ENH Run Behat test with less than ADMIN permissions

tests/behat/features/gridfield-navigation.feature

@@ -18,7 +18,8 @@ Feature: Search in GridField
       And the "Company" "Cisco" with "Category"="Other"
       And the "Company" "Bouygues" with "Category"="Other" 
       And the "Company" "Insurance" with "Category"="Other"
-      And I am logged in with "ADMIN" permissions
+      And the "group" "EDITOR" has permissions "Access to 'Pages' section" and "Access to 'GridField Test Navigation' section" and "TEST_DATAOBJECT_EDIT"
+      And I am logged in as a member of "EDITOR" group
 
   Scenario: I can navigate back through the GridField items by using the "previous record" button
     When I go to "/admin/gridfield-test-navigation"

tests/behat/features/gridfield-search.feature

@@ -7,7 +7,8 @@ Feature: Search in GridField
     Given the "Company" "Walmart" with "Category"="Retail"
     And the "Company" "ExxonMobil" with "Category"="Oil"
     And the "Company" "Vitol" with "Category"="Other" 
-    And I am logged in with "ADMIN" permissions
+    And the "group" "EDITOR" has permissions "Access to 'Pages' section" and "Access to 'Test ModelAdmin' section" and "TEST_DATAOBJECT_EDIT"
+    And I am logged in as a member of "EDITOR" group
     And I go to "/admin/test"
 
   Scenario: I can search and go to item

tests/behat/features/login.feature

@@ -4,12 +4,15 @@ Feature: Log in
   I want to access to the CMS to be secure
   So that only my team can make content changes
 
+  Background:
+    Given the "group" "EDITOR" has permissions "Access to 'Pages' section"
+
   Scenario: Bad login
     Given I log in with "[email protected]" and "badpassword"
     Then I should see "The provided details don't seem to be correct"
 
   Scenario: Valid login
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     When I go to "/admin/"
     Then I should see the CMS
 
@@ -19,15 +22,15 @@ Feature: Log in
     And I should see a log-in form
 
   Scenario: Logout without token
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     When I go to "/Security/logout"
     Then I should see a log-out form
     When I press the "Log out" button
     And I go to "/admin/"
     Then I should see a log-in form
 
   Scenario: Log in as someone else
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     When I go to "/Security/login"
     Then the response should contain "Log in as someone else"
 

tests/behat/features/manage-groups.feature

@@ -5,8 +5,10 @@ Feature: Manage groups
   So that I can control access to the CMS
 
   Background:
-    Given a "group" "BOB group"
-    And a "group" "Jane group" with permissions "View draft content"
+    Given a "group" "BOB"
+    And a "group" "Jane" with permissions "View draft content"
+    And the "group" "GROUPS_EDITOR" has permissions "CMS_ACCESS_SecurityAdmin" and "EDIT_PERMISSIONS"
+    And the "group" "MEMEBERS_EDITOR" has permissions "CMS_ACCESS_SecurityAdmin" and "APPLY_ROLES"
     And the "page" "My page"
     And I am logged in with "ADMIN" permissions
     And I go to "/admin/security"
@@ -31,17 +33,58 @@ Feature: Manage groups
     And I fill in "Group name" with ""
     And I press the "Create" button
     Then I should see "Validation Error"
+
+  Scenario: Members of a group with permissions 
+    Given I go to "/Security/login"
+    And I press the "Log in as someone else" button
+    And I am logged in as a member of "BOB" group
+    When I go to "/my-page?stage=Stage"
+    Then I should not see "My page"
+
+  Scenario: Members of a group with permissions can edit Group data
+    Given I go to "/Security/login"
+    And I press the "Log in as someone else" button
+    And I am logged in as a member of "GROUPS_EDITOR" group
+    And I go to "/admin/security"
+    When I click the "Groups" CMS tab
+    And I click "GROUPS_EDITOR" in the "#Root_Groups" element
+    And I fill in "Group name" with "GROUPS_EDITOR_NEW"
+    And I press the "Save" button
+    And I should see "Saved Group "
+    And I click "Groups" in the ".breadcrumbs-wrapper" element
+    And I click the "Groups" CMS tab
+    And I should see "GROUPS_EDITOR_NEW"
+
+  Scenario: Members of a group with permissions can edit Members data
+    Given I go to "/Security/login"
+    And I press the "Log in as someone else" button
+    And I am logged in as a member of "GROUPS_EDITOR" group
+    And I go to "/admin/security"
+    When I click the "Users" CMS tab
+    And I click "GROUPS_EDITOR" in the "#Root_Users" element
+    And I fill in "First Name" with "General Editor"
+    And I press the "Save" button
+    And I should see "Saved Member "
+    And I click "Security" in the ".breadcrumbs-wrapper" element
+    And I should see "General Editor"
+
+  Scenario: Members of a group with permissions cannot view draft content
+    Given I go to "/Security/login"
+    And I press the "Log in as someone else" button
+    And I am logged in as a member of "BOB" group
+    When I go to "/my-page?stage=Stage"
+    Then I should not see "My page"
 
   Scenario: Members of a group without permissions cannot view draft content
     Given I go to "/Security/login"
     And I press the "Log in as someone else" button
-    And I am logged in with "BOB" permissions
+    And I am logged in as a member of "BOB" group
     When I go to "/my-page?stage=Stage"
     Then I should not see "My page"
 
   Scenario: Members of a group with relevant permissions can view draft content
     Given I go to "/Security/login"
     And I press the "Log in as someone else" button
-    And I am logged in with "Jane" permissions
+    And I am logged in as a member of "Jane" group
     When I go to "/my-page?stage=Stage"
     Then I should see "My page"

tests/behat/features/multitab-validation.feature

@@ -6,9 +6,10 @@ Feature: Multi-tab page validation icons
   Background:
     Given a "multi tab page" "My MultiTab Page"
     And a "single tab page" "My SingleTab Page"
+    And the "group" "EDITOR" has permissions "Access to 'Pages' section"
 
   Scenario: I can see tab validation icons on multi-tab pages
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     And I go to "/admin/pages"
     And I should see "My MultiTab Page" in the tree
     And I click on "My MultiTab Page" in the tree
@@ -46,7 +47,7 @@ Feature: Multi-tab page validation icons
     Then I should not see an invalid tab icon on the "Fourth" tab
 
   Scenario: Tab validation icons dont appear on pages with a single tab
-    Given I am logged in with "ADMIN" permissions
+    Given I am logged in as a member of "EDITOR" group
     And I go to "/admin/pages"
     And I should see "My SingleTab Page" in the tree
     And I click on "My SingleTab Page" in the tree

tests/behat/features/notfound.feature

@@ -3,10 +3,11 @@ Feature: Not found
   I want error messages to be displayed in the context of the admin section
 
   Background:
-    Given I am logged in with "ADMIN" permissions
+    Given the "group" "EDITOR" has permissions "CMS_ACCESS_LeftAndMain"
 
   Scenario: Errors are displayed in the admin context
-    Given I go to "/admin/nothing"
+    Given I am logged in as a member of "EDITOR" group
+    And I go to "/admin/nothing"
     Then I should see "Not Found"
     And I should see "Sorry, it seems you were trying to access a section or object that doesn't exist."
     And I should see the admin menu
@@ -20,7 +21,8 @@ Feature: Not found
     And I should see the admin menu
 
   Scenario: Valid routes do not display the error
-    Given I go to "/admin/settings"
+    Given I am logged in with "ADMIN" permissions
+    And I go to "/admin/settings"
     Then I should not see "Not Found"
     And I should not see "Sorry, it seems you were trying to access a section or object that doesn't exist."
     And I should see the admin menu

tests/behat/features/reauthenticate.feature

@@ -5,25 +5,26 @@ Feature: Reauthenticate
   So that I can avoid losing unsaved work
 
   Background:
-    And I am logged in with "ADMIN" permissions
-    And I go to "/admin/security"
-    And I am not in an iframe
-    And I click the "Users" CMS tab
-    And my session expires
+    Given the "group" "EDITOR" has permissions "Access to 'Pages' section"
+      And I am logged in as a member of "EDITOR" group
+      And I go to "/admin/pages"
+      And I am not in an iframe
+      And I wait for 3 seconds
+      And my session expires
 
   Scenario: Reauthenticate with correct login
-    When I press the "Add Member" button
+    When I press the "Add new" button
       And I switch to the "login-dialog-iframe" iframe
     Then I should see a "Let me back in" button
     When I fill in "Password" with "Secret!123"
       And I press the "Let me back in" button
       And I am not in an iframe
-      And I go to "/admin/security"
-    When I press the "Add Member" button
-    Then I should see "Create" in the "#Form_ItemEditForm_action_doSave" element
+      And I go to "/admin/pages"
+    When I press the "Add new" button
+    Then I should see "Create" in the "#Form_AddForm_action_doAdd" element
 
   Scenario: Reauthenticate with wrong login
-    When I press the "Add Member" button
+    When I press the "Add new" button
       And I switch to the "login-dialog-iframe" iframe
     Then I should see a "Let me back in" button
     When I fill in "Password" with "wrong password"
@@ -32,6 +33,6 @@ Feature: Reauthenticate
     When I fill in "Password" with "Secret!123"
       And I press the "Let me back in" button
       And I am not in an iframe
-      And I go to "/admin/security"
-    When I press the "Add Member" button
-    Then I should see "Create" in the "#Form_ItemEditForm_action_doSave" element
+      And I go to "/admin/pages"
+    When I press the "Add new" button
+    Then I should see "Create" in the "#Form_AddForm_action_doAdd" element