@@ -775,6 +775,57 @@ async fn test_silo_users_list(cptestctx: &ControlPlaneTestContext) {
775775 ]
776776 ) ;
777777
778+ // Create another Silo with a Silo administrator. That user should not be
779+ // able to see the users in the first Silo.
780+
781+ let silo =
782+ create_silo ( client, "silo2" , true , shared:: UserProvisionType :: Fixed )
783+ . await ;
784+ let new_silo_user_id =
785+ "6922f0b2-9a92-659b-da6b-93ad4955a3a3" . parse ( ) . unwrap ( ) ;
786+ let new_silo_user_name = String :: from ( "some_silo_user" ) ;
787+ nexus
788+ . silo_user_create (
789+ silo. identity . id ,
790+ new_silo_user_id,
791+ new_silo_user_name. clone ( ) ,
792+ )
793+ . await
794+ . unwrap ( ) ;
795+ grant_iam (
796+ client,
797+ "/silos/silo2" ,
798+ SiloRole :: Admin ,
799+ new_silo_user_id,
800+ AuthnMode :: PrivilegedUser ,
801+ )
802+ . await ;
803+
804+ let silo2_users: dropshot:: ResultsPage < views:: User > =
805+ NexusRequest :: object_get ( client, "/users" )
806+ . authn_as ( AuthnMode :: SiloUser ( new_silo_user_id) )
807+ . execute ( )
808+ . await
809+ . unwrap ( )
810+ . parsed_body ( )
811+ . unwrap ( ) ;
812+ assert_eq ! (
813+ silo2_users. items,
814+ vec![ views:: User {
815+ id: new_silo_user_id,
816+ display_name: new_silo_user_name,
817+ } ]
818+ ) ;
819+
820+ // The "test-privileged" user also shouldn't see the user in this other
821+ // Silo.
822+ let new_silo_users: Vec < views:: User > =
823+ NexusRequest :: iter_collection_authn ( client, "/users" , "" , Some ( 1 ) )
824+ . await
825+ . expect ( "failed to list silo users (2)" )
826+ . all_items ;
827+ assert_eq ! ( silo_users, new_silo_users, ) ;
828+
778829 // TODO-coverage When we have a way to remove or invalidate Silo Users, we
779830 // should test that doing so causes them to stop appearing in the list.
780831}
0 commit comments