sebi/effigenix
1
0
Fork 0
mirror of https://github.com/s-frick/effigenix.git synced 2026-03-28 19:20:23 +01:00
Code Issues Releases Activity Actions

phase 2

Browse source
This commit is contained in:
Janosch 2026-03-27 11:26:06 +01:00
parent e897f41a32
commit 061c2b4f8d
14 changed files with 1293 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

32
test-automation/web-ui/tests/api/auth/authorization.spec.ts
View file

@ -1,7 +1,7 @@
import { test, expect } from '../../../fixtures/auth.fixture.js';
/**
* TC-AUTH Autorisierung Masterdata
* TC-AUTH Autorisierung
* Quelle: GitHub Issue #67
*/
test.describe('TC-AUTH: Autorisierung', () => {
@ -26,5 +26,33 @@ test.describe('TC-AUTH: Autorisierung', () => {
expect(res.status()).toBe(403);
});
// TODO: Weitere ACs aus Issue #67 ergänzen
test('TC-AUTH-04: Viewer darf Lieferanten lesen', async ({ request, viewerToken }) => {
const res = await request.get('/api/suppliers', {
headers: { Authorization: `Bearer ${viewerToken}` },
});
expect(res.status()).toBe(200);
});
test('TC-AUTH-05: Viewer darf keine Kategorien erstellen', async ({ request, viewerToken }) => {
const res = await request.post('/api/categories', {
data: { name: `Viewer-Kat-${Date.now()}` },
headers: { Authorization: `Bearer ${viewerToken}` },
});
expect(res.status()).toBe(403);
});
test('TC-AUTH-06: Admin darf Kategorien erstellen', async ({ request, adminToken }) => {
const res = await request.post('/api/categories', {
data: { name: `AdminKat-${Date.now()}` },
headers: { Authorization: `Bearer ${adminToken}` },
});
expect(res.status()).toBe(201);
});
test('TC-AUTH-07: Ungültiges JWT wird abgelehnt', async ({ request }) => {
const res = await request.get('/api/suppliers', {
headers: { Authorization: 'Bearer invalid.jwt.token' },
});
expect([401, 403]).toContain(res.status());
});
});