ЕСОЗ - публічна документація

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

n/nDescriptionInputsExpected ResultStep by Step ScriptActual Result
WS: BlockUser, UnblockUser


2FA_user_BU1Block user (happy pass)
  • WS = BlockUser()
  • Authorization - Mithril Admin

Response 200

Update user in DB (is_blocked, block_reason).

  • Login as Mithril Admin
  • Call BlockUser()
OK
2FA_user_BU2Block user (bad user_id)
  • WS = BlockUser()
  • Authorization - Mithril Admin
  • Corrupted user_id

Response 404


  • Login as Mithril Admin
  • Call BlockUser()

OK

2FA_user_BU3Block user (without scope )
  • WS = BlockUser()
  • Authorization - NHS Admin

Response 403


  • Login as NHS Admin
  • Call BlockUser()
OK
2FA_user_BU4UnBlock user (happy pass)
  • WS = UnBlockUser()
  • Authorization - Mithril Admin

Response 200

Update user in DB (is_blocked).

  • Login as Mithril Admin
  • Call UnBlockUser()
OK
2FA_user_BU5UnBlock user (bad user_id)
  • WS = UnBlockUser()
  • Authorization - Mithril Admin
  • Corrupted user_id

Response 404


  • Login as Mithril Admin
  • Call UnBlockUser()

OK

2FA_user_BU6UnBlock user (without scope )
  • WS = UnBlockUser()
  • Authorization - NHS Admin

Response 403


  • Login as NHS Admin
  • Call UnBlockUser()
OK
WS: Create2FA


2FA_create_FA1Create FA item (happy pass)
  • WS = Create2FA()
  • DELETE 2FA item with type `SMS`
  • Authorization - Mithril Admin

Response 201

Create 2FA item in DB

  • Login as Mithril Admin
  • Check not-exist 2FA item for user
  • Call Create2FA()
OK
2FA_create_FA2Create FA item (try create duplicate with type)
  • WS = BlockUser()
  • DELETE 2FA item with type `SMS`
  • Authorization - Mithril Admin
Response 422
  • Login as Mithril Admin
  • Check exist 2FA item for user with type SMS
  • Call Create2FA()
OK
2FA_create_FA3Create FA item (with bad type
  • WS = BlockUser()
  • Use Corrupted type `ID_ID`
  • Authorization - Mithril Admin
Response 422
  • Login as Mithril Admin
  • Call Create2FA()
Bug
2FA_create_FA4Create FA item (with factor value)
  • WS = BlockUser()
  • Use factor in payload
  • DELETE 2FA item with type `SMS`
  • Authorization - Mithril Admin
Response 422
  • Login as Mithril Admin
  • Check not-exist 2FA item for user with type SMS
  • Call Create2FA()
Bug
2FA_create_FA5Create FA item (without scope)
  • WS = BlockUser()
  • Use factor in payload
  • DELETE 2FA item with type `SMS`
  • Authorization - NHS Admin
Response 403
  • Login as NHS Admin
  • Call Create2FA()
OK
WS: Get2FAList, Get2FAbyID


2FA_get_FA1Get 2FA list (happy pass)
  • WS = Get2FAList()
  • Authorization - Mithril Admin
Response 200
  • Login as Mithril Admin
  • Call Get2FAList()
OK
2FA_get_FA2Get 2FA list (with type filter)
  • WS = Get2FAList() with type `EMAIL`
  • Authorization - Mithril Admin
Response 200, rows=0
  • Login as Mithril Admin
  • Call Get2FAList() with type `EMAIL`
OK
2FA_get_FA3Get 2FA by ID (happy pass)
  • WS = Get2FAbyID() 
  • Authorization - Mithril Admin
Response 200, rows=1
  • Login as Mithril Admin
  • Call Get2FAbyID()
OK
2FA_get_FA4Get 2FA list (without scope)
  • WS = Get2FAList()
  • Authorization - authentication_factor:read
Response 403
  • Login as NHS Admin
  • Call Get2FAList()
Bug
WS: DisableUser2FA, EnableUser2FA, ResetUser2FA


2FA_DER_FA1DisableUser2FA (happy pass)
  • WS = DisableUser2FA()
  • Authorization - Mithril Admin

Response 200

Update 2FA item in DB

  • Login as Mithril Admin
  • Call DisableUser2FA()
OK
2FA_DER_FA2EnableUser2FA (happy pass)
  • WS = EnableUser2FA()
  • Authorization - Mithril Admin

Response 200

Update 2FA item in DB

  • Login as Mithril Admin
  • Call EnableUser2FA()
OK
2FA_DER_FA3DisableUser2FA (bad ID)
  • WS = DisableUser2FA()
  • Authorization - Mithril Admin
  • Corrupted 2fa_id
Response 404
  • Login as Mithril Admin
  • Call DisableUser2FA()
OK
2FA_DER_FA4EnableUser2FA (bad ID)
  • WS = EnableUser2FA()
  • Authorization - Mithril Admin
  • Corrupted 2fa_id
Response 404
  • Login as Mithril Admin
  • Call EnableUser2FA()
OK
2FA_DER_FA5ResetUser2FA (happy pass)
  • WS = ResetUser2FA()
  • Authorization - Mithril Admin
  • Corrupted 2fa_id

Response 200

Update 2FA item in DB

  • Login as Mithril Admin
  • Call ResetUser2FA()
Bug
WS: CreateUser


2FA_create_U1Create user (2FA deafult)
  • WS = CreateUser()
  • DELETE user with test email 
  • Authorization - Mithril Admin

Response 201

Create User  in DB

Create 2FA item in DB 

  • Login as Mithril Admin
  • Check not-exist user
  • Call CreateUser() without "2fa_enable" attribute
Bug
2FA_create_U2Create user (2FA enable)
  • WS = CreateUser()
  • DELETE user with test email 
  • Authorization - Mithril Admin

Response 201

Create User  in DB

Create 2FA item in DB 

  • Login as Mithril Admin
  • Check not-exist user
  • Call CreateUser() with "2fa_enable" = true 
OK
2FA_create_U3Create user (2FA disable)
  • WS = CreateUser()
  • DELETE user with test email 
  • Authorization - Mithril Admin

Response 201

Create User  in DB

Create 2FA item in DB 

  • Login as Mithril Admin
  • Check not-exist user
  • Call CreateUser() with "2fa_enable" = false
OK
WS: CreateToken


2FA_create_T0Create Token (2FA Disable, happy pass )
  • WS = CreateToken()
  • Check 2FA disable(not exist)
  • Authorization - test user of MSP
  • Response 201
  • Return access_token
  • Response.urgent.next_step = REQUEST_APPS


  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
Ok






2FA_create_T1Create Token (2FA Reset, happy pass )
  • WS = CreateToken()
  • Check 2FA exist, enable, factor = null 
  • Authorization - test user of MSP

Response 201

Response.urgent.next_step = REQUEST_FACTOR

 

  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
Ok
2FA_create_T2Create Token (2FA Active, happy pass )
  • WS = CreateToken()
  • Check 2FA exist, enable, factor exist 
  • Authorization - test user of MSP
  • Response 201
  • Response.urgent.next_step = REQUEST_OTP
  • Create OTP item 
  • Return 2_fa_access_token
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
Ok
2FA_create_T3Authorize OTP (2FA Active, happy pass )
  • WS = CreateToken()
  • Check 2FA exist
  • Correct OTP
  • Authorization - test user of MSP
  • Response 201
  • Update OTP item (VERIFIED)
  • Return access_token
  • Response.urgent.next_step = REQUEST_APPS
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call CreateToken() with grant_type=authorize_2fa_access_token & otp value
Ok
2FA_create_T3.1Authorize OTP (2FA Active, Repeated call )
  • WS = CreateToken()
  • Check 2FA exist
  • Correct OTP
  • Authorization - test user of MSP
  • Response 401
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call CreateToken() with grant_type=authorize_2fa_access_token & otp value
  • Repeat previous step (Call CreateToken() )
Ok
2FA_create_T3.2Authorize OTP (2FA Active, call after expired OTP )
  • WS = CreateToken()
  • Check 2FA exist
  • Correct OTP
  • Authorization - test user of MSP
  • Response 401
  • Update OTP item (EXPIRED)
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Wait for OTP expiring
  • Call CreateToken() with grant_type=authorize_2fa_access_token & otp value
Ok






2FA_create_T4Authorize OTP (2FA Active, bad OTP )
  • WS = CreateToken()
  • Check 2FA exist
  • Corrupted  OTP
  • Authorization - test user of MSP
  • Response 401
  • Increment OTP_counter in user 
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call CreateToken() with grant_type=authorize_2fa_access_token & corrupted otp value
test...
2FA_create_T5Create Token (2FA Active, bad password )
  • WS = CreateToken()
  • login correct, password incorrect
  • Authorization - test user of MSP
  • Response 401
  • Increment Login_err_counter in user 
  • After Login_err_counter excesses LIMIT - auto block user
  • Login as test_2fa_user
  • Call CreateToken() with grant_type=password
Ok
2FA_create_T6Authorize OTP (2FA reset )
  • WS = CreateToken()
  • Check 2FA reset
  • Authorization - test user of MSP

Response 401


  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call CreateToken() with grant_type=authorize_2fa_access_token
test...500






WS: InitFactor, ApproveFactor


2FA_Init_factor_1Init Factor (2FA Enable, happy pass)
  • Response 201
  • Terminated old  2fa_access_token
  • Response 2fa_access_token
  • Insert phone & type into token.details 
  • Create & send OTP on new phone
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call CreateToken() with grant_type=authorize_2fa_access_token & otp value
  • Call InitFactor ()
Ok
2FA_Init_factor_2Init Factor (2FA Enable, use 2fa_access_token)
  • Response 401
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call InitFactor ()
Ok






2FA_Init_factor_3Init Factor (2FA Disable)
  • Response 404
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call InitFactor ()
Ok
2FA_Init_factor_4Init Factor (2FA Enable, bad phone in payload)
  • Response 422
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call CreateToken() with grant_type=authorize_2fa_access_token & otp value
  • Call InitFactor ()
Ok
2FA_Init_factor_5Init Factor (2FA Reset, happy pass)
  • Response 201
  • Terminated old  2fa_access_token
  • Response new  2fa_access_token
  • Insert phone & type into token.details 
  • Create & send OTP on new phone
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call InitFactor() 
Bug (not kill old token)

Approve Factor (after 2FA reset, happy pass)
  • 2FA reset
  • InitFactor ()
  • Response 200
  • Terminated old  2fa_access_token
  • Response new  access_token
  • Update 2FA 
  • Update OTP item (VERIFIED)
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call InitFactor() 
  • Call ApproveFactor()
Bug (not kill old token)

Approve Factor (after 2FA reset, Repeated call)
  • 2FA reset
  • InitFactor ()
  • Response 404
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call InitFactor() 
  • Call ApproveFactor()
  • Repeat Call ApproveFactor()
OK

Approve Factor (after 2FA reset, bad OTP)
  • 2FA reset
  • InitFactor ()
  • Corrupted OTP
  • Response 401
  • Terminated old  2fa_access_token
  • Response new  access_token
  • Update 2FA 
  • Update OTP item (VERIFIED)
  • Login as test_2fa_user
  • Check 2FA state
  • Call CreateToken() with grant_type=password
  • Call InitFactor() 
  • Call ApproveFactor() with bad OTP
Ok












  • No labels