tests: add test cases for non-admin actions to admin resources

2026-05-18 21:46:19 -04:00 · 2024-07-18 16:17:52 +05:45
parent 81ef018b9f
commit dd8a3eb3d2
15 changed files with 273 additions and 48 deletions
--- a/tests/acceptance/features/apiGraph/getAssignedRole.feature
+++ b/tests/acceptance/features/apiGraph/getAssignedRole.feature
@@ -0,0 +1,58 @@
+Feature: assign role
+  As an admin,
+  I want to assign roles to users.
+  So that users without an admin role cannot get the list of roles, assignments list and assign roles to users
+
+  Background:
+    Given user "Alice" has been created with default attributes and without skeleton files
+
+
+  Scenario Outline: get assigned role of a user
+    Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
+    When the administrator retrieves the assigned role of user "Alice" using the Graph API
+    Then the HTTP status code should be "200"
+    And the Graph API response should have the role "<user-role>"
+    Examples:
+      | user-role   |
+      | Admin       |
+      | Space Admin |
+      | User        |
+      | User Light  |
+
+  @issue-5032
+  Scenario Outline: get assigned role of a user via setting api
+    Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
+    When user "Alice" tries to get list of assignment
+    Then the HTTP status code should be "<http-status-code>"
+    And the setting API response should have the role "<user-role>"
+    Examples:
+      | user-role   | http-status-code |
+      | Admin       | 201              |
+      | Space Admin | 401              |
+      | User        | 401              |
+      | User Light  | 401              |
+
+
+  Scenario Outline: get role of a user assigned via setting api
+    Given the administrator has given "Alice" the role "<user-role>" using the settings api
+    When the administrator retrieves the assigned role of user "Alice" using the Graph API
+    Then the HTTP status code should be "200"
+    And the Graph API response should have the role "<user-role>"
+    Examples:
+      | user-role   |
+      | Admin       |
+      | Space Admin |
+      | User        |
+      | User Light  |
+
+
+  Scenario: non-admin user tries to get assigned role of another user
+    Given user "Brian" has been created with default attributes and without skeleton files
+    When user "Alice" tries to get the assigned role of user "Brian" using the Graph API
+    Then the HTTP status code should be "403"
+
+
+  Scenario: non-admin user tries to get assigned role of nonexistent user
+    Given user "Brian" has been created with default attributes and without skeleton files
+    When user "Alice" tries to get the assigned role of user "nonexistent" using the Graph API
+    Then the HTTP status code should be "403"