: FC<UsersAndPermissionsInnerType> = ({
                         <Row space className='mt-4 mb-1'>
                           <h5 className='mb-0'>User Groups</h5>
                           {Utils.renderWithPermission(
-                            !permissionsError,
-                            Constants.organisationPermissions('Admin'),
+                            !manageGroupsPermission.permission,
+                            Constants.organisationPermissions(
+                              'Manage User Groups',
+                            ),
                             <Button
-                              id='btn-invite'
-                              disabled={permissionsError}
+                              id='btn-invite-groups'
+                              disabled={!manageGroupsPermission.permission}
                               onClick={() =>
                                 openModal(
                                   'Create Group',