Extend validation of an organisation id on all org admin endpoints
Closed this issue · 0 comments
Depends on issue #9
Success flows
Given an organisation with identifier X
When an authenticated administrator from that organisation creates an animal
Then the animal gets created linked to that organisation
And the administrator gets a 201 Created Response back
Given an animal from organisation X
When an authenticated administrator from that organisation attempts to create characteristics for animal
Then the characteristics get created
And the administrator gets a 201 Created Response back
Given an animal from organisation X
When an authenticated administrator from that organisation attempts to create a primary picture for animal
Then the primary picture gets created
And the administrator gets a 201 Created Response back
Given an animal from organisation X
When an authenticated administrator from that organisation attempts to create a story for animal
Then the story gets created
And the administrator gets a 201 Created Response back
Error flows
Given an animal from organisation X
When an authenticated administrator from organisation Y attempts to create characteristics for animal
Then the administrator gets a 403 Forbidden Response back
Given an animal from organisation X
When an authenticated administrator from organisation Y attempts to create a primary picture for animal
Then the administrator gets a 403 Forbidden Response back
Given an animal from organisation X
When an authenticated administrator from organisation Y attempts to create a story for animal
Then the administrator gets a 403 Forbidden Response back