upcoming: [M3-7462] - User Permissions: Configure Billing Account Acc…

…ess (#10069)

Co-authored-by: Jaalah Ramos <jaalah.ramos@gmail.com>
Co-authored-by: Mariah Jacobs <114685994+mjac0bs@users.noreply.github.com>

packages/manager/.changeset/pr-10069-upcoming-features-1705512789450.md

@@ -0,0 +1,5 @@
+---
+"@linode/manager": Upcoming Features
+---
+
+User Permissions: Configure Billing Account Access ([#10069](https://github.com/linode/manager/pull/10069))

packages/manager/cypress/e2e/core/account/user-permissions.spec.ts

@@ -558,4 +558,81 @@ describe('User permission management', () => {
           .click();
       });
   });
+
+  it('disables "Read Only" and "None" and defaults to "Read Write" Billing Access for "Proxy" account users with Parent/Child feature flag', () => {
+    const mockProfile = profileFactory.build({
+      username: 'proxy-user',
+    });
+
+    const mockActiveUser = accountUserFactory.build({
+      username: 'proxy-user',
+      restricted: false,
+      user_type: 'proxy',
+    });
+
+    const mockRestrictedUser = {
+      ...mockActiveUser,
+      restricted: true,
+      username: 'restricted-proxy-user',
+    };
+
+    const mockUserGrants = grantsFactory.build({
+      global: { account_access: 'read_write' },
+    });
+
+    // TODO: Parent/Child - M3-7559 clean up when feature is live in prod and feature flag is removed.
+    mockAppendFeatureFlags({
+      parentChildAccountAccess: makeFeatureFlagData(true),
+    }).as('getFeatureFlags');
+    mockGetFeatureFlagClientstream().as('getClientStream');
+
+    mockGetUsers([mockActiveUser, mockRestrictedUser]).as('getUsers');
+    mockGetUser(mockActiveUser);
+    mockGetUserGrants(mockActiveUser.username, mockUserGrants);
+    mockGetProfile(mockProfile);
+    mockGetUser(mockRestrictedUser);
+    mockGetUserGrants(mockRestrictedUser.username, mockUserGrants);
+
+    // Navigate to Users & Grants page, find mock restricted user, click its "User Permissions" button.
+    cy.visitWithLogin('/account/users');
+    cy.wait('@getUsers');
+    cy.findByText(mockRestrictedUser.username)
+      .should('be.visible')
+      .closest('tr')
+      .within(() => {
+        ui.button
+          .findByTitle('User Permissions')
+          .should('be.visible')
+          .should('be.enabled')
+          .click();
+      });
+
+    cy.url().should(
+      'endWith',
+      `/account/users/${mockRestrictedUser.username}/permissions`
+    );
+    cy.wait(['@getClientStream', '@getFeatureFlags']);
+
+    cy.get('[data-qa-global-section]')
+      .should('be.visible')
+      .within(() => {
+        // Confirm that 'Read-Write' Billing Access is enabled
+        cy.get(`[data-qa-select-card-heading="Read-Write"]`)
+          .closest('[data-qa-selection-card]')
+          .should('be.visible')
+          .should('be.enabled');
+        assertBillingAccessSelected('Read-Write');
+
+        // Confirm that 'Read Only' and 'None' Billing Access are disabled
+        cy.get(`[data-qa-select-card-heading="Read Only"]`)
+          .closest('[data-qa-selection-card]')
+          .should('be.visible')
+          .should('have.attr', 'disabled');
+
+        cy.get(`[data-qa-select-card-heading="None"]`)
+          .closest('[data-qa-selection-card]')
+          .should('be.visible')
+          .should('have.attr', 'disabled');
+      });
+  });
 });

packages/manager/src/features/Users/UserDetail.tsx

@@ -250,10 +250,10 @@ export const UserDetail = () => {
           </SafeTabPanel>
           <SafeTabPanel index={1}>
             <UserPermissions
+              accountUsername={profile?.username}
               clearNewUser={clearNewUser}
-              currentUser={profile?.username}
+              currentUsername={username}
               queryClient={queryClient}
-              username={username}
             />
           </SafeTabPanel>
         </TabPanels>