Skip to content

392 — should check when user have only project basic permission

Description

Verifies that an employee with the "Projects basic" project-scoped role (granted on a single project, not globally) sees only that project, can edit its time budget on details, but cannot see price budgets and cannot edit task budgets.

Preconditions

  • A signed-in owner who will create the project role, plus an invited employee who will be added as a member of the first project with that role.
  • Seed data: two projects with budgets and tasks plus one time record per project.

Steps

  1. As the owner, go to Roles → Project roles, add a project role with the test title, toggle "Projects basic" on (project-role flavour), then save. Expected: the new project role exists.
  2. Add the employee to the first project with the new role via API. Expected: the API confirms the member was added with the matching role id.
  3. Reset the session and sign in as the employee. Open the Projects list. Expected: only 1 project (the one the employee was added to) is visible.
  4. Inspect the columns. Expected: the time budget column is visible with values from the API; the price budget column is hidden.
  5. Open the project and switch to Project details. Expected: the time budget field is editable; the price budget field is not rendered.
  6. Open the Tasks tab and enable "Time budget" in the column manager. Expected: the time budget column becomes visible; the price budget column stays hidden (its toggle is locked).
  7. Open the task row. Expected: in the task modal the time budget is locked and the price budget is not rendered (project-basic doesn't grant task edit).
  • Spec: playwright/tests/integration/permissions.spec.ts (line 1125)