@run

Feature: CRM Role-Based Login Authentication

Description: As a CRM user
I want to login based on my assigned role
So that I can access only the authorized features in the CRM system

File name: login.feature

Relative path: feature/login.feature

Scenarios

Chart

Status Progress

Passed	100.00 %
Failed	0.00 %

Total duration:

00:00:53.595

Metadata

Device 9c33edbeec36
OS 6.11.0-1018-azure
Browser unknown

@run

Scenario Outline: Login fails with empty value in email field "Super Admin"

Given the CRM login page is displayed 00:00:05.648

When the user enters an "" value in email field for role "Super Admin" 00:00:02.248

And clicks on next 00:00:00.047

Then an error message "Please enter a valid email address." should be displayed 00:00:00.013

@run

Scenario Outline: Login fails when Password field is empty for "Super Admin"

Given the CRM login page is displayed 00:00:05.162

Given the user is on the login page with email pre-filled for role "Super Admin" 00:00:02.338

When the user leaves the password field empty "" 00:00:00.760

And clicks on the login button 00:00:00.043

Then an form validation message "Please fill out this field." should be displayed 00:00:00.045

@run

Scenario: Super Admin login fails securely with SQL injection in email

Given the CRM login page is displayed 00:00:05.444

When the user enters a SQL injection payload in the email field 00:00:02.094

And clicks on next 00:00:00.041

And an error message "Please enter a valid email address." should be displayed 00:00:00.013

@run

Scenario Outline: Login fails with incorrect password for "Super Admin"

Given the CRM login page is displayed 00:00:05.623

Given the user is on the login page with email pre-filled for role "Super Admin" 00:00:02.347

When the user enters an incorrect password as "abcd1234" for role "Super Admin" 00:00:00.431

And clicks on the login button 00:00:00.083

And an error message "Invalid username or password" should be displayed 00:00:00.879

@run

Scenario: Super Admin login fails securely with SQL injection in password

Given the CRM login page is displayed 00:00:04.951

Given the user is on the login page with email pre-filled for role "Super Admin" 00:00:02.464

And enters a SQL injection payload in the password field 00:00:00.441

And clicks on the login button 00:00:00.093

And an error message "Invalid username or password" should be displayed 00:00:00.876

@run

Scenario: Inactive account login fails for CRM user

Given the CRM login page is displayed 00:00:05.329

When the user logs in as a "Deactivated User" with valid credentials 00:00:02.766

Then an error message "User is deactivated." should be displayed 00:00:01.867