Add basic behat test structure

Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-04 12:22:12 +01:00
parent 11610f306a
commit 084d892ce6
7 changed files with 343 additions and 2 deletions
--- a/tests/integration/features/acl.feature
+++ b/tests/integration/features/acl.feature
@@ -0,0 +1,36 @@
+Feature: acl
+  Routes should check for permissions when a user sends a requests
+
+  Background:
+	Given user "admin" exists
+	And user "user0" exists
+	And user "user1" exists
+	And user "user2" exists
+	Given group "group0" exists
+	And group "group1" exists
+	Given user "user1" belongs to group "group1"
+
+  Scenario: Request the main frontend page
+	Given Logging in using web as "user0"
+	When Sending a "GET" to "/index.php/apps/deck" without requesttoken
+	Then the HTTP status code should be "200"
+
+  Scenario: Fetch the board list
+	Given Logging in using web as "user0"
+	When Sending a "GET" to "/index.php/apps/deck/boards" with requesttoken
+	Then the HTTP status code should be "200"
+	And the Content-Type should be "application/json; charset=utf-8"
+
+  Scenario: Fetch board details of owned board
+	Given Logging in using web as "admin"
+	And creates a board named "MyPrivateAdminBoard" with color "fafafa"
+	When "admin" fetches the board named "MyPrivateAdminBoard"
+	Then the HTTP status code should be "200"
+	And the Content-Type should be "application/json; charset=utf-8"
+
+  Scenario: Fetch board details of an other users board
+	Given Logging in using web as "admin"
+	And creates a board named "MyPrivateAdminBoard" with color "fafafa"
+	When "user0" fetches the board named "MyPrivateAdminBoard"
+	Then the HTTP status code should be "403"
+	And the Content-Type should be "application/json; charset=utf-8"