1088: UI: Simple requisition user access permissions

Test Case #:1088	Test Case Name: UI: Simple requisition user access permissions
System: OpenLMIS	Subsystem: blue
Test case designed by: Paulina Borowa	Design Date:12.12.2016
Short description: This story creates the first user rights restricted parts of the OpenLMIS-UI. Most of the functionality already exists within the AuthorizationService, but needs to receive correct data from the server. To test these tickets, a secondary non-admin user will need to be created that has a limited set of rights.

Pre – conditions:

The Requisition API permissions were built and tested in OLMIS-882 Done . That ticket includes information about what is allowed for which users/roles/rights.

Step	Action	Expected system response	Comment
1	Check API endpoint that returns all of user rights: get /api/users/userId/roleAssignments
2	Check: A non-admin user isn't able to view the "Administration" menu item An admin user is able to view the "Administration" menu item	A non-admin user isn't able to view the "Administration" menu item: An admin user is able to view the "Administration" menu item
3	Assign the user (administrator) a right: REQUISITION_VIEW. URL: http://10.222.17.205/api/users?access_token=169197da-abe8-4fde-bbfe-ff037b70201e Method: PUT Body: { "username": "administrator", "firstName": "Admin", "lastName": "Admin", "email": "administrator@openlmis.org", "timezone": "CET", "homeFacility": { "code": "HC01", "name": "Comfort Health Clinic", "geographicZone": { "code": "M-So-Bal-Bal", "name": "Balaka", "level": { "code": "City", "levelNumber": 4, "id": "90e35999-a64f-4312-ba8f-bc13a1311c75" }, "latitude": -14.99, "longitude": 34.92, "id": "bf2b810b-cdbf-48b2-b569-149b3cf42387" }, "type": { "code": "HC", "name": "Health Center", "displayOrder": 1, "active": true, "id": "ac1d268b-ce10-455f-bf87-9c667da8f060" }, "operator": { "code": "moh", "name": "Ministry of Health", "displayOrder": 1, "id": "9456c3e9-c4a6-4a28-9e08-47ceb16a4121" }, "active": true, "enabled": true, "openLmisAccessible": true, "supportedPrograms": [ { "id": "dce17f2e-af3e-40ad-8e00-3496adef44c3", "code": "PRG001", "name": "Family Planning", "programActive": true, "periodsSkippable": true, "showNonFullSupplyTab": true, "supportActive": true }, { "id": "10845cb9-d365-4aaa-badd-b4fa39c6a26a", "code": "PRG002", "name": "Essential Meds", "programActive": true, "periodsSkippable": false, "showNonFullSupplyTab": false, "supportActive": true } ], "id": "e6799d64-d10d-4011-b8c2-0e4d4a3f65ce" }, "verified": true, "active": true, "loginRestricted": false, "roleAssignments": [ { "roleId": "a5481d8e-d7e2-4427-8e22-d6b3142d4c1d", "programCode": "PRG001" } ], "id": "a337ec45-31a0-4f2b-9b2e-a105c4b669bb" }	UI: user can only view the requisition: from his home facility and program: PROG001 If I change "programCode": "PRG002" no permission to see requisition from PROG001:
4	Assign the user a right: REQUISITION_DELETE. URL: http://10.222.17.205/api/users?access_token=169197da-abe8-4fde-bbfe-ff037b70201e Method PUT Body: { "id": "56a50e9a-9668-437d-a09c-7e709ce22222", "username": "devadmin", "firstName": "Admin", "lastName": "Admin", "email": "devadmin@openlmis.org", "timezone": "CET", "homeFacility": { "code": "W01", "name": "CMST Warehouse", "geographicZone": { "code": "Mal-So", "name": "Southern Region", "level": { "code": "Region", "levelNumber": 2, "id": "9b497d87-cdd9-400e-bb04-fae0bf6a9491" }, "id": "0bbd69c1-e20f-48f5-aae4-26dcd8aa7602" }, "type": { "code": "WH", "name": "Warehouse", "displayOrder": 3, "active": true, "id": "e2faaa9e-4b2d-4212-bb60-fd62970b2113" }, "operator": { "code": "moh", "name": "Ministry of Health", "displayOrder": 1, "id": "9456c3e9-c4a6-4a28-9e08-47ceb16a4121" }, "active": true, "enabled": true, "openLmisAccessible": true, "supportedPrograms": [ { "code": "PRG003", "name": "New program", "active": true, "periodsSkippable": false, "id": "66032ea8-b69b-4102-a1eb-844e57143187" } ], "id": "19121381-9f3d-4e77-b9e5-d3f59fc1639e" }, "verified": true, "active": true, "loginRestricted": false, "roleAssignments": [ { "roleId": "a5481d8e-d7e2-4427-8e22-d6b3142d4c1d", "programCode": "PRG001", "supervisoryNodeCode": "N1" }, { "roleId": "71fd8790-eb5b-45ad-b221-673e9f48bbe2", "programCode": "PRG001", "supervisoryNodeCode": "N1" }] }
5
6
7
8