Description

This ticket covers the validation and verification of the Resource Optimization (RO) access authorization feature in the Orchestrator application. The primary goal is to ensure that users only see optimization recommendations for projects and clusters to which they have been explicitly granted access, as determined by backend authorization logic.

Feature Testing Scope

• Access Control Enforcement:

Confirm that the UI only displays projects and containers for which the logged-in user is authorized, based on the backend’s /api/redhat-resource-optimization/access response.

• User Experience:

Ensure that users with access see the correct set of projects and containers, and that users without access see an appropriate empty state or error message.

• Backend Integration:

Validate that the frontend correctly interprets and enforces the authorizeProjects and authorizeClusterIds returned by the backend API.

• Consistency:

Check that the UI remains consistent with backend permissions even after navigation, refresh, or re-login.

Test Approach

• Manual Testing:

• Log in as users with different access levels (full access, partial access, no access).

• Navigate to the Optimization tab and observe the projects/containers displayed.

• Cross-check the displayed data with the backend API response for each user.

• Attempt to access unauthorized projects/containers and verify that access is denied or not shown.

• Validate UI messaging for users with no access.

• Automated Testing:

• Implemented Playwright-based UI automation for the main “happy flow”:

• Logs in as a user with known access.

• Navigates to the Optimization tab.

• Intercepts the backend access API call and captures the authorization data.

• Asserts that only authorized projects are shown in the table.
• Automation leverages common utility functions for maintainability and is configured to handle test environment SSL certificates.