From c807d48f9a774292bb50ffc22c616d8bb2c2acdc Mon Sep 17 00:00:00 2001 From: Viktor Scharf Date: Fri, 7 Jun 2024 15:54:17 +0200 Subject: [PATCH 1/2] fix tests where public try to download file --- tests/acceptance/expected-failures-API-on-OCIS-storage.md | 6 ------ tests/acceptance/features/bootstrap/PublicWebDavContext.php | 6 +----- .../coreApiSharePublicLink1/createPublicLinkShare.feature | 4 +--- 3 files changed, 2 insertions(+), 14 deletions(-) diff --git a/tests/acceptance/expected-failures-API-on-OCIS-storage.md b/tests/acceptance/expected-failures-API-on-OCIS-storage.md index 8afcca578..72908439c 100644 --- a/tests/acceptance/expected-failures-API-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-API-on-OCIS-storage.md @@ -88,10 +88,6 @@ cannot share a folder with create permission - [coreApiShareManagementBasicToShares/deleteShareFromShares.feature:155](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiShareManagementBasicToShares/deleteShareFromShares.feature#L155) - [coreApiShareManagementBasicToShares/deleteShareFromShares.feature:172](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiShareManagementBasicToShares/deleteShareFromShares.feature#L172) -#### [Public link enforce permissions](https://github.com/owncloud/ocis/issues/1269) - -- [coreApiSharePublicLink1/createPublicLinkShare.feature:290](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature#L290) - #### [copying a folder within a public link folder to folder with same name as an already existing file overwrites the parent file](https://github.com/owncloud/ocis/issues/1232) - [coreApiSharePublicLink2/copyFromPublicLink.feature:75](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiSharePublicLink2/copyFromPublicLink.feature#L75) @@ -160,8 +156,6 @@ API, search, favorites, config, capabilities, not existing endpoints, CORS and o - [coreApiAuth/ocsGETAuth.feature:123](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/ocsGETAuth.feature#L123) - [coreApiAuth/ocsPOSTAuth.feature:10](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/ocsPOSTAuth.feature#L10) - [coreApiAuth/ocsPUTAuth.feature:7](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiAuth/ocsPUTAuth.feature#L7) -- [coreApiSharePublicLink1/createPublicLinkShare.feature:277](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature#L277) - #### [sending MKCOL requests to another or non-existing user's webDav endpoints as normal user should return 404](https://github.com/owncloud/ocis/issues/5049) _ocdav: api compatibility, return correct status code_ diff --git a/tests/acceptance/features/bootstrap/PublicWebDavContext.php b/tests/acceptance/features/bootstrap/PublicWebDavContext.php index cd8f7f277..d004811e1 100644 --- a/tests/acceptance/features/bootstrap/PublicWebDavContext.php +++ b/tests/acceptance/features/bootstrap/PublicWebDavContext.php @@ -1207,11 +1207,7 @@ class PublicWebDavContext implements Context { $responseContent = $response->getBody()->getContents(); \libxml_use_internal_errors(true); - Assert::assertNotFalse( - \simplexml_load_string($responseContent), - "response body is not valid XML, maybe download did work\n" . - "response body: \n$responseContent\n" - ); + Assert::assertEmpty($responseContent, "response body is not empty, maybe download did work"); $this->featureContext->theHTTPStatusCodeShouldBe($expectedHttpCode, "", $response); } diff --git a/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature b/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature index 77250d5c4..9078d42f6 100644 --- a/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature +++ b/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature @@ -296,9 +296,7 @@ Feature: create a public link share | space | Personal | | permissionsRole | createOnly | | password | %public% | - When the public downloads file "parent.txt" from inside the last public link shared folder using the new public WebDAV API - Then the value of the item "//s:message" in the response should be "File not found: parent.txt" - And the HTTP status code should be "404" + Then the public download of file "/parent.txt" from inside the last public link shared folder using the new public WebDAV API with password "%public%" should fail with HTTP status code "403" @env-config @skipOnReva Scenario: get the size of a file shared by public link From 15474156b0fd03715757148076f42a12a0bdd1f7 Mon Sep 17 00:00:00 2001 From: Viktor Scharf Date: Mon, 10 Jun 2024 12:43:16 +0200 Subject: [PATCH 2/2] fix test --- .../bootstrap/PublicWebDavContext.php | 64 ++----------------- .../createPublicLinkShare.feature | 6 +- 2 files changed, 10 insertions(+), 60 deletions(-) diff --git a/tests/acceptance/features/bootstrap/PublicWebDavContext.php b/tests/acceptance/features/bootstrap/PublicWebDavContext.php index d004811e1..3d8c3e326 100644 --- a/tests/acceptance/features/bootstrap/PublicWebDavContext.php +++ b/tests/acceptance/features/bootstrap/PublicWebDavContext.php @@ -64,30 +64,6 @@ class PublicWebDavContext implements Context { ); } - /** - * @When /^the public downloads the last public link shared file with range "([^"]*)" and password "([^"]*)" using the (old|new) public WebDAV API$/ - * - * @param string $range ignore if empty - * @param string $password - * @param string $publicWebDAVAPIVersion - * - * @return void - */ - public function downloadPublicFileWithRangeAndPassword(string $range, string $password, string $publicWebDAVAPIVersion):void { - if ($publicWebDAVAPIVersion === "new") { - $path = (string) $this->featureContext->getLastCreatedPublicShare()->file_target; - } else { - $path = ""; - } - $response = $this->downloadFileFromPublicFolder( - $path, - $password, - $range, - $publicWebDAVAPIVersion - ); - $this->featureContext->setResponse($response); - } - /** * @When /^the public downloads the last public link shared file using the (old|new) public WebDAV API$/ * @When /^the public tries to download the last public link shared file using the (old|new) public WebDAV API$/ @@ -292,6 +268,7 @@ class PublicWebDavContext implements Context { /** * @When /^the public downloads file "([^"]*)" from inside the last public link shared folder with password "([^"]*)" using the (old|new) public WebDAV API$/ + * @When /^the public tries to download file "([^"]*)" from inside the last public link shared folder with password "([^"]*)" using the (old|new) public WebDAV API$/ * * @param string $path * @param string $password @@ -1207,39 +1184,12 @@ class PublicWebDavContext implements Context { $responseContent = $response->getBody()->getContents(); \libxml_use_internal_errors(true); - Assert::assertEmpty($responseContent, "response body is not empty, maybe download did work"); - $this->featureContext->theHTTPStatusCodeShouldBe($expectedHttpCode, "", $response); - } - - /** - * @Then /^the public should be able to download the range "([^"]*)" of file "([^"]*)" from inside the last public link shared folder using the (old|new) public WebDAV API and the content should be "([^"]*)"$/ - * - * @param string $range - * @param string $path - * @param string $publicWebDAVAPIVersion - * @param string $content - * - * @return void - * @throws Exception - */ - public function shouldBeAbleToDownloadRangeOfFileInsidePublicSharedFolder( - string $range, - string $path, - string $publicWebDAVAPIVersion, - string $content - ):void { - if ($publicWebDAVAPIVersion === "old") { - return; - } - - $response = $this->downloadFileFromPublicFolder( - $path, - '', - $range, - $publicWebDAVAPIVersion + Assert::assertNotFalse( + \simplexml_load_string($responseContent), + "response body is not valid XML, maybe download did work\n" . + "response body: \n$responseContent\n" ); - $this->featureContext->checkDownloadedContentMatches($content, "", $response); - $this->featureContext->theHTTPStatusCodeShouldBe(200, "", $response); + $this->featureContext->theHTTPStatusCodeShouldBe($expectedHttpCode, "", $response); } /** @@ -1275,7 +1225,6 @@ class PublicWebDavContext implements Context { } /** - * @Then /^uploading a file should not work using the (old|new) public WebDAV API$/ * @Then /^the public upload to the last publicly shared folder using the (old|new) public WebDAV API should fail with HTTP status code "([^"]*)"$/ * * @param string $publicWebDAVAPIVersion @@ -1308,7 +1257,6 @@ class PublicWebDavContext implements Context { } /** - * @Then /^uploading a file should not work using the (old|new) public WebDAV API with password "([^"]*)"$/ * @Then /^the public upload to the last publicly shared folder using the (old|new) public WebDAV API with password "([^"]*)" should fail with HTTP status code "([^"]*)"$/ * * @param string $publicWebDAVAPIVersion diff --git a/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature b/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature index 9078d42f6..83fec81a7 100644 --- a/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature +++ b/tests/acceptance/features/coreApiSharePublicLink1/createPublicLinkShare.feature @@ -284,7 +284,8 @@ Feature: create a public link share | permissionsRole | view | | password | %public% | When user "Alice" deletes folder "/PARENT" using the WebDAV API - Then the public download of file "/parent.txt" from inside the last public link shared folder using the new public WebDAV API with password "%public%" should fail with HTTP status code "404" + And the public tries to download file "/parent.txt" from inside the last public link shared folder with password "%public%" using the new public WebDAV API + Then the HTTP status code should be "404" @issue-1269 @issue-1293 @skipOnReva Scenario: try to download from a public share that has upload only permissions using the public webdav api @@ -296,7 +297,8 @@ Feature: create a public link share | space | Personal | | permissionsRole | createOnly | | password | %public% | - Then the public download of file "/parent.txt" from inside the last public link shared folder using the new public WebDAV API with password "%public%" should fail with HTTP status code "403" + When the public tries to download file "/parent.txt" from inside the last public link shared folder with password "%public%" using the new public WebDAV API + Then the HTTP status code should be "403" @env-config @skipOnReva Scenario: get the size of a file shared by public link