From 5fc8d2b7974c4f13cf690fdf2399289a269a3bbf Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Mon, 2 Mar 2026 16:15:09 -0800 Subject: [PATCH 1/6] Expand "See Audit Log Events" test --- src/org/labkey/test/tests/AuditLogTest.java | 27 ++++++++++++++------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/src/org/labkey/test/tests/AuditLogTest.java b/src/org/labkey/test/tests/AuditLogTest.java index 0ea179d032..9d45c65a0e 100644 --- a/src/org/labkey/test/tests/AuditLogTest.java +++ b/src/org/labkey/test/tests/AuditLogTest.java @@ -64,11 +64,11 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +import static org.labkey.test.util.PasswordUtil.getUsername; import static org.labkey.test.util.PermissionsHelper.AUTHOR_ROLE; import static org.labkey.test.util.PermissionsHelper.EDITOR_ROLE; import static org.labkey.test.util.PermissionsHelper.FOLDER_ADMIN_ROLE; import static org.labkey.test.util.PermissionsHelper.PROJECT_ADMIN_ROLE; -import static org.labkey.test.util.PasswordUtil.getUsername; @Category({Daily.class, Hosting.class}) @BaseWebDriverTest.ClassTimeout(minutes = 9) @@ -378,18 +378,27 @@ protected void canSeeAuditLogTest() createUserWithPermissions(AUDIT_TEST_USER2, AUDIT_TEST_PROJECT, PROJECT_ADMIN_ROLE); // signed in as an admin so we should see rows here - verifyAuditQueries(true); + verifyAuditQueries(true, getProjectName()); // signed in as an editor should not show any rows for audit query links impersonate(AUDIT_TEST_USER); - verifyAuditQueries(false); + verifyAuditQueries(false, getProjectName()); + verifyAuditQueries(false, "home"); + stopImpersonating(); + + // grant CanSeeAuditLog role to our audit user in the project and verify we see audit information in this project but not /home + permissionsHelper.addMemberToRole(AUDIT_TEST_USER, "See Audit Log Events", PermissionsHelper.MemberType.user, getProjectName()); + impersonate(AUDIT_TEST_USER); + verifyAuditQueries(true, getProjectName()); + verifyAuditQueries(false, "home"); stopImpersonating(); + permissionsHelper.removeUserRoleAssignment(AUDIT_TEST_USER, "See Audit Log Events", getProjectName()); - // now grant CanSeeAuditLog permission to our audit user and verify - // we see audit information + // grant CanSeeAuditLog role to our audit user in the root and verify we see audit information in this project and in /home permissionsHelper.setSiteRoleUserPermissions(AUDIT_TEST_USER, "See Audit Log Events"); impersonate(AUDIT_TEST_USER); - verifyAuditQueries(true); + verifyAuditQueries(true, getProjectName()); + verifyAuditQueries(true, "home"); // cleanup stopImpersonating(); @@ -535,15 +544,15 @@ protected void verifyListAuditLogQueries(Visibility v) verifyAuditQueryEvent(this, "List", "Child List", 1, canSeeChild(v)); } - protected void verifyAuditQueries(boolean canSeeAuditLog) + protected void verifyAuditQueries(boolean canSeeAuditLog, String containerPath) { - ExecuteQueryPage.beginAt(this, getProjectName(), "auditLog", "ContainerAuditEvent"); + ExecuteQueryPage.beginAt(this, containerPath, "auditLog", "ContainerAuditEvent"); if (canSeeAuditLog) verifyAuditQueryEvent(this, COMMENT_COLUMN, AUDIT_TEST_PROJECT + " was created", 1); else assertTextPresent("No data to show."); - ExecuteQueryPage.beginAt(this, getProjectName(), "auditLog", "GroupAuditEvent"); + ExecuteQueryPage.beginAt(this, containerPath, "auditLog", "GroupAuditEvent"); if (canSeeAuditLog) verifyAuditQueryEvent(this, COMMENT_COLUMN, "The user " + AUDIT_TEST_USER + " was assigned to the security role Editor.", 1); else From e80e53e452131e752726c9ecd26bee45f9c73f2c Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Mon, 2 Mar 2026 18:11:46 -0800 Subject: [PATCH 2/6] Pass in fully qualified classnames to disambiguate folder vs. root roles --- src/org/labkey/test/tests/AuditLogTest.java | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/org/labkey/test/tests/AuditLogTest.java b/src/org/labkey/test/tests/AuditLogTest.java index 9d45c65a0e..33429933e5 100644 --- a/src/org/labkey/test/tests/AuditLogTest.java +++ b/src/org/labkey/test/tests/AuditLogTest.java @@ -386,16 +386,19 @@ protected void canSeeAuditLogTest() verifyAuditQueries(false, "home"); stopImpersonating(); - // grant CanSeeAuditLog role to our audit user in the project and verify we see audit information in this project but not /home - permissionsHelper.addMemberToRole(AUDIT_TEST_USER, "See Audit Log Events", PermissionsHelper.MemberType.user, getProjectName()); + // Grant the "See Audit Log Events" role to our audit user in the project and verify we see audit information + // in this project but not /home. We pass the fully qualified classnames in the next few calls to disambiguate + // the root role from the folder role. + permissionsHelper.addMemberToRole(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogFolderRole", PermissionsHelper.MemberType.user, getProjectName()); impersonate(AUDIT_TEST_USER); verifyAuditQueries(true, getProjectName()); verifyAuditQueries(false, "home"); stopImpersonating(); - permissionsHelper.removeUserRoleAssignment(AUDIT_TEST_USER, "See Audit Log Events", getProjectName()); + permissionsHelper.removeUserRoleAssignment(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogFolderRole", getProjectName()); - // grant CanSeeAuditLog role to our audit user in the root and verify we see audit information in this project and in /home - permissionsHelper.setSiteRoleUserPermissions(AUDIT_TEST_USER, "See Audit Log Events"); + // Grant the "See Audit Log Events" role to our audit user in the root and verify we see audit information in + // this project and in /home + permissionsHelper.setSiteRoleUserPermissions(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogRole"); impersonate(AUDIT_TEST_USER); verifyAuditQueries(true, getProjectName()); verifyAuditQueries(true, "home"); From 824ff702e09b5b707939d2e8d615f7a27c8d8077 Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Mon, 2 Mar 2026 18:36:42 -0800 Subject: [PATCH 3/6] Look at more rows --- src/org/labkey/test/tests/AuditLogTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/org/labkey/test/tests/AuditLogTest.java b/src/org/labkey/test/tests/AuditLogTest.java index 33429933e5..5ff66e9d66 100644 --- a/src/org/labkey/test/tests/AuditLogTest.java +++ b/src/org/labkey/test/tests/AuditLogTest.java @@ -557,7 +557,7 @@ protected void verifyAuditQueries(boolean canSeeAuditLog, String containerPath) ExecuteQueryPage.beginAt(this, containerPath, "auditLog", "GroupAuditEvent"); if (canSeeAuditLog) - verifyAuditQueryEvent(this, COMMENT_COLUMN, "The user " + AUDIT_TEST_USER + " was assigned to the security role Editor.", 1); + verifyAuditQueryEvent(this, COMMENT_COLUMN, "The user " + AUDIT_TEST_USER + " was assigned to the security role Editor.", 4); else assertTextPresent("No data to show."); } From c324d2bb3329be4066010d3bfe8fff2a54e1c892 Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Mon, 2 Mar 2026 20:28:18 -0800 Subject: [PATCH 4/6] Ensure an event in /home and verify that --- src/org/labkey/test/tests/AuditLogTest.java | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/org/labkey/test/tests/AuditLogTest.java b/src/org/labkey/test/tests/AuditLogTest.java index 5ff66e9d66..b20562b1ab 100644 --- a/src/org/labkey/test/tests/AuditLogTest.java +++ b/src/org/labkey/test/tests/AuditLogTest.java @@ -36,6 +36,7 @@ import org.labkey.test.components.domain.ConditionalFormatDialog; import org.labkey.test.components.domain.DomainFieldRow; import org.labkey.test.components.domain.DomainFormPanel; +import org.labkey.test.components.search.SearchBodyWebPart; import org.labkey.test.pages.core.admin.logger.ManagerPage.LoggingLevel; import org.labkey.test.pages.list.EditListDefinitionPage; import org.labkey.test.pages.query.ExecuteQueryPage; @@ -79,21 +80,18 @@ public class AuditLogTest extends BaseWebDriverTest public static final String QUERY_UPDATE_EVENT = "Query update events"; public static final String PROJECT_AUDIT_EVENT = "Project and Folder events"; public static final String ASSAY_AUDIT_EVENT = "Link to Study events"; + public static final String COMMENT_COLUMN = "Comment"; private static final String AUDIT_TEST_USER = "audit_user1@auditlog.test"; private static final String AUDIT_TEST_USER2 = "audit_user2@auditlog.test"; private static final String AUDIT_TEST_USER3 = "audit_user3@auditlog.test"; - private static final String AUDIT_SECURITY_GROUP = "Testers"; - private static final String AUDIT_TEST_PROJECT = "AuditVerifyTest"; private static final String AUDIT_DETAILED_TEST_PROJECT = "AuditDetailedLogTest"; private static final String AUDIT_TEST_SUBFOLDER = "AuditVerifyTest_Subfolder"; private static final String AUDIT_PROPERTY_EVENTS_PROJECT = "AuditDomainPropertyEvents"; - - final String DOMAIN_PROPERTY_LOG_NAME = "Domain property events"; - - public static final String COMMENT_COLUMN = "Comment"; + private static final String DOMAIN_PROPERTY_LOG_NAME = "Domain property events"; + private static final String SEARCH_TERM = "doesn't matter"; private final ApiPermissionsHelper permissionsHelper = new ApiPermissionsHelper(this); private final AuditLogHelper _auditLogHelper = new AuditLogHelper(this); @@ -377,6 +375,11 @@ protected void canSeeAuditLogTest() createUserWithPermissions(AUDIT_TEST_USER, AUDIT_TEST_PROJECT, EDITOR_ROLE); createUserWithPermissions(AUDIT_TEST_USER2, AUDIT_TEST_PROJECT, PROJECT_ADMIN_ROLE); + // Do a search to ensure an audit entry in /home + clickProject("home"); + new SearchBodyWebPart(getDriver()).searchForm().searchFor(SEARCH_TERM); + goToProjectHome(); + // signed in as an admin so we should see rows here verifyAuditQueries(true, getProjectName()); @@ -401,7 +404,8 @@ protected void canSeeAuditLogTest() permissionsHelper.setSiteRoleUserPermissions(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogRole"); impersonate(AUDIT_TEST_USER); verifyAuditQueries(true, getProjectName()); - verifyAuditQueries(true, "home"); + ExecuteQueryPage.beginAt(this, "home", "auditLog", "SearchAuditEvent"); + verifyAuditQueryEvent(this, "Query", SEARCH_TERM, 1); // cleanup stopImpersonating(); @@ -494,7 +498,7 @@ public void testDetailedQueryUpdateAuditLog() throws IOException, CommandExcepti //then create model (which has detailed audit log level) InsertRowsCommand insertCmd2 = new InsertRowsCommand("vehicle", "models"); rowMap = new HashMap<>(); - rowMap.put("manufacturerId", resp1.getRows().get(0).get("rowid")); + rowMap.put("manufacturerId", resp1.getRows().getFirst().get("rowid")); rowMap.put("name", "Soul"); insertCmd2.addRow(rowMap); insertCmd2.execute(cn, AUDIT_DETAILED_TEST_PROJECT); From 0d1a10f1b3e830fdcc515e166d67e40ae66a6a6c Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Mon, 2 Mar 2026 21:32:57 -0800 Subject: [PATCH 5/6] /Home --- src/org/labkey/test/tests/AuditLogTest.java | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/org/labkey/test/tests/AuditLogTest.java b/src/org/labkey/test/tests/AuditLogTest.java index b20562b1ab..ef1d46597a 100644 --- a/src/org/labkey/test/tests/AuditLogTest.java +++ b/src/org/labkey/test/tests/AuditLogTest.java @@ -376,7 +376,7 @@ protected void canSeeAuditLogTest() createUserWithPermissions(AUDIT_TEST_USER2, AUDIT_TEST_PROJECT, PROJECT_ADMIN_ROLE); // Do a search to ensure an audit entry in /home - clickProject("home"); + clickProject("Home"); new SearchBodyWebPart(getDriver()).searchForm().searchFor(SEARCH_TERM); goToProjectHome(); @@ -386,25 +386,25 @@ protected void canSeeAuditLogTest() // signed in as an editor should not show any rows for audit query links impersonate(AUDIT_TEST_USER); verifyAuditQueries(false, getProjectName()); - verifyAuditQueries(false, "home"); + verifyAuditQueries(false, "Home"); stopImpersonating(); - // Grant the "See Audit Log Events" role to our audit user in the project and verify we see audit information - // in this project but not /home. We pass the fully qualified classnames in the next few calls to disambiguate - // the root role from the folder role. + // Grant the "See Audit Log Events" folder role to our audit user in the project and verify we see audit + // information in this project but not /Home. We pass the fully qualified classnames in the next few calls to + // disambiguate the root role from the folder role. permissionsHelper.addMemberToRole(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogFolderRole", PermissionsHelper.MemberType.user, getProjectName()); impersonate(AUDIT_TEST_USER); verifyAuditQueries(true, getProjectName()); - verifyAuditQueries(false, "home"); + verifyAuditQueries(false, "Home"); stopImpersonating(); permissionsHelper.removeUserRoleAssignment(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogFolderRole", getProjectName()); - // Grant the "See Audit Log Events" role to our audit user in the root and verify we see audit information in - // this project and in /home + // Grant the "See Audit Log Events" root role to our audit user and verify we see audit information in this + // project and in /Home permissionsHelper.setSiteRoleUserPermissions(AUDIT_TEST_USER, "org.labkey.api.security.roles.CanSeeAuditLogRole"); impersonate(AUDIT_TEST_USER); verifyAuditQueries(true, getProjectName()); - ExecuteQueryPage.beginAt(this, "home", "auditLog", "SearchAuditEvent"); + ExecuteQueryPage.beginAt(this, "Home", "auditLog", "SearchAuditEvent"); verifyAuditQueryEvent(this, "Query", SEARCH_TERM, 1); // cleanup From 20cb9c6226f332cd8c5a6fafedfa1895c8a86518 Mon Sep 17 00:00:00 2001 From: Adam Rauch Date: Tue, 3 Mar 2026 07:25:13 -0800 Subject: [PATCH 6/6] Correct search --- src/org/labkey/test/tests/AuditLogTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/org/labkey/test/tests/AuditLogTest.java b/src/org/labkey/test/tests/AuditLogTest.java index ef1d46597a..6ea185d06e 100644 --- a/src/org/labkey/test/tests/AuditLogTest.java +++ b/src/org/labkey/test/tests/AuditLogTest.java @@ -36,7 +36,6 @@ import org.labkey.test.components.domain.ConditionalFormatDialog; import org.labkey.test.components.domain.DomainFieldRow; import org.labkey.test.components.domain.DomainFormPanel; -import org.labkey.test.components.search.SearchBodyWebPart; import org.labkey.test.pages.core.admin.logger.ManagerPage.LoggingLevel; import org.labkey.test.pages.list.EditListDefinitionPage; import org.labkey.test.pages.query.ExecuteQueryPage; @@ -48,6 +47,7 @@ import org.labkey.test.util.Log4jUtils; import org.labkey.test.util.PermissionsHelper; import org.labkey.test.util.PortalHelper; +import org.labkey.test.util.SearchHelper; import org.labkey.test.util.UIUserHelper; import java.io.BufferedReader; @@ -377,7 +377,7 @@ protected void canSeeAuditLogTest() // Do a search to ensure an audit entry in /home clickProject("Home"); - new SearchBodyWebPart(getDriver()).searchForm().searchFor(SEARCH_TERM); + new SearchHelper(this).searchFor(SEARCH_TERM); goToProjectHome(); // signed in as an admin so we should see rows here