mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-16 19:33:11 +02:00
cucumber for days (#5766)
This commit is contained in:
@@ -0,0 +1,45 @@
|
||||
@jwt @auth @signature
|
||||
Feature: Signatures API
|
||||
|
||||
Tests for the saved signatures REST API, which allows authenticated
|
||||
users to store and retrieve their signature images.
|
||||
|
||||
Endpoints:
|
||||
- GET /api/v1/proprietary/signatures (authenticated)
|
||||
- POST /api/v1/proprietary/signatures (authenticated, multipart)
|
||||
- DELETE /api/v1/proprietary/signatures/{id} (authenticated)
|
||||
|
||||
POST is omitted here because it requires a multipart image upload; the
|
||||
format of SavedSignatureRequest is tested via integration rather than BDD.
|
||||
|
||||
Admin credentials: username=admin, password=stirling
|
||||
|
||||
# =========================================================================
|
||||
# LIST SIGNATURES
|
||||
# =========================================================================
|
||||
|
||||
@positive
|
||||
Scenario: Authenticated user can retrieve their signatures list
|
||||
Given I am logged in as admin
|
||||
When I send a GET request to "/api/v1/proprietary/signatures" with JWT authentication
|
||||
Then the response status code should be one of "200, 403"
|
||||
|
||||
@negative
|
||||
Scenario: Unauthenticated request to signatures list returns 401
|
||||
When I send a GET request to "/api/v1/proprietary/signatures" with no authentication
|
||||
Then the response status code should be 401
|
||||
|
||||
# =========================================================================
|
||||
# DELETE SIGNATURE
|
||||
# =========================================================================
|
||||
|
||||
@negative
|
||||
Scenario: Delete a non-existent signature returns 404 or 403
|
||||
Given I am logged in as admin
|
||||
When I send a DELETE request to "/api/v1/proprietary/signatures/nonexistent-sig-id-xyz" with JWT authentication
|
||||
Then the response status code should be one of "403, 404"
|
||||
|
||||
@negative
|
||||
Scenario: Unauthenticated request to delete signature returns 401
|
||||
When I send a DELETE request to "/api/v1/proprietary/signatures/some-id" with no authentication
|
||||
Then the response status code should be 401
|
||||
Reference in New Issue
Block a user