Merge pull request #1543 from owncloud/restore-tests

[tests-only] Restore test files removed in PR #1488

.drone.star

@@ -237,10 +237,10 @@ def testOcisModules(ctx):
 
 def testPipelines(ctx):
   pipelines = [
-    localApiTests(ctx, 'owncloud', 'apiOcisSpecific'),
-    localApiTests(ctx, 'ocis', 'apiOcisSpecific'),
-    localApiTests(ctx, 'owncloud', 'apiBasic', 'default'),
-    localApiTests(ctx, 'ocis', 'apiBasic', 'default')
+    localApiTests(ctx, 'owncloud', 'apiBugDemonstration'),
+    localApiTests(ctx, 'ocis', 'apiBugDemonstration'),
+    localApiTests(ctx, 'owncloud', 'apiAccountsHashDifficulty', 'default'),
+    localApiTests(ctx, 'ocis', 'apiAccountsHashDifficulty', 'default')
   ]
 
   for runPart in range(1, config['apiTests']['numberOfParts'] + 1):
@@ -430,7 +430,7 @@ def uploadCoverage(ctx):
     },
   }
 
-def localApiTests(ctx, storage = 'owncloud', suite = 'apiOcisSpecific', accounts_hash_difficulty = 4):
+def localApiTests(ctx, storage = 'owncloud', suite = 'apiBugDemonstration', accounts_hash_difficulty = 4):
   return {
     'kind': 'pipeline',
     'type': 'docker',

docs/ocis/development/testing.md

@@ -39,7 +39,7 @@ You can invoke two types of test suite runs:
 
 The names of the full test suite make targets have the same naming as in the CI pipeline.
 
-For example `make -C tests/acceptance/docker localApiTests-apiOcisSpecific-ocis` runs the same tests as the `localApiTests-apiOcisSpecific-ocis` CI pipeline, which runs the oCIS test suite "apiOcisSpecific" against an oCIS with oCIS storage.
+For example `make -C tests/acceptance/docker localApiTests-apiBugDemonstration-ocis` runs the same tests as the `localApiTests-apiBugDemonstration-ocis` CI pipeline, which runs the oCIS test suite "apiBugDemonstration" against an oCIS with oCIS storage.
 
 For example `make -C tests/acceptance/docker Core-API-Tests-owncloud-storage-3`runs the same tests as the `Core-API-Tests-owncloud-storage-3` CI pipeline, which runs the third (out of ten) ownCloud test suite against an oCIS with owncloud storage.
 
@@ -48,7 +48,7 @@ For example `make -C tests/acceptance/docker Core-API-Tests-owncloud-storage-3`r
 The single feature tests can also be run against the different storage backends. Therefore multiple make targets with the schema test-<test source>-feature-<storage backend> exists. For selecting a single feature test you have to add an additional `BEHAT_FEATURE=...` parameter when invoking the make command:
 
 ```
-make -C tests/acceptance/docker test-ocis-feature-ocis BEHAT_FEATURE='tests/acceptance/features/apiOcisSpecific/apiAuthOcs-ocsDELETEAuth.feature'
+make -C tests/acceptance/docker test-ocis-feature-ocis BEHAT_FEATURE='tests/acceptance/features/apiBugDemonstration/apiAuthOcs-ocsDELETEAuth.feature'
 ```
 
 This must be pointing to a valid feature definition.
@@ -58,7 +58,7 @@ This must be pointing to a valid feature definition.
 By default the tests will be run against docker image built from your current working state of the oCIS repository. For some purposes it might also be handy to use a oCIS image from Docker Hub. Therefore you can provide the optional flag `OCIS_IMAGE_TAG=...` which must contain an available docker tag of the [owncloud/ocis registry on Docker Hub](https://hub.docker.com/r/owncloud/ocis) (eg. 'latest').
 
 ```
-make -C tests/acceptance/docker localApiTests-apiOcisSpecific-ocis OCIS_IMAGE_TAG=latest
+make -C tests/acceptance/docker localApiTests-apiBugDemonstration-ocis OCIS_IMAGE_TAG=latest
 ```
 
 ### Test log output
@@ -138,7 +138,7 @@ Those scenarios are run in the ordinary acceptance test pipeline in CI. The scen
 expected failures. If there are any differences then the CI pipeline fails.
 Similarly, scenarios that do not work in oCIS with EOS storage are listed in `tests/acceptance/expected-failures-on-EOS-storage.txt`.
 Additionally, some issues have scenarios that demonstrate the current buggy behaviour in ocis(reva).
-Those scenarios are in this ocis repository in `tests/acceptance/features/apiOcisSpecific`.
+Those scenarios are in this ocis repository in `tests/acceptance/features/apiBugDemonstration`.
 Have a look into the [documentation](https://doc.owncloud.com/server/developer_manual/testing/acceptance-tests.html#writing-scenarios-for-bugs) to understand why we are writing those tests.
 
 If you want to work on a specific issue

tests/acceptance/config/behat.yml

@@ -3,9 +3,9 @@ default:
     '': '%paths.base%/../features/bootstrap'
 
   suites:
-    apiBasic:
+    apiAccountsHashDifficulty:
       paths:
-        - '%paths.base%/../features/apiBasic'
+        - '%paths.base%/../features/apiAccountsHashDifficulty'
       context: &common_ldap_suite_context
         parameters:
           ldapAdminPassword: admin
@@ -29,9 +29,9 @@ default:
         - TrashbinContext:
         - WebDavPropertiesContext:
 
-    apiOcisSpecific:
+    apiBugDemonstration:
       paths:
-        - '%paths.base%/../features/apiOcisSpecific'
+        - '%paths.base%/../features/apiBugDemonstration'
       context: *common_ldap_suite_context
       contexts:
         - RevaContext:

tests/acceptance/docker/Makefile

@@ -51,12 +51,12 @@ help:
 	@echo -e "https://hub.docker.com/r/owncloud/ocis."
 	@echo
 	@echo -e "${GREEN}Run full oCIS test suites against oCIS with oCIS storage:${RESET}\n"
-	@echo -e "\tmake localApiTests-apiBasic-ocis\t\t${BLUE}run apiBasic test suite${RESET}"
-	@echo -e "\tmake localApiTests-apiOcisSpecific-ocis\t\t${BLUE}run apiOcisSPecific test suite${RESET}"
+	@echo -e "\tmake localApiTests-apiAccountsHashDifficulty-ocis\t\t${BLUE}run apiAccountsHashDifficulty test suite${RESET}"
+	@echo -e "\tmake localApiTests-apiBugDemonstration-ocis\t\t${BLUE}run apiBugDemonstration test suite${RESET}"
 	@echo
 	@echo -e "${GREEN}Run full oCIS test suites against oCIS with ownCloud storage:${RESET}\n"
-	@echo -e "\tmake localApiTests-apiBasic-owncloud\t\t${BLUE}run apiBasic test suite${RESET}"
-	@echo -e "\tmake localApiTests-apiOcisSpecific-owncloud\t${BLUE}run apiOcisSpecific test suite${RESET}"
+	@echo -e "\tmake localApiTests-apiAccountsHashDifficulty-owncloud\t\t${BLUE}run apiAccountsHashDifficulty test suite${RESET}"
+	@echo -e "\tmake localApiTests-apiBugDemonstration-owncloud\t${BLUE}run apiBugDemonstration test suite${RESET}"
 	@echo
 	@echo -e "${GREEN}Run full ownCloud test suites against oCIS with oCIS storage:${RESET}\n"
 	@echo -e "\tmake Core-API-Tests-ocis-storage-${RED}X${RESET}\t\t${BLUE}run test suite number X, where ${RED}X = 1 .. 10${RESET}"
@@ -68,13 +68,13 @@ help:
 	@echo -e "\tmake test-ocis-feature-ocis-storage ${YELLOW}BEHAT_FEATURE='...'${RESET}\t${BLUE}run single feature test${RESET}"
 	@echo
 	@echo -e "\twhere ${YELLOW}BEHAT_FEATURE='...'${RESET} contains a relative path to the feature definition."
-	@echo -e "\texample: ${RED}tests/acceptance/features/apiOcisSpecific/apiAuthOcs-ocsDELETEAuth.feature${RESET}"
+	@echo -e "\texample: ${RED}tests/acceptance/features/apiBugDemonstration/apiAuthOcs-ocsDELETEAuth.feature${RESET}"
 	@echo
 	@echo -e "${GREEN}Run an oCIS feature test against oCIS with owncloud storage:${RESET}\n"
 	@echo -e "\tmake test-ocis-feature-owncloud-storage ${YELLOW}BEHAT_FEATURE='...'${RESET}\t${BLUE}run single feature test${RESET}"
 	@echo
 	@echo -e "\twhere ${YELLOW}BEHAT_FEATURE='...'${RESET} contains a relative path to the feature definition."
-	@echo -e "\texample: ${RED}tests/acceptance/features/apiOcisSpecific/apiAuthOcs-ocsDELETEAuth.feature${RESET}"
+	@echo -e "\texample: ${RED}tests/acceptance/features/apiBugDemonstration/apiAuthOcs-ocsDELETEAuth.feature${RESET}"
 	@echo
 	@echo -e "${GREEN}Run an ownCloud feature test against oCIS with oCIS storage:${RESET}\n"
 	@echo -e "\tmake test-oc10-feature-ocis-storage ${YELLOW}BEHAT_FEATURE='...'${RESET}\t${BLUE}run single feature test${RESET}"
@@ -99,14 +99,14 @@ help:
 	@echo -e "\tmake clean-docker-volumes\t\t${BLUE}removes used docker volumes (used for caching)${RESET}"
 	@echo
 .PHONY: test-ocis-feature-ocis-storage
-test-ocis-feature-ocis-storage: ## test a ocis feature with oCIS storage, useage: make ... BEHAT_FEATURE='tests/acceptance/features/apiOcisSpecific/apiAuthOcs-ocsDELETEAuth.feature:7'
+test-ocis-feature-ocis-storage: ## test a ocis feature with oCIS storage, useage: make ... BEHAT_FEATURE='tests/acceptance/features/apiBugDemonstration/apiAuthOcs-ocsDELETEAuth.feature:7'
 	@TEST_SOURCE=ocis \
 	STORAGE=ocis \
 	BEHAT_FEATURE=$(BEHAT_FEATURE) \
 	$(MAKE) --no-print-directory testSuite
 
 .PHONY: test-ocis-feature-owncloud-storage
-test-ocis-feature-owncloud-storage: ## test a ocis feature with oc10 storage, useage: make ... BEHAT_FEATURE='tests/acceptance/features/apiOcisSpecific/apiAuthOcs-ocsDELETEAuth.feature:7'
+test-ocis-feature-owncloud-storage: ## test a ocis feature with oc10 storage, useage: make ... BEHAT_FEATURE='tests/acceptance/features/apiBugDemonstration/apiAuthOcs-ocsDELETEAuth.feature:7'
 	@TEST_SOURCE=ocis \
 	STORAGE=owncloud \
 	BEHAT_FEATURE=$(BEHAT_FEATURE) \
@@ -126,32 +126,32 @@ test-oc10-feature-owncloud-storage: ## test a oC10 feature with oc10 storage, us
 	BEHAT_FEATURE=$(BEHAT_FEATURE) \
 	$(MAKE) --no-print-directory testSuite
 
-.PHONY: localApiTests-apiOcisSpecific-owncloud
-localApiTests-apiOcisSpecific-owncloud: ## run apiOcisSpecific test suite with owncloud storage
+.PHONY: localApiTests-apiBugDemonstration-owncloud
+localApiTests-apiBugDemonstration-owncloud: ## run apiBugDemonstration test suite with owncloud storage
 	@TEST_SOURCE=oc10 \
 	STORAGE=owncloud \
-	BEHAT_SUITE=apiOcisSpecific \
+	BEHAT_SUITE=apiBugDemonstration \
 	$(MAKE) --no-print-directory testSuite
 
-.PHONY: localApiTests-apiBasic-owncloud
-localApiTests-apiBasic-owncloud: ## run apiBasic test suite with owncloud storage
+.PHONY: localApiTests-apiAccountsHashDifficulty-owncloud
+localApiTests-apiAccountsHashDifficulty-owncloud: ## run apiAccountsHashDifficulty test suite with owncloud storage
 	@TEST_SOURCE=ocis \
 	STORAGE=owncloud \
-	BEHAT_SUITE=apiBasic \
+	BEHAT_SUITE=apiAccountsHashDifficulty \
 	$(MAKE) --no-print-directory testSuite
 
-.PHONY: localApiTests-apiOcisSpecific-ocis
-localApiTests-apiOcisSpecific-ocis: ## run apiOcisSPecific test suite with ocis storage
+.PHONY: localApiTests-apiBugDemonstration-ocis
+localApiTests-apiBugDemonstration-ocis: ## run apiBugDemonstration test suite with ocis storage
 	@TEST_SOURCE=ocis \
 	STORAGE=ocis \
-	BEHAT_SUITE=apiOcisSpecific \
+	BEHAT_SUITE=apiBugDemonstration \
 	$(MAKE) --no-print-directory testSuite
 
-.PHONY: localApiTests-apiBasic-ocis
-localApiTests-apiBasic-ocis: ## run apiBasic test suite with ocis storage
+.PHONY: localApiTests-apiAccountsHashDifficulty-ocis
+localApiTests-apiAccountsHashDifficulty-ocis: ## run apiAccountsHashDifficulty test suite with ocis storage
 	@TEST_SOURCE=ocis \
 	STORAGE=ocis \
-	BEHAT_SUITE=apiBasic \
+	BEHAT_SUITE=apiAccountsHashDifficulty \
 	$(MAKE) --no-print-directory testSuite
 
 targets = $(addprefix Core-API-Tests-owncloud-storage-,$(PARTS))

tests/acceptance/features/apiAccountsHashDifficulty/addUser.feature

@@ -0,0 +1,21 @@
+@api @provisioning_api-app-required @skipOnLDAP
+Feature: add user
+  As an admin
+  I want to be able to add users and store their password with the full hash difficulty
+  So that I can give people controlled individual access to resources on the ownCloud server
+
+  Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production
+  See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839
+
+  Scenario Outline: admin creates a user
+    Given using OCS API version "<ocs_api_version>"
+    And user "brand-new-user" has been deleted
+    When the administrator sends a user creation request for user "brand-new-user" password "%alt1%" using the provisioning API
+    Then the OCS status code should be "<ocs_status_code>"
+    And the HTTP status code should be "200"
+    And user "brand-new-user" should exist
+    And user "brand-new-user" should be able to access a skeleton file
+    Examples:
+      | ocs_api_version | ocs_status_code |
+      | 1               | 100             |
+      | 2               | 200             |

tests/acceptance/features/apiAccountsHashDifficulty/createShareToSharesFolder.feature

@@ -1,5 +1,11 @@
 @api @files_sharing-app-required
 Feature: sharing
+  As a user
+  I want to be able to share files when passwords are stored with the full hash difficulty
+  So that I can give people secure controlled access to my data
+
+  Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production
+  See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839
 
   Scenario Outline: Creating a share of a file with a user
     Given the administrator has set the default folder for received shares to "Shares"

tests/acceptance/features/apiAccountsHashDifficulty/uploadFile.feature

@@ -0,0 +1,21 @@
+@api
+Feature: upload file
+  As a user
+  I want to be able to upload files when passwords are stored with the full hash difficulty
+  So that I can store and share files securely between multiple client systems
+
+  Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production
+  See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839
+
+  Scenario Outline: upload a file and check download content
+    Given using OCS API version "<ocs_api_version>"
+    And user "Alice" has been created with default attributes and without skeleton files
+    And using <dav_version> DAV path
+    When user "Alice" uploads file with content "uploaded content" to "/upload.txt" using the WebDAV API
+    Then the content of file "/upload.txt" for user "Alice" should be "uploaded content"
+    Examples:
+      | ocs_api_version | dav_version |
+      | 1               | old         |
+      | 1               | new         |
+      | 2               | old         |
+      | 2               | new         |

tests/acceptance/features/apiAccountsHashDifficulty/webDavPUTAuthInvalid.feature

@@ -0,0 +1,32 @@
+@api
+Feature: attempt to PUT files with invalid password
+  As an admin
+  I want to the system to be secure when passwords are stored with the full hash difficulty
+  So that unauthorised users do not have access to data
+
+  Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production
+  See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839
+
+  Background:
+    Given user "Alice" has been created with default attributes and without skeleton files
+    And user "Alice" has created folder "/PARENT"
+
+  Scenario: send PUT requests to webDav endpoints as normal user with wrong password
+    When user "Alice" requests these endpoints with "PUT" including body "doesnotmatter" using password "invalid" about user "Alice"
+      | endpoint                                           |
+      | /remote.php/webdav/textfile0.txt                   |
+      | /remote.php/dav/files/%username%/textfile0.txt     |
+      | /remote.php/webdav/PARENT                          |
+      | /remote.php/dav/files/%username%/PARENT            |
+      | /remote.php/dav/files/%username%/PARENT/parent.txt |
+    Then the HTTP status code of responses on all endpoints should be "401"
+
+  Scenario: send PUT requests to webDav endpoints as normal user with no password
+    When user "Alice" requests these endpoints with "PUT" including body "doesnotmatter" using password "" about user "Alice"
+      | endpoint                                           |
+      | /remote.php/webdav/textfile0.txt                   |
+      | /remote.php/dav/files/%username%/textfile0.txt     |
+      | /remote.php/webdav/PARENT                          |
+      | /remote.php/dav/files/%username%/PARENT            |
+      | /remote.php/dav/files/%username%/PARENT/parent.txt |
+    Then the HTTP status code of responses on all endpoints should be "401"