Commit 09c6e842 authored by sdelano's avatar sdelano Committed by Daniel DeLeo
Browse files

refactor feature tests:

* make_admin / make_non_admin
* rename response to api_response
parent ae3cdccb
......@@ -5,34 +5,34 @@ Feature: Create a client via the REST API
I want to create clients via the REST API
Scenario: Create a new client
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis'
When I 'POST' the 'client' to the path '/clients'
When I create the client
And the inflated responses key 'uri' should match '^http://.+/clients/isis$'
Scenario: Create a new client as an admin
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'adminmonkey'
When I 'POST' the 'client' to the path '/clients'
When I create the client
When I 'GET' the path '/clients/adminmonkey'
Then the inflated response should respond to 'admin' with 'true'
Scenario: Create a client that already exists
Given a 'registration' named 'bobo' exists
Given I am an administrator
And an 'client' named 'isis'
When I 'POST' the 'client' to the path '/clients'
And I 'POST' the 'client' to the path '/clients'
When I create the client
And I create the client
Then I should get a '409 "Conflict"' exception
Scenario: Create a new client with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis'
When I 'POST' the 'client' to the path '/clients' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
Scenario: Create a new client when you are not an admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'client' named 'isis'
When I 'POST' the 'client' to the path '/clients'
Then I should get a '401 "Unauthorized"' exception
When I create the client
Then I should get a '403 "Forbidden"' exception
......@@ -5,26 +5,26 @@ Feature: Delete a client via the REST API
I want to delete a client via the REST API
Scenario: Delete a client
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
When I 'DELETE' the path '/clients/isis'
Then the inflated responses key 'name' should match '^isis$'
Scenario: Delete a client that does not exist
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no clients
When I 'DELETE' the path '/clients/isis'
Then I should get a '404 "Not Found"' exception
Scenario: Delete a client with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
When I 'DELETE' the path '/clients/isis' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
Scenario: Delete a client when you are not an admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'client' named 'isis' exists
When I 'DELETE' the path '/clients/isis'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,19 +5,19 @@ Feature: List clients via the REST API
I want to list all the clients
Scenario: List clients when none have been created
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no clients
When I 'GET' the path '/clients'
Then the inflated response should be '3' items long
Scenario: List clients when one has been created
Given a 'registration' named 'bobo' exists
Given I am an administrator
Given a 'client' named 'isis' exists
When I 'GET' the path '/clients'
Then the inflated responses key 'isis' should match '^http://.+/clients/isis$'
Scenario: List clients when two have been created
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
And a 'client' named 'neurosis' exists
When I 'GET' the path '/clients'
......@@ -25,14 +25,14 @@ Feature: List clients via the REST API
And the inflated responses key 'neurosis' should match '^http://.+/clients/neurosis$'
Scenario: List clients when none have been created with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no clients
When I 'GET' the path '/clients' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
Scenario: List clients when one has been created and you are not an admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
Given a 'client' named 'isis' exists
When I 'GET' the path '/clients'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,27 +5,27 @@ Feature: Show a client via the REST API
I want to show the details for a specific client
Scenario: Show a client
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
When I 'GET' the path '/clients/isis'
Then the inflated response should respond to 'name' with 'isis'
And the inflated response should respond to 'admin' with 'false'
Scenario: Show a missing client
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no clients
When I 'GET' the path '/clients/frankenstein'
Then I should get a '404 "Not Found"' exception
Scenario: Show a client with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
When I 'GET' the path '/clients/isis' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
Scenario: Show a client when you are not an admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'client' named 'isis' exists
When I 'GET' the path '/clients/isis'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,7 +5,7 @@ Feature: Update a client
I want to update my client via the API
Scenario: Update a client
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
And a 'client' named 'isis_update'
When I 'PUT' the 'client' to the path '/clients/isis'
......@@ -13,26 +13,26 @@ Feature: Update a client
And the inflated responses key 'private_key' should match 'BEGIN RSA PRIVATE KEY'
Scenario: Update a client with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'client' named 'isis' exists
And a 'client' named 'isis_update'
When I 'PUT' the 'client' to the path '/clients/isis' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
Scenario: Update a client when you are not an admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'client' named 'isis' exists
And a 'client' named 'isis_update'
When I 'PUT' the 'client' to the path '/clients/isis'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
@privilege_escalation
Scenario: Non-admin clients cannot update themselves
Given I am a non admin client
Given I am a non-admin
When I edit the 'not_admin' client
And I set 'admin' to true
And I save the client
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......
......@@ -8,7 +8,7 @@ Feature: CRUD cookbooks
@delete_cookbook_positive @delete_cookbook_version_positive
Scenario: After uploading two versions of a cookbook, then deleting the second, I should not be able to interact with the second but should be able to interact with the first
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
And I fully upload a sandboxed cookbook force-named 'testcookbook_valid' versioned '0.2.0' with 'testcookbook_valid_v0.2.0'
When I 'GET' to the path '/cookbooks/testcookbook_valid/0.2.0'
......@@ -27,7 +27,7 @@ Feature: CRUD cookbooks
@delete_cookbook_negative @delete_cookbook_version_negative
Scenario: I should not be able to delete a cookbook version that does not exist
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
And I fully upload a sandboxed cookbook force-named 'testcookbook_valid' versioned '0.2.0' with 'testcookbook_valid_v0.2.0'
When I 'DELETE' to the path '/cookbooks/testcookbook_valid/0.3.0'
......@@ -37,7 +37,7 @@ Feature: CRUD cookbooks
# You delete all of its versions and then it disappears.
@delete_cookbook_positive
Scenario: I should be able to delete a cookbook by deleting all of its versions
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
When I 'DELETE' to the path '/cookbooks/testcookbook_valid/0.1.0'
Then I should not get an exception
......@@ -48,7 +48,7 @@ Feature: CRUD cookbooks
@delete_cookbook_negative
Scenario: I should not be able to delete a cookbook that doesn't exist'
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I 'DELETE' to the path '/cookbooks/testcookbook_nonexistent'
Then I should get a '404 "Not Found"' exception
......@@ -9,13 +9,13 @@ Feature: CRUD cookbooks
# Downloading a cookbook -- positive
@download_cookbook_positive
Scenario: After a cookbook is uploaded, it should be downloadable
Given a 'registration' named 'bobo' exists
Given I am an administrator
Then I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
When I download the cookbook manifest for 'testcookbook_valid' version '0.1.0'
Then the downloaded cookbook manifest contents should match 'testcookbook_valid'
Scenario: After a cookbook is uploaded, its contents should be downloadable
Given a 'registration' named 'bobo' exists
Given I am an administrator
Then I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
When I download the cookbook manifest for 'testcookbook_valid' version '0.1.0'
When I download the file 'metadata.json' from the downloaded cookbook manifest
......@@ -25,7 +25,7 @@ Feature: CRUD cookbooks
@download_cookbook_positive
Scenario: After uploading two versions of a cookbook, I should be able to retrieve files from either version
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
And I fully upload a sandboxed cookbook force-named 'testcookbook_valid' versioned '0.2.0' with 'testcookbook_valid_v0.2.0'
When I download the cookbook manifest for 'testcookbook_valid' version '0.1.0'
......@@ -39,7 +39,7 @@ Feature: CRUD cookbooks
@download_cookbook_negative
Scenario: Retrieving a non-existent version for an existing cookbook should fail
Given a 'registration' named 'bobo' exists
Given I am an administrator
Then I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
When I download the cookbook manifest for 'testcookbook_valid' version '9.9.9'
Then I should get a '404 "Not Found"' exception
......
......@@ -6,7 +6,7 @@ Feature: Show a cookbook via the REST API
@show_cookbook
Scenario: Show a cookbook
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
Then I 'GET' the path '/cookbooks/testcookbook_valid/0.1.0'
Then I call to_hash on the inflated response
......@@ -21,19 +21,19 @@ Feature: Show a cookbook via the REST API
@show_cookbook_negative
Scenario: Show a cookbook with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I 'GET' the path '/cookbooks/show_cookbook' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
@list_cookbooks
Scenario: List cookbooks with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I 'GET' the path '/cookbooks' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
@show_cookbook_negative
Scenario: Listing versions for a non-existent cookbook should fail
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I 'GET' the path '/cookbooks/non_existent'
Then I should get a '404 "Not Found"' exception
......@@ -9,38 +9,38 @@ Feature: CRUD cookbooks
@create_cookbook_negative
Scenario: Should not be able to create a cookbook with the wrong name
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a versioned cookbook named 'foo' versioned '1.0.0' with 'testcookbook_valid'
Then I should get a '400 "Bad Request"' exception
Scenario: Should not be able to create a cookbook with the wrong version
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a versioned cookbook named 'testcookbook_valid' versioned '9.9.9' with 'testcookbook_valid'
Then I should get a '400 "Bad Request"' exception
Scenario: Should not be able to create a cookbook with missing name
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a versioned cookbook named '' versioned '9.9.9' with 'testcookbook_valid'
Then I should get a '404 "Not Found"' exception
Scenario: Should not be able to create a cookbook with missing name and version
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a versioned cookbook named '' versioned '' with 'testcookbook_valid'
Then I should get a '404 "Not Found"' exception
Scenario: Should not be able to create a cookbook with non-X.Y.Z version
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a versioned cookbook named 'testcookbook_valid' versioned '1.0' with 'testcookbook_valid'
Then I should get a '404 "Not Found"' exception
Scenario: Should not be able to create a cookbook if none of its contained files have been uploaded
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a versioned cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
Then I should get a '400 "Bad Request"' exception
@create_cookbook_positive
Scenario: Should be able to create a cookbook if its files have been uploaded
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a sandbox named 'sandbox1' for cookbook 'testcookbook_valid'
Then the inflated responses key 'uri' should match '^http://.+/sandboxes/[^\/]+$'
Then I upload a file named 'metadata.json' from cookbook 'testcookbook_valid' to the sandbox
......@@ -58,7 +58,7 @@ Feature: CRUD cookbooks
@create_cookbook_positive
Scenario: Cookbook successfully uploaded via sandbox should later be visible via /cookbooks, including its versions and metadata
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I fully upload a sandboxed cookbook named 'testcookbook_valid' versioned '0.1.0' with 'testcookbook_valid'
When I 'GET' the path '/cookbooks'
Then the inflated responses key 'testcookbook_valid' should exist
......@@ -75,7 +75,7 @@ Feature: CRUD cookbooks
# file.
@create_cookbook_negative
Scenario: Should not be able to create a cookbook if it is missing one file
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a sandbox named 'sandbox1' for cookbook 'testcookbook_valid' minus files 'metadata.rb'
Then the inflated responses key 'uri' should match '^http://.+/sandboxes/[^\/]+$'
Then I upload a file named 'metadata.json' from cookbook 'testcookbook_valid' to the sandbox
......@@ -91,7 +91,7 @@ Feature: CRUD cookbooks
@create_cookbook_negative
Scenario: Should not be able to create a cookbook if it has no metadata file
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a sandbox named 'sandbox1' for cookbook 'testcookbook_invalid_nometadata'
Then the inflated responses key 'uri' should match '^http://.+/sandboxes/[^\/]+$'
Then I upload a file named 'attributes/attributes.rb' from cookbook 'testcookbook_invalid_nometadata' to the sandbox
......@@ -106,7 +106,7 @@ Feature: CRUD cookbooks
# update a cookbook with no files should fail
@create_cookbook_negative
Scenario: Should not be able to create a cookbook if it has no files and just metadata
Given a 'registration' named 'bobo' exists
Given I am an administrator
When I create a sandbox named 'sandbox1' for cookbook 'testcookbook_invalid_empty_except_metadata'
Then the inflated responses key 'uri' should match '^http://.+/sandboxes/[^\/]+$'
Then I upload a file named 'metadata.json' from cookbook 'testcookbook_invalid_empty_except_metadata' to the sandbox
......
......@@ -5,14 +5,14 @@ Feature: Create a data bag via the REST API
I want to create data bags via the REST API
Scenario: Create a new data bag
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users'
When I authenticate as 'bobo'
And I 'POST' the 'data_bag' to the path '/data'
And the inflated responses key 'uri' should match '^http://.+/data/users$'
Scenario: Create a data bag that already exists
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users'
When I authenticate as 'bobo'
And I 'POST' the 'data_bag' to the path '/data'
......@@ -25,8 +25,8 @@ Feature: Create a data bag via the REST API
Then I should get a '401 "Unauthorized"' exception
Scenario: Create a new data bag as a non-admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'data_bag' named 'users'
When I 'POST' the 'data_bag' to the path '/data'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,7 +5,7 @@ Feature: Create a data bag item via the REST API
I want to store data bag items via the REST API
Scenario: Create a new data bag item
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis'
When I authenticate as 'bobo'
......@@ -13,7 +13,7 @@ Feature: Create a data bag item via the REST API
Then the inflated responses key 'id' should match '^francis$'
Scenario: Update a data bag item that already exists
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
And a 'data_bag_item' named 'francis_extra'
......@@ -29,9 +29,9 @@ Feature: Create a data bag item via the REST API
Then I should get a '401 "Unauthorized"' exception
Scenario: Create a new data bag item as a non-admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis'
When I 'PUT' the 'data_bag_item' to the path '/data/users/francis'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,21 +5,21 @@ Feature: Delete a Data Bag via the REST API
I want to delete a Data Bag via the REST API
Scenario: Delete a Data Bag
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
When I authenticate as 'bobo'
And I 'DELETE' the path '/data/users'
Then the inflated response should respond to 'name' with 'users'
Scenario: Delete a Data Bag that does not exist
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no Data Bags
When I authenticate as 'bobo'
When I 'DELETE' the path '/data/users'
Then I should get a '404 "Not Found"' exception
Scenario: Delete a Data Bag that has items in it
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
When I authenticate as 'bobo'
......@@ -33,8 +33,8 @@ Feature: Delete a Data Bag via the REST API
Then I should get a '401 "Unauthorized"' exception
Scenario: Delete a Data Bag as a non-admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'data_bag' named 'users' exists
When I 'DELETE' the path '/data/users'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,7 +5,7 @@ Feature: Delete a Data Bag Item via the REST API
I want to delete a Data Bag Item via the REST API
Scenario: Delete a Data Bag Item
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
When I authenticate as 'bobo'
......@@ -13,7 +13,7 @@ Feature: Delete a Data Bag Item via the REST API
Then the inflated responses key 'id' should match '^francis$'
Scenario: Delete a Data Bag Item that does not exist
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
When I authenticate as 'bobo'
When I 'DELETE' the path '/data/users/francis'
......@@ -26,9 +26,9 @@ Feature: Delete a Data Bag Item via the REST API
Then I should get a '401 "Unauthorized"' exception
Scenario: Delete a Data Bag Item as a non-admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
When I 'DELETE' the path '/data/users/francis'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,21 +5,21 @@ Feature: List data bags via the REST API
I want to list all the data bags
Scenario: List data bags when none have been created
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no data bags
When I authenticate as 'bobo'
And I 'GET' the path '/data'
Then the inflated response should be an empty hash
Scenario: List data bags when one has been created
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
When I authenticate as 'bobo'
And I 'GET' the path '/data'
Then the inflated responses key 'users' should match '^http://.+/data/users$'
Scenario: List data bags when two have been created
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag' named 'rubies' exists
When I authenticate as 'bobo'
......
......@@ -5,14 +5,14 @@ Feature: Show a data_bag via the REST API
I want to show the details for a specific data_bag
Scenario: Show a data_bag with no entries in it
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
When I authenticate as 'bobo'
And I 'GET' the path '/data/users'
Then the inflated response should be an empty hash
Scenario: Show a data_bag with one entry in it
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
When I authenticate as 'bobo'
......@@ -20,7 +20,7 @@ Feature: Show a data_bag via the REST API
Then the inflated responses key 'francis' should match '/data/users/francis'
Scenario: Show a data_bag with two entries in it
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
And a 'data_bag_item' named 'axl_rose' exists
......@@ -30,7 +30,7 @@ Feature: Show a data_bag via the REST API
And the inflated responses key 'axl_rose' should match '/data/users/axl_rose'
Scenario: Show a missing data_bag
Given a 'registration' named 'bobo' exists
Given I am an administrator
And there are no data_bags
When I authenticate as 'bobo'
And I 'GET' the path '/data/users'
......
......@@ -5,7 +5,7 @@ Feature: Show a data_bag item via the REST API
I want to retrieve an item from a data_bag
Scenario: Show a data_bag item
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
And a 'data_bag_item' named 'francis' exists
When I authenticate as 'bobo'
......@@ -13,7 +13,7 @@ Feature: Show a data_bag item via the REST API
Then the inflated responses key 'id' should match '^francis$'
Scenario: Show a missing data_bag item
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'data_bag' named 'users' exists
When I authenticate as 'bobo'
And I 'GET' the path '/data/users/francis'
......
......@@ -5,7 +5,7 @@ Feature: Synchronize cookbooks to the edge
I want to synchronize the cookbooks from the server to the edge nodes
Scenario: Retrieve the list of cookbook files to synchronize
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'node' named 'sync' exists
When I 'GET' the path '/nodes/sync/cookbooks'
And the inflated responses key 'node_cookbook_sync' should exist
......@@ -19,14 +19,14 @@ Feature: Synchronize cookbooks to the edge
And the inflated responses key 'node_cookbook_sync' should match 'attr_file.rb' as json
Scenario: Retrieve the list of cookbook files to synchronize with a wrong private key
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'node' named 'sync' exists
When I 'GET' the path '/nodes/sync/cookbooks' using a wrong private key
Then I should get a '401 "Unauthorized"' exception
Scenario: Retrieve the list of cookbook files to synchronize as a non-admin
Given a 'registration' named 'not_admin' exists
Given I am a non-admin
And a 'node' named 'sync' exists
When I 'GET' the path '/nodes/sync/cookbooks'
Then I should get a '401 "Unauthorized"' exception
Then I should get a '403 "Forbidden"' exception
......@@ -5,26 +5,26 @@ Feature: Create a node via the REST API
I want to create nodes via the REST API
Scenario: Create a new node
Given a 'registration' named 'bobo' exists
Given I am an administrator
And a 'node' named 'webserver'
When I 'POST' the 'node' to the path '/nodes'
And the inflated responses key 'uri' should match '^http://.+/nodes/webserver$'
Scenario: Create a node that already exists
Given a 'registration' named 'bobo' exists
Given I am an administrator
And an 'node' named 'webserver'
When I 'POST' the 'node' to the path '/nodes'
And I 'POST' the 'node' to the path '/nodes'
Then I should get a '409 "Conflict"' exception