Functional (using Source code) (Java) generated by RoostGPT

Online-Banking-App-Spring-Boot/gherkin_scenarios/gherkin_account.feature

@@ -0,0 +1,98 @@
+Feature: Account creation via AccountController
+
+  Background:
+    Given the API is available
+
+  @smoke
+  Scenario: Successfully create a new Savings account
+    Given I am an authenticated user with user_id 123
+    When I send a POST request to /account/create_account with:
+      | account_name | account_type |
+      | My Savings   | Savings      |
+    Then the response status should be 200
+    And the response should be a JSON array of Account objects
+    And at least one Account in the response should have:
+      | user_id      | account_name | account_type |
+      | 123          | My Savings   | Savings      |
+
+  @regression
+  Scenario: Successfully create a new Checking account with a unique name
+    Given I am an authenticated user with user_id 456
+    When I send a POST request to /account/create_account with:
+      | account_name    | account_type |
+      | Work Checking   | Checking     |
+    Then the response status should be 200
+    And the response should be a JSON array of Account objects
+    And the array should contain at least one Account with:
+      | user_id | account_name   | account_type |
+      | 456     | Work Checking  | Checking     |
+
+  @regression
+  Scenario: Error when account_name is empty
+    Given I am an authenticated user with user_id 789
+    When I send a POST request to /account/create_account with:
+      | account_name | account_type |
+      |              | Savings      |
+    Then the response status should be 400
+    And the response should contain an error message "Account name or type is empty"
+
+  @regression
+  Scenario: Error when account_type is empty
+    Given I am an authenticated user with user_id 321
+    When I send a POST request to /account/create_account with:
+      | account_name   | account_type |
+      | Vacation Fund  |             |
+    Then the response status should be 400
+    And the response should contain an error message "Account name or type is empty"
+
+  @regression
+  Scenario: Error when both account_name and account_type are empty
+    Given I am an authenticated user with user_id 555
+    When I send a POST request to /account/create_account with:
+      | account_name | account_type |
+      |              |             |
+    Then the response status should be 400
+    And the response should contain an error message "Account name or type is empty"
+
+  @regression
+  Scenario: Error when not authenticated
+    Given I am not authenticated
+    When I send a POST request to /account/create_account with:
+      | account_name | account_type |
+      | Primary      | Checking     |
+    Then the response status should be 401
+    And the response should contain an error message "Unauthorized, not logged in"
+
+  @regression
+  Scenario: Create account with edge case account_name (maximum length)
+    Given I am an authenticated user with user_id 888
+    And the maximum allowed account_name length is 50 characters
+    And I have an account_name that is exactly 50 characters long "A234567890123456789012345678901234567890123456789"
+    When I send a POST request to /account/create_account with:
+      | account_name                                       | account_type |
+      | A234567890123456789012345678901234567890123456789   | Savings      |
+    Then the response status should be 200
+    And the array should contain at least one Account with:
+      | user_id | account_name                                 | account_type |
+      | 888     | A234567890123456789012345678901234567890123456789 | Savings      |
+
+  @regression
+  Scenario: Attempt to create account with extremely large account_name (over maximum length)
+    Given I am an authenticated user with user_id 999
+    And the maximum allowed account_name length is 50 characters
+    And I have an account_name that is 60 characters long "A2345678901234567890123456789012345678901234567890123456789"
+    When I send a POST request to /account/create_account with:
+      | account_name                                         | account_type |
+      | A2345678901234567890123456789012345678901234567890123456789 | Checking     |
+    Then the response status should be 400
+    And the response should contain an error message
+
+  @regression
+  Scenario: Attempt to create account with invalid account_type
+    Given I am an authenticated user with user_id 222
+    And "Investment" is not a supported account_type
+    When I send a POST request to /account/create_account with:
+      | account_name | account_type |
+      | Stock Funds  | Investment   |
+    Then the response status should be 400
+    And the response should contain an error message "Account name or type is empty" or "Invalid account type"

Online-Banking-App-Spring-Boot/gherkin_scenarios/gherkin_app.feature

@@ -0,0 +1,154 @@
+Feature: AppController Endpoints API
+
+  Background:
+    Given the API is available
+
+  #
+  # 1. GET /app/dashboard
+  #
+
+  @smoke
+  Scenario: Authenticated user retrieves dashboard with populated accounts
+    Given a user "alice" is authenticated
+    When the user sends a GET request to "/app/dashboard"
+    Then the response status should be 200
+    And the response should include a "userAccounts" array with at least 1 Account item
+    And the response should include a "totalBalance" number greater than 0
+
+  @regression
+  Scenario: Unauthenticated user attempts to access dashboard
+    Given the user is not authenticated
+    When the user sends a GET request to "/app/dashboard"
+    Then the response status should be 401
+    And the response should contain an authentication error message
+
+  @regression
+  Scenario: Authenticated user has no accounts on dashboard
+    Given a user "bob" is authenticated and has no accounts
+    When the user sends a GET request to "/app/dashboard"
+    Then the response status should be 200
+    And the response should include a "userAccounts" array with 0 items
+    And the response should include a "totalBalance" number equal to 0
+
+  @regression
+  Scenario: Authenticated user with a large number of accounts on dashboard
+    Given a user "charlie" is authenticated and has 1000 accounts with random balances
+    When the user sends a GET request to "/app/dashboard"
+    Then the response status should be 200
+    And the response should include a "userAccounts" array with 1000 Account items
+    And the response should include a "totalBalance" number equal to the sum of all account balances
+
+  #
+  # 2. GET /app/payment_history
+  #
+
+  @smoke
+  Scenario: Authenticated user retrieves payment history with records
+    Given a user "alice" is authenticated
+    And the user has at least 2 payment history records
+    When the user sends a GET request to "/app/payment_history"
+    Then the response status should be 200
+    And the response should include a "payment_history" array with 2 or more PaymentHistory items
+
+  @regression
+  Scenario: Unauthenticated user attempts to access payment history
+    Given the user is not authenticated
+    When the user sends a GET request to "/app/payment_history"
+    Then the response status should be 401
+    And the response should contain an authentication error message
+
+  @regression
+  Scenario: Authenticated user with no payment history
+    Given a user "bob" is authenticated and has no payment history
+    When the user sends a GET request to "/app/payment_history"
+    Then the response status should be 200
+    And the response should include a "payment_history" array with 0 items
+
+  @regression
+  Scenario: Authenticated user with a large payment history
+    Given a user "charlie" is authenticated and has 5000 payment history records
+    When the user sends a GET request to "/app/payment_history"
+    Then the response status should be 200
+    And the response should include a "payment_history" array with 5000 PaymentHistory items
+
+  #
+  # 3. GET /app/transaction_history
+  #
+
+  @smoke
+  Scenario: Authenticated user retrieves transaction history with records
+    Given a user "alice" is authenticated
+    And the user has at least 3 transaction history records
+    When the user sends a GET request to "/app/transaction_history"
+    Then the response status should be 200
+    And the response should include a "transaction_history" array with 3 or more TransactionHistory items
+
+  @regression
+  Scenario: Unauthenticated user attempts to access transaction history
+    Given the user is not authenticated
+    When the user sends a GET request to "/app/transaction_history"
+    Then the response status should be 401
+    And the response should contain an authentication error message
+
+  @regression
+  Scenario: Authenticated user with no transaction history
+    Given a user "bob" is authenticated and has no transaction history
+    When the user sends a GET request to "/app/transaction_history"
+    Then the response status should be 200
+    And the response should include a "transaction_history" array with 0 items
+
+  @regression
+  Scenario: Authenticated user with a very large transaction history
+    Given a user "charlie" is authenticated and has 10000 transaction history records
+    When the user sends a GET request to "/app/transaction_history"
+    Then the response status should be 200
+    And the response should include a "transaction_history" array with 10000 TransactionHistory items
+
+  #
+  # 4. POST /app/account_transaction_history
+  #
+
+  @smoke
+  Scenario: Authenticated user retrieves transaction history for a valid account
+    Given a user "alice" is authenticated
+    And "alice" has an account with account_id "ACC123"
+    And the account "ACC123" has 5 transaction records
+    When the user sends a POST request to "/app/account_transaction_history" with account_id "ACC123"
+    Then the response status should be 200
+    And the response should include a "transaction_history" array with 5 TransactionHistory items
+
+  @regression
+  Scenario: Unauthenticated user attempts to retrieve account transaction history
+    When the user sends a POST request to "/app/account_transaction_history" with account_id "ACC123" without authentication
+    Then the response status should be 401
+    And the response should contain an authentication error message
+
+  @regression
+  Scenario: Authenticated user provides missing account_id in request
+    Given a user "alice" is authenticated
+    When the user sends a POST request to "/app/account_transaction_history" without "account_id"
+    Then the response status should be 400
+    And the response should contain a validation error about missing "account_id"
+
+  @regression
+  Scenario: Authenticated user provides an invalid account_id value
+    Given a user "alice" is authenticated
+    When the user sends a POST request to "/app/account_transaction_history" with account_id "INVALID_ACC"
+    Then the response status should be 404
+    And the response should contain an account not found error message
+
+  @regression
+  Scenario: Authenticated user requests transaction history for their valid account, with no transactions
+    Given a user "bob" is authenticated
+    And "bob" has an account with account_id "ACC456" with no transaction history
+    When the user sends a POST request to "/app/account_transaction_history" with account_id "ACC456"
+    Then the response status should be 200
+    And the response should include a "transaction_history" array with 0 items
+
+  @regression
+  Scenario: Authenticated user requests transaction history for their valid account with a very large dataset
+    Given a user "charlie" is authenticated
+    And "charlie" has an account with account_id "ACC789" and 20000 transaction history records
+    When the user sends a POST request to "/app/account_transaction_history" with account_id "ACC789"
+    Then the response status should be 200
+    And the response should include a "transaction_history" array with 20000 TransactionHistory items

Online-Banking-App-Spring-Boot/gherkin_scenarios/gherkin_auth.feature

@@ -0,0 +1,116 @@
+Feature: Authentication Endpoints
+
+  Background:
+    Given the API is available
+
+  ##############################
+  # POST /login
+  ##############################
+
+  @smoke
+  Scenario: User logs in successfully with valid credentials
+    Given a verified user exists with email "john.doe@example.com" and password "Secret123!"
+    When the client sends a POST request to /login with body:
+      | email                | password    |
+      | john.doe@example.com | Secret123!  |
+    Then the response status should be 200
+    And the response body should contain:
+      | message       | access_token              |
+      | Login success | <non-empty access_token>  |
+
+  @regression
+  Scenario: Login attempt with missing email
+    When the client sends a POST request to /login with body:
+      | email | password    |
+      |       | Secret123!  |
+    Then the response status should be 400
+    And the response body should contain "Username or Password Cannot Be Empty."
+
+  @regression
+  Scenario: Login attempt with missing password
+    When the client sends a POST request to /login with body:
+      | email                | password |
+      | john.doe@example.com |         |
+    Then the response status should be 400
+    And the response body should contain "Username or Password Cannot Be Empty."
+
+  @regression
+  Scenario: Login attempt with both email and password missing
+    When the client sends a POST request to /login with body:
+      | email | password |
+      |       |          |
+    Then the response status should be 400
+    And the response body should contain "Username or Password Cannot Be Empty."
+
+  @regression
+  Scenario: Login attempt with incorrect email
+    Given a verified user exists with email "john.doe@example.com" and password "Secret123!"
+    When the client sends a POST request to /login with body:
+      | email                | password    |
+      | fake.user@example.com| Secret123!  |
+    Then the response status should be 401
+    And the response body should contain "Incorrect Username or Password"
+
+  @regression
+  Scenario: Login attempt with incorrect password
+    Given a verified user exists with email "john.doe@example.com" and password "Secret123!"
+    When the client sends a POST request to /login with body:
+      | email                | password      |
+      | john.doe@example.com | WrongPass987! |
+    Then the response status should be 401
+    And the response body should contain "Incorrect Username or Password"
+
+  @regression
+  Scenario: Login attempt by unverified user
+    Given an unverified user exists with email "alice.smith@example.com" and password "Password1!"
+    When the client sends a POST request to /login with body:
+      | email                  | password    |
+      | alice.smith@example.com| Password1!  |
+    Then the response status should be 403
+    And the response body should contain "Account verification required."
+
+  @regression
+  Scenario: Login attempt with malformed data (email as number)
+    When the client sends a POST request to /login with body:
+      | email | password    |
+      | 12345 | Secret123!  |
+    Then the response status should be 400
+    And the response body should contain "Username or Password Cannot Be Empty."
+
+  @regression
+  Scenario: Internal server error during login
+    Given the backend will return an internal error for email "server.error@example.com"
+    When the client sends a POST request to /login with body:
+      | email                  | password    |
+      | server.error@example.com | AnyPass!  |
+    Then the response status should be 500
+    And the response body should contain "Internal server error."
+
+  ##############################
+  # GET /logout
+  ##############################
+
+  @smoke
+  Scenario: User logs out successfully with valid session token
+    Given a user is logged in and has a valid session token "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.valid.token"
+    When the client sends a GET request to /logout with header "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.valid.token"
+    Then the response status should be 200
+    And the response body should contain "User logged out successfully."
+
+  @regression
+  Scenario: Logout attempt with missing session token
+    When the client sends a GET request to /logout without an Authorization header
+    Then the response status should be 401
+    And the response body should contain "Authentication required."
+
+  @regression
+  Scenario: Logout attempt with invalid session token
+    When the client sends a GET request to /logout with header "Authorization: Bearer invalid.token"
+    Then the response status should be 401
+    And the response body should contain "Authentication required."
+
+  @regression
+  Scenario: Logout attempt with an expired session token
+    When the client sends a GET request to /logout with header "Authorization: Bearer expired.token"
+    Then the response status should be 401
+    And the response body should contain "Authentication required."