mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-06 04:09:40 -06:00
Code Issues Packages Projects Releases Wiki Activity

[full-ci][tests-only]Expand tests coverage related to user with different role (#5725)

Browse Source 
* Refactor tests related to different role

* Use setResponse from When step
This commit is contained in:
Amrita
2023-03-21 10:03:51 +05:45
committed by GitHub
parent 7ed88edc57
commit 71011fc4aa
7 changed files with 291 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tests/TestHelpers/GraphHelper.php
View File

@@ -285,6 +285,33 @@ class GraphHelper {
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userId
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function deleteUserByUserId(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userId
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'users/' . $userId);
return HttpRequestHelper::delete(
$url,
$xRequestId,
$adminUser,
$adminPassword,
);
}
/**
* @param string $baseUrl
* @param string $xRequestId

28
tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md
View File

@@ -24,7 +24,7 @@ The expected failures in this file are from features in the owncloud/ocis repo.
- [apiGraph/createGroupCaseSensitive.feature:22](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroupCaseSensitive.feature#L22)
- [apiGraph/createGroup.feature:26](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L26)
- [apiGraph/createUser.feature:29](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createUser.feature#L29)
- [apiGraph/createUser.feature:61](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createUser.feature#L61)
- [apiGraph/createUser.feature:62](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createUser.feature#L62)
### [PROPFIND on accepted shares with identical names containing brackets exit with 404](https://github.com/owncloud/ocis/issues/4421)
- [apiSpacesShares/changingFilesShare.feature:12](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/changingFilesShare.feature#L12)
@@ -92,8 +92,30 @@ The expected failures in this file are from features in the owncloud/ocis repo.
- [apiSpacesShares/publicLinkDownload.feature:30](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/publicLinkDownload.feature#L30)
#### [A User can get information of another user with Graph API](https://github.com/owncloud/ocis/issues/5125)
- [apiGraph/getUser.feature:23](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L23)
- [apiGraph/getUser.feature:102](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L102)
- [apiGraph/getUser.feature:31](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L31)
- [apiGraph/getUser.feature:32](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L32)
- [apiGraph/getUser.feature:33](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L33)
- [apiGraph/getUser.feature:34](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L34)
- [apiGraph/getUser.feature:35](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L35)
- [apiGraph/getUser.feature:36](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L36)
- [apiGraph/getUser.feature:37](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L37)
- [apiGraph/getUser.feature:38](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L38)
- [apiGraph/getUser.feature:39](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L39)
- [apiGraph/getUser.feature:40](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L40)
- [apiGraph/getUser.feature:41](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L41)
- [apiGraph/getUser.feature:42](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L42)
- [apiGraph/getUser.feature:143](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L143)
- [apiGraph/getUser.feature:144](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L144)
- [apiGraph/getUser.feature:145](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L145)
- [apiGraph/getUser.feature:146](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L146)
- [apiGraph/getUser.feature:147](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L147)
- [apiGraph/getUser.feature:148](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L148)
- [apiGraph/getUser.feature:149](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L149)
- [apiGraph/getUser.feature:150](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L150)
- [apiGraph/getUser.feature:151](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L151)
- [apiGraph/getUser.feature:152](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L152)
- [apiGraph/getUser.feature:153](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L153)
- [apiGraph/getUser.feature:154](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L154)
#### [Sharing to a group with an expiration date does not work #5442](https://github.com/owncloud/ocis/issues/5442)
- [apiSpacesShares/shareSubItemOfSpace.feature:105](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/shareSubItemOfSpace.feature#L105)

5
tests/acceptance/features/apiGraph/createUser.feature
View File

@@ -8,7 +8,7 @@ Feature: create user
Background:
Given user "Alice" has been created with default attributes and without skeleton files
@issue-3516
Scenario Outline: the admin creates a user
Given the administrator has given "Alice" the role "Admin" using the settings api
When the user "Alice" creates a new user using GraphAPI with the following settings:
@@ -56,8 +56,9 @@ Feature: create user
| role |
| Space Admin |
| User |
| Guest |
@issue-3516
Scenario: a user cannot be created with the name of the disabled user
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has given "Alice" the role "Admin" using the settings api

84
tests/acceptance/features/apiGraph/deleteUser.feature
View File

@@ -46,6 +46,7 @@ Feature: delete user
| Admin |
| Space Admin |
| User |
| Guest |
Scenario: the admin user tries to delete his/her own account
@@ -55,22 +56,56 @@ Feature: delete user
And user "Alice" should exist
Scenario: the admin user tries to delete a non-existent user
Given the administrator has given "Alice" the role "Admin" using the settings api
When the user "Alice" deletes a user "nonExistentUser" using the Graph API
Then the HTTP status code should be "404"
Scenario Outline: Non-admin user tries to delete another user with different role
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has given "Alice" the role "<role>" using the settings api
When the user "Alice" deletes a user "Brian" using the Graph API
Scenario Outline: Non-admin user tries to delete his/her own account
Given the administrator has given "Alice" the role "<role>" using the settings api
When the user "Alice" deletes a user "Alice" using the Graph API
Then the HTTP status code should be "401"
And user "Brian" should exist
And user "Alice" should exist
Examples:
| role |
| Space Admin |
| User |
| Guest |
Scenario: the admin user tries to delete a nonexistent user
Given the administrator has given "Alice" the role "Admin" using the settings api
When the user "Alice" tries to delete a nonexistent user using the Graph API
Then the HTTP status code should be "404"
Scenario Outline: Non-admin user tries to delete a nonexistent user
Given the administrator has given "Alice" the role "<role>" using the settings api
When the user "Alice" tries to delete a nonexistent user using the Graph API
Then the HTTP status code should be "401"
Examples:
| role |
| Space Admin |
| User |
| Guest |
Scenario Outline: Non-admin user tries to delete another user with different role
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has given "Brian" the role "<role>" using the settings api
And the administrator has given "Alice" the role "<userRole>" using the settings api
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "401"
And user "Brian" should exist
Examples:
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |
Scenario: the admin user deletes a disabled user
@@ -80,4 +115,29 @@ Feature: delete user
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "204"
And user "Brian" should not exist
Scenario Outline: normal user tries to delete a disabled user
Given the administrator has given "Alice" the role "Admin" using the settings api
And user "Brian" has been created with default attributes and without skeleton files
And user "Carol" has been created with default attributes and without skeleton files
And the administrator has given "Brian" the role "<role>" using the settings api
And the administrator has given "Carol" the role "<userRole>" using the settings api
And the user "Alice" has disabled user "Brian" using the Graph API
When the user "Carol" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "401"
And user "Brian" should exist
Examples:
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |

59
tests/acceptance/features/apiGraph/editUser.feature
View File

@@ -83,24 +83,36 @@ Feature: edit user
| role |
| Space Admin |
| User |
| Guest |
Scenario Outline: a normal user should not be able to edit another user's email
Given the administrator has given "Brian" the role "<role>" using the settings api
Given the administrator has given "Brian" the role "<userRole>" using the settings api
And the user "Alice" has created a new user using the Graph API with the following settings:
| userName | Carol |
| displayName | Carol King |
| email | carol@example.com |
| password | 1234 |
And the administrator has given "Carol" the role "<role>" using the settings api
When the user "Brian" tries to change the email of user "Carol" to "newemail@example.com" using the Graph API
Then the HTTP status code should be "401"
And the user "Carol" should have information with these key and value pairs:
| key | value |
| mail | carol@example.com |
Examples:
| role |
| Space Admin |
| User |
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |
Scenario Outline: the admin user can edit another user display name
@@ -128,24 +140,36 @@ Feature: edit user
| role |
| Space Admin |
| User |
| Guest |
Scenario Outline: a normal user should not be able to edit another user's display name
Given the administrator has given "Brian" the role "<role>" using the settings api
Given the administrator has given "Brian" the role "<userRole>" using the settings api
And the user "Alice" has created a new user using the Graph API with the following settings:
| userName | Carol |
| displayName | Carol King |
| email | carol@example.com |
| password | 1234 |
And the administrator has given "Carol" the role "<role>" using the settings api
When the user "Brian" tries to change the display name of user "Carol" to "Alice Hansen" using the Graph API
Then the HTTP status code should be "401"
And the user "Carol" should have information with these key and value pairs:
| key | value |
| displayName | Carol King |
Examples:
| role |
| Space Admin |
| User |
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |
Scenario: the admin user resets password of another user
@@ -156,21 +180,32 @@ Feature: edit user
Scenario Outline: a normal user should not be able to reset the password of another user
Given the administrator has given "Brian" the role "<role>" using the settings api
Given the administrator has given "Brian" the role "<userRole>" using the settings api
And the user "Alice" has created a new user using the Graph API with the following settings:
| userName | Carol |
| displayName | Carol King |
| email | carol@example.com |
| password | 1234 |
And the administrator has given "Carol" the role "<role>" using the settings api
And user "Carol" has uploaded file with content "test file for reset password" to "/resetpassword.txt"
When the user "Brian" resets the password of user "Carol" to "newpassword" using the Graph API
Then the HTTP status code should be "401"
And the content of file "resetpassword.txt" for user "Carol" using password "1234" should be "test file for reset password"
But user "Carol" using password "newpassword" should not be able to download file "resetpassword.txt"
Examples:
| role |
| Space Admin |
| User |
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |
Scenario: the admin user disables another user

103
tests/acceptance/features/apiGraph/getUser.feature
View File

@@ -9,24 +9,41 @@ Feature: get users
| username |
| Alice |
| Brian |
And the administrator has given "Alice" the role "Admin" using the settings api
Scenario: admin user gets the information of a user
Given the administrator has given "Alice" the role "Admin" using the settings api
When user "Alice" gets information of user "Brian" using Graph API
Then the HTTP status code should be "200"
And the user retrieve API response should contain the following information:
| displayName | id | mail | onPremisesSamAccountName | accountEnabled |
| Brian Murphy | %uuid_v4% | brian@example.org | Brian | true |
Scenario: non-admin user tries to get the information of a user
@issue-5125
Scenario Outline: non-admin user tries to get the information of a user
Given the administrator has given "Alice" the role "<role>" using the settings api
And the administrator has given "Brian" the role "<userRole>" using the settings api
When user "Brian" tries to get information of user "Alice" using Graph API
Then the HTTP status code should be "401"
And the last response should be an unauthorized response
Examples:
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |
Scenario: admin user gets all users
Given the administrator has given "Alice" the role "Admin" using the settings api
When user "Alice" gets all users using the Graph API
Then the HTTP status code should be "200"
And the API response should contain following users with the information:
@@ -36,7 +53,8 @@ Feature: get users
Scenario: admin user gets all users include disabled users
Given the user "Alice" has disabled user "Brian" using the Graph API
Given the administrator has given "Alice" the role "Admin" using the settings api
And the user "Alice" has disabled user "Brian" using the Graph API
When user "Alice" gets all users using the Graph API
Then the HTTP status code should be "200"
And the API response should contain following users with the information:
@@ -45,13 +63,20 @@ Feature: get users
| Brian Murphy | %uuid_v4% | brian@example.org | Brian | false |
Scenario: non-admin user tries to get all users
Scenario Outline: non-admin user tries to get all users
Given the administrator has given "Alice" the role "<userRole>" using the settings api
When user "Brian" tries to get all users using the Graph API
Then the HTTP status code should be "401"
And the last response should be an unauthorized response
Examples:
| userRole |
| Space Admin |
| User |
| Guest |
Scenario: admin user gets the drive information of a user
Given the administrator has given "Alice" the role "Admin" using the settings api
When the user "Alice" gets user "Brian" along with his drive information using Graph API
Then the HTTP status code should be "200"
And the user retrieve API response should contain the following information:
@@ -69,7 +94,8 @@ Feature: get users
| webUrl | %base_url%/f/%space_id% |
Scenario: normal user gets his/her own drive information
Scenario Outline: non-admin user gets his/her own drive information
Given the administrator has given "Brian" the role "<userRole>" using the settings api
When the user "Brian" gets his drive information using Graph API
Then the HTTP status code should be "200"
And the user retrieve API response should contain the following information:
@@ -85,10 +111,15 @@ Feature: get users
| root@@@id | %space_id% |
| root@@@webDavUrl | %base_url%/dav/spaces/%space_id% |
| webUrl | %base_url%/f/%space_id% |
Examples:
| userRole |
| Space Admin |
| User |
| Guest |
Scenario: admin user gets the group information of a user
Given group "tea-lover" has been created
Given the administrator has given "Alice" the role "Admin" using the settings api
And group "tea-lover" has been created
And group "coffee-lover" has been created
And user "Brian" has been added to group "tea-lover"
And user "Brian" has been added to group "coffee-lover"
@@ -98,18 +129,34 @@ Feature: get users
| displayName | id | mail | onPremisesSamAccountName | accountEnabled | memberOf |
| Brian Murphy | %uuid_v4% | brian@example.org | Brian | true | tea-lover, coffee-lover |
Scenario: non-admin user tries to get the group information of a user
Given user "Carol" has been created with default attributes and without skeleton files
@issue-5125
Scenario Outline: non-admin user tries to get the group information of a user
Given the administrator has given "Alice" the role "<userRole>" using the settings api
And the administrator has given "Brian" the role "<role>" using the settings api
And group "coffee-lover" has been created
And user "Brian" has been added to group "coffee-lover"
When the user "Carol" gets user "Brian" along with his group information using Graph API
When the user "Alice" gets user "Brian" along with his group information using Graph API
Then the HTTP status code should be "401"
And the last response should be an unauthorized response
Examples:
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |
Scenario: admin user gets all users of certain groups
Given user "Carol" has been created with default attributes and without skeleton files
Given the administrator has given "Alice" the role "Admin" using the settings api
And user "Carol" has been created with default attributes and without skeleton files
And the user "Alice" has disabled user "Carol" using the Graph API
And group "tea-lover" has been created
And group "coffee-lover" has been created
@@ -137,7 +184,8 @@ Feature: get users
@skipOnStable2.0
Scenario: admin user gets all users of certain groups
Given user "Carol" has been created with default attributes and without skeleton files
Given the administrator has given "Alice" the role "Admin" using the settings api
And user "Carol" has been created with default attributes and without skeleton files
And group "tea-lover" has been created
And group "coffee-lover" has been created
And group "wine-lover" has been created
@@ -156,7 +204,8 @@ Feature: get users
Scenario Outline: non admin user tries to get users of certain groups
Given the administrator has given "Brian" the role "<role>" using the settings api
Given the administrator has given "Alice" the role "Admin" using the settings api
And the administrator has given "Brian" the role "<role>" using the settings api
And group "tea-lover" has been created
And user "Alice" has been added to group "tea-lover"
When the user "Brian" gets all users of the group "tea-lover" using the Graph API
@@ -170,7 +219,8 @@ Feature: get users
Scenario: admin user gets all users with certain roles and members of a certain group
Given user "Carol" has been created with default attributes and without skeleton files
Given the administrator has given "Alice" the role "Admin" using the settings api
And user "Carol" has been created with default attributes and without skeleton files
And the administrator has given "Brian" the role "Space Admin" using the settings api
And the administrator has given "Carol" the role "Space Admin" using the settings api
And group "tea-lover" has been created
@@ -195,12 +245,21 @@ Feature: get users
Scenario Outline: non-admin user tries to get users with a certain role
Given the administrator has given "Brian" the role "<role>" using the settings api
When the user "Brian" gets all users with role "Admin" using the Graph API
Given the administrator has given "Alice" the role "<userRole>" using the settings api
When the user "Alice" gets all users with role "<role>" using the Graph API
Then the HTTP status code should be "401"
And the last response should be an unauthorized response
Examples:
| role |
| Space Admin |
| User |
| Guest |
| userRole | role |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | Guest |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | Guest |
| User | Admin |
| Guest | Space Admin |
| Guest | User |
| Guest | Guest |
| Guest | Admin |

37
tests/acceptance/features/bootstrap/GraphContext.php
View File

@@ -421,6 +421,26 @@ class GraphContext implements Context {
);
}
/**
* sends a request to delete a user with the help of userID using the Graph API
*
* @param string $userId
* @param string $byUser
*
* @return ResponseInterface
* @throws GuzzleException
*/
public function deleteUserByUserIdUsingTheGraphApi(string $userId, string $byUser): ResponseInterface {
$credentials = $this->getAdminOrUserCredentials($byUser);
return GraphHelper::deleteUserByUserId(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$credentials["username"],
$credentials["password"],
$userId
);
}
/**
* @When /^the user "([^"]*)" deletes a user "([^"]*)" using the Graph API$/
*
@@ -432,7 +452,22 @@ class GraphContext implements Context {
* @throws GuzzleException
*/
public function theUserDeletesAUserUsingTheGraphAPI(string $byUser, string $user): void {
$this->adminDeletesUserUsingTheGraphApi($user, $byUser);
$userId = $this->featureContext->getUserIdByUserName($user);
$this->featureContext->setResponse($this->deleteUserByUserIdUsingTheGraphApi($userId, $byUser));
}
/**
* @When /^the user "([^"]*)" tries to delete a nonexistent user using the Graph API$/
*
* @param string $byUser
*
* @return void
* @throws GuzzleException
* @throws Exception
*/
public function theUserTriesToDeleteNonExistingUser(string $byUser): void {
$userId = WebDavHelper::generateUUIDv4();
$this->featureContext->setResponse($this->deleteUserByUserIdUsingTheGraphApi($userId, $byUser));
}
/**