mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-07 04:40:05 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
eb537987ad113aef0804e60495aa4b3eff5da107
opencloud/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature
Viktor Scharf eb537987ad [test-only] ApiTest. test for password policy (#7276) 
* test for password policy

* test flaky

* renamed envs
2023-09-18 10:21:35 +02:00

238 lines
15 KiB
Gherkin
Raw Blame History

@env-config
Feature: enforce password on public link
As a user
I want to enforce passwords on public links shared with upload, edit, or contribute permission
So that the password is required to access the contents of the link
Scenario Outline: create a public link with edit permission without a password when enforce-password is enabled
Given the config "OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" has been set to "true"
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
When user "Alice" creates a public link share using the sharing API with settings
| path | /testfile.txt |
| permissions | 3 |
Then the HTTP status code should be "<http-code>"
And the OCS status code should be "400"
And the OCS status message should be "missing required password"
Examples:
| ocs-api-version | http-code |
| 1 | 200 |
| 2 | 400 |
Scenario Outline: update a public link to edit permission without a password
Given the config "OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" has been set to "true"
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
And user "Alice" has created a public link share with settings
| path | /testfile.txt |
| permissions | 1 |
When user "Alice" updates the last public link share using the sharing API with
| permissions | 3 |
Then the HTTP status code should be "<http-code>"
And the OCS status code should be "400"
And the OCS status message should be "missing required password"
Examples:
| ocs-api-version | http-code |
| 1 | 200 |
| 2 | 400 |
Scenario Outline: updates a public link to edit permission with a password
Given the config "OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" has been set to "true"
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
And user "Alice" has created a public link share with settings
| path | /testfile.txt |
| permissions | 1 |
When user "Alice" updates the last public link share using the sharing API with
| permissions | 3 |
| password | testpassword |
Then the HTTP status code should be "200"
And the OCS status code should be "<ocs-code>"
And the OCS status message should be "OK"
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API without a password
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "wrong pass"
But the public should be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "testpassword"
Examples:
| ocs-api-version | ocs-code |
| 1 | 100 |
| 2 | 200 |
Scenario Outline: create a public link with a password in accordance with the password policy
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 13 |
| FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 |
| FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 |
| FRONTEND_PASSWORD_POLICY_MIN_DIGITS | 2 |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 |
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
When user "Alice" creates a public link share using the sharing API with settings
| path | /testfile.txt |
| permissions | 3 |
| password | 3s:5WW9uE5h=A |
Then the HTTP status code should be "200"
And the OCS status code should be "<ocs-code>"
And the OCS status message should be "OK"
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API without a password
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "wrong pass"
But the public should be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "3s:5WW9uE5h=A"
Examples:
| ocs-api-version | ocs-code |
| 1 | 100 |
| 2 | 200 |
Scenario Outline: try to create a public link with a password that does not comply with the password policy
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 13 |
| FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 |
| FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 |
| FRONTEND_PASSWORD_POLICY_MIN_DIGITS | 2 |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 |
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
When user "Alice" creates a public link share using the sharing API with settings
| path | /testfile.txt |
| permissions | 3 |
| password | Pas1 |
Then the HTTP status code should be "<http-code>"
And the OCS status code should be "400"
And the OCS status message should be "password validation failed"
Examples:
| ocs-api-version | http-code |
| 1 | 200 |
| 2 | 400 |
Scenario Outline: update a public link with a password in accordance with the password policy
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 13 |
| FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 |
| FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 |
| FRONTEND_PASSWORD_POLICY_MIN_DIGITS | 1 |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 |
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
And user "Alice" has created a public link share with settings
| path | /testfile.txt |
| permissions | 1 |
When user "Alice" updates the last public link share using the sharing API with
| permissions | 3 |
| password | 6a0Q;A3 +i^m[ |
Then the HTTP status code should be "200"
And the OCS status code should be "<ocs-code>"
And the OCS status message should be "OK"
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API without a password
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "wrong pass"
But the public should be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "6a0Q;A3 +i^m["
Examples:
| ocs-api-version | ocs-code |
| 1 | 100 |
| 2 | 200 |
Scenario Outline: try to update a public link with a password that does not comply with the password policy
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 13 |
| FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 |
| FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 2 |
| FRONTEND_PASSWORD_POLICY_MIN_DIGITS | 1 |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 2 |
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And using OCS API version "<ocs-api-version>"
And user "Alice" has created a public link share with settings
| path | /testfile.txt |
| permissions | 1 |
When user "Alice" updates the last public link share using the sharing API with
| permissions | 3 |
| password | Pws^ |
Then the HTTP status code should be "<http-code>"
And the OCS status code should be "400"
And the OCS status message should be:
"""
missing required password at least 13 characters are required
at least 3 lowercase letters are required
at least 2 uppercase letters are required
at least 1 numbers are required
at least 2 special characters are required. !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
"""
Examples:
| ocs-api-version | http-code |
| 1 | 200 |
| 2 | 400 |
Scenario Outline: update a public link with a password in accordance with the password policy (valid cases)
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true |
| <config> | <config-value> |
And using OCS API version "2"
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And user "Alice" has created a public link share with settings
| path | /testfile.txt |
| permissions | 1 |
When user "Alice" updates the last public link share using the sharing API with
| permissions | 3 |
| password | <password> |
Then the HTTP status code should be "200"
And the OCS status code should be "200"
And the OCS status message should be "OK"
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API without a password
And the public should not be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "wrong pass"
But the public should be able to download file "/textfile.txt" from inside the last public link shared folder using the new public WebDAV API with password "<password>"
Examples:
| config | config-value | password |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 5 | 12345 |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 10 | with space |
| FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | Test |
| FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 3 | TeST |
| FRONTEND_PASSWORD_POLICY_MIN_DIGITS | 1 | test1 |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 1 | test pass |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 33 | ! #$%&'()*+,-./:;<=>?@[\]^_`{ }~ |
| FRONTEND_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS | 5 | sameCharacterShouldWork!!!!! |
Scenario Outline: try to update a public link with a password that does not comply with the password policy (invalid cases)
Given the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD | true |
| <config> | <config-value> |
And using OCS API version "2"
And user "Alice" has been created with default attributes and without skeleton files
And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
And user "Alice" has created a public link share with settings
| path | /testfile.txt |
| permissions | 1 |
When user "Alice" updates the last public link share using the sharing API with
| permissions | 3 |
| password | <password> |
Then the HTTP status code should be "400"
And the OCS status code should be "400"
And the OCS status message should be "<message>"
Examples:
| config | config-value | password | message |
| FRONTEND_PASSWORD_POLICY_MIN_CHARACTERS | 5 | 1234 | missing required password at least 5 characters are required |
| FRONTEND_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS | 3 | TesT | missing required password at least 3 lowercase letters are required |
| FRONTEND_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS | 3 | TesT | missing required password at least 3 uppercase letters are required |
| FRONTEND_PASSWORD_POLICY_MIN_DIGITS | 2 | test1 | missing required password at least 2 numbers are required |
Reference in New Issue View Git Blame Copy Permalink