1385: Enforce "Convert to order" permission on convert to order endpoint
Test Case #: 1385 | Test Case Name: Enforce "Convert to order" permission on convert to order endpoint |
System: openLMIS | Subsystem: blue |
Test case designed by: Anna Czyrko | Design Date:03.01.2017 |
Short description: * Ensure there is a convert to order right; if not, create one in the reference data service bootstrap SQL script |
|
Pre – conditions: |
Log into application as administrator. |
Step | Action | Expected system response | Comment |
UI | |||
---|---|---|---|
1 | Log into application as administrator. From top menu select Requisitions and next Convert to order. | Appears Convert Requisitions to Order screen. | |
2 | Do not select any requisition for convert to order. Click Convert to Order button. | Appears message: "Please select at least one Requisition for Converting to Order" | |
3 | Select one Requisition. Supplying Depot field should be empty. Click Convert to Order button. | Should appear error message | |
4 | Select one Requisition, select Supplying Depot and click Convert to Order button. | Should appear message "The requisition(s) have been successfully converted to Orders". | |
5 | Select three requisitions, select Supplying Depots and click Convert to Order button. | Should appear message "The requisition(s) have been successfully converted to Orders". | |
6 | Log in as devadmin. | Devadmin should not have permissions for converting to order. | |
7 | From top menu select Requisitions. Converto to Order should not be visible. | ||
API | |||
1 | Go to swagger (http://test.openlmis.org/requisition/docs), use POST /api/requisitions/convertToOrder. Try to convert requisition to order by user who has not permissions. | Should appear message: { "message": "User is lacking permission to access the resource", "description": "You do not have the following permission to perform this action: REQUISITION_CONVERT_TO_ORDER" } | |
2 | Go to swagger (http://test.openlmis.org/requisition/docs), use POST /api/requisitions/convertToOrder. Try to convert to order requisition with not exist supplyingDepots | Should appear message: { "message": "User is lacking permission to access the resource", "description": "You do not have the following permission to perform this action: REQUISITION_CONVERT_TO_ORDER" } | |
3 | Go to swagger (http://test.openlmis.org/requisition/docs), use POST /api/requisitions/convertToOrder. Try to select supplyingDepot not from drop down list by API and try to convert to order | Should appear message: { "message": "User is lacking permission to access the resource", "description": "You do not have the following permission to perform this action: REQUISITION_CONVERT_TO_ORDER" } |
Post – conditions: |
OpenLMIS: the global initiative for powerful LMIS software