< Return to Summary | File Generated: Wed Feb 28 2024 15:17:57 GMT+0000 (Coordinated Universal Time)

multiple-sellers >> seller-access-restricted-by-auth (OpenBookingApprovalFlow >> ScheduledSession)

Booking Flow: OpenBookingApprovalFlow

Opportunity Type: ScheduledSession

Feature: Core / Multiple Sellers (Implemented)

Test: Credentials for Seller (a) must not provide access to make bookings for Seller (b)

Using primary seller auth, make a call to C1, C2, and P/B for the secondary seller, expecting all calls to fail with InvalidAuthorizationDetailsError

Running only this test

npm start -- --runInBand test/features/core/multiple-sellers/implemented/seller-access-restricted-by-auth-test.js

Is this test failing?

The OpenActive Reference Implementation test result for this test can be used as a reference to help with debugging.


⚠️ 7 passed with 0 failures, 54 warnings and 18 suggestions


✅ Fetch Opportunities

Local Microservice Test Interface for OrderItem 0 Request

POST http://localhost:3000/test-interface/datasets/uat-ci/opportunities

{
  "@type": "ScheduledSession",
  "superEvent": {
    "@type": "SessionSeries",
    "organizer": {
      "@type": "Organization",
      "@id": "https://localhost:5001/api/identifiers/sellers/2"
    }
  },
  "@context": [
    "https://openactive.io/",
    "https://openactive.io/test-interface"
  ],
  "test:testOpportunityCriteria": "https://openactive.io/test-interface#TestOpportunityBookable",
  "test:testOpenBookingFlow": "https://openactive.io/test-interface#OpenBookingApprovalFlow"
}

Response status code: 200 OK. Responded in 16.145634ms.

{
  "@context": "https://openactive.io/",
  "@type": "ScheduledSession",
  "@id": "https://localhost:5001/api/identifiers/scheduled-sessions/1578/events/15773"
}

Opportunity Feed extract for OrderItem 0 Request

GET http://localhost:3000/opportunity/https%3A%2F%2Flocalhost%3A5001%2Fapi%2Fidentifiers%2Fscheduled-sessions%2F1578%2Fevents%2F15773?useCacheIfAvailable=true


Response status code: 200 OK. Responded in 3.621009ms.

{
  "data": {
    "@context": [
      "https://openactive.io/"
    ],
    "@type": "ScheduledSession",
    "@id": "https://localhost:5001/api/identifiers/scheduled-sessions/1578/events/15773",
    "startDate": "2024-03-06T17:24:17+00:00",
    "endDate": "2024-03-06T20:18:17+00:00",
    "superEvent": {
      "@type": "SessionSeries",
      "@id": "https://localhost:5001/api/identifiers/session-series/1578",
      "name": "Wooden Jumping",
      "activity": [
        {
          "@type": "Concept",
          "@id": "https://openactive.io/activity-list#c07d63a0-8eb9-4602-8bcc-23be6deb8f83",
          "inScheme": "https://openactive.io/activity-list",
          "prefLabel": "Jet Skiing"
        }
      ],
      "eventAttendanceMode": "https://schema.org/OfflineEventAttendanceMode",
      "location": {
        "@type": "Place",
        "identifier": 1,
        "name": "Post-ercise Plaza",
        "description": "Sorting Out Your Fitness One Parcel Lift at a Time! Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.",
        "address": {
          "@type": "PostalAddress",
          "addressCountry": "GB",
          "addressLocality": "Oxford",
          "addressRegion": "Oxfordshire",
          "postalCode": "OX1 1AA",
          "streetAddress": "Kings Mead House"
        },
        "amenityFeature": [
          {
            "@type": "ChangingFacilities",
            "name": "Changing Facilities",
            "value": true
          },
          {
            "@type": "Showers",
            "name": "Showers",
            "value": true
          },
          {
            "@type": "Lockers",
            "name": "Lockers",
            "value": true
          },
          {
            "@type": "Towels",
            "name": "Towels",
            "value": false
          },
          {
            "@type": "Creche",
            "name": "Creche",
            "value": false
          },
          {
            "@type": "Parking",
            "name": "Parking",
            "value": false
          }
        ],
        "geo": {
          "@type": "GeoCoordinates",
          "latitude": 51.7502,
          "longitude": -1.2674
        },
        "image": [
          {
            "@type": "ImageObject",
            "url": "https://upload.wikimedia.org/wikipedia/commons/e/e5/Oxford_StAldates_PostOffice.jpg"
          }
        ],
        "telephone": "01865 000001",
        "url": "https://en.wikipedia.org/wiki/Post_Office_Limited"
      },
      "offers": [
        {
          "@type": "Offer",
          "@id": "https://localhost:5001/api/identifiers/session-series/1578#/offers/0",
          "allowCustomerCancellationFullRefund": true,
          "openBookingFlowRequirement": [
            "https://openactive.io/OpenBookingApproval"
          ],
          "price": 16.97,
          "priceCurrency": "GBP",
          "validFromBeforeStartDate": "P11DT22H50M"
        }
      ],
      "organizer": {
        "@type": "Organization",
        "@id": "https://localhost:5001/api/identifiers/sellers/2",
        "name": "Road Runner Bookcamp Ltd",
        "isOpenBookingAllowed": true,
        "taxMode": "https://openactive.io/TaxNet",
        "termsOfService": [
          {
            "@type": "PrivacyPolicy",
            "name": "Privacy Policy",
            "requiresExplicitConsent": false,
            "url": "https://example.com/privacy.html"
          }
        ]
      },
      "url": "https://www.example.com/a-session-age"
    },
    "duration": "PT2H54M",
    "maximumAttendeeCapacity": 2,
    "remainingAttendeeCapacity": 2
  }
}

Specs

✅ Fetch Opportunities >> validation of Opportunity Feed extract for OrderItem 0

Specs

Validations

❔ C1

C1 Request

PUT https://localhost:5001/api/openbooking/order-quote-templates/9d970d6d-c096-4df2-b3a7-1a767eb2da71

{
  "@context": "https://openactive.io/",
  "@type": "OrderQuote",
  "brokerRole": "https://openactive.io/AgentBroker",
  "broker": {
    "@type": "Organization",
    "name": "MyFitnessApp",
    "url": "https://myfitnessapp.example.com",
    "description": "A fitness app for all the community",
    "logo": {
      "@type": "ImageObject",
      "url": "http://data.myfitnessapp.org.uk/images/logo.png"
    },
    "address": {
      "@type": "PostalAddress",
      "streetAddress": "Alan Peacock Way",
      "addressLocality": "Village East",
      "addressRegion": "Middlesbrough",
      "postalCode": "TS4 3AE",
      "addressCountry": "GB"
    }
  },
  "seller": "https://localhost:5001/api/identifiers/sellers/2",
  "orderedItem": [
    {
      "@type": "OrderItem",
      "position": 0,
      "acceptedOffer": "https://localhost:5001/api/identifiers/session-series/1578#/offers/0",
      "orderedItem": "https://localhost:5001/api/identifiers/scheduled-sessions/1578/events/15773"
    }
  ],
  "payment": {
    "@type": "Payment",
    "name": "AcmeBroker Points",
    "accountId": "SN1593",
    "paymentProviderId": "STRIPE"
  }
}

Response status code: 401 Unauthorized. Responded in 16.239996ms.

{
  "@context": "https://openactive.io/",
  "@type": "InvalidAuthorizationDetailsError",
  "name": "The Broker supplied an invalid set of authorization details, either malformed or expired.",
  "statusCode": 401
}

✅ C1 >> validation of C1

Specs

Validations

✅ Assert Opportunity Capacity (after C1)

Specs

✅ Assert Opportunity Capacity (after C1) >> validation of Opportunity Feed extract for OrderItem 0

Specs

Validations

❔ C2

C2 Request

PUT https://localhost:5001/api/openbooking/order-quotes/9d970d6d-c096-4df2-b3a7-1a767eb2da71

{
  "@context": "https://openactive.io/",
  "@type": "OrderQuote",
  "brokerRole": "https://openactive.io/AgentBroker",
  "broker": {
    "@type": "Organization",
    "name": "MyFitnessApp",
    "url": "https://myfitnessapp.example.com",
    "description": "A fitness app for all the community",
    "logo": {
      "@type": "ImageObject",
      "url": "http://data.myfitnessapp.org.uk/images/logo.png"
    },
    "address": {
      "@type": "PostalAddress",
      "streetAddress": "Alan Peacock Way",
      "addressLocality": "Village East",
      "addressRegion": "Middlesbrough",
      "postalCode": "TS4 3AE",
      "addressCountry": "GB"
    }
  },
  "seller": "https://localhost:5001/api/identifiers/sellers/2",
  "customer": {
    "@type": "Person",
    "email": "[email protected]",
    "telephone": "839.755.1586 x079"
  },
  "orderedItem": [
    {
      "@type": "OrderItem",
      "position": 0,
      "acceptedOffer": "https://localhost:5001/api/identifiers/session-series/1578#/offers/0",
      "orderedItem": "https://localhost:5001/api/identifiers/scheduled-sessions/1578/events/15773"
    }
  ],
  "payment": {
    "@type": "Payment",
    "name": "AcmeBroker Points",
    "accountId": "SN1593",
    "paymentProviderId": "STRIPE"
  }
}

Response status code: 401 Unauthorized. Responded in 11.728775ms.

{
  "@context": "https://openactive.io/",
  "@type": "InvalidAuthorizationDetailsError",
  "name": "The Broker supplied an invalid set of authorization details, either malformed or expired.",
  "statusCode": 401
}

✅ C2 >> validation of C2

Specs

Validations

✅ Assert Opportunity Capacity (after C2)

Specs

✅ Assert Opportunity Capacity (after C2) >> validation of Opportunity Feed extract for OrderItem 0

Specs

Validations

✅ P

P Request

PUT https://localhost:5001/api/openbooking/order-proposals/9d970d6d-c096-4df2-b3a7-1a767eb2da71

{
  "@context": "https://openactive.io/",
  "@type": "OrderProposal",
  "brokerRole": "https://openactive.io/AgentBroker",
  "broker": {
    "@type": "Organization",
    "name": "MyFitnessApp",
    "url": "https://myfitnessapp.example.com",
    "description": "A fitness app for all the community",
    "logo": {
      "@type": "ImageObject",
      "url": "http://data.myfitnessapp.org.uk/images/logo.png"
    },
    "address": {
      "@type": "PostalAddress",
      "streetAddress": "Alan Peacock Way",
      "addressLocality": "Village East",
      "addressRegion": "Middlesbrough",
      "postalCode": "TS4 3AE",
      "addressCountry": "GB"
    }
  },
  "seller": "https://localhost:5001/api/identifiers/sellers/2",
  "customer": {
    "@type": "Person",
    "email": "[email protected]",
    "telephone": "839.755.1586 x079"
  },
  "orderedItem": [
    {
      "@type": "OrderItem",
      "position": 0,
      "acceptedOffer": "https://localhost:5001/api/identifiers/session-series/1578#/offers/0",
      "orderedItem": "https://localhost:5001/api/identifiers/scheduled-sessions/1578/events/15773"
    }
  ],
  "totalPaymentDue": {
    "@type": "PriceSpecification",
    "price": 0,
    "priceCurrency": "GBP"
  }
}

Response status code: 401 Unauthorized. Responded in 11.696665ms.

{
  "@context": "https://openactive.io/",
  "@type": "InvalidAuthorizationDetailsError",
  "name": "The Broker supplied an invalid set of authorization details, either malformed or expired.",
  "statusCode": 401
}

Specs

✅ P >> validation of P

Specs

Validations