Step | Action | Expected system response | Comment |
| 1 | Note: To test this ticket, I created a few rights and roles. Then, I assigned some roles to Users. |
|
|
2 |
Create a few roles and assigne them to user.
User: testowyUser01 "id": "45230742-b0f4-4928-aa91-6517ad81626d",
"username": "testowyUser",
"firstName": "abc",
"lastName": "example",
"email": "soldeveloteam@gmail.com",
"homeFacility": {
"id": "c904d0c3-e943-4a8d-91ba-da203fdfa342",
"code": "hospital",
"name": "Facility Active Enabled03",
"description": null,
"geographicZone": {
"id": "913f2e73-e9d5-4145-86c3-246b9a2a0721",
"code": "geocode02",
"name": "geoname02",
"level": {
"id": "b4453f90-3302-4fa2-ac51-488fbdb312fb",
"code": "Country123",
"name": null,
"levelNumber": 3
},
"catchmentPopulation": null,
"latitude": null,
"longitude": null
},
"type": {
"id": "7be7bafd-ca65-44c2-886b-950c56bafbbd",
"code": "warehouse",
"name": null,
"description": null,
"displayOrder": null,
"active": null
},
"operator": null,
"active": true,
"goLiveDate": null,
"goDownDate": null,
"comment": null,
"enabled": true,
"openLmisAccessible": true,
"supportedPrograms": []
},
"verified": true,
"active": true,
"roleAssignments": [
{
"roleId": "00000000-0000-0000-0000-000000000004"
},
{
"roleId": "00000000-0000-0000-0000-000000000999",
"programCode": "program02",
"supervisoryNodeCode": "supercode"
},
{
"roleId": "00000000-0000-0000-0000-000000000002",
"programCode": "program03"
},
{
"roleId": "00000000-0000-0000-0000-000000000001",
"warehouseCode": "hospital"
}
]
}
]
| | |
3 | Assign a roles to different program/supervisoryNode. User: example01 "id": "c4e877e5-8093-4d90-a44e-af339a187924",
"username": "example01",
"firstName": "test",
"lastName": "Strator",
"email": "testowysoldev@gmail.com",
"homeFacility": {
"id": "f2f285ad-bb1c-48ec-aa87-4407bcde1088",
"code": "warehouse",
"name": "Facility Active Enabled",
"description": null,
"geographicZone": {
"id": "b6cb85a8-4bd9-4c6a-8d80-2af827c65065",
"code": "geocode01",
"name": "geoname01",
"level": {
"id": "b4453f90-3302-4fa2-ac51-488fbdb312fb",
"code": "Country123",
"name": null,
"levelNumber": 3
},
"catchmentPopulation": null,
"latitude": null,
"longitude": null
},
"type": {
"id": "7be7bafd-ca65-44c2-886b-950c56bafbbd",
"code": "warehouse",
"name": null,
"description": null,
"displayOrder": null,
"active": null
},
"operator": null,
"active": true,
"goLiveDate": null,
"goDownDate": null,
"comment": null,
"enabled": true,
"openLmisAccessible": true,
"supportedPrograms": []
},
"verified": true,
"active": true,
"roleAssignmentshecl ": [
{
"roleId": "00000000-0000-0000-0000-000000000003"
},
{
"roleId": "00000000-0000-0000-0000-000000000002",
"programCode": "program02"
},
{
"roleId": "00000000-0000-0000-0000-000000000001",
"warehouseCode": "warehouse"
}
] | |
|
4 | Check If user example01 has access to program with code: program02.
URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right04&programCode=program02&access_token=d76adf10-b947-44ed-913b-c72bd5db4f03 OR http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right03&programCode=program02&access_token=d76adf10-b947-44ed-913b-c72bd5db4f03 Method: GET | The server will return 200 OK status and message: true. It is correct.
|
|
5 | Check If user: testowyUser has an access to program with code: program03.
URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right03&programCode=program03&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 OR http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right04&programCode=program03&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: true. It is correct. 
|
|
6 | Check If user: example01 has access to program with code: program03. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right03&programCode=program04&access_token=266e8b58-d339-4d09-a26d-3b3ce080b36c OR http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right04&programCode=program04&access_token=266e8b58-d339-4d09-a26d-3b3ce080b36c Method: GET | The server will return 200OK status with message: false. The example01 user does not have access to this program. The testowyUser is assigned to it. |
|
7 | Check If user:testowyUser has an access to program with code: program02.
URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right03&programCode=program02&access_token=60c5c81b-a185-4563-8262-bb73d812d120 OR http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right04&programCode=program02&access_token=60c5c81b-a185-4563-8262-bb73d812d120 Method: GET | The server will return 200OK status with message: false. The testowyUser user does not have access to this program. The example01 user is assigned to it. 
|
|
8 | Check If user: example01 has assigned role: ORDER FULFILMENT to warehouse: warehouse. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right02&warehouseCode=warehouse&access_token=d76adf10-b947-44ed-913b-c72bd5db4f03 Method: GET | The server will return 200OK status and message: true. It is correct. 
|
|
9 | Check If user: testowyUser has assigned role: ORDER FULFILMENT to warehouse: hospital. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right01&warehouseCode=hospital&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: true. It is correct. 
|
|
| 10 | | The server will return 200OK status and message: false. It is correct. For this user, warehouse code is different. 
|
|
| 11 | Check If user: example01 has assigned role: ORDER FULFILMENT to warehouse: hospital. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right02&warehouseCode=hospital&access_token=d76adf10-b947-44ed-913b-c72bd5db4f03 Method: GET | The server will return 200OK status and message: false. It is correct. For this user, warehouse code is different.
|
|
| 12 | Check If user: testowyUser has assigned role: SUPERVISION to program with code program02, supervisoryNode with code supercode. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right99&&programCode=program02&supervisoryNodeCode=supercode&access_token=21d3e475-01a8-4c1a-825f-58ccd33ff2c3 Method: GET | The server will return 200OK status and message: true. 
|
|
| 13 | Check If user: example01 has assigned role: SUPERVISION to program with code program02, supervisoryNode with code supercode. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right99&&programCode=program02&supervisoryNodeCode=supercode&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: false. User does not have this permission.
|
|
| 14 | Check If user: testowyUser has assigned role: SUPERVISION to program with code program02, supervisoryNodeCode with code supercode but REQUEST did not contain the supervisoryNodeCode. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right99&&programCode=program02&access_token=21d3e475-01a8-4c1a-825f-58ccd33ff2c3 Method: GET | The server will return 200OK status and message: false. The supervisoryNodeCode should be added to the request. |
|
| 15 | Check If user: testowyUser has assigned role: ADMIN_GENERAL. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right08&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: true. 
|
|
| 16 | Check If user: example01 has assigned role: ADMIN_GENERAL. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right08&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: false. User does not have this permission. 
|
|
| 17 | Check If user: testowyUser has assigned role: REPORTS. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right05&access_token=60c5c81b-a185-4563-8262-bb73d812d120 Method: GET | The server will return 200OK status and message: false. User does not have this permission. 
|
|
| 18 | Check If user: example01 has assigned role: REPORTS. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right06&access_token=60c5c81b-a185-4563-8262-bb73d812d120 Method: GET | The server will return 200OK status and message: true. 
|
|
| 19 | Check If user: example01 has access to assigned program without programCode in the request. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right04&&access_token=d76adf10-b947-44ed-913b-c72bd5db4f03 Method: GET | The server will return 200OK status and message: false. The programCode should be added to the request. |
|
| 20 | Check If user: testowyUser has access to assigned program without programCode in the request. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right03&&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: false. The programCode should be added to the request. |
|
| 18 | Check If user: example 01 has assigned role: ORDER FULFILMENT to warehouse: warehouse without the warehouseCode in request. URL: http://localhost/referencedata/api/users/c4e877e5-8093-4d90-a44e-af339a187924/hasRight?rightName=right01&access_token=60c5c81b-a185-4563-8262-bb73d812d120 Method: GET | The server will return 200OK status and message: false. The warehouseCode should be added to the request. |
|
| 21 | Check If user: testowyUser has assigned role: ORDER FULFILMENT to warehouse: hospital without warehouseCode in the request. URL: http://localhost/referencedata/api/users/45230742-b0f4-4928-aa91-6517ad81626d/hasRight?rightName=right01&&access_token=73ad2d20-6fe5-49da-b67b-51cd113cb119 Method: GET | The server will return 200OK status and message: false. The warehouseCode should be added to the request. 
|
|
