[
https://issues.apache.org/jira/browse/USERGRID-1119?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15013637#comment-15013637
]
David Johnson commented on USERGRID-1119:
-----------------------------------------
This test was broken because it made some incorrect assumptions about how
groups & activities should work. The test creates a group with a couple of
members, then posts some activities to the group's feed
(/groups/mygroup/activities). Then the test expected that a non-group member
would not see those activities if they did a GET on the groups feed.
The docs say this:
"Use the POST method to post an activity to a specific group. In this case the
activity is created in the activities collection and is accessible at the
/activities endpoint to users who have the permission to read that endpoint. In
addition, a relationship is established between the activity and the group, and
because of that, the activity will appear in the group’s feed. The group "owns"
the activity. Also, the activity will be published in the feed of all users
that are members of the group."
That means that any body who has permission to GET
/groups/<group-name>/activities will be able to get all activities in that feed.
Users who are members of a group will also see the group's activities in their
personal feed at (i.e. when the do a GET on /activities).
> Fix GroupResourceIT.postGroupActivity() test
> --------------------------------------------
>
> Key: USERGRID-1119
> URL: https://issues.apache.org/jira/browse/USERGRID-1119
> Project: Usergrid
> Issue Type: Story
> Components: Stack
> Reporter: David Johnson
> Assignee: David Johnson
>
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
