mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-07 12:50:21 -06:00
Code Issues Packages Projects Releases Wiki Activity

get federated users test

Browse Source
This commit is contained in:
Viktor Scharf
2024-08-14 16:38:42 +02:00
parent f6e6250313
commit 5a958dfb92
6 changed files with 516 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/ocis/development/testing.md
View File

@@ -559,6 +559,9 @@ PROXY_ENABLE_BASIC_AUTH=true \
OCIS_ENABLE_OCM=true \
OCM_OCM_PROVIDER_AUTHORIZER_PROVIDERS_FILE="${workspaceFolder}/tests/config/drone/providers.json" \
OCIS_ADD_RUN_SERVICES="ocm" \
OCM_OCM_INVITE_MANAGER_INSECURE=true \
OCM_OCM_SHARE_PROVIDER_INSECURE=true \
OCM_OCM_STORAGE_PROVIDER_INSECURE=true \
ocis/bin/ocis server
```

50
tests/TestHelpers/GraphHelper.php
View File

@@ -2346,4 +2346,54 @@ class GraphHelper {
$password
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $user
* @param string $password
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function getFederatedUsers(
string $baseUrl,
string $xRequestId,
string $user,
string $password
): ResponseInterface {
$url = self::getFullUrl($baseUrl, "users?\$filter=userType eq 'Federated'");
return HttpRequestHelper::get(
$url,
$xRequestId,
$user,
$password,
self::getRequestHeaders()
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function getAllUsers(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
): ResponseInterface {
$url = self::getFullUrl($baseUrl, "users?\$filter=userType eq 'Federated' or userType eq 'Member'");
return HttpRequestHelper::get(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders()
);
}
}

6
tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md
View File

@@ -293,5 +293,11 @@ The expected failures in this file are from features in the owncloud/ocis repo.
### [OCM. user cannot see invite description and inviteUser email](https://github.com/owncloud/ocis/issues/9591)
- [apiOcm/createInvitation.feature:63](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiOcm/createInvitation.feature#L63)
### [OCM. admin cannot get federated users if he hasn't connection with them ](https://github.com/owncloud/ocis/issues/9829)
tests/acceptance/features/apiOcm/searchFederationUsers.feature
- [apiOcm/searchFederationUsers.feature:434](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiOcm/searchFederationUsers.feature#L434)
- [apiOcm/searchFederationUsers.feature:611](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiOcm/searchFederationUsers.feature#L611)
- Note: always have an empty line at the end of this file.
The bash script that processes this file requires that the last line has a newline on the end.

413
tests/acceptance/features/apiOcm/searchFederationUsers.feature
View File

@@ -36,7 +36,9 @@ Feature: search federation users
"type": "object",
"required": [
"displayName",
"id"
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
@@ -45,6 +47,31 @@ Feature: search federation users
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "ocis-server"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
@@ -71,7 +98,9 @@ Feature: search federation users
"type": "object",
"required": [
"displayName",
"id"
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
@@ -80,6 +109,31 @@ Feature: search federation users
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "https://federation-ocis-server:10200"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
@@ -112,7 +166,9 @@ Feature: search federation users
"type": "object",
"required": [
"displayName",
"id"
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
@@ -121,6 +177,31 @@ Feature: search federation users
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "ocis-server"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
@@ -147,7 +228,9 @@ Feature: search federation users
"type": "object",
"required": [
"displayName",
"id"
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
@@ -156,6 +239,31 @@ Feature: search federation users
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "https://federation-ocis-server:10200"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
@@ -165,7 +273,7 @@ Feature: search federation users
"""
Scenario: sers search for federation users without federated connection
Scenario: users search for federation users without federated connection
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
@@ -207,7 +315,6 @@ Feature: search federation users
}
}
"""
And using server "REMOTE"
Scenario: users search all federation users
@@ -324,5 +431,299 @@ Feature: search federation users
}
"""
@issue-9829
Scenario: admin gets federated users
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When the administrator gets federated users using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"mail",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Alice Hansen"
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"mail": {
"type": "string",
"const": "alice@example.org"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "ocis-server"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
}
}
}
"""
And using server "LOCAL"
When the administrator gets federated users using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"mail",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Brian Murphy"
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"mail": {
"type": "string",
"const": "brian@example.org"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "https://federation-ocis-server:10200"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
}
}
}
"""
Scenario: user without admin permissions cannot get federated users
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
When user "Carol" tries to get federated users using the Graph API
Then the HTTP status code should be "403"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"type": "string",
"const": "accessDenied"
},
"message": {
"type": "string",
"const": "search term too short"
}
}
}
}
}
"""
@issue-9829
Scenario: admin gets federated and member users
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
When the administrator gets federated and member users using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"maxItems": 2,
"minItems": 2,
"uniqueItems": true,
"items": {
"oneOf": [
{
"type": "object",
"required": [
"accountEnabled",
"displayName",
"id",
"mail",
"onPremisesSamAccountName",
"surname",
"userType"
],
"properties": {
"accountEnabled": {
"const": true
},
"displayName": {
"const": "Carol King"
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"mail": {
"type": "string",
"const": "carol@example.org"
},
"onPremisesSamAccountName": {
"const": "Carol"
},
"surname": {
"const": "Carol"
},
"userType": {
"type": "string",
"const": "Member"
}
}
},
{
"type": "object",
"required": [
"displayName",
"id",
"mail",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Brian Murphy"
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"mail": {
"type": "string",
"const": "brian@example.org"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "https://federation-ocis-server:10200"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%identities_issuer_id_pattern%$"
}
}
}
}
}
}
]
}
}
}
}
"""
# TODO try to find federation users after deleting federated conection

8
tests/acceptance/features/bootstrap/FeatureContext.php
View File

@@ -2309,6 +2309,14 @@ class FeatureContext extends BehatVariablesContext {
"getUUIDv4Regex"
],
"parameter" => []
],
[
"code" => "%identities_issuer_id_pattern%",
"function" => [
__NAMESPACE__ . '\TestHelpers\GraphHelper',
"getUUIDv4Regex"
],
"parameter" => []
]
];
if ($user !== null) {

42
tests/acceptance/features/bootstrap/GraphContext.php
View File

@@ -2838,4 +2838,46 @@ class GraphContext implements Context {
);
$this->featureContext->setResponse($response);
}
/**
* @When the administrator gets federated users using the Graph API
* @When user :user tries to get federated users using the Graph API
*
* @param ?string $user
*
* @return void
*/
public function theUserGetsFederatedUsersUsingTheGraphApi(?string $user = null): void {
$credentials = $this->getAdminOrUserCredentials($user);
$response = GraphHelper::getFederatedUsers(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$credentials['username'],
$credentials['password']
);
$this->featureContext->setResponse($response);
}
/**
* @When the administrator gets federated and member users using the Graph API
* @When user :user tries to get federated and member users using the Graph API
*
* @param ?string $user
*
* @return void
*/
public function theUserGetsAllUsersUsingTheGraphApi(?string $user = null): void {
$credentials = $this->getAdminOrUserCredentials($user);
$response = GraphHelper::getAllUsers(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$credentials['username'],
$credentials['password']
);
$this->featureContext->setResponse($response);
}
}