From 423af28f1630a90a5d05decc5af626ae9a46b76a Mon Sep 17 00:00:00 2001
From: McKayla Washburn <mckayla@hey.com>
Date: Mon, 17 Mar 2025 21:17:05 +0000
Subject: [PATCH 1/2] ok well this seems to work

---
 site/e2e/api.ts                               |  29 +++--
 site/e2e/tests/organizationGroups.spec.ts     |   8 +-
 .../e2e/tests/organizations/auditLogs.spec.ts | 100 ++++++++++++++++++
 site/e2e/tests/roles.spec.ts                  |  16 ++-
 4 files changed, 137 insertions(+), 16 deletions(-)
 create mode 100644 site/e2e/tests/organizations/auditLogs.spec.ts

diff --git a/site/e2e/api.ts b/site/e2e/api.ts
index 0dc9e46831708..5e3fd2de06802 100644
--- a/site/e2e/api.ts
+++ b/site/e2e/api.ts
@@ -38,15 +38,25 @@ export const createUser = async (...orgIds: string[]) => {
 	return user;
 };
 
-export const createOrganizationMember = async (
-	orgRoles: Record<string, string[]>,
-): Promise<LoginOptions> => {
+type CreateOrganizationMemberOptions = {
+	username?: string;
+	email?: string;
+	password?: string;
+	orgRoles: Record<string, string[]>;
+};
+
+export const createOrganizationMember = async ({
+	username = randomName(),
+	email = `${username}@coder.com`,
+	password = defaultPassword,
+	orgRoles,
+}: CreateOrganizationMemberOptions): Promise<LoginOptions> => {
 	const name = randomName();
 	const user = await API.createUser({
-		email: `${name}@coder.com`,
-		username: name,
-		name: name,
-		password: defaultPassword,
+		email,
+		username,
+		name: username,
+		password,
 		login_type: "password",
 		organization_ids: Object.keys(orgRoles),
 		user_status: null,
@@ -59,7 +69,7 @@ export const createOrganizationMember = async (
 	return {
 		username: user.username,
 		email: user.email,
-		password: defaultPassword,
+		password,
 	};
 };
 
@@ -74,8 +84,7 @@ export const createGroup = async (orgId: string) => {
 	return group;
 };
 
-export const createOrganization = async () => {
-	const name = randomName();
+export const createOrganization = async (name = randomName()) => {
 	const org = await API.createOrganization({
 		name,
 		display_name: `Org ${name}`,
diff --git a/site/e2e/tests/organizationGroups.spec.ts b/site/e2e/tests/organizationGroups.spec.ts
index 9b3ea986aa580..08768d4bbae11 100644
--- a/site/e2e/tests/organizationGroups.spec.ts
+++ b/site/e2e/tests/organizationGroups.spec.ts
@@ -34,7 +34,9 @@ test("create group", async ({ page }) => {
 	// Create a new organization
 	const org = await createOrganization();
 	const orgUserAdmin = await createOrganizationMember({
-		[org.id]: ["organization-user-admin"],
+		orgRoles: {
+			[org.id]: ["organization-user-admin"],
+		},
 	});
 
 	await login(page, orgUserAdmin);
@@ -99,7 +101,9 @@ test("change quota settings", async ({ page }) => {
 	const org = await createOrganization();
 	const group = await createGroup(org.id);
 	const orgUserAdmin = await createOrganizationMember({
-		[org.id]: ["organization-user-admin"],
+		orgRoles: {
+			[org.id]: ["organization-user-admin"],
+		},
 	});
 
 	// Go to settings
diff --git a/site/e2e/tests/organizations/auditLogs.spec.ts b/site/e2e/tests/organizations/auditLogs.spec.ts
new file mode 100644
index 0000000000000..1be64d53eae78
--- /dev/null
+++ b/site/e2e/tests/organizations/auditLogs.spec.ts
@@ -0,0 +1,100 @@
+import { type Page, chromium, expect, test } from "@playwright/test";
+import {
+	createOrganization,
+	createOrganizationMember,
+	createUser,
+	setupApiCalls,
+} from "../../api";
+import { defaultPassword, users } from "../../constants";
+import {
+	createTemplate,
+	createWorkspace,
+	currentUser,
+	login,
+	randomName,
+	requiresLicense,
+} from "../../helpers";
+import { beforeCoderTest } from "../../hooks";
+
+test.describe.configure({ mode: "parallel" });
+
+const orgName = randomName();
+
+const orgAuditor = {
+	username: `org-auditor-${orgName}`,
+	password: defaultPassword,
+	email: `org-auditor-${orgName}@coder.com`,
+};
+
+test.beforeEach(({ page }) => {
+	beforeCoderTest(page);
+});
+
+test.describe("organization scoped audit logs", () => {
+	requiresLicense();
+
+	test.beforeAll(async ({ browser }) => {
+		const context = await browser.newContext();
+		const page = await context.newPage();
+
+		await login(page);
+		await setupApiCalls(page);
+
+		const org = await createOrganization(orgName);
+		await createOrganizationMember({
+			...orgAuditor,
+			orgRoles: {
+				[org.id]: ["organization-auditor"],
+			},
+		});
+
+		await context.close();
+	});
+
+	test("organization auditors cannot see logins", async ({ page }) => {
+		// Go to the audit history
+		await login(page, orgAuditor);
+		await page.goto("/audit");
+		const username = orgAuditor.username;
+
+		const loginMessage = `${username} logged in`;
+		// Make sure those things we did all actually show up
+		await expect(page.getByText(loginMessage).first()).not.toBeVisible();
+	});
+
+	test("creating organization is logged", async ({ page }) => {
+		await login(page, orgAuditor);
+
+		// Go to the audit history
+		await page.goto("/audit", { waitUntil: "domcontentloaded" });
+
+		const auditLogText = `${users.owner.username} created organization ${orgName}`;
+		const org = page.locator(".MuiTableRow-root", {
+			hasText: auditLogText,
+		});
+		await org.scrollIntoViewIfNeeded();
+		await expect(org).toBeVisible();
+
+		await org.getByLabel("open-dropdown").click();
+		await expect(org.getByText(`icon: "/emojis/1f957.png"`)).toBeVisible();
+	});
+
+	test("assigning an organization role is logged", async ({ page }) => {
+		await login(page, orgAuditor);
+
+		// Go to the audit history
+		await page.goto("/audit", { waitUntil: "domcontentloaded" });
+
+		const auditLogText = `${users.owner.username} updated organization member ${orgAuditor.username}`;
+		const member = page.locator(".MuiTableRow-root", {
+			hasText: auditLogText,
+		});
+		await member.scrollIntoViewIfNeeded();
+		await expect(member).toBeVisible();
+
+		await member.getByLabel("open-dropdown").click();
+		await expect(
+			member.getByText(`roles: ["organization-auditor"]`),
+		).toBeVisible();
+	});
+});
diff --git a/site/e2e/tests/roles.spec.ts b/site/e2e/tests/roles.spec.ts
index 484e6294de7a1..e6b92bd944ba0 100644
--- a/site/e2e/tests/roles.spec.ts
+++ b/site/e2e/tests/roles.spec.ts
@@ -106,7 +106,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org template admin can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgTemplateAdmin = await createOrganizationMember({
-			[org.id]: ["organization-template-admin"],
+			orgRoles: {
+				[org.id]: ["organization-template-admin"],
+			},
 		});
 
 		await login(page, orgTemplateAdmin);
@@ -118,7 +120,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org user admin can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgUserAdmin = await createOrganizationMember({
-			[org.id]: ["organization-user-admin"],
+			orgRoles: {
+				[org.id]: ["organization-user-admin"],
+			},
 		});
 
 		await login(page, orgUserAdmin);
@@ -130,7 +134,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org auditor can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgAuditor = await createOrganizationMember({
-			[org.id]: ["organization-auditor"],
+			orgRoles: {
+				[org.id]: ["organization-auditor"],
+			},
 		});
 
 		await login(page, orgAuditor);
@@ -142,7 +148,9 @@ test.describe("org-scoped roles admin settings access", () => {
 	test("org admin can see admin settings", async ({ page }) => {
 		const org = await createOrganization();
 		const orgAdmin = await createOrganizationMember({
-			[org.id]: ["organization-admin"],
+			orgRoles: {
+				[org.id]: ["organization-admin"],
+			},
 		});
 
 		await login(page, orgAdmin);

From afc61cdcc100dbd6a35c8e44bf8923e2533ce4f0 Mon Sep 17 00:00:00 2001
From: McKayla Washburn <mckayla@hey.com>
Date: Mon, 17 Mar 2025 21:21:17 +0000
Subject: [PATCH 2/2] =?UTF-8?q?=F0=9F=A7=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 site/e2e/tests/organizations/auditLogs.spec.ts | 12 ++----------
 1 file changed, 2 insertions(+), 10 deletions(-)

diff --git a/site/e2e/tests/organizations/auditLogs.spec.ts b/site/e2e/tests/organizations/auditLogs.spec.ts
index 1be64d53eae78..3044d9da2d7ca 100644
--- a/site/e2e/tests/organizations/auditLogs.spec.ts
+++ b/site/e2e/tests/organizations/auditLogs.spec.ts
@@ -1,19 +1,11 @@
-import { type Page, chromium, expect, test } from "@playwright/test";
+import { type Page, expect, test } from "@playwright/test";
 import {
 	createOrganization,
 	createOrganizationMember,
-	createUser,
 	setupApiCalls,
 } from "../../api";
 import { defaultPassword, users } from "../../constants";
-import {
-	createTemplate,
-	createWorkspace,
-	currentUser,
-	login,
-	randomName,
-	requiresLicense,
-} from "../../helpers";
+import { login, randomName, requiresLicense } from "../../helpers";
 import { beforeCoderTest } from "../../hooks";
 
 test.describe.configure({ mode: "parallel" });