Created
January 13, 2011 13:57
-
-
Save DanielVartanov/777878 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Feature: Control access to datasets taking organizations into account | |
Scenario: User gets a dataset of his own organization | |
Given there is organization with following properties: | |
| name | Cucumber, Inc. | | |
| owner | Cucumber | | |
| identifier | organization_815 | | |
When I get /sdata/billingboss/crmErp/organization_815/tradingAccounts | |
Then response should contain Atom Feed | |
Scenario: User gets a dataset of organization where he is a regular member | |
Given there is organization with following properties: | |
| name | Tomato, Inc. | | |
| owner | Tomato | | |
| identifier | organization_816 | | |
And user "Cucumber" is a member of organization "Tomato, Inc." | |
When I get /sdata/billingboss/crmErp/organization_816/tradingAccounts | |
Then response should contain Atom Feed | |
Scenario: User tries to get a dataset of a completely foreign organization | |
And there is organization with following properties: | |
| name | Apple, inc | | |
| owner | Apple | | |
| identifier | organization_817 | | |
When I get /sdata/billingboss/crmErp/organization_817/tradingAccounts | |
Then exception class should be "Sage::BusinessLogic::Exception::AccessDeniedException" | |
And exception message should be "No access to dataset" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment