LPD-44089; LPD-46392 | Display Export/Import menu item in Application menu. Validation and tests.

modules/apps/export-import/export-import-web/src/main/resources/META-INF/resources/export/view_export_layouts.jsp

@@ -43,7 +43,7 @@ String searchContainerId = "exportLayoutProcesses";
 %>
 
 <c:choose>
-	<c:when test="<%= !stagingGroupHelper.isCompanyGroup(liveGroup) && !GroupPermissionUtil.contains(permissionChecker, liveGroupId, ActionKeys.EXPORT_IMPORT_LAYOUTS) %>">
+	<c:when test="<%= (!stagingGroupHelper.isCompanyGroup(liveGroup) && !GroupPermissionUtil.contains(permissionChecker, liveGroupId, ActionKeys.EXPORT_IMPORT_LAYOUTS)) || (stagingGroupHelper.isCompanyGroup(liveGroup) && !PortletPermissionUtil.contains(permissionChecker, layout, portletDisplay.getPortletName(), ActionKeys.ACCESS_IN_CONTROL_PANEL)) %>">
 		<div class="alert alert-info">
 			<liferay-ui:message key="you-do-not-have-permission-to-access-the-requested-resource" />
 		</div>

modules/apps/export-import/export-import-web/src/main/resources/META-INF/resources/import/view_import_layouts.jsp

@@ -40,7 +40,7 @@ GroupDisplayContextHelper groupDisplayContextHelper = new GroupDisplayContextHel
 %>
 
 <c:choose>
-	<c:when test="<%= !GroupPermissionUtil.contains(permissionChecker, groupDisplayContextHelper.getGroupId(), ActionKeys.EXPORT_IMPORT_LAYOUTS) %>">
+	<c:when test="<%= (!stagingGroupHelper.isCompanyGroup(groupDisplayContextHelper.getGroup()) && !GroupPermissionUtil.contains(permissionChecker, groupDisplayContextHelper.getGroupId(), ActionKeys.EXPORT_IMPORT_LAYOUTS)) || (stagingGroupHelper.isCompanyGroup(groupDisplayContextHelper.getGroup()) && !PortletPermissionUtil.contains(permissionChecker, layout, portletDisplay.getPortletName(), ActionKeys.ACCESS_IN_CONTROL_PANEL)) %>">
 		<div class="alert alert-info">
 			<liferay-ui:message key="you-do-not-have-permission-to-access-the-requested-resource" />
 		</div>

modules/apps/export-import/export-import-web/src/main/resources/META-INF/resources/init.jsp

@@ -120,6 +120,7 @@ page import="com.liferay.portal.kernel.service.ServiceContext" %><%@
 page import="com.liferay.portal.kernel.service.TicketLocalServiceUtil" %><%@
 page import="com.liferay.portal.kernel.service.UserLocalServiceUtil" %><%@
 page import="com.liferay.portal.kernel.service.permission.GroupPermissionUtil" %><%@
+page import="com.liferay.portal.kernel.service.permission.PortletPermissionUtil" %><%@
 page import="com.liferay.portal.kernel.servlet.SessionMessages" %><%@
 page import="com.liferay.portal.kernel.upload.configuration.UploadServletRequestConfigurationProviderUtil" %><%@
 page import="com.liferay.portal.kernel.util.AggregateResourceBundle" %><%@

modules/test/playwright/pages/product-navigation-applications-menu/ApplicationsMenuPage.ts

@@ -15,7 +15,7 @@ export class ApplicationsMenuPage {
 	private readonly announcementsItem: Locator;
 	private readonly apiBuilderMenuItem: Locator;
 	private readonly auditItem: Locator;
-	private readonly applicationsMenuTabButton: Locator;
+	readonly applicationsMenuTabButton: Locator;
 	private readonly blueprintsItem: Locator;
 	private readonly clientExtensionsLink: Locator;
 	private readonly commerceChannelsMenuItem: Locator;
@@ -33,8 +33,8 @@ export class ApplicationsMenuPage {
 	private readonly countriesManagementItem: Locator;
 	private readonly customFieldsMenuItem: Locator;
 	private readonly dataMigrationCenterMenuItem: Locator;
-	private readonly exportMenuItem: Locator;
-	private readonly importMenuItem: Locator;
+	readonly exportMenuItem: Locator;
+	readonly importMenuItem: Locator;
 	private readonly dataSetManagerMenuItem: Locator;
 	private readonly defaultPermissionsLink: Locator;
 	private readonly gogoShellItem: Locator;

modules/test/playwright/tests/export-import-web/export.spec.ts

@@ -13,6 +13,8 @@ import {applicationsMenuPageTest} from '../../fixtures/applicationsMenuPageTest'
 import {dataApiHelpersTest} from '../../fixtures/dataApiHelpersTest';
 import {featureFlagsTest} from '../../fixtures/featureFlagsTest';
 import {loginTest} from '../../fixtures/loginTest';
+import {getRandomInt} from '../../utils/getRandomInt';
+import performLogin, {performLogout, userData} from '../../utils/performLogin';
 import {readFileFromZip} from '../../utils/zip';
 import {companyExportImportPageTest} from './fixtures/companyExportImportPagesTest';
 
@@ -136,3 +138,102 @@ test('can export custom object entries at instance level with permissions', asyn
 	expect(json.length).toBe(1);
 	expect(json[0]).toHaveProperty('permissions');
 });
+
+test('Can/not view Export menu item in Application menu depending on permissions', async ({
+	apiHelpers,
+	applicationsMenuPage,
+	companyExportImportPage,
+	page,
+}) => {
+	const companyId = await page.evaluate(() => {
+		return Liferay.ThemeDisplay.getCompanyId();
+	});
+
+	const roleWithPermissions = await apiHelpers.headlessAdminUser.postRole({
+		name: 'role' + getRandomInt(),
+		rolePermissions: [
+			{
+				actionIds: ['VIEW_CONTROL_PANEL'],
+				primaryKey: companyId,
+				resourceName: '90',
+				scope: 1,
+			},
+			{
+				actionIds: ['ACCESS_IN_CONTROL_PANEL'],
+				primaryKey: companyId,
+				resourceName:
+					'com_liferay_exportimport_web_portlet_CompanyExportPortlet',
+				scope: 1,
+			},
+		],
+	});
+
+	const roleWithoutPermissions = await apiHelpers.headlessAdminUser.postRole({
+		name: 'role' + getRandomInt(),
+		rolePermissions: [
+			{
+				actionIds: ['VIEW_CONTROL_PANEL'],
+				primaryKey: companyId,
+				resourceName: '90',
+				scope: 1,
+			},
+		],
+	});
+
+	const user1 = await apiHelpers.headlessAdminUser.postUserAccount();
+
+	userData[user1.alternateName] = {
+		name: user1.givenName,
+		password: 'test',
+		surname: user1.familyName,
+	};
+
+	await apiHelpers.headlessAdminUser.assignUserToRole(
+		roleWithPermissions.externalReferenceCode,
+		user1.id
+	);
+
+	const user2 = await apiHelpers.headlessAdminUser.postUserAccount();
+
+	userData[user2.alternateName] = {
+		name: user2.givenName,
+		password: 'test',
+		surname: user2.familyName,
+	};
+
+	await apiHelpers.headlessAdminUser.assignUserToRole(
+		roleWithoutPermissions.externalReferenceCode,
+		user2.id
+	);
+
+	await performLogout(page);
+
+	await performLogin(page, user1.alternateName);
+
+	await applicationsMenuPage.goToApplicationsMenu();
+
+	const exportUrl =
+		await applicationsMenuPage.exportMenuItem.getAttribute('href');
+
+	await expect(applicationsMenuPage.exportMenuItem).toBeVisible();
+
+	await applicationsMenuPage.goToExport();
+
+	await expect(
+		companyExportImportPage.exportImportPage.newExportButton
+	).toBeVisible();
+
+	await performLogout(page);
+
+	await performLogin(page, user2.alternateName);
+
+	await expect(applicationsMenuPage.applicationsMenuTabButton).toBeHidden();
+
+	// Try to access the Export page directly using the stored URL
+
+	await page.goto(exportUrl);
+
+	await expect(
+		companyExportImportPage.exportImportPage.newExportButton
+	).toBeHidden();
+});

modules/test/playwright/tests/export-import-web/import.spec.ts

@@ -12,6 +12,7 @@ import fs from 'fs/promises';
 import * as path from 'path';
 import {getComparator} from 'playwright-core/lib/utils';
 
+import {applicationsMenuPageTest} from '../../fixtures/applicationsMenuPageTest';
 import {dataApiHelpersTest} from '../../fixtures/dataApiHelpersTest';
 import {depotAdminPageTest} from '../../fixtures/depotAdminPageTest';
 import {documentLibraryPagesTest} from '../../fixtures/documentLibraryPages.fixtures';
@@ -21,14 +22,17 @@ import {loginTest} from '../../fixtures/loginTest';
 import {pageEditorPagesTest} from '../../fixtures/pageEditorPagesTest';
 import {pageTemplatesPagesTest} from '../../fixtures/pageTemplatesPagesTest';
 import {wikiPagesTest} from '../../fixtures/wikiPagesTest';
+import {getRandomInt} from '../../utils/getRandomInt';
 import getRandomString from '../../utils/getRandomString';
+import performLogin, {performLogout, userData} from '../../utils/performLogin';
 import {getTempDir} from '../../utils/temp';
 import {readFileFromZip} from '../../utils/zip';
 import {companyExportImportPageTest} from './fixtures/companyExportImportPagesTest';
 import {exportImportPagesTest} from './fixtures/exportImportPagesTest';
 import {stagingPageTest} from './fixtures/stagingPageTest';
 
 export const test = mergeTests(
+	applicationsMenuPageTest,
 	companyExportImportPageTest,
 	dataApiHelpersTest,
 	depotAdminPageTest,
@@ -479,3 +483,102 @@ test('can import custom object entries at instance level with or without permiss
 		})
 	);
 });
+
+test('Can/not view Import menu item in Application menu depending on permissions', async ({
+	apiHelpers,
+	applicationsMenuPage,
+	companyExportImportPage,
+	page,
+}) => {
+	const companyId = await page.evaluate(() => {
+		return Liferay.ThemeDisplay.getCompanyId();
+	});
+
+	const roleWithPermissions = await apiHelpers.headlessAdminUser.postRole({
+		name: 'role' + getRandomInt(),
+		rolePermissions: [
+			{
+				actionIds: ['VIEW_CONTROL_PANEL'],
+				primaryKey: companyId,
+				resourceName: '90',
+				scope: 1,
+			},
+			{
+				actionIds: ['ACCESS_IN_CONTROL_PANEL'],
+				primaryKey: companyId,
+				resourceName:
+					'com_liferay_exportimport_web_portlet_CompanyImportPortlet',
+				scope: 1,
+			},
+		],
+	});
+
+	const roleWithoutPermissions = await apiHelpers.headlessAdminUser.postRole({
+		name: 'role' + getRandomInt(),
+		rolePermissions: [
+			{
+				actionIds: ['VIEW_CONTROL_PANEL'],
+				primaryKey: companyId,
+				resourceName: '90',
+				scope: 1,
+			},
+		],
+	});
+
+	const user1 = await apiHelpers.headlessAdminUser.postUserAccount();
+
+	userData[user1.alternateName] = {
+		name: user1.givenName,
+		password: 'test',
+		surname: user1.familyName,
+	};
+
+	await apiHelpers.headlessAdminUser.assignUserToRole(
+		roleWithPermissions.externalReferenceCode,
+		user1.id
+	);
+
+	const user2 = await apiHelpers.headlessAdminUser.postUserAccount();
+
+	userData[user2.alternateName] = {
+		name: user2.givenName,
+		password: 'test',
+		surname: user2.familyName,
+	};
+
+	await apiHelpers.headlessAdminUser.assignUserToRole(
+		roleWithoutPermissions.externalReferenceCode,
+		user2.id
+	);
+
+	await performLogout(page);
+
+	await performLogin(page, user1.alternateName);
+
+	await applicationsMenuPage.goToApplicationsMenu();
+
+	const importUrl =
+		await applicationsMenuPage.importMenuItem.getAttribute('href');
+
+	await expect(applicationsMenuPage.importMenuItem).toBeVisible();
+
+	await applicationsMenuPage.goToImport();
+
+	await expect(
+		companyExportImportPage.exportImportPage.newImportButton
+	).toBeVisible();
+
+	await performLogout(page);
+
+	await performLogin(page, user2.alternateName);
+
+	await expect(applicationsMenuPage.applicationsMenuTabButton).toBeHidden();
+
+	// Try to access the Import page directly using the stored URL
+
+	await page.goto(importUrl);
+
+	await expect(
+		companyExportImportPage.exportImportPage.newImportButton
+	).toBeHidden();
+});

modules/test/playwright/tests/export-import-web/pages/ExportImportPage.ts

@@ -18,7 +18,6 @@ export class ExportImportPage {
 	readonly importPermissionsButton: Locator;
 	readonly newExportButton: Locator;
 	readonly newImportButton: Locator;
-	readonly newImportProcess: Locator;
 	readonly page: Page;
 	readonly productMenuPage: ProductMenuPage;
 	readonly title: Locator;
@@ -33,9 +32,6 @@ export class ExportImportPage {
 		this.importPermissionsButton = page.getByLabel('Import Permissions');
 		this.newExportButton = page.getByRole('link', {name: 'Custom Export'});
 		this.newImportButton = page.getByRole('link', {name: 'Import'});
-		this.newImportProcess = page.getByRole('button', {
-			name: 'New',
-		});
 		this.page = page;
 		this.productMenuPage = new ProductMenuPage(page);
 		this.title = page.getByPlaceholder('Enter the name of the process');