Refactor npm to use supported auth tokens

Before this MR, the npm manager test would only use
one type of authentication.

This test adds the possibility to authenticate with
personal access token, job token and deploy token.
This uses project level scopes.

app/views/shared/deploy_tokens/_form.html.haml

@@ -48,7 +48,7 @@
         .text-secondary= s_('DeployTokens|Allows read-only access to the package registry.')
 
       %fieldset.form-group.form-check
-        = f.check_box :write_package_registry, class: 'form-check-input'
+        = f.check_box :write_package_registry, class: 'form-check-input', data: { qa_selector: 'deploy_token_write_package_registry_checkbox' }
         = f.label :write_package_registry, 'write_package_registry', class: 'label-bold form-check-label'
         .text-secondary= s_('DeployTokens|Allows read and write access to the package registry.')
 

qa/qa/page/project/settings/deploy_tokens.rb

@@ -10,6 +10,7 @@ module QA
             element :deploy_token_expires_at_field
             element :deploy_token_read_repository_checkbox
             element :deploy_token_read_package_registry_checkbox
+            element :deploy_token_write_package_registry_checkbox
             element :deploy_token_read_registry_checkbox
             element :create_deploy_token_button
           end
@@ -28,9 +29,10 @@ module QA
             fill_element(:deploy_token_expires_at_field, expires_at.to_s + "\n")
           end
 
-          def fill_scopes(read_repository: false, read_registry: false, read_package_registry: false)
+          def fill_scopes(read_repository: false, read_registry: false, read_package_registry: false, write_package_registry: false)
             check_element(:deploy_token_read_repository_checkbox) if read_repository
             check_element(:deploy_token_read_package_registry_checkbox) if read_package_registry
+            check_element(:deploy_token_write_package_registry_checkbox) if write_package_registry
             check_element(:deploy_token_read_registry_checkbox) if read_registry
           end
 

qa/qa/resource/deploy_token.rb

@@ -37,7 +37,7 @@ module QA
           setting.expand_deploy_tokens do |page|
             page.fill_token_name(name)
             page.fill_token_expires_at(expires_at)
-            page.fill_scopes(read_repository: true, read_package_registry: true)
+            page.fill_scopes(read_repository: true, read_package_registry: true, write_package_registry: true)
 
             page.add_token
           end

qa/qa/specs/features/browser_ui/5_package/npm_registry_spec.rb

@@ -3,10 +3,11 @@
 module QA
   RSpec.describe 'Package', :orchestrated, :packages, :reliable, :object_storage do
     describe 'npm registry' do
+      using RSpec::Parameterized::TableSyntax
       include Runtime::Fixtures
 
       let!(:registry_scope) { Runtime::Namespace.sandbox_name }
-      let(:auth_token) do
+      let!(:personal_access_token) do
         unless Page::Main::Menu.perform(&:signed_in?)
           Flow::Login.sign_in
         end
@@ -14,6 +15,13 @@ module QA
         Resource::PersonalAccessToken.fabricate!.token
       end
 
+      let(:project_deploy_token) do
+        Resource::DeployToken.fabricate_via_browser_ui! do |deploy_token|
+          deploy_token.name = 'npm-deploy-token'
+          deploy_token.project = project
+        end
+      end
+
       let(:uri) { URI.parse(Runtime::Scenario.gitlab_address) }
       let(:gitlab_address_with_port) { "#{uri.scheme}://#{uri.host}:#{uri.port}" }
       let(:gitlab_host_with_port) { "#{uri.host}:#{uri.port}" }
@@ -109,16 +117,6 @@ module QA
       }
       end
 
-      let(:npmrc) do
-        {
-          file_path: '.npmrc',
-          content: <<~NPMRC
-            //#{gitlab_host_with_port}/api/v4/projects/#{project.id}/packages/npm/:_authToken=#{auth_token}
-            @#{registry_scope}:registry=#{gitlab_address_with_port}/api/v4/projects/#{project.id}/packages/npm/
-          NPMRC
-        }
-      end
-
       let(:package) do
         Resource::Package.init do |package|
           package.name = "@#{registry_scope}/#{project.name}"
@@ -133,7 +131,35 @@ module QA
         another_project.remove_via_api!
       end
 
-      it 'push and pull a npm package via CI', testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/quality/test_cases/1811' do
+      where(:authentication_token_type, :token_name) do
+        :personal_access_token | 'Personal Access Token'
+        :ci_job_token          | 'CI Job Token'
+        :project_deploy_token  | 'Deploy Token'
+      end
+
+      with_them do
+        let(:auth_token) do
+          case authentication_token_type
+          when :personal_access_token
+            "\"#{personal_access_token}\""
+          when :ci_job_token
+            '${CI_JOB_TOKEN}'
+          when :project_deploy_token
+            "\"#{project_deploy_token.password}\""
+          end
+        end
+
+        let(:npmrc) do
+          {
+            file_path: '.npmrc',
+            content: <<~NPMRC
+              //#{gitlab_host_with_port}/api/v4/projects/#{project.id}/packages/npm/:_authToken=#{auth_token}
+              @#{registry_scope}:registry=#{gitlab_address_with_port}/api/v4/projects/#{project.id}/packages/npm/
+            NPMRC
+          }
+        end
+
+        it "push and pull a npm package via CI using a #{params[:token_name]}", testcase: 'https://gitlab.com/gitlab-org/quality/testcases/-/issues/1772' do
           Resource::Repository::Commit.fabricate_via_api! do |commit|
             commit.project = project
             commit.commit_message = 'Add .gitlab-ci.yml'
@@ -203,4 +229,5 @@ module QA
         end
       end
     end
+  end
 end