cucumber for days (#5766)

This commit is contained in:
Anthony Stirling
2026-02-21 23:17:28 +00:00
committed by GitHub
parent 7631b222bd
commit 30c258ce0b
40 changed files with 4079 additions and 49 deletions
@@ -0,0 +1,45 @@
@jwt @auth @signature
Feature: Signatures API
Tests for the saved signatures REST API, which allows authenticated
users to store and retrieve their signature images.
Endpoints:
- GET /api/v1/proprietary/signatures (authenticated)
- POST /api/v1/proprietary/signatures (authenticated, multipart)
- DELETE /api/v1/proprietary/signatures/{id} (authenticated)
POST is omitted here because it requires a multipart image upload; the
format of SavedSignatureRequest is tested via integration rather than BDD.
Admin credentials: username=admin, password=stirling
# =========================================================================
# LIST SIGNATURES
# =========================================================================
@positive
Scenario: Authenticated user can retrieve their signatures list
Given I am logged in as admin
When I send a GET request to "/api/v1/proprietary/signatures" with JWT authentication
Then the response status code should be one of "200, 403"
@negative
Scenario: Unauthenticated request to signatures list returns 401
When I send a GET request to "/api/v1/proprietary/signatures" with no authentication
Then the response status code should be 401
# =========================================================================
# DELETE SIGNATURE
# =========================================================================
@negative
Scenario: Delete a non-existent signature returns 404 or 403
Given I am logged in as admin
When I send a DELETE request to "/api/v1/proprietary/signatures/nonexistent-sig-id-xyz" with JWT authentication
Then the response status code should be one of "403, 404"
@negative
Scenario: Unauthenticated request to delete signature returns 401
When I send a DELETE request to "/api/v1/proprietary/signatures/some-id" with no authentication
Then the response status code should be 401