Uploaded image for project: 'mod-invoice'
  1. mod-invoice
  2. MODINVOICE-93

Approve invoice permission and require approval to mark as paid

    XMLWordPrintable

    Details

    • Template:
    • Story Points:
      2
    • Development Team:
      Thunderjet

      Description

      Overview

      There's a requirement to protect invoice approve and pay actions with separate assignable folio permissions.

      Approach

      • Define a new permissions invoice.item.approve and invoice.item.pay
      • Add these permissions as "permissionDesired" for the PUT /invoice/invoices/<id> endpoint.
      • In the implementation for that endpoint, validate the permission if the invoice is being approved or paid (via inspecting X-Okapi-Permissions).
      • Return an appropriate error message/code if the required permission is missing.

      See the OKAPI guide for a description of "permissionDesired"

      Acceptance Criteria

      • ModuleDescriptor is updated
      • Implementation is updated
      • Unit tests are updated (Since we're enforcing permissions in this case we can actually test this in unit tests)
      • API tests are updated

        TestRail: Results

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                Unassigned Unassigned
                Reporter:
                dennisbridges Dennis Bridges
                Tester Assignee:
                Dennis Bridges Dennis Bridges
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                  Dates

                  Created:
                  Updated:

                    TestRail: Runs

                      TestRail: Cases