diff --git a/tests/acceptance/features/apiGraph/deleteUser.feature b/tests/acceptance/features/apiGraph/deleteUser.feature new file mode 100644 index 000000000..45a549f54 --- /dev/null +++ b/tests/acceptance/features/apiGraph/deleteUser.feature @@ -0,0 +1,73 @@ +@api @skipOnOcV10 +Feature: delete user + Only user with admin permission can delete user + + Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production + See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 + + Background: + Given user "Alice" has been created with default attributes and without skeleton files + + + Scenario Outline: the admin user deletes a user + Given the administrator has given "Alice" the role "Admin" using the settings api + And the user "Alice" has created a new user using the Graph API with the following settings: + | userName | | + | displayName | | + | email | | + | password | | + When the user "Alice" deletes a user "" using the Graph API + Then the HTTP status code should be "204" + And user "" should not exist + Examples: + | userName | displayName | email | password | + | SameDisplayName | Alice Hansen | new@example.org | containsCharacters(*:!;_+-&) | + | withoutPassSameEmail | without pass | alice@example.org | | + | name | pass with space | example@example.org | my pass | + + + Scenario: Delete a user and specify the user name in different case + Given user "brand-new-user" has been created with default attributes and without skeleton files + And the administrator has given "Alice" the role "Admin" using the settings api + When the user "Alice" deletes a user "Brand-New-User" using the Graph API + Then the HTTP status code should be "204" + And user "brand-new-user" should not exist + + + Scenario Outline: the admin user deletes another user with different role + Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Brian" the role "" using the settings api + When the user "Alice" deletes a user "Brian" using the Graph API + Then the HTTP status code should be "204" + And user "Brian" should not exist + Examples: + | role | + | Admin | + | Space Admin | + | User | + + + Scenario: the admin user tries to delete his/her own account + Given the administrator has given "Alice" the role "Admin" using the settings api + When the user "Alice" deletes a user "Alice" using the Graph API + Then the HTTP status code should be "403" + And user "Alice" should exist + + + Scenario: the admin user tries to delete a non-existent user + Given the administrator has given "Alice" the role "Admin" using the settings api + When the user "Alice" deletes a user "nonExistentUser" using the Graph API + Then the HTTP status code should be "404" + + + Scenario Outline: Non-admin user tries to delete another user with different role + Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Alice" the role "" using the settings api + When the user "Alice" deletes a user "Brian" using the Graph API + Then the HTTP status code should be "401" + And user "Brian" should exist + Examples: + | role | + | Space Admin | + | User | diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index 0ac34ba17..dc5bca827 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -217,17 +217,20 @@ class GraphContext implements Context { * sends a request to delete a user using the Graph API * * @param string $user username is used as the id + * @param string|null $byUser * * @return void * @throws GuzzleException */ - public function adminDeletesUserUsingTheGraphApi(string $user): void { + public function adminDeletesUserUsingTheGraphApi(string $user, ?string $byUser = null): void { + $credentials = $this->getAdminOrUserCredentials($byUser); + $this->featureContext->setResponse( GraphHelper::deleteUser( $this->featureContext->getBaseUrl(), $this->featureContext->getStepLineRef(), - $this->featureContext->getAdminUsername(), - $this->featureContext->getAdminPassword(), + $credentials["username"], + $credentials["password"], $user ) ); @@ -255,6 +258,20 @@ class GraphContext implements Context { ); } + /** + * @When /^the user "([^"]*)" deletes a user "([^"]*)" using the Graph API$/ + * + * @param string $byUser + * @param string $user + * + * @return void + * @throws Exception + * @throws GuzzleException + */ + public function theUserDeletesAUserUsingTheGraphAPI(string $byUser, string $user): void { + $this->adminDeletesUserUsingTheGraphApi($user, $byUser); + } + /** * @param string $user * @param string $group @@ -566,6 +583,28 @@ class GraphContext implements Context { $this->featureContext->setResponse($response); } + /** + * @Given /^the user "([^"]*)" has created a new user using the Graph API with the following settings:$/ + * + * @param string $user + * @param TableNode $table + * + * @return void + * @throws Exception|GuzzleException + */ + public function theUserHasCreatedANewUserUsingGraphapiWithTheFollowingSettings(string $user, TableNode $table): void { + $this->theUserCreatesNewUser( + $user, + $table + ); + $rows = $table->getRowsHash(); + $response = $this->featureContext->getResponse(); + + if ($response->getStatusCode() !== 200) { + $this->throwHttpException($response, "Could not create user '$rows[userName]'"); + } + } + /** * adds a user to a group *