Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Test Case #:867


Test Case Name: Assign roles to a user record for requisitions

System: OpenLMIS

Subsystem: blue

Test case designed by: Lucyna Kwidzińska

Design Date:

03

04.10.2016

Short description:

 

 As an administrator, I would like to assign roles to users to provide/restrict system permissions at a user level so that users can complete their business workflows (approve requisitions) to order the right stock. Initially we will focus on the Requisition service

                                                                                                                                                   

Pre – conditions:

                                                                                                                                                                                                                                                  
 
  



Step

Action

Expected system response

Comment


Note: Remember to generate the token for authentication.

1

  Create User.

URL:  http://

172

10.

23

222.

0

17.

1

134/referencedata/api/users/?access_token=10bdce57-5093-4149-b68e-a9a19209f9c3

Method: PUT

Body:

{

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true

}

                                     

                                                                                                                    User has been created.       

  Set a password by endpoint: /passwordReset.

   URL:

http://

172

10.

23

222.

0

17.

1

134/referencedata/api/users/passwordReset?access_token=

49333d29

b33c42d6-

e9c9

5af9-

4fa4

4003-

acbe

a3b5-

ed6fc730e609

5149fb3acc43


Method: POST

Body:

{

"username": "TestUser",

"newPassword": "tests123"

}

2

Create right with ORDER_FULFILLMENT right type.


URL:  http://

172

10.

23

222.

0

17.

1

134/referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right01",

"type": "ORDER_FULFILLMENT",

"description": "OrderRight01"

}

The right has been created.

Image Added


3

 Create right with SUPERVISION right type.

URL:  http://10.222.17.134/referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right03",

"type": "SUPERVISION",

"description": "SupervisionRight03"

}

The right has been created.

Image Added


4

 Create right with GENERAL_ADMIN right type.


URL:  http://10.222.17.134referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right05",

"type": "GENERAL_ADMIN",

"description": "AdminRight05"

}

The right has been created.

Image Added


5

Create right with REPORTS right type. 

URL:  http://10.222.17.134/referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right07",

"type": "REPORTS",

"description": "ReportRight07"

}

The right has been created.

Image Added



6

Create role with  ORDER_FULFILLMENT right type.
URL:  http://

172

10.

23

222.

0

17.

1/

134referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Body:

{

"id": "00000000-0000-0000-0000-000000000002",

"name": "Order ROle",

"rights": [

{

"id": "a4d3ebb2-f92e-40d8-9892-cedef4f585ad",

"name": "right01",

"type": "ORDER_FULFILLMENT",


"description": "OrderRight01"

}

]

}

The role has been created.

Image Added


8

 Create role with  SUPERVISION right type.   

URL:  http://

172

10.

23

222.

0

17.

1/

134referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

 Body:

{

"id": "00000000-0000-0000-0000-000000000003",

"name": "New Role for Supervision",

"rights": [

{

"id": "7db93e18-32c4-4d2d-9cc7-5a67710ad5ea",

"name": "right03",

"type": "SUPERVISION",

"description": "SupervisionRight03"

}

]

}

The role has been created.

Image Added


9

Create role with  GENERAL_ADMIN right type.

URL:  http://

172

10.

23

222.

0

17.

1

134/referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

{

"id": "00000000-0000-0000-0000-000000000011",

"name": "New Role for Admin",

"rights": [

{

"id": "5f4bb0ae-31c7-4105-93f0-511fe694e6d0",

"name": "right05",

"type": "GENERAL_ADMIN",

"description": "AdminRight05"

}

]

}

The role has been created.

Image Added


10

Create role with REPORTS right type.

URL:  http://

172

10.

23

222.

0

17.

1

134/referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Body:

{

"id": "00000000-0000-0000-0000-000000000005",

"name": "New Role for Reports",

"rights": [

{

"id": "d0c1afee-9f00-4d45-bd88-66540912ff70",

"name": "right07",

"type": "REPORTS",

"description": "ReportsRight07"

}

]

}

The role has been created.

Image Added


11

Create program.

URL:  http://10.222.17.134/referencedata/api/programs/?access_token=f5a3eaa6-c57e-462d-ba2e-b54fa7ff0577

Body:

{

"code": "program01",

"name": "nameprogram01",

"perdiosSkippable": true

}

Program has been created.


Image Added

12

Create facility.
URL:  http://10.222.17.134/referencedata/api/facilities/?access_token=f5a3eaa6-c57e-462d-ba2e-b54fa7ff0577

Method: POST

Body:

{

"code": "warehouse",

"name": "Facility Active Enabled",

"geographicZone": { "id": "b353c693-5aae-4965-9e4c-53ce6513a4df" },

"type": { "id": "f9d86969-157a-4e19-a6f2-0db1867d32a4" },

"active": "true",

"enabled": "true",

"openLmisAccessible": "true"

}

Create geographicLevel, geographicZone and facilityType

Facility has been created.



13

Create supervisoryNode.

URL:  http://10.222.17.134/referencedata/api/supervisoryNodes/?access_token=f5a3eaa6-c57e-462d-ba2e-b54fa7ff0577

Body:

{

"code": "supervisorycode",

"name": "supervisoryname",

"description": "supervisory",

"facility": {

"id": "ee4f3471-2d12-434a-9449-547505f9f69d"

}

}


SupervisoryNode has been created.

Image Added


14

Assign proper facility to User.

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Method: PUT

Body:

{

"id": "

30c50771

f2e071f4-

a546

9d7b-

4e43

49d9-

87d4

988a-

020472f430d4

f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "

ee4f3471

c25e3789-

2d12

4208-

434a

4c21-

9449

b475-

547505f9f69d

4f9a74681fc6"

}

}

Home facility has been assigned to the user.

Image Added


15

Try to assign invalid facility to User.

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Body:

{

"id": "

30c50771

f2e071f4-

a546

9d7b-

4e43

49d9-

87d4

988a-

020472f430d4

f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "

224f3471

225e3789-

2d12

4208-

434a

4c21-

9449

b475-

547505f9f69d

4f9a74681fc6"

}


}

It's not possible to associate not existed facility with user. Proper message is returned.

Image Added



16

Assign program to User (through role).

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Method: PUT

Body:

{

"id": "

30c50771

f2e071f4-

a546

9d7b-

4e43

49d9-

87d4

988a-

020472f430d4

f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "

ee4f3471

c25e3789-

2d12

4208-

434a

4c21-

9449

b475-

547505f9f69d

4f9a74681fc6"

},

"roleAssignments": [

{

"roleId": "00000000-0000-0000-0000-000000000003",

"programCode": "program01"

}

,

]

{

"roleId": "00000000-0000-0000-0000-000000000001",

"warehouseCode": "warehouse"

}]

}


}

Program has been assigned to the User.

Image Added



17

Try to assign invalid program to User.

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Body:

{

"id": "

30c50771

f2e071f4-

a546

9d7b-

4e43

49d9-

87d4

988a-

020472f430d4

f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "

ee4f3471

c25e3789-

2d12

4208-

434a

4c21-

9449

b475-

547505f9f69d

4f9a74681fc6"

},

"roleAssignments": [

{

"roleId": "

11000000

10000000-0000-0000-0000-000000000003",

"programCode": "program01"

}

,

{

"roleId": "00000000-0000-0000-0000-000000000001",

"warehouseCode": "warehouse"

}]

}

18

]


}

It's not possible to associate not existed program with user. Proper message is returned.

Image Added


18

Get the programs at a user's home facility or programs that the user supervises.

URL:

http://10.222.17.134/referencedata/api/users/f2e071f4-9d7b-49d9-988a-f4f37f6cf80d/programs?access_token=df7d788a-53bf-4af8-90de-abda33d66c83

Method: GET

The list of associated program with User has been displayed.

Image Added


19

Assign role by program and supervisoryNode.

URL:  http:/

/172

10.

23

222.

0

17.

1

134/referencedata/api/users/?access_token=27534554-dfc6-40b8-ab58-41b5110457ab

Method: PUT

Body:

 

{

      

"id": "

020090dd

f0e87659-

7438

7b04-

4eb8

4e70-

8c2c

b576-

efeccd2ff650

1a2feb2f9e35",

   

"username": "SecondUser",

   

"firstName": "secondTest",

   

"lastName": "LastTest",

   

"email": "lkwidzinska.soldevelo@gmail.com",

   

"verified": true,

   

"active": true,

   

"loginRestricted": true,

   

"homeFacility": {

        

"id": "

703e8325

0aff9b95-

e177

a8ea-

4af3

4c3f-

9689

8559-

f8c378c01e99

ca5e3981364a"

   

},

   

"roleAssignments": [

        

{

            

"roleId": "00000000-0000-0000-0000-000000000004",

            

"programCode": "program02"

        

},

        

{

            

"roleId": "00000000-0000-0000-0000-

000000000090

000000000010",

            

"

supervisoryNodeCode

programCode": "

supervisorycode02

program10",

            

"

programCode

supervisoryNodeCode": "

program10

supervisorycode"

        19

}]

  }

}

Role has been assigned.

Image Added


20As a User try to assign the right to another Users.

AS a User, It's not possible to assign the role to another User without proper role (GENERAL_ADMIN).

Image Added

20

21

Delete the role as Admin.

URL:  http://172.23.0.1/referencedata/api/roles/00000000-0000-0000-0000-000000000012?access_token=27534554-dfc6-40b8-ab58-41b5110457ab

Method: DELETE

Role has been deleted.

Image Added




Post – conditions: