Api >
Authorization
Example: User cannot delete Work Log Entry that belongs to other user
- Given user is logged in as Homer
- And there is
Work Log Entry with id WL.001 that belongs to Bart
- When DELETE request is being send to:
/endpoints/v1/work-log/entries/WL.001
- Then response status should be equal to HTTP/1.1 403 Forbidden
Example: User cannot update Work Log Entry that belongs to other user
- Given user is logged in as Homer
- And there is
Work Log Entry with id WL.001 that belongs to Bart
- When valid Work Log Entry update request is being send to:
/endpoints/v1/work-log/entries/WL.001
- Then response status should be equal to HTTP/1.1 403 Forbidden
Example: User cannot registeter Work Log Entry for somebody else
- Given user is logged in as Homer
- When valid Work Log Entry registration request is being send to:
/endpoints/v1/employee/Bart/work-log/entries
- Then response status should be equal to HTTP/1.1 403 Forbidden
Example: User can delete Work Log Entry that belongs them
- Given user is logged in as Homer
- And there is
Work Log Entry with id WL.001 that belongs to Homer
- When DELETE request is being send to:
/endpoints/v1/work-log/entries/WL.001
- Then response status should be equal to HTTP/1.1 204 No Content
Example: User can update Work Log Entry that belongs them
- Given user is logged in as Homer
- And there is
Work Log Entry with id WL.001 that belongs to Homer
- When valid Work Log Entry update request is being send to:
/endpoints/v1/work-log/entries/WL.001
- Then response status should be equal to HTTP/1.1 200 OK
Example: User can register Work Log Entry
- Given user is logged in as Homer
- When valid Work Log Entry registration request is being send to:
/endpoints/v1/employee/Homer/work-log/entries
- Then response status should be equal to HTTP/1.1 201 Created