From c9708d09b9a5b844288f25478df575177452c753 Mon Sep 17 00:00:00 2001
From: Yang Jiao <yang.jiao@broadcom.com>
Date: Fri, 5 Jan 2024 09:23:24 +0000
Subject: [PATCH] Add quota permissions testcase

Signed-off-by: Yang Jiao <yang.jiao@broadcom.com>
---
 .../apitests/python/test_system_permission.py | 17 +++++++++---
 .../Harbor-Pages/Project_Robot_Account.robot  |  4 +--
 tests/robot-cases/Group1-Nightly/Common.robot | 26 +++++++++----------
 3 files changed, 28 insertions(+), 19 deletions(-)

diff --git a/tests/apitests/python/test_system_permission.py b/tests/apitests/python/test_system_permission.py
index 2fd23b69940..6db69686baa 100644
--- a/tests/apitests/python/test_system_permission.py
+++ b/tests/apitests/python/test_system_permission.py
@@ -19,7 +19,7 @@
 class Permission:
 
 
-    def __init__(self, url, method, expect_status_code, payload=None, res_id_field=None, payload_id_field=None, id_from_header=False):
+    def __init__(self, url, method, expect_status_code=None, payload=None, res_id_field=None, payload_id_field=None, id_from_header=False):
         self.url = url
         self.method = method
         self.expect_status_code = expect_status_code
@@ -33,7 +33,10 @@ def call(self):
         if ID_PLACEHOLDER in self.url:
             self.url = self.url.replace(ID_PLACEHOLDER, str(self.payload.get(self.payload_id_field)))
         response = requests.request(self.method, self.url, data=json.dumps(self.payload), verify=False, auth=(user_name, password), headers={"Content-Type": "application/json"})
-        assert response.status_code == self.expect_status_code, "Failed to call the {} {}, expected status code is {}, but got {}, error msg is {}".format(self.method, self.url, self.expect_status_code, response.status_code, response.text)
+        if self.expect_status_code == None:
+            assert response.status_code != 403, "Failed to call the {} {}, expected status code is not 403, but got {}, error msg is {}".format(self.method, self.url, response.status_code, response.text)
+        else:
+            assert response.status_code == self.expect_status_code, "Failed to call the {} {}, expected status code is {}, but got {}, error msg is {}".format(self.method, self.url, self.expect_status_code, response.status_code, response.text)
         if self.res_id_field and self.payload_id_field and self.id_from_header == False:
             self.payload[self.payload_id_field] = int(json.loads(response.text)[self.res_id_field])
         elif self.res_id_field and self.payload_id_field and self.id_from_header == True:
@@ -228,7 +231,7 @@ def call(self):
 }
 create_scan_all_schedule = Permission("{}/system/scanAll/schedule".format(harbor_base_url), "POST", 201, scan_all_weekly_schedule_payload)
 update_scan_all_schedule = Permission("{}/system/scanAll/schedule".format(harbor_base_url), "PUT", 200, scan_all_reset_schedule_payload)
-stop_scan_all = Permission("{}/system/scanAll/stop".format(harbor_base_url), "POST", 202)
+stop_scan_all = Permission("{}/system/scanAll/stop".format(harbor_base_url), "POST")
 scan_all_metrics = Permission("{}/scans/all/metrics".format(harbor_base_url), "GET", 200)
 scan_all_schedule_metrics = Permission("{}/scans/schedule/metrics".format(harbor_base_url), "GET", 200)
 # scan all permissions end
@@ -328,6 +331,11 @@ def call(self):
 update_purge_audit_schedule = Permission("{}/system/purgeaudit/schedule".format(harbor_base_url), "PUT", 200, purge_audit_payload)
 # purge-audit permissions end
 
+# quota permissions start
+list_quota = Permission("{}/quotas".format(harbor_base_url), "GET", 200)
+read_quota = Permission("{}/quotas/{}".format(harbor_base_url, "88888888"), "GET", 404)
+# quota permissions end
+
 
 resource_permissions = {
     "audit-log": [list_audit_logs],
@@ -345,7 +353,8 @@ def call(self):
     "security-hub": [read_summary, list_vul],
     "catalog": [read_catalog],
     "garbage-collection": [create_gc, list_gc, read_gc, stop_gc, read_gc_log, read_gc_schedule, update_gc_schedule],
-    "purge-audit": [create_purge_audit, list_purge_audit, read_purge_audit, stop_purge_audit, read_purge_audit_log, read_purge_audit_schedule, update_purge_audit_schedule]
+    "purge-audit": [create_purge_audit, list_purge_audit, read_purge_audit, stop_purge_audit, read_purge_audit_log, read_purge_audit_schedule, update_purge_audit_schedule],
+    "quota": [list_quota, read_quota]
 }
 resource_permissions["all"] = [item for sublist in resource_permissions.values() for item in sublist]
 
diff --git a/tests/resources/Harbor-Pages/Project_Robot_Account.robot b/tests/resources/Harbor-Pages/Project_Robot_Account.robot
index 4993310201a..cb30c083099 100644
--- a/tests/resources/Harbor-Pages/Project_Robot_Account.robot
+++ b/tests/resources/Harbor-Pages/Project_Robot_Account.robot
@@ -24,8 +24,8 @@ Create A Project Robot Account
     ${permission_count}=  Create Dictionary
     ${total}=  Set Variable  0
     IF  '${first_resource}' == 'all'
-        Set To Dictionary  ${permission_count}  all=55
-        ${total}=  Set Variable  55
+        Set To Dictionary  ${permission_count}  all=56
+        ${total}=  Set Variable  56
         Retry Element Click  //span[text()='Select all']
     ELSE
         FOR  ${item}  IN  @{resources}
diff --git a/tests/robot-cases/Group1-Nightly/Common.robot b/tests/robot-cases/Group1-Nightly/Common.robot
index 0cc537620ca..d6915db204c 100644
--- a/tests/robot-cases/Group1-Nightly/Common.robot
+++ b/tests/robot-cases/Group1-Nightly/Common.robot
@@ -636,12 +636,12 @@ Test Case - Project Level Robot Account
     Push image  ${ip}  robot1${d}  ${token}  project${d}  hello-world:latest  is_robot=${true}
     Pull image  ${ip}  robot1${d}  ${token}  project${d}  hello-world:latest  is_robot=${true}
     Check Project Robot Account Permission  robot1${d}  ${permission_count}
-    Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  project${d}  hello-world  latest  repository
-    Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all  1
+    Retry Action Keyword  Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  project${d}  hello-world  latest  repository
+    Retry Action Keyword  Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all  1
     ${resources}=  Create List  all
     ${robot_account_name}  ${token}  ${permission_count}=  Create A Project Robot Account  robot2${d}  days  days=10  description=For testing  resources=${resources}
-    Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  project${d}  hello-world  latest  all
-    Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all  1
+    Retry Action Keyword  Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  project${d}  hello-world  latest  all
+    Retry Action Keyword  Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all  1
     Close Browser
 
 Test Case - Push Docker Manifest Index and Display
@@ -721,9 +721,9 @@ Test Case - System Robot Account Cover All Projects
     ${robot_account_name}  ${token}=  Create A System Robot Account  sys${d}  never  description=For testing  cover_all_system_resources=${true}  cover_all_project_resources=${true}
     Push image  ${ip}  '${robot_account_name}'  ${token}  project${d}  hello-world:latest
     Pull image  ${ip}  '${robot_account_name}'  ${token}  project${d}  hello-world:latest
-    Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all
-    Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  ${project_name}  hello-world  latest  all
-    Retry Wait Element Visible  //clr-dg-row[.//clr-dg-cell[contains(.,'${robot_account_name}')] and .//clr-icon[contains(@class, 'color-green')] and .//button[text()=' 51 PERMISSION(S) '] and .//span[contains(.,'Never Expires')] and .//clr-dg-cell[text()='For testing'] ]
+    Retry Action Keyword  Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all
+    Retry Action Keyword  Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  ${project_name}  hello-world  latest  all
+    Retry Wait Element Visible  //clr-dg-row[.//clr-dg-cell[contains(.,'${robot_account_name}')] and .//clr-icon[contains(@class, 'color-green')] and .//button[text()=' 53 PERMISSION(S) '] and .//span[contains(.,'Never Expires')] and .//clr-dg-cell[text()='For testing'] ]
     System Robot Account Exist  ${robot_account_name}  all
     Close Browser
 
@@ -739,15 +739,15 @@ Test Case - System Robot Account
     ${project_id}=  Set Variable  ${words}[-2]
     Switch To Robot Account
     ${robot_account_name}  ${token}=  Create A System Robot Account  sys1${d}  days  days=100  description=For testing  cover_all_system_resources=${true}
-    Retry Wait Element Visible  //clr-dg-row[.//clr-dg-cell[contains(.,'${robot_account_name}')] and .//clr-icon[contains(@class, 'color-green')] and .//button[text()=' 51 PERMISSION(S) '] and .//span[contains(.,'99d 23h')] and .//clr-dg-cell[text()='For testing'] and .//clr-dg-cell//span[text()=' None ']]
-    Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all
-    Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  ${project_name}  hello-world  latest  all  1
+    Retry Wait Element Visible  //clr-dg-row[.//clr-dg-cell[contains(.,'${robot_account_name}')] and .//clr-icon[contains(@class, 'color-green')] and .//button[text()=' 53 PERMISSION(S) '] and .//span[contains(.,'99d 23h')] and .//clr-dg-cell[text()='For testing'] and .//clr-dg-cell//span[text()=' None ']]
+    Retry Action Keyword  Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all
+    Retry Action Keyword  Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  ${project_name}  hello-world  latest  all  1
 
     ${robot_account_name}  ${token}=  Create A System Robot Account  sys2${d}  days  days=2  description=For testing  cover_all_project_resources=${true}
     Push image  ${ip}  '${robot_account_name}'  ${token}  project${d}  hello-world:latest
-    Retry Wait Element Visible  //clr-dg-row[.//clr-dg-cell[contains(.,'${robot_account_name}')] and .//clr-icon[contains(@class, 'color-green')] and .//span[text()='All projects with'] and .//button[text()=' 55 PERMISSION(S) '] and .//span[contains(.,'1d 23h')] and .//clr-dg-cell[text()='For testing'] and .//clr-dg-cell//span[text()=' None ']]
-    Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all  1
-    Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  ${project_name}  hello-world  latest  all
+    Retry Wait Element Visible  //clr-dg-row[.//clr-dg-cell[contains(.,'${robot_account_name}')] and .//clr-icon[contains(@class, 'color-green')] and .//span[text()='All projects with'] and .//button[text()=' 56 PERMISSION(S) '] and .//span[contains(.,'1d 23h')] and .//clr-dg-cell[text()='For testing'] and .//clr-dg-cell//span[text()=' None ']]
+    Retry Action Keyword  Check System Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  all  1
+    Retry Action Keyword  Check Project Robot Account API Permission  ${robot_account_name}  ${token}  ${HARBOR_ADMIN}  ${HARBOR_PASSWORD}  ${project_id}  ${project_name}  hello-world  latest  all
     Close Browser
 
 Test Case - Go To Harbor Api Page