Permission Enforcement - Administration - QA Test Plan


On this page

Enforcement of Administrative Permissions

Setting up users and roles

Before you move on, you have to set up a series of roles and users (if they are not already set up)


Create new role None to Admin with:

  • None permissions to Utility Resources > Term Lists
  • None permissions to Utility Resources > Data Updates
  • None permissions to Security Resources > Roles
  • None permissions to Security Resources > Users
  • Read permissions to Objects

Create new role Write to Admin with: 

  • Write permissions to Utility Resources > Term Lists
  • Write permissions to Utility Resources > Data Updates
  • Write permissions to Security Resources > Roles
  • Write permissions to Security Resources > Users

And set up the below users with the proper roles

(Ok to use fake email addresses for new user creation, e.g. nonetoadmin@collectionspace.org)

User None to Admin with Role None to Admin

User Read to Admin with Role TENANT_READER

User Write to Admin with Role Write to Admin

User Delete to Admin with Role TENANT_ADMINISTRATOR

Test 1: No access to any administration

Actions:

  1. Log in as User None to Admin
  2. Click the Administration menu item in the top navigation

Expected

  • The Administration menu item should not be present

Actions: 

  1. Click the Tools menu item in the top navigation

Expected

  • The Tools menu item should not be present

Test 2: Read only access to Users

Actions:

  1. Login as the user Read to Admin
  2. Click the Administration menu in the top navigation
  3. Click the Users tab

Expected:

  • List of users appears on the left
  • No + Create New button is displayed above the list of users

Actions:

  1. Click one of the existing users

Expected:

  • Details of the user should appear to the right
  • All the details should be read only, including the list of assigned roles
  • No save, revert, or delete buttons should be present

Test 3: Read only access to Roles and Permissions

Actions:

  1. Continue from Test 2
  2. Click the Roles and Permissions tab

Expected:

  • List of roles appears on the left
  • No + Create New button is displayed above the list of roles

Actions:

  1. Click one of the existing roles

Expected:

  • Details of the roles should appear to the right
  • All the details should be read only, including the list of permissions
  • No save, revert, or delete buttons should be present

Test 4: Read only access to Term Lists

Actions:

  1. Click the Tools menu item in the top navigation
  2. Click the Term Lists tab
  3. Click on a term list name in the left menu

Expected:

  • Details of the term list should appear to the right
  • All the details should be read only
  • No save, revert, or cancel buttons should be present

Text 6: Read only access to Data Updates

Actions:

  1. Continue from Test 3
  2. Click the Data Updates Tab
  3. Click on a data update name in the left menu

Expected:

  • Details of the data update should appear to the right
  • All the details should be read only
  • No save, revert, run or cancel buttons should be present

Test 7: Write access to Users

Actions:

  1. Log in as User Write to Admin
  2. Click the Administration menu item in the top navigation
  3. Click on the Users menu item

Expected:

  • + Create New button is displayed above the list of users

Actions:

  1. Click one of the existing users

Expected:

  • Details of the user should appear to the right and should be editable
  • No delete button should be present

Actions:

  1. Click the + Create New button above the user listing
  2. In the empty form appearing on the right, fill out all fields and make sure you assign at least one role
  3. Save

Expected:

  • The new user should be saved and a success message should display this in the bottom of the screen

Actions:

  1. Click the new user in the left menu and check that all the fields contain the expected values
  2. Change one or more fields
  3. Click the save button

Expected:

  • The user should be saved and a message should display this in the bottom of the screen.

Test 8: Write access to Roles & Permissions

Actions:

  1. Continue from Test 7
  2. Click the Roles and Permissions tab

Expected:

  • + Create New button is displayed above the list of roles

Actions:

  1. Click one of the existing roles

Expected:

  • Details of the role should appear to the right and should be editable
  • No delete button should be present

Actions:

  1. Click the + Create New button above the role listing
  2. In the empty form appearing on the right, fill out all fields and make sure you change at least one permission.
  3. Save

Expected:

  • The new role should be saved and a success message should display this in the bottom of the screen.

Test 9: Write access to Term List Management

Actions:

  1. Click on the Tools menu in the top navigation
  2. Click the Term Lists tab
  3. Click one of the existing term lists

Expected:

  • Details of the term list should appear to the right and should be editable
  • The save and revert buttons should be present

Actions:

  1. Change the Name, Source and Description of an existing term
  2. Add a term by clicking the + below the list of terms (values)
    1. Fill out the details of the new term
  3. Delete a term by clicking the - to the right of the term status field
  4. Inactivate a term by selecting inactivate from the status dropdown
  5. Save

Expected:

  • The modified term list should be saved and the changes you have made should still be present

Test 11: Write access to Data Updates

Actions:

  1. Continue from Test 10
  2. Click on the Data Updates Tab
  3. Click a Data Update on the left menu

Expected:

  • Details of the data update should appear to the right
  • All the details should be editable
  • Run, save, and revert buttons should be present

Actions:

  1. Select a data update and select the run button
  2. Choose a parameter in the pop-up
  3. Select the run button

Expected:

  • The data update will run. 

Test 12: Delete Access to Roles

Actions:

  1. Log in as Delete to Admin
  2. Click the Administration menu item in the top navigation
  3. Click the Roles & Permissions tab
  4. Click the + Create New button
  5. Fill out the details of the new role
  6. Click Save

Expected:

  • A confirmation of successful save should appear in the status bar

Actions:

  1. If the new role was dismissed, reopen it by clicking on its name in the role listing to the left
  2. Click the delete button
  3. Confirm deletion of role

Expected:

  • The role should be deleted

Test 14: Delete Permission to Users

Actions:

  1. Continue from Test 12
  2. Click the Users tab
  3. Create a new user by clicking the + Create New button
  4. Fill out with the following info:
    1. Email Address: test@collectionspace.org
    2. Full Name: test@collectionspace.org
    3. Password: test@collectionspace.org
    4. Confirm password: test@collectionspace.org
  5. Assign any role to the user
  6. Save

Expected:

  • User is saved

Actions:

  1. Open a different browser (it's important that it is not the same as you've been doing the above testing in. You have to be logged in with two different users at the same time, which requires two different browsers. If you are using Google Chrome, you can open a new Incognito window by pressing Ctrl+Shift+N and user this as Browser Two. This has the same effect as using two different browsers)
  2. We will call this browser Browser Two for future reference
  3. In Browser Two, log in with username test@collectionspace.org and password test@collectionspace.org
  4. In Browser One, go to Administration > Users
  5. Click the test@collectionspace.org user

Expected:

  • User details should appear to the right
  • No Delete button should be present


Note: At this time, there is no material difference between Write and Delete to Term Lists, Reports, and Data Updates. None of these items may be deleted via the User Interface.