To add a collaborator to this project you will need to use the Relish gem to add the collaborator via a terminal command. Soon you'll be able to also add collaborators here!
More about adding a collaboratorAuthenticated users should have restrictions on what they can do
As a system administrator
In I want to make sure that only administrators can have full access to user details
- Background Some users and an administrator exist
-
- Given
- some users exist in the database
- And
- I am logged in as a user
- Scenarios
-
- An ordinary user tries to create a new user
- An ordinary user tries to view the list of users
- An ordinary user tries to view another user's details
- An ordinary user tries to view their own details
- An ordinary user tries to create a new user
-
- When
- I go to the new users page
- Then
- I should be on my details page
- And
- I should see 'Access Denied'
- An ordinary user tries to view the list of users
-
- When
- I go to the list of users
- Then
- I should be on my details page
- And
- I should see 'Access Denied'
- An ordinary user tries to view another user's details
-
- When
- I go to another users details
- Then
- I should be on my details page
- And
- I should see 'Access Denied'
- An ordinary user tries to view their own details
-
- When
- I go to my details page
- Then
- I should be on my details page
- And
- I should not see 'Access Denied'
Last published over 5 years ago by JohnSmall.