tests: add test cases for non-admin actions to admin resources

2026-05-16 04:03:58 -04:00 · 2024-07-18 16:17:52 +05:45
parent 81ef018b9f
commit dd8a3eb3d2
15 changed files with 273 additions and 48 deletions
--- a/tests/acceptance/features/apiGraphUserGroup/getGroup.feature
+++ b/tests/acceptance/features/apiGraphUserGroup/getGroup.feature
@@ -387,7 +387,7 @@ Feature: get groups and their members
            "properties": {
              "message": {
                "type": "string",
-                "enum": ["Unauthorized"]
+                "enum": ["Forbidden"]
              }
            }
          }
@@ -401,7 +401,7 @@ Feature: get groups and their members
      | User Light  |


-  Scenario: get details of a group
+  Scenario: admin user gets details of a group
    Given group "tea-lover" has been created
    When user "Alice" gets details of the group "tea-lover" using the Graph API
    Then the HTTP status code should be "200"
@@ -426,6 +426,41 @@ Feature: get groups and their members
      }
      """

+  @issue-5604
+  Scenario Outline: non-admin user tries to get details of a group
+    Given group "tea-lover" has been created
+    And the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
+    When user "Alice" gets details of the group "tea-lover" using the Graph API
+    Then the HTTP status code should be "403"
+    And the JSON data of the response should match
+      """
+      {
+        "type": "object",
+        "required": [
+          "error"
+        ],
+        "properties": {
+          "error": {
+            "type": "object",
+            "required": [
+              "message"
+            ],
+            "properties": {
+              "message": {
+                "type": "string",
+                "enum": ["Forbidden"]
+              }
+            }
+          }
+        }
+      }
+      """
+    Examples:
+      | user-role   |
+      | Space Admin |
+      | User        |
+      | User Light  |
+

  Scenario Outline: get details of group with UTF-8 characters name
    Given group "<group>" has been created
@@ -463,6 +498,17 @@ Feature: get groups and their members
    When user "Alice" gets details of the group "non-existing" using the Graph API
    Then the HTTP status code should be "404"

+  @issue-5604
+  Scenario Outline: non-admin user tries to get group information of non-existing group
+    Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
+    When user "Alice" gets details of the group "non-existing" using the Graph API
+    Then the HTTP status code should be "403"
+    Examples:
+      | user-role   |
+      | Space Admin |
+      | User        |
+      | User Light  |
+

  Scenario Outline: non-admin user searches for a group by group name
    Given these users have been created with default attributes and without skeleton files: