1557: Enforce Right: Manage Geographic Zone

Test Case Name: Enforce Right: Manage Geographic Zone

System: OpenLMIS

Subsystem: blue

Test case designed by: Paulina Borowa

Design Date:18.01.2017

Short description: 

There should be an Administrative type Right that a User may be assigned via a Role that allows them to Manage (View, Create, Edit) the Geographic Zones.

Acceptance:

• there is a new Administrative type of right named MANAGE_GEOGRAPHIC_ZONE in Reference Data DONE
• the role creation api may use the above right in creating Administrative type of roles DONE
• endpoints are updated for /api/geographicZones and /api/geographicZones/{id}
• PUT, POST and DELETE checks if the user has the given right, returns a 403 if not
• GET checks if the token is a valid service level token, or the user has the right. Returns 403 if not.
• TECH DEBT CLEANUP: refactor returning a 404 on GET /api/geographicZones if there are none in the system, instead return an empty list.
• TECH DEBT CLEANUP: RAML declares that the DELETE endpoint returns a 409. This seems possible only if a DataIntegrityViolationException is thrown, which it appears to not do. Check if this is actually used and remove it from RAML if it's not.
• RAML is updated
• both types of permission checks have tests

Pre – conditions: