mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-02-10 22:19:17 -06:00
1aeb30193a
Adds a new share role "Secure View". This role is applicable for files, folders and spaces and only allows viewing them (and their content).
1528 lines
54 KiB
Gherkin
1528 lines
54 KiB
Gherkin
Feature: List a sharing permissions
|
|
https://owncloud.dev/libre-graph-api/#/drives.permissions/ListPermissions
|
|
|
|
Background:
|
|
Given these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Alice |
|
|
|
|
|
|
Scenario: user lists permissions of a folder in personal space
|
|
Given user "Alice" has created folder "folder"
|
|
When user "Alice" gets permissions list for folder "folder" of the space "Personal" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"type": "array",
|
|
"enum": [
|
|
[
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 4,
|
|
"maxItems": 4,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf": [
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"type": "integer",
|
|
"enum": [
|
|
1
|
|
]
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"enum": [
|
|
"View only documents, images and PDFs. Watermarks will be applied."
|
|
]
|
|
},
|
|
"displayName": {
|
|
"type": "string",
|
|
"enum": [
|
|
"Can view (secure)"
|
|
]
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"enum": [
|
|
"aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"type": "integer",
|
|
"enum": [
|
|
2
|
|
]
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"enum": [
|
|
"View, download and upload."
|
|
]
|
|
},
|
|
"displayName": {
|
|
"type": "string",
|
|
"enum": [
|
|
"Can upload"
|
|
]
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"enum": [
|
|
"1c996275-f1c9-4e71-abdf-a42f6495e960"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"type": "integer",
|
|
"enum": [
|
|
3
|
|
]
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"enum": [
|
|
"View and download."
|
|
]
|
|
},
|
|
"displayName": {
|
|
"type": "string",
|
|
"enum": [
|
|
"Can view"
|
|
]
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"enum": [
|
|
"b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"type": "integer",
|
|
"enum": [
|
|
4
|
|
]
|
|
},
|
|
"description": {
|
|
"type": "string",
|
|
"enum": [
|
|
"View, download, upload, edit, add and delete."
|
|
]
|
|
},
|
|
"displayName": {
|
|
"type": "string",
|
|
"enum": [
|
|
"Can edit"
|
|
]
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"enum": [
|
|
"fb6c3e19-e378-47e5-b277-9732f9de6e21"
|
|
]
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
Scenario: user lists permissions of a project space
|
|
Given using spaces DAV path
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
When user "Alice" lists the permissions of space "new-space" using permissions endpoint of the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"const": [
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 4,
|
|
"maxItems": 4,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf": [
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "a8d5fe5e-96e3-418d-825b-534dbdf22b99"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 3
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add and delete."
|
|
},
|
|
"displayName": {
|
|
"const": "Can edit"
|
|
},
|
|
"id": {
|
|
"const": "58c63c02-1d89-4572-916a-870abc5a1b7d"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 4
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add, delete and manage members."
|
|
},
|
|
"displayName": {
|
|
"const": "Can manage"
|
|
},
|
|
"id": {
|
|
"const": "312c0871-5ef7-4b3a-85b6-0e4074c64049"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
@issues-8352
|
|
Scenario: sharer lists permissions of a shared project space
|
|
Given using spaces DAV path
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Alice" has sent the following share invitation:
|
|
| space | new-space |
|
|
| sharee | Brian |
|
|
| shareType | user |
|
|
| permissionsRole | Space Viewer |
|
|
And user "Alice" has created the following link share:
|
|
| space | new-space |
|
|
| permissionsRole | view |
|
|
| password | %public% |
|
|
| resource | new-space |
|
|
When user "Alice" lists the permissions of space "new-space" using permissions endpoint of the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues",
|
|
"value"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"const": [
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 4,
|
|
"maxItems": 4,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf": [
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "a8d5fe5e-96e3-418d-825b-534dbdf22b99"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 3
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add and delete."
|
|
},
|
|
"displayName": {
|
|
"const": "Can edit"
|
|
},
|
|
"id": {
|
|
"const": "58c63c02-1d89-4572-916a-870abc5a1b7d"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 4
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add, delete and manage members."
|
|
},
|
|
"displayName": {
|
|
"const": "Can manage"
|
|
},
|
|
"id": {
|
|
"const": "312c0871-5ef7-4b3a-85b6-0e4074c64049"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"value": {
|
|
"type": "array",
|
|
"minItems": 3,
|
|
"maxItems": 3,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf":[
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"grantedToV2",
|
|
"id",
|
|
"roles"
|
|
],
|
|
"properties": {
|
|
"grantedToV2": {
|
|
"type": "object",
|
|
"required": ["user"],
|
|
"properties": {
|
|
"user": {
|
|
"type": "object",
|
|
"required": ["displayName","id"],
|
|
"properties": {
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^%user_id_pattern%$"
|
|
},
|
|
"displayName": {
|
|
"const": "Brian Murphy"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^u:%user_id_pattern%$"
|
|
},
|
|
"roles": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"maxItems": 1,
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^%role_id_pattern%$"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"grantedToV2",
|
|
"id",
|
|
"roles"
|
|
],
|
|
"properties": {
|
|
"grantedToV2": {
|
|
"type": "object",
|
|
"required": ["user"],
|
|
"properties": {
|
|
"user": {
|
|
"type": "object",
|
|
"required": ["displayName","id"],
|
|
"properties": {
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^%user_id_pattern%$"
|
|
},
|
|
"displayName": {
|
|
"const": "Alice Hansen"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^u:%user_id_pattern%$"
|
|
},
|
|
"roles": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"maxItems": 1,
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^%role_id_pattern%$"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"hasPassword",
|
|
"id",
|
|
"link"
|
|
],
|
|
"properties": {
|
|
"hasPassword": {
|
|
"const": true
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^[a-zA-Z]{15}$"
|
|
},
|
|
"link": {
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.displayName",
|
|
"@libre.graph.quickLink",
|
|
"preventsDownload",
|
|
"type",
|
|
"webUrl"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.displayName": {
|
|
"const": ""
|
|
},
|
|
"@libre.graph.quickLink": {
|
|
"const": false
|
|
},
|
|
"preventsDownload": {
|
|
"const": false
|
|
},
|
|
"type": {
|
|
"const": "view"
|
|
},
|
|
"webUrl": {
|
|
"type": "string",
|
|
"pattern": "^%base_url%\/s\/[a-zA-Z]{15}$"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
@issues-8331
|
|
Scenario: user lists permissions of a file in personal space
|
|
Given user "Alice" has uploaded file with content "hello world" to "/textfile0.txt"
|
|
When user "Alice" gets permissions list for file "textfile0.txt" of the space "Personal" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"type": "array",
|
|
"enum": [
|
|
[
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 3,
|
|
"maxItems": 3,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf":[
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 3
|
|
},
|
|
"description": {
|
|
"const": "View, download and edit."
|
|
},
|
|
"displayName": {
|
|
"const": "Can edit"
|
|
},
|
|
"id": {
|
|
"const": "2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
@issues-8331
|
|
Scenario: user lists permissions of a folder in project space
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Alice" has created a folder "folder" in space "new-space"
|
|
When user "Alice" gets permissions list for folder "folder" of the space "new-space" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"type": "array",
|
|
"enum": [
|
|
[
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 4,
|
|
"maxItems": 4,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf":[
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View, download and upload."
|
|
},
|
|
"displayName": {
|
|
"const": "Can upload"
|
|
},
|
|
"id": {
|
|
"const": "1c996275-f1c9-4e71-abdf-a42f6495e960"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 3
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 4
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add and delete."
|
|
},
|
|
"displayName": {
|
|
"const": "Can edit"
|
|
},
|
|
"id": {
|
|
"const": "fb6c3e19-e378-47e5-b277-9732f9de6e21"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
@issues-8331
|
|
Scenario: user lists permissions of a file in project space
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Alice" has uploaded a file inside space "new-space" with content "hello world" to "textfile0.txt"
|
|
When user "Alice" gets permissions list for folder "textfile0.txt" of the space "new-space" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"type": "array",
|
|
"enum": [
|
|
[
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 3,
|
|
"maxItems": 3,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf":[
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 3
|
|
},
|
|
"description": {
|
|
"const": "View, download and edit."
|
|
},
|
|
"displayName": {
|
|
"const": "Can edit"
|
|
},
|
|
"id": {
|
|
"const": "2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
@issues-8331
|
|
Scenario: user sends share invitation with all allowed roles for a file
|
|
Given user "Alice" has uploaded file with content "hello text" to "textfile.txt"
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
When user "Alice" gets permissions list for file "textfile.txt" of the space "Personal" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And user "Alice" should be able to send share the following invitation with all allowed permission roles
|
|
| resource | textfile.txt |
|
|
| space | Personal |
|
|
| sharee | Brian |
|
|
| shareType | user |
|
|
|
|
@issues-8331
|
|
Scenario: user sends share invitation with all allowed roles for a folder
|
|
Given user "Alice" has created folder "folder"
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
When user "Alice" gets permissions list for folder "folder" of the space "Personal" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And user "Alice" should be able to send share the following invitation with all allowed permission roles
|
|
| resource | folder |
|
|
| space | Personal |
|
|
| sharee | Brian |
|
|
| shareType | user |
|
|
|
|
@issues-8351
|
|
Scenario: user lists permissions of a project space using root endpoint
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
When user "Alice" lists the permissions of space "new-space" using root endpoint of the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"const": [
|
|
"libre.graph/driveItem/permissions/create",
|
|
"libre.graph/driveItem/children/create",
|
|
"libre.graph/driveItem/standard/delete",
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/upload/create",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/versions/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/path/update",
|
|
"libre.graph/driveItem/permissions/delete",
|
|
"libre.graph/driveItem/deleted/delete",
|
|
"libre.graph/driveItem/versions/update",
|
|
"libre.graph/driveItem/deleted/update",
|
|
"libre.graph/driveItem/basic/read",
|
|
"libre.graph/driveItem/permissions/update",
|
|
"libre.graph/driveItem/permissions/deny"
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 4,
|
|
"maxItems": 4,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf": [
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "a8d5fe5e-96e3-418d-825b-534dbdf22b99"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 3
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add and delete."
|
|
},
|
|
"displayName": {
|
|
"const": "Can edit"
|
|
},
|
|
"id": {
|
|
"const": "58c63c02-1d89-4572-916a-870abc5a1b7d"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 4
|
|
},
|
|
"description": {
|
|
"const": "View, download, upload, edit, add, delete and manage members."
|
|
},
|
|
"displayName": {
|
|
"const": "Can manage"
|
|
},
|
|
"id": {
|
|
"const": "312c0871-5ef7-4b3a-85b6-0e4074c64049"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
Scenario Outline: try to lists the permissions of a Personal/Shares drive using root endpoint
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
When user "Alice" tries to list the permissions of space "<drive>" using root endpoint of the Graph API
|
|
Then the HTTP status code should be "400"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": ["error"],
|
|
"properties": {
|
|
"error": {
|
|
"type": "object",
|
|
"required": [
|
|
"code",
|
|
"innererror",
|
|
"message"
|
|
],
|
|
"properties": {
|
|
"code": {
|
|
"const": "invalidRequest"
|
|
},
|
|
"innererror": {
|
|
"type": "object",
|
|
"required": [
|
|
"date",
|
|
"request-id"
|
|
]
|
|
},
|
|
"message": {
|
|
"const": "unsupported space type"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
Examples:
|
|
| drive |
|
|
| Personal |
|
|
| Shares |
|
|
|
|
|
|
Scenario: space admin invites to a project space with all allowed roles
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
When user "Alice" lists the permissions of space "new-space" using permissions endpoint of the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And user "Alice" should be able to send share the following invitation with all allowed permission roles
|
|
| space | new-space |
|
|
| sharee | Brian |
|
|
| shareType | user |
|
|
|
|
|
|
Scenario: user sends share invitation with all allowed roles for a file in project space
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Alice" has uploaded a file inside space "new-space" with content "hello world" to "textfile.txt"
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
When user "Alice" gets permissions list for file "textfile.txt" of the space "new-space" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And user "Alice" should be able to send share the following invitation with all allowed permission roles
|
|
| resource | textfile.txt |
|
|
| space | new-space |
|
|
| sharee | Brian |
|
|
| shareType | user |
|
|
|
|
|
|
Scenario: non-member user tries to list the permissions of a project space using permissions endpoint
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
When user "Brian" tries to list the permissions of space "new-space" owned by "Alice" using permissions endpoint of the Graph API
|
|
Then the HTTP status code should be "404"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": ["error"],
|
|
"properties": {
|
|
"error": {
|
|
"type": "object",
|
|
"required": [
|
|
"code",
|
|
"innererror",
|
|
"message"
|
|
],
|
|
"properties": {
|
|
"code": {
|
|
"const": "itemNotFound"
|
|
},
|
|
"innererror": {
|
|
"type": "object",
|
|
"required": [
|
|
"date",
|
|
"request-id"
|
|
]
|
|
},
|
|
"message": {
|
|
"type": "string",
|
|
"pattern": "stat: error: not found: %file_id_pattern%$"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
|
|
Scenario: member with viewer role lists the permissions of a project space using permissions endpoint
|
|
Given using spaces DAV path
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Alice" has sent the following share invitation:
|
|
| space | new-space |
|
|
| sharee | Brian |
|
|
| shareType | user |
|
|
| permissionsRole | Space Viewer |
|
|
When user "Brian" lists the permissions of space "new-space" using permissions endpoint of the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And the JSON data of the response should match
|
|
"""
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.permissions.actions.allowedValues",
|
|
"@libre.graph.permissions.roles.allowedValues",
|
|
"value"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.permissions.actions.allowedValues": {
|
|
"const": [
|
|
"libre.graph/driveItem/path/read",
|
|
"libre.graph/driveItem/quota/read",
|
|
"libre.graph/driveItem/content/read",
|
|
"libre.graph/driveItem/permissions/read",
|
|
"libre.graph/driveItem/children/read",
|
|
"libre.graph/driveItem/deleted/read",
|
|
"libre.graph/driveItem/basic/read"
|
|
]
|
|
},
|
|
"@libre.graph.permissions.roles.allowedValues": {
|
|
"type": "array",
|
|
"minItems": 2,
|
|
"maxItems": 2,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf": [
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 1
|
|
},
|
|
"description": {
|
|
"const": "View only documents, images and PDFs. Watermarks will be applied."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view (secure)"
|
|
},
|
|
"id": {
|
|
"const": "aa97fe03-7980-45ac-9e50-b325749fd7e6"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"@libre.graph.weight",
|
|
"description",
|
|
"displayName",
|
|
"id"
|
|
],
|
|
"properties": {
|
|
"@libre.graph.weight": {
|
|
"const": 2
|
|
},
|
|
"description": {
|
|
"const": "View and download."
|
|
},
|
|
"displayName": {
|
|
"const": "Can view"
|
|
},
|
|
"id": {
|
|
"const": "a8d5fe5e-96e3-418d-825b-534dbdf22b99"
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"value": {
|
|
"type": "array",
|
|
"minItems": 2,
|
|
"maxItems": 2,
|
|
"uniqueItems": true,
|
|
"items": {
|
|
"oneOf":[
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"grantedToV2",
|
|
"id",
|
|
"roles"
|
|
],
|
|
"properties": {
|
|
"grantedToV2": {
|
|
"type": "object",
|
|
"required": ["user"],
|
|
"properties": {
|
|
"user": {
|
|
"type": "object",
|
|
"required": ["displayName","id"],
|
|
"properties": {
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^%user_id_pattern%$"
|
|
},
|
|
"displayName": {
|
|
"const": "Brian Murphy"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^u:%user_id_pattern%$"
|
|
},
|
|
"roles": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"maxItems": 1,
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^%role_id_pattern%$"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"type": "object",
|
|
"required": [
|
|
"grantedToV2",
|
|
"id",
|
|
"roles"
|
|
],
|
|
"properties": {
|
|
"grantedToV2": {
|
|
"type": "object",
|
|
"required": ["user"],
|
|
"properties": {
|
|
"user": {
|
|
"type": "object",
|
|
"required": ["displayName","id"],
|
|
"properties": {
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^%user_id_pattern%$"
|
|
},
|
|
"displayName": {
|
|
"const": "Alice Hansen"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"id": {
|
|
"type": "string",
|
|
"pattern": "^u:%user_id_pattern%$"
|
|
},
|
|
"roles": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"maxItems": 1,
|
|
"items": {
|
|
"type": "string",
|
|
"pattern": "^%role_id_pattern%$"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
"""
|
|
|
|
@issues-8331
|
|
Scenario: user sends share invitation with all allowed roles for a folder in project space
|
|
Given using spaces DAV path
|
|
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
|
|
And user "Alice" has created a space "new-space" with the default quota using the Graph API
|
|
And user "Alice" has created a folder "folder" in space "new-space"
|
|
And user "Brian" has been created with default attributes and without skeleton files
|
|
When user "Alice" gets permissions list for folder "folder" of the space "new-space" using the Graph API
|
|
Then the HTTP status code should be "200"
|
|
And user "Alice" should be able to send share the following invitation with all allowed permission roles
|
|
| resource | folder |
|
|
| space | new-space |
|
|
| sharee | Brian |
|
|
| shareType | user |
|