867: Assign roles to a user record for requisitions

Test Case #:867


Test Case Name: Assign roles to a user record for requisitions

System: OpenLMIS

Subsystem: blue

Test case designed by: Lucyna Kwidzińska

Design Date:04.10.2016

Short description: As an administrator, I would like to assign roles to users to provide/restrict system permissions at a user level so that users can complete their business workflows (approve requisitions) to order the right stock. Initially we will focus on the Requisition service

                                                                                                                                                   

Pre – conditions:

 



Step

Action

Expected system response

Comment


Note: Remember to generate the token for authentication.

1

  Create User.

URL:  http://10.222.17.134/referencedata/api/users/?access_token=10bdce57-5093-4149-b68e-a9a19209f9c3

Method: PUT

Body:

{

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true

}

                                     

                                                                                                                    User has been created.       

  Set a password by endpoint: /passwordReset.

   URL:

http://10.222.17.134/referencedata/api/users/passwordReset?access_token=b33c42d6-5af9-4003-a3b5-5149fb3acc43


Method: POST

Body:

{

"username": "TestUser",

"newPassword": "tests123"

}

2

Create right with ORDER_FULFILLMENT right type.


URL:  http://10.222.17.134/referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right01",

"type": "ORDER_FULFILLMENT",

"description": "OrderRight01"

}

The right has been created.


3

 Create right with SUPERVISION right type.

URL:  http://10.222.17.134/referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right03",

"type": "SUPERVISION",

"description": "SupervisionRight03"

}

The right has been created.


4

 Create right with GENERAL_ADMIN right type.


URL:  http://10.222.17.134referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right05",

"type": "GENERAL_ADMIN",

"description": "AdminRight05"

}

The right has been created.


5

Create right with REPORTS right type. 

URL:  http://10.222.17.134/referencedata/api/rights?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Method: POST

Body:

{

"name": "right07",

"type": "REPORTS",

"description": "ReportRight07"

}

The right has been created.



6

Create role with  ORDER_FULFILLMENT right type.
URL:  http://10.222.17.134referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Body:

{

"id": "00000000-0000-0000-0000-000000000002",

"name": "Order ROle",

"rights": [

{

"id": "a4d3ebb2-f92e-40d8-9892-cedef4f585ad",

"name": "right01",

"type": "ORDER_FULFILLMENT",


"description": "OrderRight01"

}

]

}

The role has been created.


8

 Create role with  SUPERVISION right type.   

URL:  http://10.222.17.134referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

 Body:

{

"id": "00000000-0000-0000-0000-000000000003",

"name": "New Role for Supervision",

"rights": [

{

"id": "7db93e18-32c4-4d2d-9cc7-5a67710ad5ea",

"name": "right03",

"type": "SUPERVISION",

"description": "SupervisionRight03"

}

]

}

The role has been created.


9

Create role with  GENERAL_ADMIN right type.

URL:  http://10.222.17.134/referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

{

"id": "00000000-0000-0000-0000-000000000011",

"name": "New Role for Admin",

"rights": [

{

"id": "5f4bb0ae-31c7-4105-93f0-511fe694e6d0",

"name": "right05",

"type": "GENERAL_ADMIN",

"description": "AdminRight05"

}

]

}

The role has been created.


10

Create role with REPORTS right type.

URL:  http://10.222.17.134/referencedata/api/roles?access_token=49333d29-e9c9-4fa4-acbe-ed6fc730e609

Body:

{

"id": "00000000-0000-0000-0000-000000000005",

"name": "New Role for Reports",

"rights": [

{

"id": "d0c1afee-9f00-4d45-bd88-66540912ff70",

"name": "right07",

"type": "REPORTS",

"description": "ReportsRight07"

}

]

}

The role has been created.


11

Create program.

URL:  http://10.222.17.134/referencedata/api/programs/?access_token=f5a3eaa6-c57e-462d-ba2e-b54fa7ff0577

Body:

{

"code": "program01",

"name": "nameprogram01",

"perdiosSkippable": true

}

Program has been created.



12

Create facility.
URL:  http://10.222.17.134/referencedata/api/facilities/?access_token=f5a3eaa6-c57e-462d-ba2e-b54fa7ff0577

Method: POST

Body:

{

"code": "warehouse",

"name": "Facility Active Enabled",

"geographicZone": { "id": "b353c693-5aae-4965-9e4c-53ce6513a4df" },

"type": { "id": "f9d86969-157a-4e19-a6f2-0db1867d32a4" },

"active": "true",

"enabled": "true",

"openLmisAccessible": "true"

}

Facility has been created.



13

Create supervisoryNode.

URL:  http://10.222.17.134/referencedata/api/supervisoryNodes/?access_token=f5a3eaa6-c57e-462d-ba2e-b54fa7ff0577

Body:

{

"code": "supervisorycode",

"name": "supervisoryname",

"description": "supervisory",

"facility": {

"id": "ee4f3471-2d12-434a-9449-547505f9f69d"

}

}


SupervisoryNode has been created.


14

Assign proper facility to User.

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Method: PUT

Body:

{

"id": "f2e071f4-9d7b-49d9-988a-f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "c25e3789-4208-4c21-b475-4f9a74681fc6"

}

}

Home facility has been assigned to the user.


15

Try to assign invalid facility to User.

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Body:

{

"id": "f2e071f4-9d7b-49d9-988a-f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "225e3789-4208-4c21-b475-4f9a74681fc6"

}


}

It's not possible to associate not existed facility with user. Proper message is returned.



16

Assign program to User (through role).

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Method: PUT

Body:

{

"id": "f2e071f4-9d7b-49d9-988a-f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "c25e3789-4208-4c21-b475-4f9a74681fc6"

},

"roleAssignments": [

{

"roleId": "00000000-0000-0000-0000-000000000003",

"programCode": "program01"

}]


}

Program has been assigned to the User.



17

Try to assign invalid program to User.

URL:

http://10.222.17.134/referencedata/api/users/?access_token=73c755cd-eb75-46ed-9d19-cd4ec3160a4a

Body:

{

"id": "f2e071f4-9d7b-49d9-988a-f4f37f6cf80d",

"username": "TestUser",

"firstName": "test",

"lastName": "Strator",

"email": "testowysoldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "c25e3789-4208-4c21-b475-4f9a74681fc6"

},

"roleAssignments": [

{

"roleId": "10000000-0000-0000-0000-000000000003",

"programCode": "program01"

}]


}

It's not possible to associate not existed program with user. Proper message is returned.


18

Get the programs at a user's home facility or programs that the user supervises.

URL:

http://10.222.17.134/referencedata/api/users/f2e071f4-9d7b-49d9-988a-f4f37f6cf80d/programs?access_token=df7d788a-53bf-4af8-90de-abda33d66c83

Method: GET

The list of associated program with User has been displayed.


19

Assign role by program and supervisoryNode.

URL:  http:/10.222.17.134/referencedata/api/users/?access_token=27534554-dfc6-40b8-ab58-41b5110457ab

Method: PUT

Body:

{

"id": "f0e87659-7b04-4e70-b576-1a2feb2f9e35",

"username": "SecondUser",

"firstName": "secondTest",

"lastName": "LastTest",

"email": "lkwidzinska.soldevelo@gmail.com",

"verified": true,

"active": true,

"loginRestricted": true,

"homeFacility": {

"id": "0aff9b95-a8ea-4c3f-8559-ca5e3981364a"

},

"roleAssignments": [

{

"roleId": "00000000-0000-0000-0000-000000000004",

"programCode": "program02"

},

{

"roleId": "00000000-0000-0000-0000-000000000010",

"programCode": "program10",

"supervisoryNodeCode": "supervisorycode"

}]

}

Role has been assigned.


20As a User try to assign the right to another Users.

AS a User, It's not possible to assign the role to another User without proper role (GENERAL_ADMIN).


21

Delete the role as Admin.

URL:  http://172.23.0.1/referencedata/api/roles/00000000-0000-0000-0000-000000000012?access_token=27534554-dfc6-40b8-ab58-41b5110457ab

Method: DELETE

Role has been deleted.




Post – conditions:

OpenLMIS: the global initiative for powerful LMIS software