Problem/Motivation

Add test scenario to check if the user does not have access to view/edit resources when they do not have permission

[Method]

  • After creating all the resources, remove all the permissions or log-in with a user does not have permission to the resources at all.

[What to check]

  • Check if the user can see the button to add a resource in each tab of resources
  • Go to the the link of [ cloud_context/resource_name/edit/ ], and make sure the user will get a 403 HTTP response

Issue fork cloud-3268673

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

TamakiFujino created an issue. See original summary.

TamakiFujino opened merge request !746

TamakiFujino’s picture

TamakiFujino commented
Status: Active » Needs review
TamakiFujino’s picture

TamakiFujino commented
Status: Needs review » Needs work
TamakiFujino’s picture

TamakiFujino commented
Status: Needs work » Needs review

yas made their first commit to this issue’s fork.

yas’s picture

yas
🇯🇵 he/him
Primary language Japanese
Location California 🇺🇸
commented

@tamakifujino

Thank you for adding the test case. It looks good to me.

@kumikoono

What do you think? Thanks

kumikoono’s picture

kumikoono commented

This is non-authorized user's test, namely semi-normal test type. So, the file name should be AWS-ATDD-01-xx. ( However, we need to add some order control. )

Moreover, it's better to break into two feature files:

  1. See if no Add buttons appear, and 403 response when visiting the add path.
  2. See if no existing resources appear

Both should run and pass anytime, but it's meaningful when the 2nd file run after some resources are created.

Thus, can you create AWS-ATDD-00-21-NonAuthorizedUserAccess.feature and AWS-ATDD-00-22-NonAuthorizedUserCheckResources.feature for them?

TamakiFujino’s picture

TamakiFujino commented
Status: Needs review » Needs work
TamakiFujino’s picture

TamakiFujino commented
Status: Needs work » Needs review
kumikoono’s picture

kumikoono commented

@tamakifujino Thanks for the update. I think the filenames should switch each other. Other than that, they look good to me.

kumikoono’s picture

kumikoono commented
Status: Needs review » Reviewed & tested by the community

Looks good to me. Thanks!

yas’s picture

yas
🇯🇵 he/him
Primary language Japanese
Location California 🇺🇸
commented

@tamakifujino

Thank you for the change. I'll merge the patch to 4.x and 5.x, and close this issue as Fixed.

  • yas committed aaec091 on 5.x authored by TamakiFujino 
    Issue #3268673 by TamakiFujino, yas, kumikoono: Add a BDD test scenario...

  • yas committed 775c894 on 4.x authored by TamakiFujino 
    Issue #3268673 by TamakiFujino, yas, kumikoono: Add a BDD test scenario...
yas’s picture

yas
🇯🇵 he/him
Primary language Japanese
Location California 🇺🇸
commented
Status: Reviewed & tested by the community » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

yas closed merge request !746