feat(web): Added admin user config to user settings (#15380)

* feat(web): Added admin user config to user settings * feat (web) - cleaned up the files and added tests * feat (web) - added missing files * feat (web) - updated per review comments * feat (web) - e2e admin command test failures
2025-12-16 17:23:16 +03:00 · 2025-06-11 21:11:13 -05:00
parent 22eef5f3c5
commit e5219f1f31
15 changed files with 308 additions and 20 deletions
--- a/e2e/src/api/specs/user-admin.e2e-spec.ts
+++ b/e2e/src/api/specs/user-admin.e2e-spec.ts
@@ -118,7 +118,7 @@ describe('/admin/users', () => {
      });
    }

-    it('should ignore `isAdmin`', async () => {
+    it('should accept `isAdmin`', async () => {
      const { status, body } = await request(app)
        .post(`/admin/users`)
        .send({
@@ -130,7 +130,7 @@ describe('/admin/users', () => {
        .set('Authorization', `Bearer ${admin.accessToken}`);
      expect(body).toMatchObject({
        email: 'user5@immich.cloud',
-        isAdmin: false,
+        isAdmin: true,
        shouldChangePassword: true,
      });
      expect(status).toBe(201);
@@ -163,14 +163,15 @@ describe('/admin/users', () => {
      });
    }

-    it('should not allow a non-admin to become an admin', async () => {
+    it('should allow a non-admin to become an admin', async () => {
+      const user = await utils.userSetup(admin.accessToken, createUserDto.create('admin2'));
      const { status, body } = await request(app)
-        .put(`/admin/users/${nonAdmin.userId}`)
+        .put(`/admin/users/${user.userId}`)
        .send({ isAdmin: true })
        .set('Authorization', `Bearer ${admin.accessToken}`);

      expect(status).toBe(200);
-      expect(body).toMatchObject({ isAdmin: false });
+      expect(body).toMatchObject({ isAdmin: true });
    });

    it('ignores updates to profileImagePath', async () => {
--- a/e2e/src/immich-admin/specs/immich-admin.e2e-spec.ts
+++ b/e2e/src/immich-admin/specs/immich-admin.e2e-spec.ts
@@ -7,6 +7,44 @@ describe(`immich-admin`, () => {
    await utils.adminSetup();
  });

+  describe('revoke-admin', () => {
+    it('should revoke admin privileges from a user', async () => {
+      const { child, promise } = immichAdmin(['revoke-admin']);
+
+      let data = '';
+      child.stdout.on('data', (chunk) => {
+        data += chunk;
+        if (data.includes('Please enter the user email:')) {
+          child.stdin.end('admin@immich.cloud\n');
+        }
+      });
+
+      const { stdout, exitCode } = await promise;
+      expect(exitCode).toBe(0);
+
+      expect(stdout).toContain('Admin access has been revoked from');
+    });
+  });
+
+  describe('grant-admin', () => {
+    it('should grant admin privileges to a user', async () => {
+      const { child, promise } = immichAdmin(['grant-admin']);
+
+      let data = '';
+      child.stdout.on('data', (chunk) => {
+        data += chunk;
+        if (data.includes('Please enter the user email:')) {
+          child.stdin.end('admin@immich.cloud\n');
+        }
+      });
+
+      const { stdout, exitCode } = await promise;
+      expect(exitCode).toBe(0);
+
+      expect(stdout).toContain('Admin access has been granted to');
+    });
+  });
+
  describe('list-users', () => {
    it('should list the admin user', async () => {
      const { stdout, exitCode } = await immichAdmin(['list-users']).promise;
--- a/e2e/src/web/specs/user-admin.e2e-spec.ts
+++ b/e2e/src/web/specs/user-admin.e2e-spec.ts
@@ -0,0 +1,89 @@
+import { getUserAdmin } from '@immich/sdk';
+import { expect, test } from '@playwright/test';
+import { asBearerAuth, utils } from 'src/utils';
+
+test.describe('User Administration', () => {
+  test.beforeAll(() => {
+    utils.initSdk();
+  });
+
+  test.beforeEach(async () => {
+    await utils.resetDatabase();
+  });
+
+  test('validate admin/users link', async ({ context, page }) => {
+    const admin = await utils.adminSetup();
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    // Navigate to user management page and verify title and header
+    await page.goto(`/admin/users`);
+    await expect(page).toHaveTitle(/User Management/);
+    await expect(page.getByText('User Management')).toBeVisible();
+  });
+
+  test('create user', async ({ context, page }) => {
+    const admin = await utils.adminSetup();
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    // Create a new user
+    await page.goto('/admin/users');
+    await page.getByRole('button', { name: 'Create user' }).click();
+    await page.getByLabel('Email').fill('user@immich.cloud');
+    await page.getByLabel('Password', { exact: true }).fill('password');
+    await page.getByLabel('Confirm Password').fill('password');
+    await page.getByLabel('Name').fill('Immich User');
+    await page.getByRole('button', { name: 'Create', exact: true }).click();
+
+    // Verify the user exists in the user list
+    await page.getByRole('row', { name: 'user@immich.cloud' });
+  });
+
+  test('promote to admin', async ({ context, page }) => {
+    const admin = await utils.adminSetup();
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    const user = await utils.userSetup(admin.accessToken, {
+      name: 'Admin 2',
+      email: 'admin2@immich.cloud',
+      password: 'password',
+    });
+
+    expect(user.isAdmin).toBe(false);
+
+    await page.goto(`/admin/users/${user.userId}`);
+
+    await page.getByRole('button', { name: 'Edit user' }).click();
+    await expect(page.getByLabel('Admin User')).not.toBeChecked();
+    await page.getByText('Admin User').click();
+    await expect(page.getByLabel('Admin User')).toBeChecked();
+    await page.getByRole('button', { name: 'Confirm' }).click();
+
+    const updated = await getUserAdmin({ id: user.userId }, { headers: asBearerAuth(admin.accessToken) });
+    expect(updated.isAdmin).toBe(true);
+  });
+
+  test('revoke admin access', async ({ context, page }) => {
+    const admin = await utils.adminSetup();
+    await utils.setAuthCookies(context, admin.accessToken);
+
+    const user = await utils.userSetup(admin.accessToken, {
+      name: 'Admin 2',
+      email: 'admin2@immich.cloud',
+      password: 'password',
+      isAdmin: true,
+    });
+
+    expect(user.isAdmin).toBe(true);
+
+    await page.goto(`/admin/users/${user.userId}`);
+
+    await page.getByRole('button', { name: 'Edit user' }).click();
+    await expect(page.getByLabel('Admin User')).toBeChecked();
+    await page.getByText('Admin User').click();
+    await expect(page.getByLabel('Admin User')).not.toBeChecked();
+    await page.getByRole('button', { name: 'Confirm' }).click();
+
+    const updated = await getUserAdmin({ id: user.userId }, { headers: asBearerAuth(admin.accessToken) });
+    expect(updated.isAdmin).toBe(false);
+  });
+});