From 60f5710e0c2789187082ed96d8f24a416a426fa4 Mon Sep 17 00:00:00 2001
From: lfolco <me@laurafolco.com>
Date: Sun, 22 Sep 2019 17:08:45 -0400
Subject: [PATCH 1/3] add MFTF test for creating new user with valid expiration
 date (#22833)

---
 ...teNewUserWithUserExpirationActionGroup.xml | 34 +++++++++++++++++++
 .../Security/Test/Mftf/Data/UserData.xml      | 29 ++++++++++++++++
 .../Mftf/Section/AdminEditUserSection.xml     | 13 +++++++
 .../Mftf/Section/AdminNewUserFormSection.xml  | 13 +++++++
 ...erCreateNewUserWithValidExpirationTest.xml | 30 ++++++++++++++++
 5 files changed, 119 insertions(+)
 create mode 100644 app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml
 create mode 100644 app/code/Magento/Security/Test/Mftf/Data/UserData.xml
 create mode 100644 app/code/Magento/Security/Test/Mftf/Section/AdminEditUserSection.xml
 create mode 100644 app/code/Magento/Security/Test/Mftf/Section/AdminNewUserFormSection.xml
 create mode 100644 app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml

diff --git a/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml
new file mode 100644
index 0000000000000..a0250ca3ef4fc
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AdminCreateNewUserWithUserExpirationActionGroup">
+        <annotations>
+            <description>Goes to the Admin Users grid page. Clicks on Create User. Fills in the provided User with an expiration date and saves.</description>
+        </annotations>
+        <arguments>
+            <argument name="user" defaultValue="NewAdminUserWithValidExpiration"/>
+        </arguments>
+
+        <amOnPage url="{{AdminNewUserPage.url}}" stepKey="navigateToNewUser"/>
+        <waitForPageLoad stepKey="waitForUsersPage" />
+        <fillField selector="{{AdminNewUserFormSection.username}}" userInput="{{user.username}}" stepKey="enterUserName" />
+        <fillField selector="{{AdminNewUserFormSection.firstname}}" userInput="{{user.firstName}}" stepKey="enterFirstName" />
+        <fillField selector="{{AdminNewUserFormSection.lastname}}" userInput="{{user.lastName}}" stepKey="enterLastName" />
+        <fillField selector="{{AdminNewUserFormSection.email}}" userInput="{{user.username}}@magento.com" stepKey="enterEmail" />
+        <fillField selector="{{AdminNewUserFormSection.password}}" userInput="{{user.password}}" stepKey="enterPassword" />
+        <fillField selector="{{AdminNewUserFormSection.passwordConfirmation}}" userInput="{{user.password}}" stepKey="confirmPassword" />
+        <fillField selector="{{AdminNewUserFormSection.userExpiresField}}" userInput="{{user.expires_at}}" stepKey="enterUserExpiration" />
+        <fillField selector="{{AdminNewUserFormSection.currentPassword}}" userInput="{{_ENV.MAGENTO_ADMIN_PASSWORD}}" stepKey="enterCurrentPassword" />
+        <click selector="{{AdminNewUserFormSection.save}}" stepKey="clickSaveUser" />
+        <waitForPageLoad stepKey="waitForSaveTheUser" />
+        <see userInput="You saved the user." stepKey="seeSuccessMessage" />
+
+    </actionGroup>
+</actionGroups>
diff --git a/app/code/Magento/Security/Test/Mftf/Data/UserData.xml b/app/code/Magento/Security/Test/Mftf/Data/UserData.xml
new file mode 100644
index 0000000000000..5256d2ca4a28e
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/Data/UserData.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+
+<entities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:mftf:DataGenerator/etc/dataProfileSchema.xsd">
+    <entity name="NewAdminUserWithValidExpiration" type="user">
+        <data key="username" unique="suffix">adminExpired</data>
+        <data key="firstname">John</data>
+        <data key="lastname">Doe</data>
+        <data key="email" unique="prefix">admin@example.com</data>
+        <data key="password">123123q</data>
+        <data key="password_confirmation">123123q</data>
+        <data key="interface_local">en_US</data>
+        <data key="interface_local_label">English (United States)</data>
+        <data key="is_active">true</data>
+        <data key="is_active_label">Active</data>
+        <data key="current_password">{{_ENV.MAGENTO_ADMIN_PASSWORD}}</data>
+        <data key="role">Administrators</data>
+        <data key="expires_at">Sep 3, 2030 4:42:36 PM</data>
+        <array key="roles">
+            <item>1</item>
+        </array>
+    </entity>
+</entities>
diff --git a/app/code/Magento/Security/Test/Mftf/Section/AdminEditUserSection.xml b/app/code/Magento/Security/Test/Mftf/Section/AdminEditUserSection.xml
new file mode 100644
index 0000000000000..d7acf2466c09e
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/Section/AdminEditUserSection.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<sections xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
+    <section name="AdminEditUserSection">
+        <element name="userExpiresField" type="input" selector="#user_expires_at"/>
+    </section>
+</sections>
diff --git a/app/code/Magento/Security/Test/Mftf/Section/AdminNewUserFormSection.xml b/app/code/Magento/Security/Test/Mftf/Section/AdminNewUserFormSection.xml
new file mode 100644
index 0000000000000..1d1aba4da07dd
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/Section/AdminNewUserFormSection.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<sections xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:noNamespaceSchemaLocation="urn:magento:mftf:Page/etc/SectionObject.xsd">
+    <section name="AdminNewUserFormSection">
+        <element name="userExpiresField" type="input" selector="#page_tabs_main_section_content input[name='expires_at']"/>
+    </section>
+</sections>
diff --git a/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml b/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml
new file mode 100644
index 0000000000000..f84d9baa8ebfe
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="AdminUserCreateNewUserWithExpirationTest">
+        <annotations>
+            <features value="Security"/>
+            <stories value="Create new user with expiration date."/>
+            <title value="Create new user with expiration date"/>
+            <description value="Create new user with expiration date."/>
+            <testCaseId value="" />
+            <severity value="CRITICAL"/>
+            <group value="security"/>
+        </annotations>
+        <before>
+            <!-- Log in to Admin Panel -->
+            <actionGroup ref="LoginAsAdmin" stepKey="loginAsAdmin"/>
+        </before>
+
+        <!-- Create new user with user expiration set -->
+        <actionGroup ref="AdminCreateNewUserWithUserExpirationActionGroup" stepKey="createNewUserWithValidExpiration">
+            <argument name="user" value="NewAdminUserWithValidExpiration" />
+        </actionGroup>
+    </test>
+</tests>

From 9e82e91bbcf4db0fe4815d774bdb03cc4fcd75cc Mon Sep 17 00:00:00 2001
From: lfolco <me@laurafolco.com>
Date: Sun, 22 Sep 2019 17:51:40 -0400
Subject: [PATCH 2/3] add MFTF test for creating new user with invalid
 expiration date (#22833)

---
 ...reateNewUserWithExpirationActionGroup.xml} |  5 +--
 ...inSaveUserInvalidExpirationActionGroup.xml | 16 ++++++++++
 .../AdminSaveUserSuccessActionGroup.xml       | 16 ++++++++++
 .../Security/Test/Mftf/Data/UserData.xml      |  7 +++-
 ...CreateNewUserWithInvalidExpirationTest.xml | 32 +++++++++++++++++++
 ...erCreateNewUserWithValidExpirationTest.xml | 14 ++++----
 6 files changed, 79 insertions(+), 11 deletions(-)
 rename app/code/Magento/Security/Test/Mftf/ActionGroup/{AdminCreateNewUserWithUserExpirationActionGroup.xml => AdminCreateNewUserWithExpirationActionGroup.xml} (93%)
 create mode 100644 app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserInvalidExpirationActionGroup.xml
 create mode 100644 app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserSuccessActionGroup.xml
 create mode 100644 app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithInvalidExpirationTest.xml

diff --git a/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithExpirationActionGroup.xml
similarity index 93%
rename from app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml
rename to app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithExpirationActionGroup.xml
index a0250ca3ef4fc..5ebd9d723ed26 100644
--- a/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithUserExpirationActionGroup.xml
+++ b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminCreateNewUserWithExpirationActionGroup.xml
@@ -5,10 +5,9 @@
   * See COPYING.txt for license details.
   */
 -->
-
 <actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
-    <actionGroup name="AdminCreateNewUserWithUserExpirationActionGroup">
+    <actionGroup name="AdminCreateNewUserWithExpirationActionGroup">
         <annotations>
             <description>Goes to the Admin Users grid page. Clicks on Create User. Fills in the provided User with an expiration date and saves.</description>
         </annotations>
@@ -28,7 +27,5 @@
         <fillField selector="{{AdminNewUserFormSection.currentPassword}}" userInput="{{_ENV.MAGENTO_ADMIN_PASSWORD}}" stepKey="enterCurrentPassword" />
         <click selector="{{AdminNewUserFormSection.save}}" stepKey="clickSaveUser" />
         <waitForPageLoad stepKey="waitForSaveTheUser" />
-        <see userInput="You saved the user." stepKey="seeSuccessMessage" />
-
     </actionGroup>
 </actionGroups>
diff --git a/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserInvalidExpirationActionGroup.xml b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserInvalidExpirationActionGroup.xml
new file mode 100644
index 0000000000000..8fc890acebf84
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserInvalidExpirationActionGroup.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AdminSaveUserInvalidExpirationActionGroup">
+        <annotations>
+            <description>Error message for saving an admin user with an invalid expiration date.</description>
+        </annotations>
+        <see selector="{{AdminMessagesSection.errorMessage}}" userInput='"Expiration date" must be later than the current date.' stepKey="seeErrorMessage"/>
+    </actionGroup>
+</actionGroups>
diff --git a/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserSuccessActionGroup.xml b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserSuccessActionGroup.xml
new file mode 100644
index 0000000000000..5c9b520a19a40
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/ActionGroup/AdminSaveUserSuccessActionGroup.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<actionGroups xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+              xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/actionGroupSchema.xsd">
+    <actionGroup name="AdminSaveUserSuccessActionGroup">
+        <annotations>
+            <description>Success message for saving an admin user successfully.</description>
+        </annotations>
+        <see userInput="You saved the user." stepKey="seeSuccessMessage" />
+    </actionGroup>
+</actionGroups>
diff --git a/app/code/Magento/Security/Test/Mftf/Data/UserData.xml b/app/code/Magento/Security/Test/Mftf/Data/UserData.xml
index 5256d2ca4a28e..43c75da1c37ee 100644
--- a/app/code/Magento/Security/Test/Mftf/Data/UserData.xml
+++ b/app/code/Magento/Security/Test/Mftf/Data/UserData.xml
@@ -8,8 +8,9 @@
 
 <entities xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:noNamespaceSchemaLocation="urn:magento:mftf:DataGenerator/etc/dataProfileSchema.xsd">
+
     <entity name="NewAdminUserWithValidExpiration" type="user">
-        <data key="username" unique="suffix">adminExpired</data>
+        <data key="username" unique="suffix">adminExpiresAt</data>
         <data key="firstname">John</data>
         <data key="lastname">Doe</data>
         <data key="email" unique="prefix">admin@example.com</data>
@@ -26,4 +27,8 @@
             <item>1</item>
         </array>
     </entity>
+
+    <entity name="NewAdminUserWithInvalidExpiration" type="user" extends="NewAdminUserWithValidExpiration">
+        <data key="expires_at">Sep 3, 2000 4:42:36 PM</data>
+    </entity>
 </entities>
diff --git a/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithInvalidExpirationTest.xml b/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithInvalidExpirationTest.xml
new file mode 100644
index 0000000000000..18c999a89b2b1
--- /dev/null
+++ b/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithInvalidExpirationTest.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ /**
+  * Copyright © Magento, Inc. All rights reserved.
+  * See COPYING.txt for license details.
+  */
+-->
+<tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
+    <test name="AdminUserCreateNewUserWithInvalidExpirationTest">
+        <annotations>
+            <features value="Security"/>
+            <stories value="Create new user with invalid expiration date."/>
+            <title value="Create new user with invalid expiration date"/>
+            <description value="Create new user with invalid expiration date."/>
+            <testCaseId value="" />
+            <severity value="CRITICAL"/>
+            <group value="security_userexpiration"/>
+        </annotations>
+        <before>
+            <!-- Log in to Admin Panel -->
+            <actionGroup ref="LoginAsAdmin" stepKey="loginAsAdmin"/>
+        </before>
+
+        <!-- Create new user with user expiration set -->
+        <actionGroup ref="AdminCreateNewUserWithExpirationActionGroup" stepKey="fillInNewUserWithInvalidExpiration">
+            <argument name="user" value="NewAdminUserWithInvalidExpiration" />
+        </actionGroup>
+
+        <actionGroup ref="AdminSaveUserInvalidExpirationActionGroup" stepKey="saveNewUserWithInvalidExpirationError" />
+    </test>
+</tests>
diff --git a/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml b/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml
index f84d9baa8ebfe..cfc94920a13b6 100644
--- a/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml
+++ b/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml
@@ -7,15 +7,15 @@
 -->
 <tests xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:noNamespaceSchemaLocation="urn:magento:mftf:Test/etc/testSchema.xsd">
-    <test name="AdminUserCreateNewUserWithExpirationTest">
+    <test name="AdminUserCreateNewUserWithValidExpirationTest">
         <annotations>
             <features value="Security"/>
-            <stories value="Create new user with expiration date."/>
-            <title value="Create new user with expiration date"/>
-            <description value="Create new user with expiration date."/>
+            <stories value="Create new user with valid expiration date."/>
+            <title value="Create new user with valid expiration date"/>
+            <description value="Create new user with valid expiration date."/>
             <testCaseId value="" />
             <severity value="CRITICAL"/>
-            <group value="security"/>
+            <group value="security_userexpiration"/>
         </annotations>
         <before>
             <!-- Log in to Admin Panel -->
@@ -23,8 +23,10 @@
         </before>
 
         <!-- Create new user with user expiration set -->
-        <actionGroup ref="AdminCreateNewUserWithUserExpirationActionGroup" stepKey="createNewUserWithValidExpiration">
+        <actionGroup ref="AdminCreateNewUserWithExpirationActionGroup" stepKey="fillInNewUserWithValidExpiration">
             <argument name="user" value="NewAdminUserWithValidExpiration" />
         </actionGroup>
+
+        <actionGroup ref="AdminSaveUserSuccessActionGroup" stepKey="saveNewUserWithValidExpirationSuccess" />
     </test>
 </tests>

From bad8f2b731a400a22bf47a8f748b4818ed2a7bdf Mon Sep 17 00:00:00 2001
From: lfolco <me@laurafolco.com>
Date: Thu, 26 Sep 2019 14:06:56 -0400
Subject: [PATCH 3/3] rename tests (magento/magento2#22833: Short-term admin
 accounts)

---
 ...onTest.xml => AdminCreateNewUserWithInvalidExpirationTest.xml} | 0
 ...tionTest.xml => AdminCreateNewUserWithValidExpirationTest.xml} | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename app/code/Magento/Security/Test/Mftf/Test/{AdminUserCreateNewUserWithInvalidExpirationTest.xml => AdminCreateNewUserWithInvalidExpirationTest.xml} (100%)
 rename app/code/Magento/Security/Test/Mftf/Test/{AdminUserCreateNewUserWithValidExpirationTest.xml => AdminCreateNewUserWithValidExpirationTest.xml} (100%)

diff --git a/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithInvalidExpirationTest.xml b/app/code/Magento/Security/Test/Mftf/Test/AdminCreateNewUserWithInvalidExpirationTest.xml
similarity index 100%
rename from app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithInvalidExpirationTest.xml
rename to app/code/Magento/Security/Test/Mftf/Test/AdminCreateNewUserWithInvalidExpirationTest.xml
diff --git a/app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml b/app/code/Magento/Security/Test/Mftf/Test/AdminCreateNewUserWithValidExpirationTest.xml
similarity index 100%
rename from app/code/Magento/Security/Test/Mftf/Test/AdminUserCreateNewUserWithValidExpirationTest.xml
rename to app/code/Magento/Security/Test/Mftf/Test/AdminCreateNewUserWithValidExpirationTest.xml