summaryrefslogtreecommitdiff
path: root/features/unauthenticated.feature
diff options
context:
space:
mode:
authorAzul <azul@leap.se>2014-07-18 12:22:56 +0200
committerAzul <azul@leap.se>2014-07-18 12:22:56 +0200
commit11d1efaef622335fe6d45917ce0b50a02e4a24a1 (patch)
tree650d0dff3c8f4ee77efdd237087df7c10b60cf8c /features/unauthenticated.feature
parentbbd41c9bfd2cb88a88d7436dd58a8b46a5d10cf1 (diff)
Allow fetching configs if anonymous EIP access is allowed
Diffstat (limited to 'features/unauthenticated.feature')
-rw-r--r--features/unauthenticated.feature15
1 files changed, 14 insertions, 1 deletions
diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature
index 120274b..870adb1 100644
--- a/features/unauthenticated.feature
+++ b/features/unauthenticated.feature
@@ -21,9 +21,22 @@ Feature: Unauthenticated API endpoints
{"config": "me"}
"""
- Scenario: Authentication required for all other API endpoints
+ @config
+ Scenario: Fetch configs when anonymous certs are allowed
+ Given "allow_anonymous_certs" is enabled in the config
+ When I send a GET request to "/1/configs.json"
+ Then the response status should be "200"
+
+ Scenario: Authentication required response
When I send a GET request to "/1/configs"
Then the response status should be "401"
And the response should have "error" with "not_authorized_login"
And the response should have "message"
+ Scenario: Authentication required for all other API endpoints (incomplete)
+ Given I am not logged in
+ When I send requests to these endpoints:
+ | GET | /1/configs |
+ | GET | /1/configs/config_id.json |
+ | DELETE | /1/logout |
+ Then they should require authentication