ToolJet/server/test/controllers/org_constants.e2e-spec.ts

/* eslint-disable @typescript-eslint/no-unused-vars */
import * as request from 'supertest';
import { INestApplication } from '@nestjs/common';
import {
  clearDB,
  createUser,
  createNestAppInstance,
  createGroupPermission,
  authenticateUser,
  createAppEnvironments,
} from '../test.helper';
import { getManager } from 'typeorm';
import { GroupPermission } from 'src/entities/group_permission.entity';
import { OrgEnvironmentConstantValue } from 'src/entities/org_environment_constant_values.entity';

const createConstant = async (app: INestApplication, adminUserData: any, body: any) => {
  return await request(app.getHttpServer())
    .post(`/api/organization-constants/`)
    .set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
    .set('Cookie', adminUserData['tokenCookie'])
    .send(body);
};

describe('organization environment constants controller', () => {
  let app: INestApplication;

  beforeEach(async () => {
    await clearDB();
  });

  beforeAll(async () => {
    app = await createNestAppInstance();
  });

  describe('GET /api/organization-constants', () => {
    it('should allow only authenticated users to list org users', async () => {
      await request(app.getHttpServer()).get('/api/organization-constants/').expect(401);
    });

    it('should list decrypted organization environment variables', async () => {
      const adminUserData = await createUser(app, {
        email: 'admin@tooljet.io',
        groups: ['admin', 'all_users'],
      });

      const organization = adminUserData.organization;

      const developerUserData = await createUser(app, {
        email: 'developer@tooljet.io',
        groups: ['developer', 'all_users'],
        organization,
      });

      const viewerUserData = await createUser(app, {
        email: 'viewer@tooljet.io',
        groups: ['viewer', 'all_users'],
        organization,
      });

      const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);

      const bodyArray = [
        {
          constant_name: 'user_name',
          value: 'The Dev',
          environments: appEnvironments.map((env) => env.id),
        },
      ];

      let loggedUser = await authenticateUser(app);
      adminUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'developer@tooljet.io');
      developerUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'viewer@tooljet.io');
      viewerUserData['tokenCookie'] = loggedUser.tokenCookie;

      const constantArray = [];
      for (const body of bodyArray) {
        const result = await createConstant(app, adminUserData, body);
        constantArray.push(result.body.constant);
      }

      await request(app.getHttpServer())
        .get(`/api/organization-constants/`)
        .set('tj-workspace-id', developerUserData.user.defaultOrganizationId)
        .set('Cookie', developerUserData['tokenCookie'])
        .send()
        .expect(200);

      await request(app.getHttpServer())
        .get(`/api/organization-constants/`)
        .set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)
        .set('Cookie', viewerUserData['tokenCookie'])
        .send()
        .expect(200);

      const listResponse = await request(app.getHttpServer())
        .get(`/api/organization-constants/`)
        .set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
        .set('Cookie', adminUserData['tokenCookie'])
        .send()
        .expect(200);

      listResponse.body.constants.map((constant: any, index: any) => {
        const orgConstant = JSON.parse(JSON.stringify(constant));

        delete orgConstant.createdAt;
        delete orgConstant.id;

        const expectedConstant = {
          name: bodyArray[index].constant_name,
          values: bodyArray[index].environments.map((envId: any) => {
            const appEnvironment = appEnvironments.find((env) => env.id === envId);
            return {
              environmentName: appEnvironment.name,
              value: bodyArray[index].value,
              id: appEnvironment.id,
            };
          }),
        };

        expect(orgConstant).toEqual(expectedConstant);
      });
    });
  });

  describe('POST /api/organization-constants/', () => {
    it('should be able to create a new constant if group is admin or has create permission in the same organization', async () => {
      const adminUserData = await createUser(app, {
        email: 'admin@tooljet.io',
        groups: ['all_users', 'admin'],
      });
      const developerUserData = await createUser(app, {
        email: 'dev@tooljet.io',
        groups: ['all_users', 'developer'],
        organization: adminUserData.organization,
      });

      const viewerUserData = await createUser(app, {
        email: 'viewer@tooljet.io',
        groups: ['viewer', 'all_users'],
        organization: adminUserData.organization,
      });

      const developerGroup = await getManager().findOneOrFail(GroupPermission, {
        where: { group: 'developer' },
      });

      await getManager().update(GroupPermission, developerGroup.id, {
        orgEnvironmentConstantCreate: true,
      });

      let loggedUser = await authenticateUser(app);
      adminUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'dev@tooljet.io');
      developerUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'viewer@tooljet.io');
      viewerUserData['tokenCookie'] = loggedUser.tokenCookie;

      const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);

      await request(app.getHttpServer())
        .post(`/api/organization-constants/`)
        .set('Cookie', adminUserData['tokenCookie'])
        .set('tj-workspace-id', adminUserData.user.defaultOrganizationId)
        .send({
          constant_name: 'email',
          value: 'test@tooljet.com',
          environments: [appEnvironments[0].id],
        })
        .expect(201);

      await request(app.getHttpServer())
        .post(`/api/organization-constants/`)
        .set('tj-workspace-id', developerUserData.user.defaultOrganizationId)
        .set('Cookie', developerUserData['tokenCookie'])
        .send({
          constant_name: 'test_token',
          value: 'test_token_value',
          environments: [appEnvironments[0].id],
        })
        .expect(201);

      await request(app.getHttpServer())
        .post(`/api/organization-constants/`)
        .set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)
        .set('Cookie', viewerUserData['tokenCookie'])
        .send({
          constant_name: 'pi',
          value: '3.14',
          environments: [appEnvironments[0].id],
        })
        .expect(403);
    });
  });

  describe('PATCH /api/organization-constants/:id', () => {
    it('should be able to update an existing variable if group is admin or has update permission in the same organization', async () => {
      const adminUserData = await createUser(app, {
        email: 'admin@tooljet.io',
        groups: ['all_users', 'admin'],
      });
      const developerUserData = await createUser(app, {
        email: 'dev@tooljet.io',
        groups: ['all_users', 'developer'],
        organization: adminUserData.organization,
      });

      const viewerUserData = await createUser(app, {
        email: 'viewer@tooljet.io',
        groups: ['viewer', 'all_users'],
        organization: adminUserData.organization,
      });

      let loggedUser = await authenticateUser(app);
      adminUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'dev@tooljet.io');
      developerUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'viewer@tooljet.io');
      viewerUserData['tokenCookie'] = loggedUser.tokenCookie;

      const developerGroup = await getManager().findOneOrFail(GroupPermission, {
        where: { group: 'developer' },
      });

      await getManager().update(GroupPermission, developerGroup.id, {
        orgEnvironmentConstantCreate: true,
      });
      const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);

      const response = await createConstant(app, adminUserData, {
        constant_name: 'user_name',
        value: 'The Dev',
        environments: appEnvironments.map((env) => env.id),
      });

      for (const userData of [adminUserData, developerUserData]) {
        await request(app.getHttpServer())
          .patch(`/api/organization-constants/${response.body.constant.id}`)
          .set('tj-workspace-id', userData.user.defaultOrganizationId)
          .set('Cookie', userData['tokenCookie'])
          .send({
            value: 'User',
            environment_id: appEnvironments[0].id,
          })
          .expect(200);

        const updatedVariable = await getManager().findOne(OrgEnvironmentConstantValue, {
          where: {
            organizationConstantId: response.body.constant.id,
            environmentId: appEnvironments[0].id,
          },
        });

        expect(updatedVariable.value).toEqual('User');
      }

      await request(app.getHttpServer())
        .patch(`/api/organization-constants/${response.body.constant.id}`)
        .set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)
        .set('Cookie', viewerUserData['tokenCookie'])
        .send({
          value: 'Viewer',
          environment_id: appEnvironments[0].id,
        })
        .expect(403);
    });
  });

  describe('DELETE /api/organization-constants/:id', () => {
    it('should be able to delete an existing constant if group is admin or has delete permission in the same organization', async () => {
      const adminUserData = await createUser(app, {
        email: 'admin@tooljet.io',
        groups: ['all_users', 'admin'],
      });
      const developerUserData = await createUser(app, {
        email: 'dev@tooljet.io',
        groups: ['all_users', 'developer'],
        organization: adminUserData.organization,
      });

      const viewerUserData = await createUser(app, {
        email: 'viewer@tooljet.io',
        groups: ['viewer', 'all_users'],
        organization: adminUserData.organization,
      });

      let loggedUser = await authenticateUser(app);
      adminUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'dev@tooljet.io');
      developerUserData['tokenCookie'] = loggedUser.tokenCookie;

      loggedUser = await authenticateUser(app, 'viewer@tooljet.io');
      viewerUserData['tokenCookie'] = loggedUser.tokenCookie;

      const developerGroup = await getManager().findOneOrFail(GroupPermission, {
        where: { group: 'developer' },
      });

      const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);

      await getManager().update(GroupPermission, developerGroup.id, {
        orgEnvironmentConstantDelete: true,
      });

      for (const userData of [adminUserData, developerUserData]) {
        const response = await createConstant(app, adminUserData, {
          constant_name: 'user_name',
          value: 'The Dev',
          environments: appEnvironments.map((env) => env.id),
        });

        const preCount = await getManager().count(OrgEnvironmentConstantValue);

        const x = await request(app.getHttpServer())
          .delete(`/api/organization-constants/${response.body.constant.id}?environmentId=${appEnvironments[0].id}`)
          .set('tj-workspace-id', userData.user.defaultOrganizationId)
          .set('Cookie', userData['tokenCookie'])
          .send()
          .expect(200);

        const postCount = await getManager().count(OrgEnvironmentConstantValue);
        expect(postCount).toEqual(preCount - 1);
      }

      const response = await createConstant(app, adminUserData, {
        constant_name: 'email',
        value: 'dev@tooljet.io',
        environments: appEnvironments.map((env) => env.id),
      });

      await request(app.getHttpServer())
        .delete(`/api/organization-constants/${response.body.constant.id}?environmentId=${appEnvironments[0].id}`)
        .set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)
        .set('Cookie', viewerUserData['tokenCookie'])
        .send()
        .expect(403);
    });
  });

  afterAll(async () => {
    await app.close();
  });
});
Feature - Workspace environment constants (#6810) * init-- * org constants: controllers, services, module and api for creating new constants * read operation: all constants from all envs and all constants from a env * update and delete operation * updated delete msg * encrypt constant value before saving and decrypt before sending back to controller * adds group permission for org constants and required migrations * adds ability to create constant * adds group permissions and fixes migrations * adds workspace constant permission to workspace settings UI * ToolJetUI - componenst, ref: ee/5c92dc9c03b73d7006562d71d639fe4eb1971dee * Org constants UI * UI updates: display constant value as per enviroment * Added client side pagination * groups without create/edit/delete permission can only view the the constants * group permission: Create and Edit - UI updates * create/update/date flow - UI * extending api support to create constant in multiple environments * UI - add constant for multiple envs * disable name input for update operation * UI fixes and updates * adds deprecating banner to variables dashboard * removes update/create from UI --variables * adding depricating soon alert in codehinter when workspace vars are used * extra check to display the banner in preview of cdehinter * resolves constants for admin in client-side * resolves constants client-side and server side for queries * include grp permission for create/delete for org constants * resolves org constants in runJS and runPY * cleanup * updated the tab UI * fixed: constant pagination footer * fixes client side pagination bug * adds docs link * ui updates and fixes ui flickering on closing the drawer * refactor updating table data * adds error state to constant forms * remove the alert from runJS and runPY after 5s * added max length constraint for constant value * refactor: component form * delete only constant as per environment * remove unwanted logs * resolves constants in gds connection forms * resolve gds source options for testConnections, preview and runQuery * UI style fixes: banner * remove alert banner for runJS and runPY * input text color fixed * style fixes for disabled inputs * Edit constant- Until value is changed- CTA should be disabled * adds tooltip for table name and value * adds tooltip for disbaled input in edit drawer * updated the tooltip position * handle input height on type for large strings * added empty state * adds new badge for workspace constants * substring should be different for viewers * resolve constants in viewer * add support to resolve constants for widgets and queires in public apps * changed the api endpoint for org constant for env * bugfix: handle org constants for encrypted value from source options * add support to resolve app variables and constants in a single single * fixes: multiple multiline and same line variables * refactor * cleanup * remove encryption for ce * remove group permission from permission dashboard * text transform for badge * added padding for each table row * updated alert banner padding * updated alert banner padding * updates width for empty banner * refactor * adds tests for constant api * added validations for constant name * updates textare dynamic form * updates the resolvers for constants * removes decryptiong for source options in services * refactor - frontend * resolved conflicts * fixes: typo-1 ~ workspace variables alert * fixes: inconsistency in alert info icon * fixes: naming convention consistency * fixes: dark theme for confirm box * disable create button for add constant with same name, * adds error state for updating constant with same value * fixes: error message typo * fixes: error message typo * fixes position of tooltip * fixes frontend lint issues * update lock file * UI updates and typos * cleanup-refactor * checking error state before creating * should check all error states * resolving multiple constants and app variables in a single line * reafactore * fixed: depricating icon : codehinter preview box * remove log * remove repeated logic for deleteOrgEnvironmentConstant * only return status code for delete request for org constants * Add data-cy for workspace constants elements (#7251) * updates contants doc link --------- Co-authored-by: Ajith KV <ajith.jaban@gmail.com> 2023-08-14 08:58:51 +00:00			`/* eslint-disable @typescript-eslint/no-unused-vars */`
			`import * as request from 'supertest';`
			`import { INestApplication } from '@nestjs/common';`
			`import {`
			`clearDB,`
			`createUser,`
			`createNestAppInstance,`
			`createGroupPermission,`
			`authenticateUser,`
			`createAppEnvironments,`
			`} from '../test.helper';`
			`import { getManager } from 'typeorm';`
			`import { GroupPermission } from 'src/entities/group_permission.entity';`
			`import { OrgEnvironmentConstantValue } from 'src/entities/org_environment_constant_values.entity';`

			`const createConstant = async (app: INestApplication, adminUserData: any, body: any) => {`
			`return await request(app.getHttpServer())`
			.post(`/api/organization-constants/`)
			`.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)`
			`.set('Cookie', adminUserData['tokenCookie'])`
			`.send(body);`
			`};`

			`describe('organization environment constants controller', () => {`
			`let app: INestApplication;`

			`beforeEach(async () => {`
			`await clearDB();`
			`});`

			`beforeAll(async () => {`
			`app = await createNestAppInstance();`
			`});`

			`describe('GET /api/organization-constants', () => {`
			`it('should allow only authenticated users to list org users', async () => {`
			`await request(app.getHttpServer()).get('/api/organization-constants/').expect(401);`
			`});`

			`it('should list decrypted organization environment variables', async () => {`
			`const adminUserData = await createUser(app, {`
			`email: 'admin@tooljet.io',`
			`groups: ['admin', 'all_users'],`
			`});`

			`const organization = adminUserData.organization;`

			`const developerUserData = await createUser(app, {`
			`email: 'developer@tooljet.io',`
			`groups: ['developer', 'all_users'],`
			`organization,`
			`});`

			`const viewerUserData = await createUser(app, {`
			`email: 'viewer@tooljet.io',`
			`groups: ['viewer', 'all_users'],`
			`organization,`
			`});`

			`const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);`

			`const bodyArray = [`
			`{`
			`constant_name: 'user_name',`
			`value: 'The Dev',`
			`environments: appEnvironments.map((env) => env.id),`
			`},`
			`];`

			`let loggedUser = await authenticateUser(app);`
			`adminUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'developer@tooljet.io');`
			`developerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'viewer@tooljet.io');`
			`viewerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`const constantArray = [];`
			`for (const body of bodyArray) {`
			`const result = await createConstant(app, adminUserData, body);`
			`constantArray.push(result.body.constant);`
			`}`

			`await request(app.getHttpServer())`
			.get(`/api/organization-constants/`)
			`.set('tj-workspace-id', developerUserData.user.defaultOrganizationId)`
			`.set('Cookie', developerUserData['tokenCookie'])`
			`.send()`
			`.expect(200);`

			`await request(app.getHttpServer())`
			.get(`/api/organization-constants/`)
			`.set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)`
			`.set('Cookie', viewerUserData['tokenCookie'])`
			`.send()`
			`.expect(200);`

			`const listResponse = await request(app.getHttpServer())`
			.get(`/api/organization-constants/`)
			`.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)`
			`.set('Cookie', adminUserData['tokenCookie'])`
			`.send()`
			`.expect(200);`

			`listResponse.body.constants.map((constant: any, index: any) => {`
			`const orgConstant = JSON.parse(JSON.stringify(constant));`

			`delete orgConstant.createdAt;`
			`delete orgConstant.id;`

			`const expectedConstant = {`
			`name: bodyArray[index].constant_name,`
			`values: bodyArray[index].environments.map((envId: any) => {`
			`const appEnvironment = appEnvironments.find((env) => env.id === envId);`
			`return {`
			`environmentName: appEnvironment.name,`
			`value: bodyArray[index].value,`
			`id: appEnvironment.id,`
			`};`
			`}),`
			`};`

			`expect(orgConstant).toEqual(expectedConstant);`
			`});`
			`});`
			`});`

			`describe('POST /api/organization-constants/', () => {`
			`it('should be able to create a new constant if group is admin or has create permission in the same organization', async () => {`
			`const adminUserData = await createUser(app, {`
			`email: 'admin@tooljet.io',`
			`groups: ['all_users', 'admin'],`
			`});`
			`const developerUserData = await createUser(app, {`
			`email: 'dev@tooljet.io',`
			`groups: ['all_users', 'developer'],`
			`organization: adminUserData.organization,`
			`});`

			`const viewerUserData = await createUser(app, {`
			`email: 'viewer@tooljet.io',`
			`groups: ['viewer', 'all_users'],`
			`organization: adminUserData.organization,`
			`});`

			`const developerGroup = await getManager().findOneOrFail(GroupPermission, {`
			`where: { group: 'developer' },`
			`});`

			`await getManager().update(GroupPermission, developerGroup.id, {`
			`orgEnvironmentConstantCreate: true,`
			`});`

			`let loggedUser = await authenticateUser(app);`
			`adminUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'dev@tooljet.io');`
			`developerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'viewer@tooljet.io');`
			`viewerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);`

			`await request(app.getHttpServer())`
			.post(`/api/organization-constants/`)
			`.set('Cookie', adminUserData['tokenCookie'])`
			`.set('tj-workspace-id', adminUserData.user.defaultOrganizationId)`
			`.send({`
			`constant_name: 'email',`
			`value: 'test@tooljet.com',`
			`environments: [appEnvironments[0].id],`
			`})`
			`.expect(201);`

			`await request(app.getHttpServer())`
			.post(`/api/organization-constants/`)
			`.set('tj-workspace-id', developerUserData.user.defaultOrganizationId)`
			`.set('Cookie', developerUserData['tokenCookie'])`
			`.send({`
			`constant_name: 'test_token',`
			`value: 'test_token_value',`
			`environments: [appEnvironments[0].id],`
			`})`
			`.expect(201);`

			`await request(app.getHttpServer())`
			.post(`/api/organization-constants/`)
			`.set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)`
			`.set('Cookie', viewerUserData['tokenCookie'])`
			`.send({`
			`constant_name: 'pi',`
			`value: '3.14',`
			`environments: [appEnvironments[0].id],`
			`})`
			`.expect(403);`
			`});`
			`});`

			`describe('PATCH /api/organization-constants/:id', () => {`
			`it('should be able to update an existing variable if group is admin or has update permission in the same organization', async () => {`
			`const adminUserData = await createUser(app, {`
			`email: 'admin@tooljet.io',`
			`groups: ['all_users', 'admin'],`
			`});`
			`const developerUserData = await createUser(app, {`
			`email: 'dev@tooljet.io',`
			`groups: ['all_users', 'developer'],`
			`organization: adminUserData.organization,`
			`});`

			`const viewerUserData = await createUser(app, {`
			`email: 'viewer@tooljet.io',`
			`groups: ['viewer', 'all_users'],`
			`organization: adminUserData.organization,`
			`});`

			`let loggedUser = await authenticateUser(app);`
			`adminUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'dev@tooljet.io');`
			`developerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'viewer@tooljet.io');`
			`viewerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`const developerGroup = await getManager().findOneOrFail(GroupPermission, {`
			`where: { group: 'developer' },`
			`});`

			`await getManager().update(GroupPermission, developerGroup.id, {`
			`orgEnvironmentConstantCreate: true,`
			`});`
			`const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);`

			`const response = await createConstant(app, adminUserData, {`
			`constant_name: 'user_name',`
			`value: 'The Dev',`
			`environments: appEnvironments.map((env) => env.id),`
			`});`

			`for (const userData of [adminUserData, developerUserData]) {`
			`await request(app.getHttpServer())`
			.patch(`/api/organization-constants/${response.body.constant.id}`)
			`.set('tj-workspace-id', userData.user.defaultOrganizationId)`
			`.set('Cookie', userData['tokenCookie'])`
			`.send({`
			`value: 'User',`
			`environment_id: appEnvironments[0].id,`
			`})`
			`.expect(200);`

			`const updatedVariable = await getManager().findOne(OrgEnvironmentConstantValue, {`
			`where: {`
			`organizationConstantId: response.body.constant.id,`
			`environmentId: appEnvironments[0].id,`
			`},`
			`});`

			`expect(updatedVariable.value).toEqual('User');`
			`}`

			`await request(app.getHttpServer())`
			.patch(`/api/organization-constants/${response.body.constant.id}`)
			`.set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)`
			`.set('Cookie', viewerUserData['tokenCookie'])`
			`.send({`
			`value: 'Viewer',`
			`environment_id: appEnvironments[0].id,`
			`})`
			`.expect(403);`
			`});`
			`});`

			`describe('DELETE /api/organization-constants/:id', () => {`
			`it('should be able to delete an existing constant if group is admin or has delete permission in the same organization', async () => {`
			`const adminUserData = await createUser(app, {`
			`email: 'admin@tooljet.io',`
			`groups: ['all_users', 'admin'],`
			`});`
			`const developerUserData = await createUser(app, {`
			`email: 'dev@tooljet.io',`
			`groups: ['all_users', 'developer'],`
			`organization: adminUserData.organization,`
			`});`

			`const viewerUserData = await createUser(app, {`
			`email: 'viewer@tooljet.io',`
			`groups: ['viewer', 'all_users'],`
			`organization: adminUserData.organization,`
			`});`

			`let loggedUser = await authenticateUser(app);`
			`adminUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'dev@tooljet.io');`
			`developerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`loggedUser = await authenticateUser(app, 'viewer@tooljet.io');`
			`viewerUserData['tokenCookie'] = loggedUser.tokenCookie;`

			`const developerGroup = await getManager().findOneOrFail(GroupPermission, {`
			`where: { group: 'developer' },`
			`});`

			`const appEnvironments = await createAppEnvironments(app, adminUserData.user.organizationId);`

			`await getManager().update(GroupPermission, developerGroup.id, {`
			`orgEnvironmentConstantDelete: true,`
			`});`

			`for (const userData of [adminUserData, developerUserData]) {`
			`const response = await createConstant(app, adminUserData, {`
			`constant_name: 'user_name',`
			`value: 'The Dev',`
			`environments: appEnvironments.map((env) => env.id),`
			`});`

			`const preCount = await getManager().count(OrgEnvironmentConstantValue);`

			`const x = await request(app.getHttpServer())`
			.delete(`/api/organization-constants/${response.body.constant.id}?environmentId=${appEnvironments[0].id}`)
			`.set('tj-workspace-id', userData.user.defaultOrganizationId)`
			`.set('Cookie', userData['tokenCookie'])`
			`.send()`
			`.expect(200);`

			`const postCount = await getManager().count(OrgEnvironmentConstantValue);`
			`expect(postCount).toEqual(preCount - 1);`
			`}`

			`const response = await createConstant(app, adminUserData, {`
			`constant_name: 'email',`
			`value: 'dev@tooljet.io',`
			`environments: appEnvironments.map((env) => env.id),`
			`});`

			`await request(app.getHttpServer())`
			.delete(`/api/organization-constants/${response.body.constant.id}?environmentId=${appEnvironments[0].id}`)
			`.set('tj-workspace-id', viewerUserData.user.defaultOrganizationId)`
			`.set('Cookie', viewerUserData['tokenCookie'])`
			`.send()`
			`.expect(403);`
			`});`
			`});`

			`afterAll(async () => {`
			`await app.close();`
			`});`
			`});`