mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-07 04:40:05 -06:00
Code Issues Packages Projects Releases Wiki Activity

[tests-only][full-ci] adding test for creating link space share via permission endpoint (#9250)

Browse Source 
* adding test for creating link space share via permission endpoint

* addressing the reviews
This commit is contained in:
Sabin Panta
2024-05-29 16:06:26 +05:45
committed by GitHub
parent 26c06a3c6d
commit 9a2cd49dca
3 changed files with 532 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md
View File

@@ -262,6 +262,12 @@ The expected failures in this file are from features in the owncloud/ocis repo.
- [apiSharingNgLinkShare/linkShare.feature:2101](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2101)
- [apiSharingNgLinkShare/linkShare.feature:2168](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2168)
- [apiSharingNgLinkShare/linkShare.feature:2239](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2239)
- [apiSharingNgLinkShare/linkShare.feature:2420](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2420)
- [apiSharingNgLinkShare/linkShare.feature:2679](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2679)
- [apiSharingNgLinkShare/linkShare.feature:2733](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2733)
- [apiSharingNgLinkShare/linkShare.feature:2734](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2734)
- [apiSharingNgLinkShare/linkShare.feature:2735](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2735)
- [apiSharingNgLinkShare/linkShare.feature:2803](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature#L2803)
- [apiSharingNg/removeAccessToDriveItem.feature:125](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNg/removeAccessToDriveItem.feature#L125)
- [apiSharingNg/removeAccessToDriveItem.feature:141](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNg/removeAccessToDriveItem.feature#L141)
- [apiSharingNg/removeAccessToDriveItem.feature:161](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSharingNg/removeAccessToDriveItem.feature#L161)

501
tests/acceptance/features/apiSharingNgLinkShare/linkShare.feature
View File

@@ -2300,3 +2300,504 @@ Feature: Create a share link for a resource
"""
And the public should be able to download file "textfile.txt" from the last link share with password "%public%" and the content should be "to share"
And the public download of file "textfile.txt" from the last link share with password "$heLlo*1234*" should fail with HTTP status code "401" using shareNg
@issue-7879
Scenario Outline: try to create a link share of a Personal and Shares drives using permissions endpoint
When user "Alice" tries to create the following space link share using permissions endpoint of the Graph API:
| space | <drive> |
| permissionsRole | <permissions-role> |
| password | %public% |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"innererror",
"message"
],
"properties": {
"code": {
"const": "invalidRequest"
},
"innererror": {
"type": "object",
"required": [
"date",
"request-id"
]
},
"message": {
"const": "<message>"
}
}
}
}
}
"""
Examples:
| permissions-role | drive | message |
| view | Shares | no share permission |
| edit | Shares | no share permission |
| upload | Shares | no share permission |
| createOnly | Shares | no share permission |
| blocksDownload | Shares | invalid link type |
| view | Personal | cannot create link on personal space root |
| edit | Personal | cannot create link on personal space root |
| upload | Personal | cannot create link on personal space root |
| createOnly | Personal | cannot create link on personal space root |
| blocksDownload | Personal | invalid link type |
@issue-7879
Scenario Outline: create a link share of a project-space drive using permissions endpoint
Given using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"hasPassword",
"id",
"link"
],
"properties": {
"hasPassword": {
"const": true
},
"id": {
"type": "string",
"pattern": "^[a-zA-Z]{15}$"
},
"link": {
"type": "object",
"required": [
"@libre.graph.displayName",
"@libre.graph.quickLink",
"preventsDownload",
"type",
"webUrl"
],
"properties": {
"@libre.graph.displayName": {
"const": ""
},
"@libre.graph.quickLink": {
"const": false
},
"preventsDownload": {
"const": false
},
"type": {
"const": "<permissions-role>"
},
"webUrl": {
"type": "string",
"pattern": "^%base_url%/s/[a-zA-Z]{15}$"
}
}
}
}
}
"""
Examples:
| permissions-role |
| view |
| edit |
| upload |
| createOnly |
| blocksDownload |
Scenario Outline: try to create an internal link share of a Personal and Shares drives using permissions endpoint
When user "Alice" tries to create the following space link share using permissions endpoint of the Graph API:
| space | <drive> |
| permissionsRole | internal |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"innererror",
"message"
],
"properties": {
"code": {
"const": "invalidRequest"
},
"innererror": {
"type": "object",
"required": [
"date",
"request-id"
]
},
"message": {
"const": "<message>"
}
}
}
}
}
"""
Examples:
| drive | message |
| Personal | cannot create link on personal space root |
| Shares | no share permission |
Scenario Outline: try to create an internal link share with password of a Personal and Shares drives using permissions endpoint
When user "Alice" tries to create the following space link share using permissions endpoint of the Graph API:
| space | <drive> |
| permissionsRole | internal |
| password | %public% |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"innererror",
"message"
],
"properties": {
"code": {
"const": "invalidRequest"
},
"innererror": {
"type": "object",
"required": [
"date",
"request-id"
]
},
"message": {
"const": "password is redundant for the internal link"
}
}
}
}
}
"""
Examples:
| drive |
| Personal |
| Shares |
Scenario: create an internal link share of a project-space using permissions endpoint
Given using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | internal |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"hasPassword",
"id",
"link"
],
"properties": {
"hasPassword": {
"const": false
},
"id": {
"pattern": "^[a-zA-Z]{15}$"
},
"link": {
"type": "object",
"required": [
"@libre.graph.displayName",
"@libre.graph.quickLink",
"preventsDownload",
"type",
"webUrl"
],
"properties": {
"@libre.graph.displayName": {
"const": ""
},
"@libre.graph.quickLink": {
"const": false
},
"preventsDownload": {
"const": false
},
"type": {
"const": "internal"
},
"webUrl": {
"type": "string",
"pattern": "^%base_url%/s/[a-zA-Z]{15}$"
}
}
}
}
}
"""
Scenario: try to create an internal link share of a project-space with password using permissions endpoint
Given using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | internal |
| password | %public% |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"innererror",
"message"
],
"properties": {
"code": {
"const": "invalidRequest"
},
"innererror": {
"type": "object",
"required": [
"date",
"request-id"
]
},
"message": {
"const": "password is redundant for the internal link"
}
}
}
}
}
"""
Scenario Outline: create a link share of a project-space with display name and expiry date using permissions endpoint
Given using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
| displayName | Homework |
| expirationDateTime | 2200-07-15T14:00:00.000Z |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"hasPassword",
"id",
"link",
"expirationDateTime"
],
"properties": {
"hasPassword": {
"const": true
},
"id": {
"type": "string",
"pattern": "^[a-zA-Z]{15}$"
},
"expirationDateTime": {
"const": "2200-07-15T23:59:59Z"
},
"link": {
"type": "object",
"required": [
"@libre.graph.displayName",
"@libre.graph.quickLink",
"preventsDownload",
"type",
"webUrl"
],
"properties": {
"@libre.graph.displayName": {
"const": "Homework"
},
"@libre.graph.quickLink": {
"const": false
},
"preventsDownload": {
"const": false
},
"type": {
"const": "<permissions-role>"
},
"webUrl": {
"type": "string",
"pattern": "^%base_url%/s/[a-zA-Z]{15}$"
}
}
}
}
}
"""
Examples:
| permissions-role |
| view |
| edit |
| upload |
| createOnly |
| blocksDownload |
Scenario Outline: try to create a link share of a project-space with a password that is listed in the Banned-Password-List using permissions endpoint
Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt"
And using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | <banned-password> |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"type": "string",
"pattern": "invalidRequest"
},
"message": {
"const": "unfortunately, your password is commonly used. please pick a harder-to-guess password for your safety"
}
}
}
}
}
"""
Examples:
| banned-password | permissions-role |
| 123 | view |
| password | view |
| ownCloud | view |
| 123 | edit |
| password | edit |
| ownCloud | edit |
| 123 | upload |
| password | upload |
| ownCloud | upload |
| 123 | createOnly |
| password | createOnly |
| ownCloud | createOnly |
| 123 | blocksDownload |
| password | blocksDownload |
| ownCloud | blocksDownload |
Scenario Outline: create a link share of a project-space without password using permissions endpoint
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false |
And using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"hasPassword",
"id",
"link"
],
"properties": {
"hasPassword": {
"const": false
},
"id": {
"type": "string",
"pattern": "^[a-zA-Z]{15}$"
},
"link": {
"type": "object",
"required": [
"@libre.graph.displayName",
"@libre.graph.quickLink",
"preventsDownload",
"type",
"webUrl"
],
"properties": {
"@libre.graph.displayName": {
"const": ""
},
"@libre.graph.quickLink": {
"const": false
},
"preventsDownload": {
"const": false
},
"type": {
"const": "<permissions-role>"
},
"webUrl": {
"type": "string",
"pattern": "^%base_url%/s/[a-zA-Z]{15}$"
}
}
}
}
}
"""
Examples:
| permissions-role |
| view |
| edit |
| upload |
| createOnly |
| blocksDownload |

28
tests/acceptance/features/bootstrap/SharingNgContext.php
View File

@@ -71,11 +71,20 @@ class SharingNgContext implements Context {
*/
public function createLinkShare(string $user, TableNode $body): ResponseInterface {
$bodyRows = $body->getRowsHash();
$space = $bodyRows['space'];
$resource = $bodyRows['resource'] ?? "";
$spaceId = ($this->spacesContext->getSpaceByName($user, $space))["id"];
$itemId = $this->spacesContext->getResourceId($user, $space, $resource);
if ($bodyRows['space'] === 'Personal' || $bodyRows['space'] === 'Shares') {
$space = $this->spacesContext->getSpaceByName($user, $bodyRows['space']);
} else {
$space = $this->spacesContext->getCreatedSpace($bodyRows['space']);
}
$spaceId = $space['id'];
if ($resource === '' && !\in_array($bodyRows['space'], ['Personal', 'Shares'])) {
$itemId = $space['fileId'];
} else {
$itemId = $this->spacesContext->getResourceId($user, $bodyRows['space'], $resource);
}
$bodyRows['displayName'] = $bodyRows['displayName'] ?? null;
$bodyRows['expirationDateTime'] = \array_key_exists('expirationDateTime', $bodyRows) ? \date('Y-m-d', \strtotime($bodyRows['expirationDateTime'])) . 'T14:00:00.000Z' : null;
@@ -553,6 +562,19 @@ class SharingNgContext implements Context {
$this->featureContext->setResponse($response);
}
/**
* @When /^user "([^"]*)" (?:tries to create|creates) the following space link share using permissions endpoint of the Graph API:$/
*
* @param string $user
* @param TableNode $body
*
* @return void
* @throws GuzzleException
*/
public function userCreatesTheFollowingSpaceLinkShareUsingPermissionsEndpointOfTheGraphApi(string $user, TableNode $body):void {
$this->featureContext->setResponse($this->createLinkShare($user, $body));
}
/**
* @Given /^user "([^"]*)" has created the following resource link share:$/
*