diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md index d116f639c..ac245be4e 100644 --- a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md @@ -33,9 +33,9 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiAccountsHashDifficulty/assignRole.feature:27](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature#L27) - [apiAccountsHashDifficulty/assignRole.feature:28](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature#L28) -- [apiGraph/assignRole.feature:30](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/assignRole.feature#L30) -- [apiGraph/assignRole.feature:31](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/assignRole.feature#L31) -- [apiGraph/assignRole.feature:32](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/assignRole.feature#L32) +- [apiGraph/getAssignedRole.feature:31](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getAssignedRole.feature#L31) +- [apiGraph/getAssignedRole.feature:32](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getAssignedRole.feature#L32) +- [apiGraph/getAssignedRole.feature:33](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getAssignedRole.feature#L33) #### [A User can get information of another user with Graph API](https://github.com/owncloud/ocis/issues/5125) @@ -63,31 +63,34 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiGraphUserGroup/getUser.feature:646](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getUser.feature#L646) - [apiGraphUserGroup/getUser.feature:647](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getUser.feature#L647) - [apiGraphUserGroup/getUser.feature:648](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getUser.feature#L648) +- [apiGraphUserGroup/getUser.feature:663](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getUser.feature#L663) +- [apiGraphUserGroup/getUser.feature:664](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getUser.feature#L664) +- [apiGraphUserGroup/getUser.feature:665](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getUser.feature#L665) #### [Normal user can get expanded members information of a group](https://github.com/owncloud/ocis/issues/5604) - [apiGraphUserGroup/getGroup.feature:399](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L399) - [apiGraphUserGroup/getGroup.feature:400](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L400) - [apiGraphUserGroup/getGroup.feature:401](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L401) +- [apiGraphUserGroup/getGroup.feature:460](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L460) +- [apiGraphUserGroup/getGroup.feature:461](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L461) +- [apiGraphUserGroup/getGroup.feature:462](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L462) +- [apiGraphUserGroup/getGroup.feature:508](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L508) +- [apiGraphUserGroup/getGroup.feature:509](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L509) +- [apiGraphUserGroup/getGroup.feature:510](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/getGroup.feature#L510) #### [Same users can be added in a group multiple time](https://github.com/owncloud/ocis/issues/5702) -- [apiGraphUserGroup/addUserToGroup.feature:289](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L289) - -#### [API requests for a non-existent resources should return 404](https://github.com/owncloud/ocis/issues/5939) - -- [apiGraphUserGroup/addUserToGroup.feature:205](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L205) -- [apiGraphUserGroup/addUserToGroup.feature:206](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L206) -- [apiGraphUserGroup/addUserToGroup.feature:207](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L207) +- [apiGraphUserGroup/addUserToGroup.feature:295](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L295) ### [Users are added in a group with wrong host in host-part of user](https://github.com/owncloud/ocis/issues/5871) -- [apiGraphUserGroup/addUserToGroup.feature:373](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L373) -- [apiGraphUserGroup/addUserToGroup.feature:387](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L387) +- [apiGraphUserGroup/addUserToGroup.feature:379](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L379) +- [apiGraphUserGroup/addUserToGroup.feature:393](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L393) ### [Adding the same user as multiple members in a single request results in listing the same user twice in the group](https://github.com/owncloud/ocis/issues/5855) -- [apiGraphUserGroup/addUserToGroup.feature:424](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L424) +- [apiGraphUserGroup/addUserToGroup.feature:430](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature#L430) ### [Shared file locking is not possible using different path](https://github.com/owncloud/ocis/issues/7599) diff --git a/tests/acceptance/features/apiGraph/changeRole.feature b/tests/acceptance/features/apiGraph/changeRole.feature index 6ce2738c7..61b4dc0f4 100644 --- a/tests/acceptance/features/apiGraph/changeRole.feature +++ b/tests/acceptance/features/apiGraph/changeRole.feature @@ -58,3 +58,15 @@ Feature: change role | Space Admin | | User | | User Light | + + + Scenario Outline: non-admin user tries to change the role of nonexistent user + Given the administrator has assigned the role "" to user "Alice" using the Graph API + And user "Brian" has been created with default attributes and without skeleton files + When user "Alice" tries to change the role of user "nonexistent" to role "Admin" using the Graph API + Then the HTTP status code should be "403" + Examples: + | user-role | + | Space Admin | + | User | + | User Light | diff --git a/tests/acceptance/features/apiGraph/assignRole.feature b/tests/acceptance/features/apiGraph/getAssignedRole.feature similarity index 57% rename from tests/acceptance/features/apiGraph/assignRole.feature rename to tests/acceptance/features/apiGraph/getAssignedRole.feature index 484300e58..a75e6ca81 100644 --- a/tests/acceptance/features/apiGraph/assignRole.feature +++ b/tests/acceptance/features/apiGraph/getAssignedRole.feature @@ -3,10 +3,12 @@ Feature: assign role I want to assign roles to users. So that users without an admin role cannot get the list of roles, assignments list and assign roles to users - - Scenario Outline: assign role to the user using graph api + Background: Given user "Alice" has been created with default attributes and without skeleton files - And the administrator has assigned the role "" to user "Alice" using the Graph API + + + Scenario Outline: get assigned role of a user + Given the administrator has assigned the role "" to user "Alice" using the Graph API When the administrator retrieves the assigned role of user "Alice" using the Graph API Then the HTTP status code should be "200" And the Graph API response should have the role "" @@ -18,9 +20,8 @@ Feature: assign role | User Light | @issue-5032 - Scenario Outline: assign role to the user with graph api and list role with setting api - Given user "Alice" has been created with default attributes and without skeleton files - And the administrator has assigned the role "" to user "Alice" using the Graph API + Scenario Outline: get assigned role of a user via setting api + Given the administrator has assigned the role "" to user "Alice" using the Graph API When user "Alice" tries to get list of assignment Then the HTTP status code should be "" And the setting API response should have the role "" @@ -32,9 +33,8 @@ Feature: assign role | User Light | 401 | - Scenario Outline: assign role to the user with setting api and list role with graph api - Given user "Alice" has been created with default attributes and without skeleton files - And the administrator has given "Alice" the role "" using the settings api + Scenario Outline: get role of a user assigned via setting api + Given the administrator has given "Alice" the role "" using the settings api When the administrator retrieves the assigned role of user "Alice" using the Graph API Then the HTTP status code should be "200" And the Graph API response should have the role "" @@ -44,3 +44,15 @@ Feature: assign role | Space Admin | | User | | User Light | + + + Scenario: non-admin user tries to get assigned role of another user + Given user "Brian" has been created with default attributes and without skeleton files + When user "Alice" tries to get the assigned role of user "Brian" using the Graph API + Then the HTTP status code should be "403" + + + Scenario: non-admin user tries to get assigned role of nonexistent user + Given user "Brian" has been created with default attributes and without skeleton files + When user "Alice" tries to get the assigned role of user "nonexistent" using the Graph API + Then the HTTP status code should be "403" diff --git a/tests/acceptance/features/apiGraph/unassignRole.feature b/tests/acceptance/features/apiGraph/unassignRole.feature index 5be9d5d24..ef4187ec9 100644 --- a/tests/acceptance/features/apiGraph/unassignRole.feature +++ b/tests/acceptance/features/apiGraph/unassignRole.feature @@ -29,3 +29,15 @@ Feature: unassign user role When user "Alice" tries to unassign the role of user "Alice" using the Graph API Then the HTTP status code should be "403" And user "Alice" should have the role "Admin" assigned + + + Scenario: non-admin user tries to unassign role of another user + Given user "Brian" has been created with default attributes and without skeleton files + When user "Alice" tries to unassign the role of user "Brian" using the Graph API + Then the HTTP status code should be "403" + And user "Brian" should have the role "User" assigned + + + Scenario: non-admin user tries to unassign role of nonexistent user + When user "Alice" tries to unassign the role of user "nonexistent" using the Graph API + Then the HTTP status code should be "403" diff --git a/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature b/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature index 0957d7075..22fa40b88 100644 --- a/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature +++ b/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature @@ -198,8 +198,8 @@ Feature: add users to group Scenario Outline: user other than the admin tries to add user to a nonexistent group Given user "Brian" has been created with default attributes and without skeleton files And the administrator has assigned the role "" to user "Alice" using the Graph API - When the user "Alice" tries to add user "Brian" to a nonexistent group using the Graph API - Then the HTTP status code should be "404" + When user "Alice" tries to add user "Brian" to a nonexistent group using the Graph API + Then the HTTP status code should be "403" Examples: | user-role | | Space Admin | @@ -213,6 +213,12 @@ Feature: add users to group Then the HTTP status code should be "404" + Scenario: non-admin user tries to add a nonexistent user to a group + Given group "groupA" has been created + When user "Alice" tries to add nonexistent user to group "groupA" using the Graph API + Then the HTTP status code should be "403" + + Scenario: admin tries to add user to a group without sending the group When the administrator tries to add user "Alice" to a nonexistent group using the Graph API Then the HTTP status code should be "404" diff --git a/tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature b/tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature index 28e49b439..6298ad79d 100644 --- a/tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature +++ b/tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature @@ -49,6 +49,11 @@ Feature: delete groups | 50%2Eagle | %2E literal looks like an escaped "." | | 50%2Fix | %2F literal looks like an escaped slash | + + Scenario: admin user tries to delete nonexistent group + When user "Alice" tries to delete group "nonexistent" using the Graph API + Then the HTTP status code should be "404" + @issue-5938 Scenario Outline: user other than the admin can't delete a group Given user "Brian" has been created with default attributes and without skeleton files @@ -63,6 +68,17 @@ Feature: delete groups | User | | User Light | + + Scenario Outline: non-admin user tries to delete nonexistent group + Given the administrator has assigned the role "" to user "Alice" using the Graph API + When user "Alice" tries to delete group "nonexistent" using the Graph API + Then the HTTP status code should be "403" + Examples: + | user-role | + | Space Admin | + | User | + | User Light | + @issue-903 Scenario: deleted group should not be listed in the sharees list Given group "grp1" has been created diff --git a/tests/acceptance/features/apiGraphUserGroup/editGroup.feature b/tests/acceptance/features/apiGraphUserGroup/editGroup.feature index 02bef543b..308351f00 100644 --- a/tests/acceptance/features/apiGraphUserGroup/editGroup.feature +++ b/tests/acceptance/features/apiGraphUserGroup/editGroup.feature @@ -40,3 +40,15 @@ Feature: edit group name When user "Alice" tries to rename a nonexistent group to "grp1" using the Graph API Then the HTTP status code should be "404" And group "grp1" should not exist + + + Scenario Outline: non-admin user tries to rename nonexistent group + Given the administrator has assigned the role "" to user "Alice" using the Graph API + When user "Alice" tries to rename a nonexistent group to "grp1" using the Graph API + Then the HTTP status code should be "403" + And group "grp1" should not exist + Examples: + | user-role | + | Space Admin | + | User | + | User Light | diff --git a/tests/acceptance/features/apiGraphUserGroup/editUser.feature b/tests/acceptance/features/apiGraphUserGroup/editUser.feature index b2e522901..9cf45f3b9 100644 --- a/tests/acceptance/features/apiGraphUserGroup/editUser.feature +++ b/tests/acceptance/features/apiGraphUserGroup/editUser.feature @@ -120,6 +120,22 @@ Feature: edit user | displayName with characters | *:!;_+-&#(?) | *:!;_+-&#(?) | + Scenario: admin user tries to edit nonexistent user's name + When the user "Alice" tries to change the user name of user "nonexistent" to "newusername" using the Graph API + Then the HTTP status code should be "404" + + + Scenario Outline: non-admin user tries to edit nonexistent user's name + Given the administrator has assigned the role "" to user "Alice" using the Graph API + When the user "Alice" tries to change the user name of user "nonexistent" to "newusername" using the Graph API + Then the HTTP status code should be "403" + Examples: + | user-role | + | Space Admin | + | User | + | User Light | + + Scenario Outline: normal user should not be able to change his/her own display name Given the administrator has assigned the role "" to user "Brian" using the Graph API When the user "Brian" tries to change the display name of user "Brian" to "Brian Murphy" using the Graph API diff --git a/tests/acceptance/features/apiGraphUserGroup/getGroup.feature b/tests/acceptance/features/apiGraphUserGroup/getGroup.feature index 505653881..0e552cf5f 100644 --- a/tests/acceptance/features/apiGraphUserGroup/getGroup.feature +++ b/tests/acceptance/features/apiGraphUserGroup/getGroup.feature @@ -387,7 +387,7 @@ Feature: get groups and their members "properties": { "message": { "type": "string", - "enum": ["Unauthorized"] + "enum": ["Forbidden"] } } } @@ -401,7 +401,7 @@ Feature: get groups and their members | User Light | - Scenario: get details of a group + Scenario: admin user gets details of a group Given group "tea-lover" has been created When user "Alice" gets details of the group "tea-lover" using the Graph API Then the HTTP status code should be "200" @@ -426,6 +426,41 @@ Feature: get groups and their members } """ + @issue-5604 + Scenario Outline: non-admin user tries to get details of a group + Given group "tea-lover" has been created + And the administrator has assigned the role "" to user "Alice" using the Graph API + When user "Alice" gets details of the group "tea-lover" using the Graph API + Then the HTTP status code should be "403" + And the JSON data of the response should match + """ + { + "type": "object", + "required": [ + "error" + ], + "properties": { + "error": { + "type": "object", + "required": [ + "message" + ], + "properties": { + "message": { + "type": "string", + "enum": ["Forbidden"] + } + } + } + } + } + """ + Examples: + | user-role | + | Space Admin | + | User | + | User Light | + Scenario Outline: get details of group with UTF-8 characters name Given group "" has been created @@ -463,6 +498,17 @@ Feature: get groups and their members When user "Alice" gets details of the group "non-existing" using the Graph API Then the HTTP status code should be "404" + @issue-5604 + Scenario Outline: non-admin user tries to get group information of non-existing group + Given the administrator has assigned the role "" to user "Alice" using the Graph API + When user "Alice" gets details of the group "non-existing" using the Graph API + Then the HTTP status code should be "403" + Examples: + | user-role | + | Space Admin | + | User | + | User Light | + Scenario Outline: non-admin user searches for a group by group name Given these users have been created with default attributes and without skeleton files: diff --git a/tests/acceptance/features/apiGraphUserGroup/getUser.feature b/tests/acceptance/features/apiGraphUserGroup/getUser.feature index 9c163f9e3..900f7bff2 100644 --- a/tests/acceptance/features/apiGraphUserGroup/getUser.feature +++ b/tests/acceptance/features/apiGraphUserGroup/getUser.feature @@ -55,7 +55,7 @@ Feature: get users Given the administrator has assigned the role "" to user "Alice" using the Graph API And the administrator has assigned the role "" to user "Brian" using the Graph API When user "Brian" tries to get information of user "Alice" using Graph API - Then the HTTP status code should be "401" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -72,7 +72,7 @@ Feature: get users "properties": { "message": { "type": "string", - "const": "Unauthorized" + "const": "Forbidden" } } } @@ -608,7 +608,7 @@ Feature: get users And group "coffee-lover" has been created And user "Brian" has been added to group "coffee-lover" When the user "Alice" gets user "Brian" along with his group information using Graph API - Then the HTTP status code should be "401" + Then the HTTP status code should be "403" And the JSON data of the response should match """ { @@ -625,7 +625,7 @@ Feature: get users "properties": { "message": { "type": "string", - "const": "Unauthorized" + "const": "Forbidden" } } } @@ -648,6 +648,23 @@ Feature: get users | User Light | Admin | + Scenario: admin user tries to get the information of nonexistent user + Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API + When user "Alice" tries to get information of user "nonexistent" using Graph API + Then the HTTP status code should be "404" + + @issue-5125 + Scenario Outline: non-admin user tries to get the information of nonexistent user + Given the administrator has assigned the role "" to user "Alice" using the Graph API + When user "Alice" tries to get information of user "nonexistent" using Graph API + Then the HTTP status code should be "403" + Examples: + | user-role | + | Space Admin | + | User | + | User Light | + + Scenario: admin user gets all users of certain groups Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API And user "Carol" has been created with default attributes and without skeleton files diff --git a/tests/acceptance/features/apiGraphUserGroup/removeUserFromGroup.feature b/tests/acceptance/features/apiGraphUserGroup/removeUserFromGroup.feature index b50ed0693..de7391a48 100644 --- a/tests/acceptance/features/apiGraphUserGroup/removeUserFromGroup.feature +++ b/tests/acceptance/features/apiGraphUserGroup/removeUserFromGroup.feature @@ -155,6 +155,18 @@ Feature: remove a user from a group When the administrator tries to remove user "Alice" from a nonexistent group using the Graph API Then the HTTP status code should be "404" + + Scenario Outline: non-admin user tries to remove a user from a nonexistent group + Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has assigned the role "" to user "Alice" using the Graph API + When user "Alice" tries to remove user "Brian" from a nonexistent group using the Graph API + Then the HTTP status code should be "403" + Examples: + | user-role | + | Space Admin | + | User | + | User Light | + @issue-5938 Scenario Outline: user other than the admin can't remove a user from their group Given user "Brian" has been created with default attributes and without skeleton files diff --git a/tests/acceptance/features/apiSpaces/disableAndDeleteSpaces.feature b/tests/acceptance/features/apiSpaces/disableAndDeleteSpaces.feature index 7e1afff12..f099191d0 100644 --- a/tests/acceptance/features/apiSpaces/disableAndDeleteSpaces.feature +++ b/tests/acceptance/features/apiSpaces/disableAndDeleteSpaces.feature @@ -114,7 +114,17 @@ Feature: Disabling and deleting space | Space Admin | - Scenario Outline: user with role user and user light cannot delete others disabled space via the Graph API + Scenario Outline: user with role user and user light cannot disable space + Given the administrator has assigned the role "" to user "Carol" using the Graph API + When user "Carol" tries to delete a space "Project Moon" owned by user "Alice" + Then the HTTP status code should be "404" + Examples: + | user-role | + | User | + | User Light | + + + Scenario Outline: user with role user and user light cannot delete others disabled space Given the administrator has assigned the role "" to user "Carol" using the Graph API And user "Alice" has disabled a space "Project Moon" When user "Carol" tries to delete a space "Project Moon" owned by user "Alice" @@ -123,3 +133,23 @@ Feature: Disabling and deleting space | user-role | | User | | User Light | + + + Scenario Outline: viewer and space editor cannot disable space + When user "" tries to disable a space "Project Moon" owned by user "Alice" + Then the HTTP status code should be "404" + And the user "" should have a space called "Project Moon" + Examples: + | user | + | Brian | + | Bob | + + + Scenario Outline: viewer and space editor cannot delete disabled space + Given user "Alice" has disabled a space "Project Moon" + When user "" tries to delete a space "Project Moon" owned by user "Alice" + Then the HTTP status code should be "404" + Examples: + | user | + | Brian | + | Bob | diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index 65ebd8fbc..bf18bb7dc 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -141,7 +141,7 @@ class GraphContext implements Context { $response = $this->editUserUsingTheGraphApi($byUser, $user, $userName); $this->featureContext->setResponse($response); // need to add user to list to delete him after test - if (!empty($userName)) { + if (!empty($userName) && $this->featureContext->getAttributeOfCreatedUser($userName, 'id')) { $this->featureContext->addUserToCreatedUsersList($userName, $this->featureContext->getUserPassword($user)); } } @@ -230,8 +230,7 @@ class GraphContext implements Context { */ public function editUserUsingTheGraphApi(string $byUser, string $user, string $userName = null, string $password = null, string $email = null, string $displayName = null, bool $accountEnabled = true, string $method="PATCH"): ResponseInterface { $user = $this->featureContext->getActualUsername($user); - $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id'); - $userId = $userId ?? $user; + $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?: $user; return GraphHelper::editUser( $this->featureContext->getBaseUrl(), $this->featureContext->getStepLineRef(), @@ -491,8 +490,7 @@ class GraphContext implements Context { ): ResponseInterface { $credentials = $this->getAdminOrUserCredentials($byUser); $user = $this->featureContext->getActualUsername($user); - $userId = $this->featureContext->getAttributeOfCreatedUser($user, "id"); - $userId = $userId ?? $user; + $userId = $this->featureContext->getAttributeOfCreatedUser($user, "id") ?: $user; return GraphHelper::editUser( $this->featureContext->getBaseUrl(), $this->featureContext->getStepLineRef(), @@ -793,18 +791,20 @@ class GraphContext implements Context { /** * @When the administrator tries to add nonexistent user to group :group using the Graph API + * @When user :byUser tries to add nonexistent user to group :group using the Graph API * * @param string $group + * @param string|null $byUser * * @return void */ - public function theAdministratorTriesToAddNonExistentUserToGroupUsingTheGraphAPI(string $group): void { - $this->featureContext->setResponse($this->addUserToGroup($group, "nonexistent")); + public function theAdministratorTriesToAddNonExistentUserToGroupUsingTheGraphAPI(string $group, ?string $byUser = null): void { + $this->featureContext->setResponse($this->addUserToGroup($group, "nonexistent", $byUser)); } /** * @When the administrator tries to add user :user to a nonexistent group using the Graph API - * @When the user :byUser tries to add user :user to a nonexistent group using the Graph API + * @When user :byUser tries to add user :user to a nonexistent group using the Graph API * * @param string $user * @param string|null $byUser @@ -1038,7 +1038,7 @@ class GraphContext implements Context { * @return void */ public function userDeletesGroupUsingTheGraphApi(string $group, ?string $user = null): void { - $groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id"); + $groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id") ?: $group; $response = $this->deleteGroupWithId($groupId, $user); if ($response->getStatusCode() === 204) { $this->featureContext->rememberThatGroupIsNotExpectedToExist($group); @@ -1750,7 +1750,7 @@ class GraphContext implements Context { * @throws Exception */ public function theAdministratorHasGivenTheRoleUsingTheGraphApi(string $role, string $user): void { - $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?? $user; + $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?: $user; if (empty($this->appEntity)) { $this->setApplicationEntity(); @@ -1783,7 +1783,7 @@ class GraphContext implements Context { */ public function userRetrievesAssignedRoleUsingTheGraphApi(string $user): void { $admin = $this->featureContext->getAdminUserName(); - $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?? $user; + $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?: $user; $this->featureContext->setResponse( GraphHelper::getAssignedRole( $this->featureContext->getBaseUrl(), @@ -1795,6 +1795,29 @@ class GraphContext implements Context { ); } + /** + * @When /^user "([^"]*)" tries to get the assigned role of user "([^"]*)" using the Graph API$/ + * + * @param string $user + * @param string $ofUser + * + * @return void + * @throws GuzzleException + */ + public function userTriesToGetAssignedRoleOfUserUsingTheGraphApi(string $user, string $ofUser): void { + $credentials = $this->getAdminOrUserCredentials($user); + $userId = $this->featureContext->getAttributeOfCreatedUser($ofUser, 'id') ?: $user; + $this->featureContext->setResponse( + GraphHelper::getAssignedRole( + $this->featureContext->getBaseUrl(), + $this->featureContext->getStepLineRef(), + $credentials['username'], + $credentials['password'], + $userId + ) + ); + } + /** * set application Entity in global variable * @@ -2323,7 +2346,7 @@ class GraphContext implements Context { * @throws GuzzleException */ public function getAssignedRole(string $user): ResponseInterface { - $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?? $this->featureContext->getUserIdByUserName($user); + $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?: $this->featureContext->getUserIdByUserName($user); return ( GraphHelper::getAssignedRole( $this->featureContext->getBAseUrl(), @@ -2347,9 +2370,17 @@ class GraphContext implements Context { * @throws Exception */ public function theUserUnassignsTheRoleOfUserUsingTheGraphApi(string $user, string $ofUser): void { - $userId = $this->featureContext->getAttributeOfCreatedUser($ofUser, 'id') ?? $ofUser; $credentials = $this->getAdminOrUserCredentials($user); - $appRoleAssignmentId = $this->featureContext->getJsonDecodedResponse($this->getAssignedRole($ofUser))["value"][0]["id"]; + $userId = $this->featureContext->getAttributeOfCreatedUser($ofUser, 'id'); + + // get 'User' role id for nonexistent user + if (!$userId && $ofUser !== $this->featureContext->getAdminUsername()) { + $appRoleAssignmentId = $this->getRoleIdByRoleName("User"); + } else { + $appRoleAssignmentId = $this->featureContext->getJsonDecodedResponse($this->getAssignedRole($ofUser))["value"][0]["id"]; + } + + $userId = $userId ?: $ofUser; $this->featureContext->setResponse( GraphHelper::unassignRole( @@ -2419,7 +2450,7 @@ class GraphContext implements Context { * @throws Exception */ public function userChangesTheRoleOfUserToRoleUsingTheGraphApi(string $user, string $ofUser, string $role): void { - $userId = $this->featureContext->getAttributeOfCreatedUser($ofUser, 'id') ?? $ofUser; + $userId = $this->featureContext->getAttributeOfCreatedUser($ofUser, 'id') ?: $ofUser; $credentials = $this->getAdminOrUserCredentials($user); if (empty($this->appEntity)) { $this->setApplicationEntity(); diff --git a/tests/acceptance/features/bootstrap/SettingsContext.php b/tests/acceptance/features/bootstrap/SettingsContext.php index baccfb9cc..150e186cf 100644 --- a/tests/acceptance/features/bootstrap/SettingsContext.php +++ b/tests/acceptance/features/bootstrap/SettingsContext.php @@ -131,7 +131,7 @@ class SettingsContext implements Context { public function theAdministratorHasGivenUserTheRole(string $user, string $role): void { $admin = $this->featureContext->getAdminUserName(); $roleId = $this->getRoleIdByRoleName($admin, $role); - $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?? $user; + $userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id') ?: $user; $response = $this->assignRoleToUser($admin, $userId, $roleId); $this->featureContext->theHTTPStatusCodeShouldBe( 201, diff --git a/tests/acceptance/features/coreApiWebdavUpload/uploadFile.feature b/tests/acceptance/features/coreApiWebdavUpload/uploadFile.feature index cee163218..688930015 100644 --- a/tests/acceptance/features/coreApiWebdavUpload/uploadFile.feature +++ b/tests/acceptance/features/coreApiWebdavUpload/uploadFile.feature @@ -375,7 +375,7 @@ Feature: upload file And for user "Alice" the content of the file "/textfile.txt" of the space "new-space" should be "" @issue-8699 - Scenario: user updates a file inside a shared space with empty content + Scenario: user updates a file inside a link shared space with empty content Given using SharingNG And user "Brian" has been created with default attributes and without skeleton files And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API