jraddaoui · June 6, 2018 16:30
diff --git a/user_management.feature b/user_management.feature
 Feature: User management and permissions
  The CCArchitects DIP access application has four major user types:
    - Administrators: Administrators and Reference Librarians in the user stories.
    - Editors: Belong to the "Edit Collections and Folders" group. Processing Archivist in the user stories.
    - Basic: Researches in the user stories.
    - Unauthenticated: Not mentioned in the user stories.
  This user types have different permission over the application:
  
  Scenario: Unauthenticated
    Given a DIP access application running
    When users without credentials try to access the app
    Then they only can see the FAQ and the login pages
    And all the other pages will redirect them to the login page
  
  Scenario: Administrators
    Given a DIP access aplication running
    And a superuser created in the database with the Django task
    When administrators log in the app with the superuser credentials
    Then they are able to view, create and edit users
    And they can make those users administrators 
    And they can add the users to the "Edit Collections and Folders" group
    And they can deactivate users
    And they have access to all the parts of the application
    
  Scenario: Editors
    Given a DIP access aplication running
    And an user that belongs to the "Edit Collections and Folders" group is created by an administrator
    When an editor enter the application with those user credentials
    Then the editor can't see or manage users
    And the editor can view, create and edit Collections and Folders but not delete them
    And the editor has access to all the other parts of the application
    
  Scenario: Basic
    Given a DIP access aplication running
    And an user that doesn't belongs to the "Edit Collections and Folders" group 
      And is not a superuser has been created by an administrator
    When the basic user access the application with those credentials
    Then the basic user can browse and view Collections
    And can browse and view Folders
    And can browse and view Digital Files
    And can download the Folders ZIP files
    And can not manage users
    And can not create or edit Collections or Folders
	Feature: User management and permissions
	The CCArchitects DIP access application has four major user types:
	- Administrators: Administrators and Reference Librarians in the user stories.
	- Editors: Belong to the "Edit Collections and Folders" group. Processing Archivist in the user stories.
	- Basic: Researches in the user stories.
	- Unauthenticated: Not mentioned in the user stories.
	This user types have different permission over the application:

	Scenario: Unauthenticated
	Given a DIP access application running
	When users without credentials try to access the app
	Then they only can see the FAQ and the login pages
	And all the other pages will redirect them to the login page

	Scenario: Administrators
	Given a DIP access aplication running
	And a superuser created in the database with the Django task
	When administrators log in the app with the superuser credentials
	Then they are able to view, create and edit users
	And they can make those users administrators
	And they can add the users to the "Edit Collections and Folders" group
	And they can deactivate users
	And they have access to all the parts of the application

	Scenario: Editors
	Given a DIP access aplication running
	And an user that belongs to the "Edit Collections and Folders" group is created by an administrator
	When an editor enter the application with those user credentials
	Then the editor can't see or manage users
	And the editor can view, create and edit Collections and Folders but not delete them
	And the editor has access to all the other parts of the application

	Scenario: Basic
	Given a DIP access aplication running
	And an user that doesn't belongs to the "Edit Collections and Folders" group
	And is not a superuser has been created by an administrator
	When the basic user access the application with those credentials
	Then the basic user can browse and view Collections
	And can browse and view Folders
	And can browse and view Digital Files
	And can download the Folders ZIP files
	And can not manage users
	And can not create or edit Collections or Folders