Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2026-03-04 02:20:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9b0610b2cceade2f6b3ca0ab2e70e3bcbf0017d8
Stirling-PDF/testing/cucumber/features/enterprise/teams.feature
Anthony Stirling 30c258ce0b cucumber for days (#5766)
2026-02-21 23:17:28 +00:00

81 lines
3.7 KiB
Gherkin
Raw Blame History

@jwt @auth @team
Feature: Teams API
Tests for the teams REST API, which provides multi-user grouping
functionality (a @PremiumEndpoint feature).
Endpoints:
- POST /api/v1/teams/create (admin only, query param: name)
- POST /api/v1/teams/rename (admin only, query params: teamId, name)
- POST /api/v1/teams/delete (admin only, query param: teamId)
- POST /api/v1/teams/addUser (admin only, query params: teamId, username)
Because this is a @PremiumEndpoint, responses may be 200 (premium enabled)
or 403 (premium not available in this build).
There is no GET /teams endpoint, so full CRUD lifecycle cannot be verified
via ID-based lookup. Tests are limited to exercising each endpoint and
checking the response is not a security bypass.
Admin credentials: username=admin, password=stirling
# =========================================================================
# CREATE TEAM
# =========================================================================
@positive
Scenario: Admin can attempt to create a new team
Given I am logged in as admin
When I send a POST request to "/api/v1/teams/create" with JWT authentication and params "name=bdd_test_team"
Then the response status code should be one of "200, 201, 403"
@negative
Scenario: Unauthenticated request to create team returns 401
When I send a POST request to "/api/v1/teams/create" with no authentication and params "name=evil_team"
Then the response status code should be 401
# =========================================================================
# RENAME TEAM
# =========================================================================
@positive
Scenario: Admin can attempt to rename a team
Given I am logged in as admin
When I send a POST request to "/api/v1/teams/rename" with JWT authentication and params "teamId=1&newName=bdd_renamed_team"
Then the response status code should be one of "200, 400, 403, 404"
@negative
Scenario: Unauthenticated request to rename team returns 401
When I send a POST request to "/api/v1/teams/rename" with no authentication and params "teamId=1&newName=evil_renamed"
Then the response status code should be 401
# =========================================================================
# ADD USER TO TEAM
# =========================================================================
@positive
Scenario: Admin can attempt to add a user to a team
Given I am logged in as admin
When I send a POST request to "/api/v1/teams/addUser" with JWT authentication and params "teamId=1&userId=1"
Then the response status code should be one of "200, 400, 403, 404"
@negative
Scenario: Unauthenticated request to add user to team returns 401
When I send a POST request to "/api/v1/teams/addUser" with no authentication and params "teamId=1&userId=1"
Then the response status code should be 401
# =========================================================================
# DELETE TEAM
# =========================================================================
@positive
Scenario: Admin can attempt to delete a team
Given I am logged in as admin
When I send a POST request to "/api/v1/teams/delete" with JWT authentication and params "teamId=999"
Then the response status code should be one of "200, 400, 403, 404"
@negative
Scenario: Unauthenticated request to delete team returns 401
When I send a POST request to "/api/v1/teams/delete" with no authentication and params "teamId=1"
Then the response status code should be 401
Reference in New Issue View Git Blame Copy Permalink