mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2025-12-31 01:10:20 -06:00
Code Issues Packages Projects Releases Wiki Activity

[tests-only] fix MOVE with another user dav path scenarios (#8460)

Browse Source 
* test(api): fix MOVE with another user dav path scenarios

* test(api): fix php code style

* test(api): fix dav paths

* test(api): fix dav paths
This commit is contained in:
Sawjan Gurung
2024-02-19 15:46:34 +05:45
committed by GitHub
parent 71b6cbc817
commit 0df64c26cd
8 changed files with 34 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
tests/TestHelpers/WebDavHelper.php
View File

@@ -661,7 +661,7 @@ class WebDavHelper {
$urlParameter = \http_build_query($urlParameter, '', '&');
$path .= '?' . $urlParameter;
}
$fullUrl = self::sanitizeUrl($baseUrl . $davPath . $path);
$fullUrl = self::sanitizeUrl($baseUrl . "/$davPath" . $path);
if ($authType === 'bearer') {
$headers['Authorization'] = 'Bearer ' . $password;
@@ -750,12 +750,12 @@ class WebDavHelper {
// return spaces root path if spaceid is null
// REPORT request uses spaces root path
if ($spaceId === null) {
return "/remote.php/dav/spaces/";
return "remote.php/dav/spaces/";
}
if ($type === "trash-bin") {
return "/remote.php/dav/spaces/trash-bin/" . $spaceId . '/';
return "remote.php/dav/spaces/trash-bin/" . $spaceId . '/';
}
return "/remote.php/dav/spaces/" . $spaceId . '/';
return "remote.php/dav/spaces/" . $spaceId . '/';
} else {
if ($davPathVersionToUse === self::DAV_VERSION_OLD) {
if ($type === "trash-bin") {

9
tests/acceptance/expected-failures-API-on-OCIS-storage.md
View File

@@ -227,15 +227,6 @@ _ocdav: api compatibility, return correct status code_
- [coreApiAuth/webDavLOCKAuth.feature:46](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/webDavLOCKAuth.feature#L46)
- [coreApiAuth/webDavLOCKAuth.feature:58](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/webDavLOCKAuth.feature#L58)
#### [send (MOVE,COPY) requests to another user's webDav endpoints as normal user gives 400 instead of 403](https://github.com/owncloud/ocis/issues/3882)
_ocdav: api compatibility, return correct status code_
- [coreApiAuth/webDavMOVEAuth.feature:45](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/webDavMOVEAuth.feature#L45)
- [coreApiAuth/webDavMOVEAuth.feature:54](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/webDavMOVEAuth.feature#L54)
- [coreApiAuth/webDavCOPYAuth.feature:45](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/webDavCOPYAuth.feature#L45)
- [coreApiAuth/webDavCOPYAuth.feature:54](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/webDavCOPYAuth.feature#L54)
#### [send POST requests to another user's webDav endpoints as normal user](https://github.com/owncloud/ocis/issues/1287)
_ocdav: api compatibility, return correct status code_

9
tests/acceptance/features/bootstrap/AuthContext.php
View File

@@ -25,6 +25,7 @@ use Behat\Gherkin\Node\TableNode;
use Behat\Behat\Context\Context;
use TestHelpers\SetupHelper;
use \Psr\Http\Message\ResponseInterface;
use TestHelpers\WebDavHelper;
/**
* Authentication functions
@@ -592,7 +593,13 @@ class AuthContext implements Context {
public function userRequestsTheseEndpointsAboutUser(string $user, string $method, string $ofUser, TableNode $table):void {
$headers = [];
if ($method === 'MOVE' || $method === 'COPY') {
$headers['Destination'] = '/path/to/destination';
$baseUrl = $this->featureContext->getBaseUrl();
$suffix = "";
if ($this->featureContext->getDavPathVersion() === WebDavHelper::DAV_VERSION_SPACES) {
$suffix = $this->featureContext->spacesContext->getSpaceIdByName($user, "Personal") . "/";
}
$davPath = WebDavHelper::getDavPath($user, $this->featureContext->getDavPathVersion());
$headers['Destination'] = "{$baseUrl}/{$davPath}{$suffix}moved";
}
foreach ($table->getHash() as $row) {

2
tests/acceptance/features/bootstrap/SpacesContext.php
View File

@@ -2048,7 +2048,7 @@ class SpacesContext implements Context {
if ($toSpaceName === 'Shares') {
$sharesPath = $this->featureContext->getSharesMountPath($user, $fileDestination);
$davPath = WebDavHelper::getDavPath($user, $this->featureContext->getDavPathVersion());
$headers['Destination'] = $baseUrl . $davPath . $sharesPath;
$headers['Destination'] = $baseUrl . "/$davPath" . $sharesPath;
} else {
$headers['Destination'] = $this->destinationHeaderValueWithSpaceName($user, $fileDestination, $toSpaceName, $url);
}

6
tests/acceptance/features/bootstrap/WebDav.php
View File

@@ -5000,7 +5000,7 @@ trait WebDav {
$sharesPath = $this->getSharesMountPath($user, $path) . '/?' . $urlParameter;
$davPath = WebDavHelper::getDavPath($user, $this->getDavPathVersion());
$fullUrl = $this->getBaseUrl() . $davPath . $sharesPath;
$fullUrl = $this->getBaseUrl() . "/$davPath" . $sharesPath;
return HttpRequestHelper::sendRequest(
$fullUrl,
@@ -5027,7 +5027,7 @@ trait WebDav {
$sharesPath = $this->getSharesMountPath($user, $destination);
$davPath = WebDavHelper::getDavPath($user, $this->getDavPathVersion());
$fullUrl = $this->getBaseUrl() . $davPath . $sharesPath;
$fullUrl = $this->getBaseUrl() . "/$davPath" . $sharesPath;
return HttpRequestHelper::sendRequest(
$fullUrl,
@@ -5766,7 +5766,7 @@ trait WebDav {
if ($entryNameToSearch !== null) {
$entryNameToSearch = \trim($entryNameToSearch, "/");
}
$spacesBaseUrl = webDavHelper::getDavPath(null, webDavHelper::DAV_VERSION_SPACES);
$spacesBaseUrl = "/" . webDavHelper::getDavPath(null, webDavHelper::DAV_VERSION_SPACES);
$searchResults = $this->getResponseXml()->xpath("//d:multistatus/d:response");
$results = [];
foreach ($searchResults as $item) {

14
tests/acceptance/features/coreApiAuth/webDavCOPYAuth.feature
View File

@@ -12,6 +12,7 @@ Feature: COPY file/folder
And user "Alice" has created folder "/PARENT"
And user "Alice" has created folder "/FOLDER"
And user "Alice" has uploaded file with content "some data" to "/PARENT/parent.txt"
And using new DAV path
@smokeTest
Scenario: send COPY requests to webDav endpoints as normal user with wrong password
@@ -41,23 +42,24 @@ Feature: COPY file/folder
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "401"
@issue-3882
Scenario: send COPY requests to another user's webDav endpoints as normal user
When user "Brian" requests these endpoints with "COPY" about user "Alice"
| endpoint |
| /remote.php/dav/files/%username%/textfile0.txt |
| /remote.php/dav/files/%username%/PARENT |
| /remote.php/dav/files/%username%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "403"
Then the HTTP status code of responses on all endpoints should be "404"
@skipOnRevaMaster
@skipOnRevaMaster @issue-3882
Scenario: send COPY requests to another user's webDav endpoints as normal user using the spaces WebDAV API
Given using spaces DAV path
When user "Brian" requests these endpoints with "COPY" about user "Alice"
| endpoint |
| /remote.php/dav/spaces/%spaceid%/textfile0.txt |
| /remote.php/dav/spaces/%spaceid%/PARENT |
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "403"
Then the HTTP status code of responses on all endpoints should be "404"
Scenario: send COPY requests to webDav endpoints using invalid username but correct password
@@ -101,7 +103,7 @@ Feature: COPY file/folder
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "401"
@issue-4332 @issue-3882
Scenario: send COPY requests to webDav endpoints with body as normal user
When user "Alice" requests these endpoints with "COPY" including body "doesnotmatter" about user "Alice"
| endpoint |
@@ -113,7 +115,7 @@ Feature: COPY file/folder
| /remote.php/dav/files/%username%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "415"
@skipOnRevaMaster
@skipOnRevaMaster @issue-4332 @issue-3882
Scenario: send COPY requests to webDav endpoints with body as normal user using the spaces WebDAV API
When user "Alice" requests these endpoints with "COPY" including body "doesnotmatter" about user "Alice"
| endpoint |

4
tests/acceptance/features/coreApiAuth/webDavDELETEAuth.feature
View File

@@ -104,7 +104,7 @@ Feature: delete file/folder
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "401"
@issue-4332
Scenario: send DELETE requests to webDav endpoints with body as normal user
When user "Alice" requests these endpoints with "DELETE" including body "doesnotmatter" about user "Alice"
| endpoint |
@@ -115,7 +115,7 @@ Feature: delete file/folder
| /remote.php/dav/files/%username%/FOLDER |
Then the HTTP status code of responses on all endpoints should be "415"
@skipOnRevaMaster
@skipOnRevaMaster @issue-4332
Scenario: send DELETE requests to webDav endpoints with body as normal user using the spaces WebDAV API
When user "Alice" requests these endpoints with "DELETE" including body "doesnotmatter" about user "Alice"
| endpoint |

14
tests/acceptance/features/coreApiAuth/webDavMOVEAuth.feature
View File

@@ -12,6 +12,7 @@ Feature: MOVE file/folder
And user "Alice" has created folder "/PARENT"
And user "Alice" has created folder "/FOLDER"
And user "Alice" has uploaded file with content "some data" to "/PARENT/parent.txt"
And using new DAV path
@smokeTest
Scenario: send MOVE requests to webDav endpoints as normal user with wrong password
@@ -41,23 +42,24 @@ Feature: MOVE file/folder
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "401"
@issue-3882
Scenario: send MOVE requests to another user's webDav endpoints as normal user
When user "Brian" requests these endpoints with "MOVE" about user "Alice"
| endpoint |
| /remote.php/dav/files/%username%/textfile0.txt |
| /remote.php/dav/files/%username%/PARENT |
| /remote.php/dav/files/%username%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "403"
Then the HTTP status code of responses on all endpoints should be "404"
@skipOnRevaMaster
@skipOnRevaMaster @issue-3882
Scenario: send MOVE requests to another user's webDav endpoints as normal user using the spaces WebDAV API
Given using spaces DAV path
When user "Brian" requests these endpoints with "MOVE" about user "Alice"
| endpoint |
| /remote.php/dav/spaces/%spaceid%/textfile0.txt |
| /remote.php/dav/spaces/%spaceid%/PARENT |
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "403"
Then the HTTP status code of responses on all endpoints should be "404"
Scenario: send MOVE requests to webDav endpoints using invalid username but correct password
@@ -101,7 +103,7 @@ Feature: MOVE file/folder
| /remote.php/dav/spaces/%spaceid%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "401"
@issue-4332 @issue-3882
Scenario: send MOVE requests to webDav endpoints with body as normal user
When user "Alice" requests these endpoints with "MOVE" including body "doesnotmatter" about user "Alice"
| endpoint |
@@ -113,7 +115,7 @@ Feature: MOVE file/folder
| /remote.php/dav/files/%username%/PARENT/parent.txt |
Then the HTTP status code of responses on all endpoints should be "415"
@skipOnRevaMaster
@skipOnRevaMaster @issue-4332 @issue-3882
Scenario: send MOVE requests to webDav endpoints with body as normal user using the spaces WebDAV API
When user "Alice" requests these endpoints with "MOVE" including body "doesnotmatter" about user "Alice"
| endpoint |