From d69a916c126d417390dd9bd10a8bbc50668d3db5 Mon Sep 17 00:00:00 2001 From: Prarup Gurung Date: Thu, 11 Jan 2024 11:31:55 +0545 Subject: [PATCH] Added test for sending share invitation to disabled user (#8174) --- .../features/apiGraph/addUserToGroup.feature | 2 +- .../features/apiGraph/createUser.feature | 2 +- .../features/apiGraph/deleteUser.feature | 4 +- .../features/apiGraph/editUser.feature | 6 +- .../features/apiGraph/getUser.feature | 4 +- .../apiGraph/removeUserFromGroup.feature | 2 +- .../apiSharingNg/shareInvitations.feature | 195 +++++++++++++----- .../features/bootstrap/GraphContext.php | 4 +- 8 files changed, 153 insertions(+), 66 deletions(-) diff --git a/tests/acceptance/features/apiGraph/addUserToGroup.feature b/tests/acceptance/features/apiGraph/addUserToGroup.feature index f43df4b74f..79eb55fe5e 100644 --- a/tests/acceptance/features/apiGraph/addUserToGroup.feature +++ b/tests/acceptance/features/apiGraph/addUserToGroup.feature @@ -272,7 +272,7 @@ Feature: add users to group Given these groups have been created: | groupname | comment | | sales | normal group | - And the user "Admin" has disabled user "Alice" using the Graph API + And the user "Admin" has disabled user "Alice" When the administrator adds the following users to the following groups using the Graph API | username | groupname | | Alice | sales | diff --git a/tests/acceptance/features/apiGraph/createUser.feature b/tests/acceptance/features/apiGraph/createUser.feature index b567492673..c95f6aff3a 100644 --- a/tests/acceptance/features/apiGraph/createUser.feature +++ b/tests/acceptance/features/apiGraph/createUser.feature @@ -68,7 +68,7 @@ Feature: create user Scenario: user cannot be created with the name of the disabled user Given user "Brian" has been created with default attributes and without skeleton files And the administrator has assigned the role "Admin" to user "Alice" using the Graph API - And the user "Alice" has disabled user "Brian" using the Graph API + And the user "Alice" has disabled user "Brian" When the user "Alice" creates a new user with the following attributes using the Graph API: | userName | Brian | | displayName | This is another Brian | diff --git a/tests/acceptance/features/apiGraph/deleteUser.feature b/tests/acceptance/features/apiGraph/deleteUser.feature index fd31adc6a4..09fb15e9ce 100644 --- a/tests/acceptance/features/apiGraph/deleteUser.feature +++ b/tests/acceptance/features/apiGraph/deleteUser.feature @@ -112,7 +112,7 @@ Feature: delete user Scenario: admin user deletes a disabled user Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API And user "Brian" has been created with default attributes and without skeleton files - And the user "Alice" has disabled user "Brian" using the Graph API + And the user "Alice" has disabled user "Brian" When the user "Alice" deletes a user "Brian" using the Graph API Then the HTTP status code should be "204" And user "Brian" should not exist @@ -124,7 +124,7 @@ Feature: delete user And user "Carol" has been created with default attributes and without skeleton files And the administrator has assigned the role "" to user "Brian" using the Graph API And the administrator has assigned the role "" to user "Carol" using the Graph API - And the user "Alice" has disabled user "Brian" using the Graph API + And the user "Alice" has disabled user "Brian" When the user "Carol" deletes a user "Brian" using the Graph API Then the HTTP status code should be "401" And user "Brian" should exist diff --git a/tests/acceptance/features/apiGraph/editUser.feature b/tests/acceptance/features/apiGraph/editUser.feature index 1446fb8981..32eae98ce3 100644 --- a/tests/acceptance/features/apiGraph/editUser.feature +++ b/tests/acceptance/features/apiGraph/editUser.feature @@ -76,7 +76,7 @@ Feature: edit user | displayName | sam | | email | sam@example.com | | password | 1234 | - And the user "Alice" has disabled user "Brian" using the Graph API + And the user "Alice" has disabled user "Brian" When the user "Alice" changes the user name of user "sam" to "Brian" using the Graph API Then the HTTP status code should be "409" And the user information of "sam" should match this JSON schema @@ -410,7 +410,7 @@ Feature: edit user Scenario: admin user enables disabled user - Given the user "Alice" has disabled user "Brian" using the Graph API + Given the user "Alice" has disabled user "Brian" When the user "Alice" enables user "Brian" using the Graph API Then the HTTP status code should be "200" When user "Alice" gets information of user "Brian" using Graph API @@ -454,7 +454,7 @@ Feature: edit user Scenario Outline: normal user should not be able to enable another user Given user "Carol" has been created with default attributes and without skeleton files - And the user "Alice" has disabled user "Carol" using the Graph API + And the user "Alice" has disabled user "Carol" And the administrator has assigned the role "" to user "Brian" using the Graph API When the user "Brian" tries to enable user "Carol" using the Graph API Then the HTTP status code should be "401" diff --git a/tests/acceptance/features/apiGraph/getUser.feature b/tests/acceptance/features/apiGraph/getUser.feature index 84dcd088f4..b8996f605f 100644 --- a/tests/acceptance/features/apiGraph/getUser.feature +++ b/tests/acceptance/features/apiGraph/getUser.feature @@ -176,7 +176,7 @@ Feature: get users Scenario: admin user gets all users include disabled users Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API - And the user "Alice" has disabled user "Brian" using the Graph API + And the user "Alice" has disabled user "Brian" When user "Alice" gets all users using the Graph API Then the HTTP status code should be "200" And the JSON data of the response should contain the user "Alice Hansen" in the item 'value', the user-details should match @@ -656,7 +656,7 @@ Feature: get users Scenario: admin user gets all users of certain groups Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API And user "Carol" has been created with default attributes and without skeleton files - And the user "Alice" has disabled user "Carol" using the Graph API + And the user "Alice" has disabled user "Carol" And group "tea-lover" has been created And group "coffee-lover" has been created And user "Alice" has been added to group "tea-lover" diff --git a/tests/acceptance/features/apiGraph/removeUserFromGroup.feature b/tests/acceptance/features/apiGraph/removeUserFromGroup.feature index 4ed276104d..b79479c370 100644 --- a/tests/acceptance/features/apiGraph/removeUserFromGroup.feature +++ b/tests/acceptance/features/apiGraph/removeUserFromGroup.feature @@ -200,7 +200,7 @@ Feature: remove a user from a group And the following users have been added to the following groups | username | groupname | | Alice | brand-new-group | - And the user "Admin" has disabled user "Alice" using the Graph API + And the user "Admin" has disabled user "Alice" When the administrator removes the following users from the following groups using the Graph API | username | groupname | | Alice | brand-new-group | diff --git a/tests/acceptance/features/apiSharingNg/shareInvitations.feature b/tests/acceptance/features/apiSharingNg/shareInvitations.feature index 1350a752fb..68a62709df 100644 --- a/tests/acceptance/features/apiSharingNg/shareInvitations.feature +++ b/tests/acceptance/features/apiSharingNg/shareInvitations.feature @@ -16,12 +16,12 @@ Feature: Send a sharing invitations Given user "Alice" has uploaded file with content "to share" to "/textfile1.txt" And user "Alice" has created folder "FolderToShare" When user "Alice" sends the following share invitation using the Graph API: - | resourceType | | - | resource | | - | space | Personal | - | sharee | Brian | - | shareType | user | - | permissionsRole | | + | resourceType | | + | resource | | + | space | Personal | + | sharee | Brian | + | shareType | user | + | permissionsRole | | Then the HTTP status code should be "200" And the JSON data of the response should match """ @@ -86,16 +86,16 @@ Feature: Send a sharing invitations } """ Examples: - | permissionsRole | resource-type | path | - | Viewer | file | /textfile1.txt | - | File Editor | file | /textfile1.txt | - | Co Owner | file | /textfile1.txt | - | Manager | file | /textfile1.txt | - | Viewer | folder | FolderToShare | - | Editor | folder | FolderToShare | - | Co Owner | folder | FolderToShare | - | Uploader | folder | FolderToShare | - | Manager | folder | FolderToShare | + | permissions-role | resource-type | path | + | Viewer | file | /textfile1.txt | + | File Editor | file | /textfile1.txt | + | Co Owner | file | /textfile1.txt | + | Manager | file | /textfile1.txt | + | Viewer | folder | FolderToShare | + | Editor | folder | FolderToShare | + | Co Owner | folder | FolderToShare | + | Uploader | folder | FolderToShare | + | Manager | folder | FolderToShare | Scenario Outline: send share invitation to group with different roles @@ -108,12 +108,12 @@ Feature: Send a sharing invitations And user "Alice" has uploaded file with content "to share" to "/textfile1.txt" And user "Alice" has created folder "FolderToShare" When user "Alice" sends the following share invitation using the Graph API: - | resourceType | | - | resource | | - | space | Personal | - | sharee | grp1 | - | shareType | group | - | permissionsRole | | + | resourceType | | + | resource | | + | space | Personal | + | sharee | grp1 | + | shareType | group | + | permissionsRole | | Then the HTTP status code should be "200" And the JSON data of the response should match """ @@ -178,16 +178,16 @@ Feature: Send a sharing invitations } """ Examples: - | permissionsRole | resource-type | path | - | Viewer | file | /textfile1.txt | - | File Editor | file | /textfile1.txt | - | Co Owner | file | /textfile1.txt | - | Manager | file | /textfile1.txt | - | Viewer | folder | FolderToShare | - | Editor | folder | FolderToShare | - | Co Owner | folder | FolderToShare | - | Uploader | folder | FolderToShare | - | Manager | folder | FolderToShare | + | permissions-role | resource-type | path | + | Viewer | file | /textfile1.txt | + | File Editor | file | /textfile1.txt | + | Co Owner | file | /textfile1.txt | + | Manager | file | /textfile1.txt | + | Viewer | folder | FolderToShare | + | Editor | folder | FolderToShare | + | Co Owner | folder | FolderToShare | + | Uploader | folder | FolderToShare | + | Manager | folder | FolderToShare | Scenario Outline: send share invitation for a file to user with different permissions @@ -591,7 +591,7 @@ Feature: Send a sharing invitations | space | Personal | | sharee | Brian | | shareType | user | - | permissionsRole | | + | permissionsRole | | | expireDate | 2043-07-15T14:00:00.000Z | Then the HTTP status code should be "200" And the JSON data of the response should match @@ -664,16 +664,16 @@ Feature: Send a sharing invitations } """ Examples: - | permissionsRole | resource-type | path | - | Viewer | file | /textfile1.txt | - | File Editor | file | /textfile1.txt | - | Co Owner | file | /textfile1.txt | - | Manager | file | /textfile1.txt | - | Viewer | folder | FolderToShare | - | Editor | folder | FolderToShare | - | Co Owner | folder | FolderToShare | - | Uploader | folder | FolderToShare | - | Manager | folder | FolderToShare | + | permissions-role | resource-type | path | + | Viewer | file | /textfile1.txt | + | File Editor | file | /textfile1.txt | + | Co Owner | file | /textfile1.txt | + | Manager | file | /textfile1.txt | + | Viewer | folder | FolderToShare | + | Editor | folder | FolderToShare | + | Co Owner | folder | FolderToShare | + | Uploader | folder | FolderToShare | + | Manager | folder | FolderToShare | Scenario Outline: send share invitation with expiration date to group with different roles @@ -691,7 +691,7 @@ Feature: Send a sharing invitations | space | Personal | | sharee | grp1 | | shareType | group | - | permissionsRole | | + | permissionsRole | | | expireDate | 2043-07-15T14:00:00.000Z | Then the HTTP status code should be "200" And the JSON data of the response should match @@ -764,16 +764,103 @@ Feature: Send a sharing invitations } """ Examples: - | permissionsRole | resource-type | path | - | Viewer | file | /textfile1.txt | - | File Editor | file | /textfile1.txt | - | Co Owner | file | /textfile1.txt | - | Manager | file | /textfile1.txt | - | Viewer | folder | FolderToShare | - | Editor | folder | FolderToShare | - | Co Owner | folder | FolderToShare | - | Uploader | folder | FolderToShare | - | Manager | folder | FolderToShare | + | permissions-role | resource-type | path | + | Viewer | file | /textfile1.txt | + | File Editor | file | /textfile1.txt | + | Co Owner | file | /textfile1.txt | + | Manager | file | /textfile1.txt | + | Viewer | folder | FolderToShare | + | Editor | folder | FolderToShare | + | Co Owner | folder | FolderToShare | + | Uploader | folder | FolderToShare | + | Manager | folder | FolderToShare | + + @issue-7962 + Scenario Outline: send share invitation to disabled user + Given user "Alice" has uploaded file with content "to share" to "/textfile1.txt" + And user "Alice" has created folder "FolderToShare" + And the user "Admin" has disabled user "Brian" + When user "Alice" sends the following share invitation using the Graph API: + | resourceType | | + | resource | | + | space | Personal | + | sharee | Brian | + | shareType | user | + | permissionsRole | | + Then the HTTP status code should be "200" + And the JSON data of the response should match + """ + { + "type": "object", + "required": [ + "value" + ], + "properties": { + "value": { + "type": "array", + "items": { + "type": "object", + "required": [ + "id", + "roles", + "grantedToV2" + ], + "properties": { + "id": { + "type": "string", + "pattern": "^%permissions_id_pattern%$" + }, + "roles": { + "type": "array", + "items": { + "type": "string", + "pattern": "^%role_id_pattern%$" + } + }, + "grantedToV2": { + "type": "object", + "required": [ + "user" + ], + "properties": { + "user": { + "type": "object", + "required": [ + "id", + "displayName" + ], + "properties": { + "id": { + "type": "string", + "pattern": "^%user_id_pattern%$" + }, + "displayName": { + "type": "string", + "enum": [ + "Brian Murphy" + ] + } + } + } + } + } + } + } + } + } + } + """ + Examples: + | permissions-role | resource-type | path | + | Viewer | file | /textfile1.txt | + | File Editor | file | /textfile1.txt | + | Co Owner | file | /textfile1.txt | + | Manager | file | /textfile1.txt | + | Viewer | folder | FolderToShare | + | Editor | folder | FolderToShare | + | Co Owner | folder | FolderToShare | + | Uploader | folder | FolderToShare | + | Manager | folder | FolderToShare | Scenario Outline: send sharing invitation to a deleted group with different roles diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index f91effcf36..87af6bc26f 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -163,7 +163,7 @@ class GraphContext implements Context { } /** - * @Given /^the user "([^"]*)" has disabled user "([^"]*)" using the Graph API$/ + * @Given /^the user "([^"]*)" has disabled user "([^"]*)"$/ * * @param string $byUser * @param string $user @@ -172,7 +172,7 @@ class GraphContext implements Context { * @throws GuzzleException * @throws Exception */ - public function theUserHasDisabledUserToUsingTheGraphApi(string $byUser, string $user): void { + public function theUserHasDisabledUser(string $byUser, string $user): void { $this->theUserDisablesUserToUsingTheGraphApi($byUser, $user); $this->featureContext->thenTheHTTPStatusCodeShouldBe(200); }