mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-02-28 00:39:16 -06:00
Code Issues Packages Projects Releases Wiki Activity

tests: add test cases for non-admin actions to admin resources

Browse Source
This commit is contained in:
Saw-jan
2024-07-18 16:17:52 +05:45
parent 81ef018b9f
commit dd8a3eb3d2
15 changed files with 273 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature
View File

@@ -198,8 +198,8 @@ Feature: add users to group
Scenario Outline: user other than the admin tries to add user to a nonexistent group
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When the user "Alice" tries to add user "Brian" to a nonexistent group using the Graph API
Then the HTTP status code should be "404"
When user "Alice" tries to add user "Brian" to a nonexistent group using the Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
@@ -213,6 +213,12 @@ Feature: add users to group
Then the HTTP status code should be "404"
Scenario: non-admin user tries to add a nonexistent user to a group
Given group "groupA" has been created
When user "Alice" tries to add nonexistent user to group "groupA" using the Graph API
Then the HTTP status code should be "403"
Scenario: admin tries to add user to a group without sending the group
When the administrator tries to add user "Alice" to a nonexistent group using the Graph API
Then the HTTP status code should be "404"

16
tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature
View File

@@ -49,6 +49,11 @@ Feature: delete groups
| 50%2Eagle | %2E literal looks like an escaped "." |
| 50%2Fix | %2F literal looks like an escaped slash |
Scenario: admin user tries to delete nonexistent group
When user "Alice" tries to delete group "nonexistent" using the Graph API
Then the HTTP status code should be "404"
@issue-5938
Scenario Outline: user other than the admin can't delete a group
Given user "Brian" has been created with default attributes and without skeleton files
@@ -63,6 +68,17 @@ Feature: delete groups
| User |
| User Light |
Scenario Outline: non-admin user tries to delete nonexistent group
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When user "Alice" tries to delete group "nonexistent" using the Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
@issue-903
Scenario: deleted group should not be listed in the sharees list
Given group "grp1" has been created

12
tests/acceptance/features/apiGraphUserGroup/editGroup.feature
View File

@@ -40,3 +40,15 @@ Feature: edit group name
When user "Alice" tries to rename a nonexistent group to "grp1" using the Graph API
Then the HTTP status code should be "404"
And group "grp1" should not exist
Scenario Outline: non-admin user tries to rename nonexistent group
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When user "Alice" tries to rename a nonexistent group to "grp1" using the Graph API
Then the HTTP status code should be "403"
And group "grp1" should not exist
Examples:
| user-role |
| Space Admin |
| User |
| User Light |

16
tests/acceptance/features/apiGraphUserGroup/editUser.feature
View File

@@ -120,6 +120,22 @@ Feature: edit user
| displayName with characters | *:!;_+-&#(?) | *:!;_+-&#(?) |
Scenario: admin user tries to edit nonexistent user's name
When the user "Alice" tries to change the user name of user "nonexistent" to "newusername" using the Graph API
Then the HTTP status code should be "404"
Scenario Outline: non-admin user tries to edit nonexistent user's name
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When the user "Alice" tries to change the user name of user "nonexistent" to "newusername" using the Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
Scenario Outline: normal user should not be able to change his/her own display name
Given the administrator has assigned the role "<user-role>" to user "Brian" using the Graph API
When the user "Brian" tries to change the display name of user "Brian" to "Brian Murphy" using the Graph API

50
tests/acceptance/features/apiGraphUserGroup/getGroup.feature
View File

@@ -387,7 +387,7 @@ Feature: get groups and their members
"properties": {
"message": {
"type": "string",
"enum": ["Unauthorized"]
"enum": ["Forbidden"]
}
}
}
@@ -401,7 +401,7 @@ Feature: get groups and their members
| User Light |
Scenario: get details of a group
Scenario: admin user gets details of a group
Given group "tea-lover" has been created
When user "Alice" gets details of the group "tea-lover" using the Graph API
Then the HTTP status code should be "200"
@@ -426,6 +426,41 @@ Feature: get groups and their members
}
"""
@issue-5604
Scenario Outline: non-admin user tries to get details of a group
Given group "tea-lover" has been created
And the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When user "Alice" gets details of the group "tea-lover" using the Graph API
Then the HTTP status code should be "403"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"message"
],
"properties": {
"message": {
"type": "string",
"enum": ["Forbidden"]
}
}
}
}
}
"""
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
Scenario Outline: get details of group with UTF-8 characters name
Given group "<group>" has been created
@@ -463,6 +498,17 @@ Feature: get groups and their members
When user "Alice" gets details of the group "non-existing" using the Graph API
Then the HTTP status code should be "404"
@issue-5604
Scenario Outline: non-admin user tries to get group information of non-existing group
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When user "Alice" gets details of the group "non-existing" using the Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
Scenario Outline: non-admin user searches for a group by group name
Given these users have been created with default attributes and without skeleton files:

25
tests/acceptance/features/apiGraphUserGroup/getUser.feature
View File

@@ -55,7 +55,7 @@ Feature: get users
Given the administrator has assigned the role "<user-role-2>" to user "Alice" using the Graph API
And the administrator has assigned the role "<user-role>" to user "Brian" using the Graph API
When user "Brian" tries to get information of user "Alice" using Graph API
Then the HTTP status code should be "401"
Then the HTTP status code should be "403"
And the JSON data of the response should match
"""
{
@@ -72,7 +72,7 @@ Feature: get users
"properties": {
"message": {
"type": "string",
"const": "Unauthorized"
"const": "Forbidden"
}
}
}
@@ -608,7 +608,7 @@ Feature: get users
And group "coffee-lover" has been created
And user "Brian" has been added to group "coffee-lover"
When the user "Alice" gets user "Brian" along with his group information using Graph API
Then the HTTP status code should be "401"
Then the HTTP status code should be "403"
And the JSON data of the response should match
"""
{
@@ -625,7 +625,7 @@ Feature: get users
"properties": {
"message": {
"type": "string",
"const": "Unauthorized"
"const": "Forbidden"
}
}
}
@@ -648,6 +648,23 @@ Feature: get users
| User Light | Admin |
Scenario: admin user tries to get the information of nonexistent user
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
When user "Alice" tries to get information of user "nonexistent" using Graph API
Then the HTTP status code should be "404"
@issue-5125
Scenario Outline: non-admin user tries to get the information of nonexistent user
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When user "Alice" tries to get information of user "nonexistent" using Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
Scenario: admin user gets all users of certain groups
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And user "Carol" has been created with default attributes and without skeleton files

12
tests/acceptance/features/apiGraphUserGroup/removeUserFromGroup.feature
View File

@@ -155,6 +155,18 @@ Feature: remove a user from a group
When the administrator tries to remove user "Alice" from a nonexistent group using the Graph API
Then the HTTP status code should be "404"
Scenario Outline: non-admin user tries to remove a user from a nonexistent group
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When user "Alice" tries to remove user "Brian" from a nonexistent group using the Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
@issue-5938
Scenario Outline: user other than the admin can't remove a user from their group
Given user "Brian" has been created with default attributes and without skeleton files