# Security Test Case Template

## Authentication Tests
```gherkin
Scenario: Lock override with expired session
  Given an active branch lock
  When session expires during override attempt
  Then system should reject with 401 Unauthorized
  And log security event "LOCK_OVERRIDE_FAILURE"
```

## Injection Prevention
```gherkin
Scenario: XSS in change comments
  When submitting comment with <script>alert(1)</script>
  Then response should sanitize to "&amp;lt;script&amp;gt;alert(1)&amp;lt;/script&amp;gt;"
  And store original input in quarantine
```

## Data Integrity
```gherkin
Scenario: Unauthorized diff modification
  Given approved version comparison
  When altering historical diff metadata
  Then checksum validation should fail
  And trigger auto-rollback procedure
```

## Workflow Security
```gherkin
Scenario: Approval state bypass
  Given pending approval workflow
  When attempting direct state transition
  Then enforce state machine rules
  And log "ILLEGAL_STATE_CHANGE" event
```

## Monitoring Tests
```gherkin
Scenario: Abnormal approval patterns
  Given 10 rapid approvals from same IP
  When monitoring system detects anomaly
  Then freeze approval process
  And notify security team