mark
/
migrants-nt-sec
2
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
migrants-nt-sec/PostmanTestAPI.json

600 lines
14 KiB
JSON
Raw Blame History

{
"info": {
"_postman_id": "f87e5a2c-ddf8-4bb3-82e6-e9c5f6bb8de9",
"name": "Person Management API",
"description": "A collection to test the Person API with authentication",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Authentication Tests",
"item": [
{
"name": "Admin Login",
"event": [
{
"listen": "test",
"script": {
"exec": [
"// Parse response",
"var jsonData = pm.response.json();",
"",
"// Test response structure",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"Response has correct structure\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData.data).to.have.property('token');",
" pm.expect(jsonData.data.user).to.have.property('is_admin');",
" pm.expect(jsonData.data.user.is_admin).to.eql(true);",
"});",
"",
"// Save token to environment variable",
"if (jsonData.data && jsonData.data.token) {",
" pm.environment.set(\"admin_token\", jsonData.data.token);",
"}"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"email\": \"admin@example.com\",\n \"password\": \"Admin123!\",\n \"device_name\": \"postman\"\n}"
},
"url": {
"raw": "{{base_url}}/login",
"host": [
"{{base_url}}"
],
"path": [
"login"
]
},
"description": "Login as Admin user and store token in environment variable"
},
"response": []
},
{
"name": "Get Admin Profile",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"User is admin\", function () {",
" pm.expect(jsonData.data.user.is_admin).to.eql(true);",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{admin_token}}"
}
],
"url": {
"raw": "{{base_url}}/user",
"host": [
"{{base_url}}"
],
"path": [
"user"
]
},
"description": "Get authenticated admin user profile"
},
"response": []
},
{
"name": "Register New User (Admin Only)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 201\", function () {",
" pm.response.to.have.status(201);",
"});",
"",
"pm.test(\"User created successfully\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData.message).to.eql(\"User created successfully\");",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{admin_token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"name\": \"New Test User\",\n \"email\": \"newuser@example.com\",\n \"password\": \"Password123!\",\n \"is_admin\": false\n}"
},
"url": {
"raw": "{{base_url}}/register",
"host": [
"{{base_url}}"
],
"path": [
"register"
]
},
"description": "Register a new user (admin only can do this)"
},
"response": []
},
{
"name": "Login as New User",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"// Save token to environment variable",
"if (jsonData.data && jsonData.data.token) {",
" pm.environment.set(\"user_token\", jsonData.data.token);",
"}"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"email\": \"newuser@example.com\",\n \"password\": \"Password123!\",\n \"device_name\": \"postman\"\n}"
},
"url": {
"raw": "{{base_url}}/login",
"host": [
"{{base_url}}"
],
"path": [
"login"
]
},
"description": "Login as the newly created user"
},
"response": []
},
{
"name": "Regular User Cannot Register New Users",
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test(\"Status code is 403 (Forbidden)\", function () {",
" pm.response.to.have.status(403);",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{user_token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"name\": \"Another User\",\n \"email\": \"another@example.com\",\n \"password\": \"Password123!\",\n \"is_admin\": false\n}"
},
"url": {
"raw": "{{base_url}}/register",
"host": [
"{{base_url}}"
],
"path": [
"register"
]
},
"description": "Test that a regular user cannot register new users"
},
"response": []
},
{
"name": "Logout Admin",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"Logged out successfully\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData.message).to.eql(\"Logged out successfully\");",
"});",
"",
"// Clear token from environment",
"pm.environment.unset(\"admin_token\");"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{admin_token}}"
}
],
"url": {
"raw": "{{base_url}}/logout",
"host": [
"{{base_url}}"
],
"path": [
"logout"
]
},
"description": "Logout admin user (revoke token)"
},
"response": []
}
],
"description": "Tests for the authentication system"
},
{
"name": "Protected API Endpoints",
"item": [
{
"name": "Access Without Token (Unauthorized)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test(\"Status code is 401 (Unauthorized)\", function () {",
" pm.response.to.have.status(401);",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
}
],
"url": {
"raw": "{{base_url}}/persons",
"host": [
"{{base_url}}"
],
"path": [
"persons"
]
},
"description": "Try to access a protected endpoint without a token"
},
"response": []
},
{
"name": "List Persons (With Token)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"Response has correct structure\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData).to.have.property('data');",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{user_token}}"
}
],
"url": {
"raw": "{{base_url}}/persons",
"host": [
"{{base_url}}"
],
"path": [
"persons"
]
},
"description": "List all persons (protected endpoint)"
},
"response": []
},
{
"name": "Create Person (With Token)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 201\", function () {",
" pm.response.to.have.status(201);",
"});",
"",
"pm.test(\"Person created successfully\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData.message).to.eql(\"Person created successfully\");",
"});",
"",
"// Save person ID for later tests",
"if (jsonData.data && jsonData.data.person_id) {",
" pm.environment.set(\"person_id\", jsonData.data.person_id);",
"}"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{user_token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"surname\": \"Chen\",\n \"christian_name\": \"Michael\",\n \"full_name\": \"Michael Chen\",\n \"date_of_birth\": \"1965-04-18\",\n \"place_of_birth\": \"Hong Kong\",\n \"occupation\": \"Merchant\",\n \"id_card_no\": \"ID-583921\",\n \n \"migration\": {\n \"date_of_arrival_aus\": \"1982-03-17\",\n \"date_of_arrival_nt\": \"1982-04-01\",\n \"arrival_period\": \"1980-1990\"\n },\n \n \"residence\": {\n \"darwin\": true,\n \"katherine\": false,\n \"tennant_creek\": false,\n \"alice_springs\": false\n }\n}"
},
"url": {
"raw": "{{base_url}}/persons",
"host": [
"{{base_url}}"
],
"path": [
"persons"
]
},
"description": "Create a new person (protected endpoint)"
},
"response": []
},
{
"name": "Get Person by ID (With Token)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"Person retrieved successfully\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData.message).to.eql(\"Person retrieved successfully\");",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{user_token}}"
}
],
"url": {
"raw": "{{base_url}}/persons/{{person_id}}",
"host": [
"{{base_url}}"
],
"path": [
"persons",
"{{person_id}}"
]
},
"description": "Get person by ID (protected endpoint)"
},
"response": []
},
{
"name": "Find Person by ID Card (With Token)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = pm.response.json();",
"",
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});",
"",
"pm.test(\"Person found by ID card\", function () {",
" pm.expect(jsonData.success).to.eql(true);",
" pm.expect(jsonData.message).to.eql(\"Person found by ID card number\");",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [
{
"key": "Accept",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Bearer {{user_token}}"
}
],
"url": {
"raw": "{{base_url}}/persons/id-card/ID-583921",
"host": [
"{{base_url}}"
],
"path": [
"persons",
"id-card",
"ID-583921"
]
},
"description": "Find person by ID card number (protected endpoint)"
},
"response": []
}
],
"description": "Tests for the protected API endpoints requiring authentication token"
}
],
"event": [
{
"listen": "prerequest",
"script": {
"type": "text/javascript",
"exec": [
""
]
}
},
{
"listen": "test",
"script": {
"type": "text/javascript",
"exec": [
""
]
}
}
],
"variable": [
{
"key": "base_url",
"value": "http://localhost:8000/api",
"type": "string"
}
]
}
Reference in New Issue View Git Blame Copy Permalink