Test Result : Scenario: Bug when user can retrieve user in another account if it has other account's user id

2 failures , 12 skipped
33 tests
Took 3 ms.

All Tests

Test nameDurationStatus
And Account0 msPassed
And Add permissions to the last created user0 msPassed
And Add permissions to the last created user0 msPassed
And Clear step data with key "tokenId"0 msSkipped
And I add credentials0 msPassed
And I add credentials0 msPassed
And I configure account service0 msPassed
And I configure account service0 msPassed
And I configure user service0 msPassed
And I configure user service0 msPassed
And I configure user service0 msPassed
And I logout0 msPassed
And Move Account compact id from step data "AccountA" to "accountACompactId"0 msSkipped
And Move Account compact id from step data "AccountB" to "accountBCompactId"0 msSkipped
And Move User compact id from step data "UserA" to "userACompactId"0 msSkipped
And Move step data "LastAccount" to "AccountA"0 msPassed
And Move step data "LastAccount" to "AccountB"0 msPassed
And Move step data "LastUser" to "UserA"0 msPassed
And REST GET call at "/v1/$accountACompactId$/users/$userACompactId$"0 msSkipped
And REST GET call at "/v1/$accountBCompactId$/users/$lastUserCompactId$"0 msSkipped
And REST POST call at "/v1/authentication/user" with JSON "{"password": "ToManySecrets123#", "username": "kapua-b"}"0 msSkipped
And REST response containing AccessToken0 msSkipped
And REST response containing AccessToken0 msSkipped
And User A0 msPassed
And User B0 msPassed
Given Account0 msPassed
Given Server with host "127.0.0.1" on port "8081"0 msPassed
Scenario: Bug when user can retrieve user in another account if it has other account's user id2 msFailed
Then REST POST call at "/v1/authentication/logout" with JSON ""0 msSkipped
Then REST POST call at "/v1/authentication/user" with JSON "{"password": "ToManySecrets123#", "username": "kapua-a"}"1 msFailed
Then REST response code is 4040 msSkipped
Then REST response containing User0 msSkipped
When I login as user with name "kapua-sys" and password "kapua-password"0 msPassed