1587: Create Right: Manage Schedules

Test Case #:1587	Test Case Name:Create Right: Manage Schedules
System: OpenLMIS	Subsystem:
Test case designed by: PAulina Borowa	Design Date:30.01.2017
Short description: There should be an Administrative type Right that a User may be assigned via a Role that allows them to Manage (View, Create, Edit) Processing Schedules and Processing Periods. Acceptance: there is a new Administrative type of right named PROCESSING_SCHEDULES_MANAGE in Reference Data the endpoint's that GET, PUT, POST & DELETE for: /api/processingSchedules, /api/processingSchedules/{id}, /api/processingSchedules/search should require the right PROCESSING_SCHEDULES_MANAGE or a service level token, otherwise return a 403. the GET, PUT, POST & DELETE endpoints for /api/processingPeriods/, /api/processingPeriods/{id}, /api/processingPeriods/{id}/duration, /api/processingPeriods/search and /api/processingPeriods/searchByScheduleAndDate should require the user has the right PROCESSING_SCHEDULES_MANAGE or a service level token. Otherwise should return a 403. RAML is updated Check to ensure clients of updated endpoints don't break - raise an issue to the larger group if it does.

Pre – conditions:

Step	Action	Expected system response	Comment
1	there is a new Administrative type of right named PROCESSING_SCHEDULES_MANAGE in Reference Data
2	the endpoint's that GET, PUT, POST & DELETE for: /api/processingSchedules, /api/processingSchedules/{id}, /api/processingSchedules/search should require the right PROCESSING_SCHEDULES_MANAGE or a service level token, otherwise return a 403.	get /api/processingSchedules -user with properly right: Response Code 200 -user without right: Status 403 put /api/processingSchedules/{id} - user with properly right Response Code 200: -user without right: Response Code 403: post /api/processingSchedules - user with properly right Response Code 201 -user without right: Response Code 403 delete /api/processingSchedules/{id} -user with properly right Response Code 204 -user without right: Response Code 403 get /api/processingSchedules/{id} -user with properly right: Response Code 200 -user without right: Response Code 403 get /api/processingSchedules/search -user with properly right: Response Code 200 -user without right: Response Code 403:
3	the GET, PUT, POST & DELETE endpoints for /api/processingPeriods/, /api/processingPeriods/{id}, /api/processingPeriods/{id}/duration, /api/processingPeriods/search and /api/processingPeriods/searchByScheduleAndDate should require the user has the right PROCESSING_SCHEDULES_MANAGE or a service level token. Otherwise should return a 403.	get /api/processingPeriods -user with properly right: Response Code 200 -user without right: Response Code 403 post /api/processingPeriods -user with properly right: Response Code 201 Created: -user without right: Response Code 403: get /api/processingPeriods/search -user with properly right: Response Code 200: -user without right: Response Code 403: get /api/processingPeriods/searchByScheduleAndDate -user with properly right: Response Code 200: -user without right: Response Code 403: delete /api/processingPeriods/{id} -user with properly right: Response Code 204: -user without right: Response Code 403: get /api/processingPeriods/{id} -user with properly right: Response Code 200: -user without right: Response Code 403: put /api/processingPeriods/{id} -user with properly right: Response Code 200: -user without right: Response Code 403: get /api/processingPeriods/{id}/duration -user with properly right: Response Code 200: -user without right: Response Code 403:
4
5
6

Response Code 200