Created
November 25, 2008 19:12
-
-
Save zdennis/29038 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Story: Users without fiscal admin role accessing Invoices | |
In order to ensure users that shouldn't have access to fiscal components don't | |
As a user who isn't a fiscal admin | |
I should not be able to access Invoices | |
Scenario: Users without the fiscal admin role cannot access certain resources | |
Given I've log in as a user without the 'fiscal admin' role | |
When I try to GET /invoices | |
Then I am notified that I do not have access to that | |
More Examples: | |
| role | request_method | path | | |
| fiscal admin | GET | /grants | | |
| fiscal admin | POST | /grants/ | | |
| fiscal admin | GET | /grants/1 | | |
| fiscal admin | PUT | /grants/1 | | |
| fiscal admin | DELETE | /grants/1 | | |
| fiscal admin | PUT | /grants/1/deactivate | | |
| fiscal admin | PUT | /grants/1/activate | | |
| fiscal admin | GET | /appropriations | | |
| fiscal admin | POST | /appropriations/ | | |
| fiscal admin | GET | /appropriations/1 | | |
| fiscal admin | PUT | /appropriations/1 | | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment