public function visibility(ApiTester $I) { $first_user = $I->createUser(true); $second_user = $I->createUser(true); $I->loginUser($first_user); $project = $I->createProjectAndSetHeader(); $I->sendGET('api/v1/projects'); $I->assertContains($project->_id, $I->grabResponse()); $I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_create', 'tables_update']]); $I->seeResponseCodeIs(422); $I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view', 'tables_update']]); $I->seeResponseCodeIs(201); $I->loginUser($second_user); $I->sendGET('api/v1/projects'); $I->assertContains($project->_id, $I->grabResponse()); }
public function checkDecisionAccess(ApiTester $I) { $user = $I->createAndLoginUser(); $I->createProjectAndSetHeader(); $table = $I->createTable($I->getShortTableDataMatchingTypeAll()); $decisions = ['points' => 15, 'request' => ['string' => 'Invalid', 'numeric' => 1, 'bool' => false]]; $data = $I->makeDecision($table->_id, $decisions['request'], 'scoring'); $I->sendGET('api/v1/admin/decisions'); $I->assertContains($data->_id, $I->grabResponse()); $second_user = $I->createUser(true); $I->loginUser($second_user); $I->createProject(true); $I->sendGET('api/v1/admin/decisions'); $I->assertNotContains($data->_id, $I->grabResponse()); $I->loginUser($user); $I->sendPOST('api/v1/projects/users', ['user_id' => $second_user->_id, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view', 'tables_update', 'decisions_view']]); $I->loginUser($second_user); $I->sendGET('api/v1/admin/decisions'); $I->assertContains($data->_id, $I->grabResponse()); }
public function invitation(ApiTester $I) { $faker = $I->getFaker(); $I->createAndLoginUser(); $first_project = $I->createProjectAndSetHeader(); $second_user_email = $faker->email; $I->sendPOST('api/v1/invite', ['email' => $second_user_email, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view']]); $I->seeResponseCodeIs(200); $second_project = $I->createProject(true); $I->setHeader('X-Application', $second_project->_id); $I->sendPOST('api/v1/invite', ['email' => $second_user_email, 'role' => 'manager', 'scope' => ['tables_create', 'tables_view']]); $I->seeResponseCodeIs(200); $I->logout(); $I->loginClient($I->getCurrentClient()); $I->loginUser($I->createUser(true, $second_user_email)); $I->sendGET('api/v1/projects'); $I->seeResponseCodeIs(200); $I->assertContains($first_project->_id, $I->grabResponse()); $I->assertContains($second_project->_id, $I->grabResponse()); }