Difference between revisions of "Development/Functional testing/Access control tests"

From AtoM wiki
m (Edit user basic information)
m (View drafts)
 
(One intermediate revision by the same user not shown)
Line 30: Line 30:
 
*Administrator can remove a user from one or more groups
 
*Administrator can remove a user from one or more groups
 
*All scenarios described at http://ica-atom.org/doc/UM-7.2_1.0.9 can be run successfully
 
*All scenarios described at http://ica-atom.org/doc/UM-7.2_1.0.9 can be run successfully
 
== Hierarchy treeview ==
 
 
*Only authenticated users with update permission can drag and drop information objects within the information object hierarchy treeview
 
*Users who have update permission only for specified repositories can drag and drop information objects linked to those repositories only
 
  
 
== View drafts ==
 
== View drafts ==
  
* Unauthenticated users do not retrieve draft information objects in search or browse results
+
* Unauthenticated users will not see draft information objects in search or browse results
* Unauthenticated users do not see draft descriptions listed in context menu boxes of repository or actor show screens
+
* Unauthenticated users will not see draft descriptions listed in context menu boxes of repository or actor show screens
 
* For unauthenticated users, directly entering a url for a draft description forwards to an access denied page
 
* For unauthenticated users, directly entering a url for a draft description forwards to an access denied page
* On informationobject/browse page, authenticated users see only published fonds and draft fonds to which they have view draft permissions
+
* Authenticated users will see only published descriptions and draft descriptions to which they have view draft permissions on information object/browse page
* Search results by authenticated users only show published descriptions and draft fonds to which they have view draft permissions
+
* Authenticated users will see only published descriptions and draft descriptions to which they have view draft permissions in search results
* On repository/show page, authenticated users see only published fonds and draft fonds to which they have view draft permissions
+
* Authenticated users will see only published descriptions and draft descriptions to which they have view draft permissions on repository/show page
 
* For authenticated users, directly entering a url for a draft description forwards to "permission denied" page if user does not have view draft access to resource
 
* For authenticated users, directly entering a url for a draft description forwards to "permission denied" page if user does not have view draft access to resource
  

Latest revision as of 14:15, 10 October 2018

Main Page > Development > Development/Functional testing > Development/Functional testing/Access control tests

These tests help determine that AtoM's user, group, and permissions management modules function as expected. For more information on the expected behaviors of each, see the "Manage user accounts and user groups" and "Edit user permissions" pages in the ADMINISTER section of our AtoM User Manual.

Create and edit groups

  • Administrators can navigate to group edit screen by clicking Admin > Groups
  • Administrator can add a new group and set permissions for that group
  • Administrator can edit and save changes to administrator, anonymous and authenticated groups but can't delete them
  • Administrator can edit and save changes to contributor, editor and translator groups and can delete them
  • Administrator can edit data in all fields
  • Administrator can delete permissions
  • Adding a user to a group causes the user to have the permissions assigned to the group
  • Editing permissions for a user overrides permissions inherited from the group for that user

Create user and edit user basic information

  • Administrators can navigate to user edit screen by clicking admin > users > add new or admin > users > (user name) > edit
  • Administrator can create and edit data in all fields in Basic info area
  • Clicking Create or Save opens the user show screen with all changes saved
  • Clicking Cancel opens the user show screen with no changes saved

Edit user permissions

  • Administrator can assign a user to one or more groups
  • Administrator does not have to assign a user to a group
  • Administrator can remove a user from one or more groups
  • All scenarios described at http://ica-atom.org/doc/UM-7.2_1.0.9 can be run successfully

View drafts

  • Unauthenticated users will not see draft information objects in search or browse results
  • Unauthenticated users will not see draft descriptions listed in context menu boxes of repository or actor show screens
  • For unauthenticated users, directly entering a url for a draft description forwards to an access denied page
  • Authenticated users will see only published descriptions and draft descriptions to which they have view draft permissions on information object/browse page
  • Authenticated users will see only published descriptions and draft descriptions to which they have view draft permissions in search results
  • Authenticated users will see only published descriptions and draft descriptions to which they have view draft permissions on repository/show page
  • For authenticated users, directly entering a url for a draft description forwards to "permission denied" page if user does not have view draft access to resource

Translate

  • Translate group grants ability to translate to all languages - issues #3667 and #4279
  • Administrator group grants ability to translate to all languages
  • Other users can only translate to languages specified in "Allowed languages for translation" field in Access control div of user edit screen (at this time, this function does not seem to be working properly in 1.3, but it cannot be properly tested until the above issues are resolved)