Functional Test Tree for Thalia's HTTP-level (aka REST) API
Overview
What is this?
It's a followon to the Functional Test Plan for the Thalia API provided by Questcon. In essence, it's a rundown of the calls described by the Thalia API document along with a listing of possible success and failure states.
What is this for?
Our next step is to develop automated testing, first of the success states, then the failure states, described herein.
How is it laid out?
Division is by applicable resource(s) and matches the function's URL: library/libraries, authorization(s), category/categories (tagging), item(s), map(s), and user(s). Each URL can use one or more of the GET, POST, PUT, and DELETE methods.
Functions on a library:
GET <baseurl>/library/<library id>, <baseurl>/library/<library id>/items, <baseurl>/library
Success states: library information, library item information, or default library information returned
Failure states: library doesn't exist, node id not library, access denied
DELETE <baseurl>/library/<library id>
Success state: library deleted
Failure states: no library provided, guest not allowed to delete, library does not exist, node id not library, can not delete personal library, can not delete public library, permission denied
POST <baseurl>/library
Success state: library or libraries created
Failure states: missing or malformatted input xml, missing library title, guest not allowed to create
PUT base/uri/library/<library id>
Success state: library modified
Failure states: no library ID provided, missing or malformatted input xml, missing library title, guest not allowed to modify, library ID does not exist, library ID not a library, library ID is the Public library, permission denied
Functions on libraries:
GET <baseurl>/libraries, <baseurl>/libraries/all
Success states: information on all visible libraries (optionall including items within) is returned
Failure states: not specified (impossible?)
Authorization functions:
Functions on an authz (authorization):
GET <baseurl>/authz/role/<role name>/qualifier/<qualifier id>
Success state: true/false permission check returned
Failure states: missing qualifier or role, incorrect role
DELETE <baseurl>/authz
Success state: authorization(s) deleted
Failure states: empty/malformatted xml, guest not allowed, information missing from authz triplet, invalid role
POST <baseurl>/authz
Success state: authorization created
Failure states: empty/malformatted xml, guest not allowed, information missing from authz triplet, invalid role, invalid qualifier, qualifier not library/collection/slideshow
Functions on authzs (authorizations):
GET <baseurl>/authzs/functions, <baseurl>/authzs/qualifier/<qualifier id>, <baseurl>/authzs/qualifier/<qualifier id>/user/<username>
Success states: return all available functions, all authorizations on a specific library/collection/slideshow, or all authorizations on a specific library/collection/slideshow filtered by username
Failure states: none specified
Functions on a category or categories (tagging):
GET <baseurl>/categories, <baseurl>/categories/category/<category id>, <baseurl>/categories/item/<item id>
Success states: retreive all categories, all subcategories within a category, or all categories applied to the specified item
Failure states: missing item ID, item ID does not exist, item id not an item
POST <baseurl>/category
Success state: creates an arbitrary combination of categories and subcategories
Failure states: xml empty/malformatted, user not authorized, category name missing, parent category does not exist, parent category wrong type
PUT <baseurl>/category/<category id>/item/<itemid>
Success state: item tagged with new category
Failure states: missing category ID, invalid syntax, guest not allowed, node does not exist, item id not an item, category id not a category, permission denied, category already applied
DELETE <baseurl>/category/<category id>
Success state: delete a category
Failure states: permission failure, category ID does not exist, parent ID not a category
DELETE <baseurl>/category/<category id>/item/<item id>
Success state: delete a category tag
Failure states: guest not allowed, item ID does not exist, item ID not an item, permission denied, tag not on item
Functions on an item:
GET <baseurl>/item/<item id>, <baseurl>/item/<item id>/download
Success states: information about item or item itself retreived
Failure states: no item provided, item does not exist, item ID not an item, permission denied
PUT <baseurl>/item/<item id>
Success state: item modified
Failure states: no item ID, empty/malformatted XML, guest not allowed, item ID does not exist, item ID not an item, permission denied
POST <baseurl>/item
Success state: item uploaded
Failure states: not a multipart request (????), file not uploaded as a master, metadata malformatted or absent, guest not allowed, library ID not specified, library ID does not exist, library ID not a library
POST <baseurl>/item/import
Success state: item(s) imported
Failure states: metadata malformatted or absent, bad/missing filename, guest not allowed, missing library ID, library ID does not exist, library ID not a library
POST <baseurl>/item/move
Success state: item(s) moved between libraries
Failure states: malformatted/absent metadata, item ID does not exist, item ID not an item, library does not exist, library ID not a library, permission denied
DELETE <baseurl>/item/<item id>, <baseurl>/item
Success state: item or items deleted
Failure states: no item ID in URL or xml, guest not allowed, item ID does not exist, item ID not an item, permission denied
Functions on items:
GET <baseurl>/items/library/<library id>
Success state: all items in library retreived
Failure states: invalid URL syntax, library ID missing, library ID does not exist, library ID not a library
GET <baseurl>/items/category/<categoryid>
Success state: all items tagged with a category retreived
Failure states: invalid URL syntax, category ID not specified, category does not exist, category ID not a category
Functions on a map:
GET <baseurl>/map/<map id>
Success state: gets information about the specified map
Failure states: map not specified, map ID does not exist, map ID not a map, access denied
POST <baseurl>/map
Success state: map and admin rights to map created
Failure states: guest not allowed, unparsable xml, title or type not specified
DELETE <baseurl>/map/<map id>
Success state: map deleted
Failure states: guest not allowed, no map ID, map ID does not exist, map ID not a map, permission denied
PUT <baseurl>/map/<map id>
Success state: map modified
Failure states: guest not allowed, no map ID provided, bad xml, title/type missing, map ID does not exist, map ID not a map, access denied
Functions on maps:
GET <baseurl>/maps/collection, <baseurl>/maps/slideshow, <baseurl>/maps/savedsearch
Success state: maps of the corresponding type are returned
Failure state: unknown map type
GET <baseurl>/maps/item/<item id>
Success state: fetch all maps that reference an item
Failure state: not specified (presumably usual item info fetch errors apply)
Functions on a user:
GET <baseurl>/user/<username>
Success state: user information retreived
Failure states: no username, guest not allowed, user does not exist
POST <baseurl>/user
Success state: new user(s) registered
Failure states: bad xml, username not provided, permission denied, username already exists,
PUT <baseurl>/user/<username>
Success state: user modified
Failure states: username missing, bad xml, URL vs. xml mismatch, permission denied
DELETE <baseurl>/user/<username>
Success state: user deleted
Failure states: missing username, permission denied, user does not exist
Functions on users:
GET <baseurl>/users
Success state: all users in domain retreived
Failure state: guest not allowed