Logo: Relish

  1. Sign in

Project: Apiv3

General Features and Exceptions

TODO: Document Purpose and Usage

Scenarios
  • @skip_auth
Fetching a collection when unauthorized.
Given
I do not have access to anything
When
I GET to /sports
Then
I should get a 403 FORBIDDEN status code
  • @skip_auth
Creating an object when unauthorized.
Given
I do not have access to a Team
When
I POST to /members with the body:
{
  "template": {
    "data": [
      {"name": "first_name", "value": "Bobby"},
      {"name": "team_id", "value": 1},
      {"name": "user_id", "value": 1}
    ]
  }
}
Then
I should get a 403 FORBIDDEN status code
Creating an object with non-permitted attributes.
When
I POST to /members with the body:
{
  "template": {
    "data": [
      {"name": "first_name", "value": "Bobby"},
      {"name": "team_id", "value": 1},
      {"name": "user_id", "value": 1},
      {"name": "created_at", "value": "2014-06-10T00:18:00Z"}
    ]
  }
}
Then
I should get a 201 CREATED status code
And
the response location is /members/{id}
And
the response is the Member collection
And
the response contains 1 Member
And
the Member's created_at attribute is not '2014-06-10T00:18:00Z'
  • @skip_auth
Updating an object when unauthorized.
Given
I have 1 Member
And
I do not have access to the Member
When
I PATCH to /members/:member_id giving the member_id with the body:
{
  "template": {
    "data": [
      {"name": "name", "value": "Bobby"}
    ]
  }
}
Then
I should get a 403 FORBIDDEN status code
Updating a non-existant object.
Given
I have an invalid Member
When
I PATCH to /members/:member_id giving the member_id with the body:
{
  "template": {
    "data": [
      {"name": "first_name", "value": "Sally"}
    ]
  }
}
Then
I should get a 404 NOT FOUND status code
Updating an object with non-permitted attributes.
Given
I have 1 Member
When
I PATCH to /members/:member_id giving the member_id with the body:
{
  "template": {
    "data": [
      {"name": "created_at", "value": "2014-06-10T00:18:00Z"}
    ]
  }
}
Then
I should get a 200 OK status code
And
the response is the Member collection
And
the response contains 1 Member
And
the Member's created_at attribute is not '2014-06-10T00:18:00Z'
  • @skip_auth
Fetching an object when unauthorized.
Given
I have 1 Member
And
I do not have access to the Member
When
I GET to /members/:member_id giving the member_id
Then
I should get a 403 FORBIDDEN status code
Fetching a non-existant object.
Given
I have an invalid Member
When
I GET to /members/:member_id giving the member_id
Then
I should get a 404 NOT FOUND status code
  • @skip_auth
Deleting an object when unauthorized.
Given
I have 1 Member
And
I do not have access to the Member
When
I DELETE to /members/:member_id giving the member_id
Then
I should get a 403 FORBIDDEN status code
Deleting a non-existant object.
Given
I have an invalid Member
When
I DELETE to /members/:member_id giving the member_id
Then
I should get a 404 NOT FOUND status code
  • @skip_auth
Searching for an object when unauthorized.
Given
I have 1 Member
And
I do not have access to the Member
When
I GET to /members/search?id=:member_id giving the member_id
Then
I should get a 403 FORBIDDEN status code
Searching for a non-existant object.
Given
I have an invalid Member
When
I GET to /members/search?id=:member_id giving the member_id
Then
I should get a 200 OK status code
And
the response is the Member collection
And
the response contains 0 Members
Searching using multiple values.
Given
I have 2 Members
When
I GET to /members/search?id=:member_id giving the member_id
Then
I should get a 200 OK status code
And
the response is the Member collection
And
the response contains 2 Members
Searching using multiple parameters.
Given
I have 1 User
Given
I have 1 Member
When
I GET to /members/search?id=:member_id&user_id=:user_id giving the member_id and user_id
Then
I should get a 200 OK status code
And
the response is the Member collection
And
the response contains 1 Member

Last published almost 7 years ago by semmons99.