diff --git a/tests/acceptance/features/apiSpaces/changeSpaces.feature b/tests/acceptance/features/apiSpaces/changeSpaces.feature index a3937755524..73535e12629 100644 --- a/tests/acceptance/features/apiSpaces/changeSpaces.feature +++ b/tests/acceptance/features/apiSpaces/changeSpaces.feature @@ -1,139 +1,198 @@ @api @skipOnOcV10 Feature: Change data of space - As a user with admin rights + As a user with space admin rights I want to be able to change the data of a created space (increase the quota, change name, etc.) Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 Background: - Given user "Alice" has been created with default attributes and without skeleton files - And the administrator has given "Alice" the role "Admin" using the settings api + Given these users have been created with default attributes and without skeleton files: + | username | + | Alice | + | Brian | + | Bob | + And the administrator has given "Alice" the role "Space Admin" using the settings api + And user "Alice" has created a space "Project Jupiter" of type "project" with quota "20" + And user "Alice" has shared a space "Project Jupiter" to user "Brian" with role "editor" + And user "Alice" has shared a space "Project Jupiter" to user "Bob" with role "viewer" - Scenario: An admin user can change the name and description of a Space via the Graph API - Given user "Alice" has created a space "Project Jupiter" of type "project" with quota "20" - When user "Alice" changes the name of the "Project Jupiter" space to "Project Death Star" - And user "Alice" changes the description of the "Project Death Star" space to "The Death Star is a fictional mobile space station" + + Scenario Outline: Only space admin user can change the name of a Space via the Graph API + When user "" changes the name of the "Project Jupiter" space to "Project Death Star" + Then the HTTP status code should be "" + And the user "" should have a space called "" with these key and value pairs: + | key | value | + | driveType | project | + | name | | + Examples: + | user | code | expectedName | + | Alice | 200 | Project Death Star | + | Brian | 403 | Project Jupiter | + | Bob | 403 | Project Jupiter | + + + Scenario: Only space admin user can change the description(subtitle) of a Space via the Graph API + When user "Alice" changes the description of the "Project Jupiter" space to "The Death Star is a fictional mobile space station" Then the HTTP status code should be "200" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "Project Death Star" with these key and value pairs: - | key | value | - | driveType | project | - | name | Project Death Star | - | description | The Death Star is a fictional mobile space station | - | quota@@@total | 20 | - | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | - - Scenario: An admin user can increase the quota of a Space via the Graph API - Given user "Alice" has created a space "Project Earth" of type "project" with quota "20" - When user "Alice" changes the quota of the "Project Earth" space to "100" + And the user "Alice" should have a space called "Project Jupiter" with these key and value pairs: + | key | value | + | driveType | project | + | name | Project Jupiter | + | description | The Death Star is a fictional mobile space station | + + + Scenario Outline: Viewer and editor cannot change the description(subtitle) of a Space via the Graph API + When user "" changes the description of the "Project Jupiter" space to "The Death Star is a fictional mobile space station" + Then the HTTP status code should be "" + Examples: + | user | code | + | Brian | 403 | + | Bob | 403 | + + + Scenario Outline: An user tries to increase the quota of a Space via the Graph API + When user "" changes the quota of the "Project Jupiter" space to "100" + Then the HTTP status code should be "" + And the user "" should have a space called "Project Jupiter" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | quota@@@total | | + Examples: + | user | code | expectedQuataValue | + | Alice | 200 | 100 | + | Brian | 401 | 20 | + | Bob | 401 | 20 | + + + Scenario Outline: An space admin user set no restriction quota of a Space via the Graph API + When user "Alice" changes the quota of the "Project Jupiter" space to "" Then the HTTP status code should be "200" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "Project Earth" with these key and value pairs: - | key | value | - | name | Project Earth | - | quota@@@total | 100 | - - - Scenario: An user set readme file as description of the space via the Graph API - Given user "Alice" has created a space "add special section" with the default quota using the GraphApi - And user "Alice" has created a folder ".space" in space "add special section" - And user "Alice" has uploaded a file inside space "add special section" with content "space description" to ".space/readme.md" - When user "Alice" sets the file ".space/readme.md" as a description in a special section of the "add special section" space + When user "Alice" uploads a file inside space "Project Jupiter" with content "some content" to "file.txt" using the WebDAV API + Then the HTTP status code should be "201" + And the user "Alice" should have a space called "Project Jupiter" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | quota@@@used | 12 | + Examples: + | quotaValue | + | 0 | + | -1 | + + + Scenario: An user space admin set readme file as description of the space via the Graph API + Given user "Alice" has created a folder ".space" in space "Project Jupiter" + And user "Alice" has uploaded a file inside space "Project Jupiter" with content "space description" to ".space/readme.md" + When user "Alice" sets the file ".space/readme.md" as a description in a special section of the "Project Jupiter" space Then the HTTP status code should be "200" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "add special section" owned by "Alice" with description file ".space/readme.md" with these key and value pairs: - | key | value | - | name | add special section | - | special@@@0@@@size | 17 | - | special@@@0@@@name | readme.md | - | special@@@0@@@specialFolder@@@name | readme | - | special@@@0@@@file@@@mimeType | text/markdown | - | special@@@0@@@id | %file_id% | - | special@@@0@@@eTag | %eTag% | - And for user "Alice" folder ".space/" of the space "add special section" should contain these entries: + And the user "Alice" should have a space called "Project Jupiter" owned by "Alice" with description file ".space/readme.md" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | special@@@0@@@size | 17 | + | special@@@0@@@name | readme.md | + | special@@@0@@@specialFolder@@@name | readme | + | special@@@0@@@file@@@mimeType | text/markdown | + | special@@@0@@@id | %file_id% | + | special@@@0@@@eTag | %eTag% | + And for user "Alice" folder ".space/" of the space "Project Jupiter" should contain these entries: | readme.md | - And for user "Alice" the content of the file ".space/readme.md" of the space "add special section" should be "space description" + And for user "Alice" the content of the file ".space/readme.md" of the space "Project Jupiter" should be "space description" + + + Scenario Outline: An user member of the space changes readme file + Given user "Alice" has created a folder ".space" in space "Project Jupiter" + And user "Alice" has uploaded a file inside space "Project Jupiter" with content "space description" to ".space/readme.md" + And user "Alice" has set the file ".space/readme.md" as a description in a special section of the "Project Jupiter" space + When user "" uploads a file inside space "Project Jupiter" with content "new description" to ".space/readme.md" using the WebDAV API + Then the HTTP status code should be "" + And the user "" should have a space called "Project Jupiter" owned by "Alice" with description file ".space/readme.md" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | special@@@0@@@size | | + | special@@@0@@@name | readme.md | + | special@@@0@@@specialFolder@@@name | readme | + | special@@@0@@@file@@@mimeType | text/markdown | + | special@@@0@@@id | %file_id% | + | special@@@0@@@eTag | %eTag% | + And for user "" folder ".space/" of the space "Project Jupiter" should contain these entries: + | readme.md | + And for user "" the content of the file ".space/readme.md" of the space "Project Jupiter" should be "" + Examples: + | user | code | size | content | + | Brian | 204 | 15 | new description | + | Bob | 403 | 17 | space description | - Scenario Outline: An user set image file as space image of the space via the Graph API - Given user "Alice" has created a space "add special section" with the default quota using the GraphApi - And user "Alice" has created a folder ".space" in space "add special section" - And user "Alice" has uploaded a file inside space "add special section" with content "" to ".space/" - When user "Alice" sets the file ".space/" as a space image in a special section of the "add special section" space + Scenario Outline: An user space admin and editor set image file as space image of the space via the Graph API + Given user "Alice" has created a folder ".space" in space "Project Jupiter" + And user "" has uploaded a file inside space "Project Jupiter" with content "" to ".space/" + When user "" sets the file ".space/" as a space image in a special section of the "Project Jupiter" space Then the HTTP status code should be "200" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "add special section" owned by "Alice" with description file ".space/" with these key and value pairs: - | key | value | - | name | add special section | - | special@@@0@@@size | 0 | - | special@@@0@@@name | | - | special@@@0@@@specialFolder@@@name | image | - | special@@@0@@@file@@@mimeType | | - | special@@@0@@@id | %file_id% | - | special@@@0@@@eTag | %eTag% | - And for user "Alice" folder ".space/" of the space "add special section" should contain these entries: + And the user "Alice" should have a space called "Project Jupiter" owned by "Alice" with description file ".space/" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | special@@@0@@@size | 0 | + | special@@@0@@@name | | + | special@@@0@@@specialFolder@@@name | image | + | special@@@0@@@file@@@mimeType | | + | special@@@0@@@id | %file_id% | + | special@@@0@@@eTag | %eTag% | + And for user "" folder ".space/" of the space "Project Jupiter" should contain these entries: | | Examples: - | fileName | nameInResponse | mimeType | - | spaceImage.jpeg | spaceImage.jpeg | image/jpeg | - | spaceImage.png | spaceImage.png | image/png | - | spaceImage.gif | spaceImage.gif | image/gif | - - - Scenario: An user set new readme file as description of the space via the Graph API - Given user "Alice" has created a space "add special section" with the default quota using the GraphApi - And user "Alice" has created a folder ".space" in space "add special section" - And user "Alice" has uploaded a file inside space "add special section" with content "space description" to ".space/readme.md" - And user "Alice" has set the file ".space/readme.md" as a description in a special section of the "add special section" space - When user "Alice" has uploaded a file inside space "add special section" with content "new space description" to ".space/newReadme.md" - And user "Alice" sets the file ".space/newReadme.md" as a description in a special section of the "add special section" space - Then the HTTP status code should be "200" - And for user "Alice" the content of the file ".space/newReadme.md" of the space "add special section" should be "new space description" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "add special section" owned by "Alice" with description file ".space/newReadme.md" with these key and value pairs: - | key | value | - | name | add special section | - | special@@@0@@@size | 21 | - | special@@@0@@@name | newReadme.md | - | special@@@0@@@specialFolder@@@name | readme | - | special@@@0@@@file@@@mimeType | text/markdown | - | special@@@0@@@id | %file_id% | - | special@@@0@@@eTag | %eTag% | - - - Scenario: An user set new image file as space image of the space via the Graph API - Given user "Alice" has created a space "add special section" with the default quota using the GraphApi - And user "Alice" has created a folder ".space" in space "add special section" - And user "Alice" has uploaded a file inside space "add special section" with content "" to ".space/spaceImage.jpeg" - And user "Alice" has set the file ".space/spaceImage.jpeg" as a space image in a special section of the "add special section" space - When user "Alice" has uploaded a file inside space "add special section" with content "" to ".space/newSpaceImage.png" - And user "Alice" sets the file ".space/newSpaceImage.png" as a space image in a special section of the "add special section" space - Then the HTTP status code should be "200" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "add special section" owned by "Alice" with description file ".space/newSpaceImage.png" with these key and value pairs: - | key | value | - | name | add special section | - | special@@@0@@@size | 0 | - | special@@@0@@@name | newSpaceImage.png | - | special@@@0@@@specialFolder@@@name | image | - | special@@@0@@@file@@@mimeType | image/png | - | special@@@0@@@id | %file_id% | - | special@@@0@@@eTag | %eTag% | - - - Scenario Outline: An admin user set no restriction quota of a Space via the Graph API - Given user "Alice" has created a space "Project Earth" of type "project" with quota "20" - When user "Alice" changes the quota of the "Project Earth" space to "" + | user | fileName | nameInResponse | mimeType | + | Alice | spaceImage.jpeg | spaceImage.jpeg | image/jpeg | + | Brian | spaceImage.png | spaceImage.png | image/png | + | Alice | spaceImage.gif | spaceImage.gif | image/gif | + + + Scenario: An user viewer cannot set image file as space image of the space via the Graph API + Given user "Alice" has created a folder ".space" in space "Project Jupiter" + And user "Alice" has uploaded a file inside space "Project Jupiter" with content "" to ".space/someImageFile.jpg" + When user "Bob" sets the file ".space/someImageFile.jpg" as a space image in a special section of the "Project Jupiter" space + Then the HTTP status code should be "403" + + + Scenario Outline: An user set new readme file as description of the space via the Graph API + Given user "Alice" has created a folder ".space" in space "Project Jupiter" + And user "Alice" has uploaded a file inside space "Project Jupiter" with content "space description" to ".space/readme.md" + And user "Alice" has set the file ".space/readme.md" as a description in a special section of the "Project Jupiter" space + When user "" uploads a file inside space "Project Jupiter" owned by the user "Alice" with content "new content" to ".space/readme.md" using the WebDAV API + Then the HTTP status code should be "" + And for user "" the content of the file ".space/readme.md" of the space "Project Jupiter" should be "" + And the user "" should have a space called "Project Jupiter" owned by "Alice" with description file ".space/readme.md" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | special@@@0@@@size | | + | special@@@0@@@name | readme.md | + | special@@@0@@@specialFolder@@@name | readme | + | special@@@0@@@file@@@mimeType | text/markdown | + | special@@@0@@@id | %file_id% | + | special@@@0@@@eTag | %eTag% | + Examples: + | user | code | expectedSize | expectedContent | + | Alice | 204 | 11 | new content | + | Brian | 204 | 11 | new content | + | Bob | 403 | 17 | space description | + + + Scenario Outline: An user set new image file as space image of the space via the Graph API + Given user "Alice" has created a folder ".space" in space "Project Jupiter" + And user "Alice" has uploaded a file inside space "Project Jupiter" with content "" to ".space/spaceImage.jpeg" + And user "Alice" has set the file ".space/spaceImage.jpeg" as a space image in a special section of the "Project Jupiter" space + When user "" has uploaded a file inside space "Project Jupiter" with content "" to ".space/newSpaceImage.png" + And user "" sets the file ".space/newSpaceImage.png" as a space image in a special section of the "Project Jupiter" space Then the HTTP status code should be "200" - When user "Alice" uploads a file inside space "Project Earth" with content "some content" to "file.txt" using the WebDAV API - Then the HTTP status code should be "201" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "Project Earth" with these key and value pairs: - | key | value | - | name | Project Earth | - | quota@@@used | 12 | + And the user "" should have a space called "Project Jupiter" owned by "Alice" with space image ".space/newSpaceImage.png" with these key and value pairs: + | key | value | + | name | Project Jupiter | + | special@@@0@@@size | 0 | + | special@@@0@@@name | newSpaceImage.png | + | special@@@0@@@specialFolder@@@name | image | + | special@@@0@@@file@@@mimeType | image/png | + | special@@@0@@@id | %file_id% | + | special@@@0@@@eTag | %eTag% | Examples: - | quotaValue | - | 0 | - | -1 | + | user | + | Alice | + | Brian | \ No newline at end of file diff --git a/tests/acceptance/features/apiSpaces/deleteSpaces.feature b/tests/acceptance/features/apiSpaces/deleteSpaces.feature index e34b1af191d..4c387a468ba 100644 --- a/tests/acceptance/features/apiSpaces/deleteSpaces.feature +++ b/tests/acceptance/features/apiSpaces/deleteSpaces.feature @@ -2,7 +2,7 @@ Feature: Disabling and deleting space As a manager of space I want to be able to disable the space first, then delete it. - I want to make sure that a disabled spaces isn't accessible by shared users. + I want to make sure that a disabled spaces isn't accessible by shared users. Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 @@ -13,80 +13,58 @@ Feature: Disabling and deleting space | Alice | | Brian | | Bob | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api + And user "Alice" has created a space "Project Moon" with the default quota using the GraphApi + And user "Alice" has shared a space "Project Moon" to user "Brian" with role "editor" + And user "Alice" has shared a space "Project Moon" to user "Bob" with role "viewer" - Scenario: An owner can disable a Space via the Graph API - Given user "Alice" has created a space "disable a space" of type "project" with quota "10" - And user "Alice" has shared a space "disable a space" to user "Brian" with role "editor" - When user "Alice" disables a space "disable a space" + Scenario Outline: A space admin user can disable a Space via the Graph API + When user "Alice" disables a space "Project Moon" Then the HTTP status code should be "204" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "disable a space" with these key and value pairs: - | key | value | - | name | disable a space | - | root@@@deleted@@@state | trashed | - + And the user "Alice" should have a space called "Project Moon" with these key and value pairs: + | key | value | + | name | Project Moon | + | root@@@deleted@@@state | trashed | + And the user "" should not have a space called "Project Moon" + Examples: + | user | + | Brian | + | Bob | - Scenario: Participants without a manager role cannot see the disabled space - Given user "Alice" has created a space "cannot see space" of type "project" with quota "10" - And user "Alice" has shared a space "cannot see space" to user "Brian" with role "editor" - And user "Alice" has shared a space "cannot see space" to user "Bob" with role "viewer" - And user "Alice" has disabled a space "cannot see space" - When user "Brian" lists all available spaces via the GraphApi - Then the json responded should not contain a space with name "cannot see space" - When user "Bob" lists all available spaces via the GraphApi - Then the json responded should not contain a space with name "cannot see space" + + Scenario Outline: An user without space admin role cannot disable a Space via the Graph API + When user "" disables a space "Project Moon" + Then the HTTP status code should be "403" + And the user "" should have a space called "Project Moon" with these key and value pairs: + | key | value | + | name | Project Moon | + Examples: + | user | + | Brian | + | Bob | - Scenario: An owner can delete a disabled Space via the webDav API - Given user "Alice" has created a space "delete a space" of type "project" with quota "10" - And user "Alice" has disabled a space "delete a space" - When user "Alice" deletes a space "delete a space" + Scenario: A space manager can delete a disabled Space via the webDav API + Given user "Alice" has disabled a space "Project Moon" + When user "Alice" deletes a space "Project Moon" Then the HTTP status code should be "204" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should not contain a space with name "delete a space" - + And the user "Alice" should not have a space called "Project Moon" - Scenario: An owner can disable and delete Space in which files and folders exist via the webDav API - Given user "Alice" has created a space "delete a space with content" of type "project" with quota "10" - And user "Alice" has uploaded a file inside space "delete a space with content" with content "test" to "test.txt" - And user "Alice" has created a folder "MainFolder" in space "delete a space with content" - When user "Alice" disables a space "delete a space with content" + + Scenario: An space manager can disable and delete Space in which files and folders exist via the webDav API + Given user "Alice" has uploaded a file inside space "Project Moon" with content "test" to "test.txt" + And user "Alice" has created a folder "MainFolder" in space "Project Moon" + When user "Alice" disables a space "Project Moon" Then the HTTP status code should be "204" - When user "Alice" deletes a space "delete a space with content" + When user "Alice" deletes a space "Project Moon" Then the HTTP status code should be "204" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should not contain a space with name "delete a space with content" + And the user "Alice" should not have a space called "Project Moon" - Scenario: An owner cannot delete a space via the webDav API without first disabling it - Given user "Alice" has created a space "delete without disabling" of type "project" with quota "10" - When user "Alice" deletes a space "delete without disabling" + Scenario: An space manager cannot delete a space via the webDav API without first disabling it + When user "Alice" deletes a space "Project Moon" Then the HTTP status code should be "400" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "delete without disabling" with these key and value pairs: - | key | value | - | name | delete without disabling | - - - Scenario: An user with editor role cannot disable a Space via the Graph API - Given user "Alice" has created a space "editor tries to disable a space" of type "project" with quota "10" - And user "Alice" has shared a space "editor tries to disable a space" to user "Brian" with role "editor" - When user "Brian" disables a space "editor tries to disable a space" - Then the HTTP status code should be "403" - When user "Brian" lists all available spaces via the GraphApi - Then the json responded should contain a space "editor tries to disable a space" with these key and value pairs: - | key | value | - | name | editor tries to disable a space | - - - Scenario: An user with viewer role cannot disable a Space via the Graph API - Given user "Alice" has created a space "viewer tries to disable a space" of type "project" with quota "10" - And user "Alice" has shared a space "viewer tries to disable a space" to user "Brian" with role "viewer" - When user "Brian" disables a space "viewer tries to disable a space" - Then the HTTP status code should be "403" - When user "Brian" lists all available spaces via the GraphApi - Then the json responded should contain a space "viewer tries to disable a space" with these key and value pairs: - | key | value | - | name | viewer tries to disable a space | + And the user "Alice" should have a space called "Project Moon" with these key and value pairs: + | key | value | + | name | Project Moon | diff --git a/tests/acceptance/features/apiSpaces/download.feature b/tests/acceptance/features/apiSpaces/download.feature index 5dd610344d2..983c8b58afe 100644 --- a/tests/acceptance/features/apiSpaces/download.feature +++ b/tests/acceptance/features/apiSpaces/download.feature @@ -1,6 +1,6 @@ @api @skipOnOcV10 Feature: Download file in project space - As a user, I want to be able to download files + As a user with different role, I want to be able to download files Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 @@ -10,29 +10,42 @@ Feature: Download file in project space | username | | Alice | | Brian | - And the administrator has given "Alice" the role "Admin" using the settings api + | Bob | + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "download file" with the default quota using the GraphApi And user "Alice" has uploaded a file inside space "download file" with content "some content" to "file.txt" + And user "Alice" has shared a space "download file" to user "Brian" with role "editor" + And user "Alice" has shared a space "download file" to user "Bob" with role "viewer" - Scenario: An user downloads a file in the project space - When user "Alice" downloads the file "file.txt" of the space "download file" using the WebDAV API + Scenario Outline: An user downloads a file in the project space + When user "" downloads the file "file.txt" of the space "download file" using the WebDAV API Then the HTTP status code should be "200" And the following headers should be set | header | value | | Content-Length | 12 | + Examples: + | user | + | Alice | + | Brian | + | Bob | - Scenario: An user downloads an old version of the file in the project space + Scenario Outline: An user downloads an old version of the file in the project space Given user "Alice" has uploaded a file inside space "download file" with content "new content" to "file.txt" And user "Alice" has uploaded a file inside space "download file" with content "newest content" to "file.txt" - When user "Alice" downloads version of the file "file.txt" with the index "1" of the space "download file" using the WebDAV API + When user "" downloads version of the file "file.txt" with the index "1" of the space "download file" using the WebDAV API Then the HTTP status code should be "200" And the following headers should be set | header | value | | Content-Length | 11 | - When user "Alice" downloads version of the file "file.txt" with the index "2" of the space "download file" using the WebDAV API + When user "" downloads version of the file "file.txt" with the index "2" of the space "download file" using the WebDAV API Then the HTTP status code should be "200" And the following headers should be set | header | value | | Content-Length | 12 | + Examples: + | user | + | Alice | + | Brian | + | Bob | diff --git a/tests/acceptance/features/apiSpaces/filePreviews.feature b/tests/acceptance/features/apiSpaces/filePreviews.feature index 6c1391a148c..2b7a0162d9d 100644 --- a/tests/acceptance/features/apiSpaces/filePreviews.feature +++ b/tests/acceptance/features/apiSpaces/filePreviews.feature @@ -9,8 +9,7 @@ Feature: Preview file in project space Given these users have been created with default attributes and without skeleton files: | username | | Alice | - | Brian | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "previews of the files" with the default quota using the GraphApi diff --git a/tests/acceptance/features/apiSpaces/listSpaces.feature b/tests/acceptance/features/apiSpaces/listSpaces.feature index 1c6d7623f99..f4f3e96a0a4 100644 --- a/tests/acceptance/features/apiSpaces/listSpaces.feature +++ b/tests/acceptance/features/apiSpaces/listSpaces.feature @@ -9,46 +9,67 @@ Feature: List and create spaces Background: Given user "Alice" has been created with default attributes and without skeleton files + Scenario: An ordinary user can request information about their Space via the Graph API When user "Alice" lists all available spaces via the GraphApi Then the HTTP status code should be "200" And the json responded should contain a space "Alice Hansen" with these key and value pairs: - | key | value | - | driveType | personal | - | driveAlias | personal/alice | - | id | %space_id% | - | name | Alice Hansen | - | quota@@@state | normal | + | key | value | + | driveType | personal | + | driveAlias | personal/alice | + | id | %space_id% | + | name | Alice Hansen | + | quota@@@state | normal | | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | + Scenario: An ordinary user can request information about their Space via the Graph API using a filter + Given user "Brian" has been created with default attributes and without skeleton files + And user "Brian" has created folder "folder" + And user "Brian" has shared folder "folder" with user "Alice" with permissions "31" + And user "Alice" has accepted share "/folder" offered by user "Brian" + Then the user "Alice" should have a space called "Shares Jail" with these key and value pairs: + | key | value | + | driveType | virtual | + | id | %space_id% | + | name | Shares Jail | When user "Alice" lists all available spaces via the GraphApi with query "$filter=driveType eq 'personal'" Then the HTTP status code should be "200" And the json responded should contain a space "Alice Hansen" with these key and value pairs: - | key | value | - | driveType | personal | - | id | %space_id% | - | name | Alice Hansen | - | quota@@@state | normal | + | key | value | + | driveType | personal | + | id | %space_id% | + | name | Alice Hansen | + | quota@@@state | normal | | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | And the json responded should not contain a space with name "Shares Jail" And the json responded should only contain spaces of type "personal" + Scenario: An ordinary user will not see any space when using a filter for project + Given the administrator has given "Alice" the role "Space Admin" using the settings api + And user "Alice" has created a space "my project" of type "project" with quota "20" When user "Alice" lists all available spaces via the GraphApi with query "$filter=driveType eq 'project'" Then the HTTP status code should be "200" + And the json responded should contain a space "my project" with these key and value pairs: + | key | value | + | driveType | project | + | id | %space_id% | + | name | my project | And the json responded should not contain a space with name "Alice Hansen" - And the json responded should not contain spaces of type "personal" + Scenario: An ordinary user can access their Space via the webDav API When user "Alice" lists all available spaces via the GraphApi And user "Alice" lists the content of the space with the name "Alice Hansen" using the WebDav Api Then the HTTP status code should be "207" + Scenario: An ordinary user cannot create a Space via Graph API When user "Alice" creates a space "Project Mars" of type "project" with the default quota using the GraphApi Then the HTTP status code should be "401" + Scenario: An admin user can create a Space via the Graph API with default quota Given the administrator has given "Alice" the role "Admin" using the settings api When user "Alice" creates a space "Project Mars" of type "project" with the default quota using the GraphApi @@ -61,6 +82,7 @@ Feature: List and create spaces | quota@@@total | 1000000000 | | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | + Scenario: An admin user can create a Space via the Graph API with certain quota Given the administrator has given "Alice" the role "Admin" using the settings api When user "Alice" creates a space "Project Venus" of type "project" with quota "2000" using the GraphApi @@ -72,6 +94,7 @@ Feature: List and create spaces | quota@@@total | 2000 | | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | + Scenario: A user can list his personal space via multiple endpoints When user "Alice" lists all available spaces via the GraphApi with query "$filter=driveType eq 'personal'" Then the json responded should contain a space "Alice Hansen" owned by "Alice" with these key and value pairs: @@ -87,6 +110,7 @@ Feature: List and create spaces | name | Alice Hansen | | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | + Scenario: A user can list his created spaces via multiple endpoints Given the administrator has given "Alice" the role "Admin" using the settings api When user "Alice" creates a space "Project Venus" of type "project" with quota "2000" using the GraphApi diff --git a/tests/acceptance/features/apiSpaces/quota.feature b/tests/acceptance/features/apiSpaces/quota.feature index c5b8c8cbf6f..781d6b1ce6b 100644 --- a/tests/acceptance/features/apiSpaces/quota.feature +++ b/tests/acceptance/features/apiSpaces/quota.feature @@ -13,14 +13,13 @@ Feature: State of the quota Background: Given user "Alice" has been created with default attributes and without skeleton files - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api Scenario Outline: Quota information is returned in the list of spaces returned via the Graph API Given user "Alice" has created a space "" of type "project" with quota "" - And user "Alice" has uploaded a file inside space "" with content "" to "test.txt" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "" with these key and value pairs: + When user "Alice" uploads a file inside space "" with content "" to "test.txt" using the WebDAV API + Then the user "Alice" should have a space called "" with these key and value pairs: | key | value | | name | | | quota@@@state | | diff --git a/tests/acceptance/features/apiSpaces/removeSpaceObjects.feature b/tests/acceptance/features/apiSpaces/removeSpaceObjects.feature index 6e22ec10c05..e7650acb72b 100644 --- a/tests/acceptance/features/apiSpaces/removeSpaceObjects.feature +++ b/tests/acceptance/features/apiSpaces/removeSpaceObjects.feature @@ -13,7 +13,7 @@ Feature: Remove files, folder | username | | Alice | | Brian | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "delete objects" with the default quota using the GraphApi And user "Alice" has created a folder "folderForDeleting/sub1/sub2" in space "delete objects" And user "Alice" has uploaded a file inside space "delete objects" with content "some content" to "text.txt" @@ -58,8 +58,7 @@ Feature: Remove files, folder And for user "" the space "delete objects" contain these entries: | text.txt | And as "" file "text.txt" exist in the trashbin of the space "delete objects" - When user "" lists all available spaces via the GraphApi - Then the json responded should contain a space "delete objects" with these key and value pairs: + And the user "" should have a space called "delete objects" with these key and value pairs: | key | value | | name | delete objects | | quota@@@used | | @@ -72,10 +71,8 @@ Feature: Remove files, folder Scenario: An user is unable to delete a Space via the webDav API - Given user "Alice" has created a space "user deletes a space" of type "project" with quota "20" - When user "Alice" removes the folder "" from space "user deletes a space" + When user "Alice" removes the folder "" from space "delete objects" Then the HTTP status code should be "400" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "user deletes a space" with these key and value pairs: - | key | value | - | name | user deletes a space | + And the user "Alice" should have a space called "delete objects" with these key and value pairs: + | key | value | + | name | delete objects | diff --git a/tests/acceptance/features/apiSpaces/resharing.feature b/tests/acceptance/features/apiSpaces/resharing.feature index e4ff437f4f9..6a3eca755ff 100644 --- a/tests/acceptance/features/apiSpaces/resharing.feature +++ b/tests/acceptance/features/apiSpaces/resharing.feature @@ -23,6 +23,7 @@ Feature: Resharing And user "Carol" has shared folder "Shares/folder" with user "Damian" with permissions "17" And user "Damian" has accepted share "/folder" offered by user "Carol" + Scenario Outline: You should only be able to see direct outgoing shares not all the chain: Given user "Brian" has shared folder "Shares/folder" with user "Fred" with permissions "17" And user "Fred" has accepted share "/folder" offered by user "Brian" @@ -41,6 +42,7 @@ Feature: Resharing | Damian | 0 | should not be | should not be | should not be | | Fred | 0 | should not be | should not be | should not be | + Scenario: Owners can see all the chain: When user "Alice" gets all the shares inside the folder "folder" using the sharing API Then the OCS status code should be "100" @@ -50,11 +52,13 @@ Feature: Resharing And user "Carol" should be included in the response And user "Damian" should be included in the response + Scenario: You can't share with more permissions than you have When user "Damian" shares folder "Shares/folder" with user "Ember" with permissions "31" using the sharing API Then the OCS status code should be "404" And the OCS status message should be "Cannot set the requested share permissions" + Scenario Outline: Editing reshares Given user "Carol" has shared folder "Shares/folder" with user "Fred" with permissions "17" And user "Fred" has accepted share "/folder" offered by user "Carol" @@ -68,6 +72,7 @@ Feature: Resharing | Brian | 998 | should not be | | Carol | 100 | should be | + Scenario Outline: Deleting reshares Given user "Carol" has shared folder "Shares/folder" with user "Gina" with permissions "17" And user "Gina" has accepted share "/folder" offered by user "Carol" @@ -81,6 +86,7 @@ Feature: Resharing | Brian | 400 | should exist | | Carol | 100 | should not exist | + Scenario Outline: Resharing with different permissions When user "" shares folder "Shares/folder" with user "Ember" with permissions "" using the sharing API Then the OCS status code should be "" @@ -92,6 +98,7 @@ Feature: Resharing | Damian | 27 | 404 | | Damian | 31 | 404 | + Scenario Outline: Resharing files with different permissions Given user "Alice" has uploaded file with content "Random data" to "/file.txt" And user "Alice" has shared file "/file.txt" with user "Brian" with permissions "" @@ -104,3 +111,18 @@ Feature: Resharing | 17 | 19 | 404 | | 19 | 19 | 100 | + + Scenario Outline: Resharing with group with different permissions + Given group "security department" has been created + And the administrator has added a user "Ember" to the group "security department" using GraphApi + And the administrator has added a user "Fred" to the group "security department" using GraphApi + When user "Brian" shares folder "Shares/folder" with group "security department" with permissions "" using the sharing API + Then the OCS status code should be "100" + When user "Ember" accepts share "/folder" offered by user "Brian" using the sharing API + Then user "Ember" able to upload file "filesForUpload/textfile.txt" to "/Shares/folder/textfile.txt" + When user "Fred" accepts share "/folder" offered by user "Brian" using the sharing API + Then user "Fred" able to upload file "filesForUpload/textfile.txt" to "/Shares/folder/textfile.txt" + Examples: + | permissions | canUpload | + | 17 | should not be | + | 31 | should be | diff --git a/tests/acceptance/features/apiSpaces/restoreSpaceObjects.feature b/tests/acceptance/features/apiSpaces/restoreSpaceObjects.feature index 05f71eec450..b1c970c6280 100644 --- a/tests/acceptance/features/apiSpaces/restoreSpaceObjects.feature +++ b/tests/acceptance/features/apiSpaces/restoreSpaceObjects.feature @@ -14,7 +14,7 @@ Feature: Restore files, folder | Brian | | Bob | | Carol | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" creates a space "restore objects" of type "project" with the default quota using the GraphApi And user "Alice" has created a folder "newFolder" in space "restore objects" And user "Alice" has uploaded a file inside space "restore objects" with content "test" to "newFolder/file.txt" diff --git a/tests/acceptance/features/apiSpaces/restoreSpaces.feature b/tests/acceptance/features/apiSpaces/restoreSpaces.feature index 0351fc2d20e..cc881478610 100644 --- a/tests/acceptance/features/apiSpaces/restoreSpaces.feature +++ b/tests/acceptance/features/apiSpaces/restoreSpaces.feature @@ -14,58 +14,51 @@ Feature: Restoring space | Alice | | Brian | | Bob | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api + And user "Alice" has created a space "restore a space" of type "project" with quota "10" Scenario: An owner can restore a Space via the Graph API - Given user "Alice" has created a space "restore a space" of type "project" with quota "10" - And user "Alice" has disabled a space "restore a space" + Given user "Alice" has disabled a space "restore a space" When user "Alice" restores a disabled space "restore a space" Then the HTTP status code should be "200" Scenario: Participants can see the data after the space is restored - Given user "Alice" has created a space "data exists" of type "project" with quota "10" - And user "Alice" has created a folder "mainFolder" in space "data exists" - And user "Alice" has uploaded a file inside space "data exists" with content "example" to "test.txt" - And user "Alice" has shared a space "data exists" to user "Brian" with role "editor" - And user "Alice" has shared a space "data exists" to user "Bob" with role "viewer" - And user "Alice" has disabled a space "data exists" - When user "Alice" restores a disabled space "data exists" - Then for user "Alice" the space "data exists" should contain these entries: - | test.txt | - | mainFolder | - And for user "Brian" the space "data exists" should contain these entries: - | test.txt | - | mainFolder | - And for user "Bob" the space "data exists" should contain these entries: - | test.txt | - | mainFolder | - + Given user "Alice" has created a folder "mainFolder" in space "restore a space" + And user "Alice" has uploaded a file inside space "restore a space" with content "example" to "test.txt" + And user "Alice" has shared a space "restore a space" to user "Brian" with role "editor" + And user "Alice" has shared a space "restore a space" to user "Bob" with role "viewer" + And user "Alice" has disabled a space "restore a space" + When user "Alice" restores a disabled space "restore a space" + Then for user "Alice" the space "restore a space" should contain these entries: + | test.txt | + | mainFolder | + And for user "Brian" the space "restore a space" should contain these entries: + | test.txt | + | mainFolder | + And for user "Bob" the space "restore a space" should contain these entries: + | test.txt | + | mainFolder | - Scenario: Participants can create data in the space after restoring - Given user "Alice" has created a space "create data in restored space" of type "project" with quota "10" - And user "Alice" has shared a space "create data in restored space" to user "Brian" with role "editor" - And user "Alice" has disabled a space "create data in restored space" - And user "Alice" has restored a disabled space "create data in restored space" - When user "Brian" creates a folder "mainFolder" in space "create data in restored space" using the WebDav Api - And user "Brian" uploads a file inside space "create data in restored space" with content "test" to "test.txt" using the WebDAV API - Then for user "Brian" the space "create data in restored space" should contain these entries: - | test.txt | - | mainFolder | - - Scenario: User with viewer permissions cannot restore space - Given user "Alice" has created a space "viewer restores space" of type "project" with quota "10" - And user "Alice" has shared a space "viewer restores space" to user "Brian" with role "viewer" - And user "Alice" has disabled a space "viewer restores space" - When user "Brian" restores a disabled space "viewer restores space" without manager rights - Then the HTTP status code should be "404" + Scenario: Participant can create data in the space after restoring + Given user "Alice" has shared a space "restore a space" to user "Brian" with role "editor" + And user "Alice" has disabled a space "restore a space" + And user "Alice" has restored a disabled space "restore a space" + When user "Brian" creates a folder "mainFolder" in space "restore a space" using the WebDav Api + And user "Brian" uploads a file inside space "restore a space" with content "test" to "test.txt" using the WebDAV API + Then for user "Brian" the space "restore a space" should contain these entries: + | test.txt | + | mainFolder | - Scenario: User with editor permissions cannot restore space - Given user "Alice" has created a space "editor restores space" of type "project" with quota "10" - And user "Alice" has shared a space "editor restores space" to user "Brian" with role "editor" - And user "Alice" has disabled a space "editor restores space" - When user "Brian" restores a disabled space "editor restores space" without manager rights + Scenario Outline: User without space manager role cannot restore space + Given user "Alice" has shared a space "restore a space" to user "Brian" with role "" + And user "Alice" has disabled a space "restore a space" + When user "Brian" restores a disabled space "restore a space" without manager rights Then the HTTP status code should be "404" + Examples: + | role | + | viewer | + | editor | diff --git a/tests/acceptance/features/apiSpaces/search.feature b/tests/acceptance/features/apiSpaces/search.feature index d41ff5eb740..dd1787df0b8 100644 --- a/tests/acceptance/features/apiSpaces/search.feature +++ b/tests/acceptance/features/apiSpaces/search.feature @@ -11,7 +11,7 @@ Feature: Search | Alice | | Brian | And using new DAV path - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "find data" with the default quota using the GraphApi And user "Alice" has created a folder "folder/SubFolder1/subFOLDER2" in space "find data" And user "Alice" has uploaded a file inside space "find data" with content "some content" to "folder/SubFolder1/subFOLDER2/insideTheFolder.txt" diff --git a/tests/acceptance/features/apiSpaces/shareSpaces.feature b/tests/acceptance/features/apiSpaces/shareSpaces.feature index d534280744b..6393c61ace2 100644 --- a/tests/acceptance/features/apiSpaces/shareSpaces.feature +++ b/tests/acceptance/features/apiSpaces/shareSpaces.feature @@ -12,7 +12,7 @@ Feature: Share spaces | Alice | | Brian | | Bob | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "share space" with the default quota using the GraphApi @@ -21,8 +21,7 @@ Feature: Share spaces Then the HTTP status code should be "200" And the OCS status code should be "200" And the OCS status message should be "OK" - When user "Brian" lists all available spaces via the GraphApi - Then the json responded should contain a space "share space" with these key and value pairs: + And the user "Brian" should have a space called "share space" with these key and value pairs: | key | value | | driveType | project | | id | %space_id% | @@ -36,8 +35,7 @@ Feature: Share spaces Scenario: A user can see who has been granted access Given user "Alice" has shared a space "share space" to user "Brian" with role "viewer" - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "share space" granted to "Brian" with these key and value pairs: + And the user "Alice" should have a space called "share space" granted to "Brian" with these key and value pairs: | key | value | | root@@@permissions@@@1@@@grantedTo@@@0@@@user@@@id | %user_id% | | root@@@permissions@@@1@@@roles@@@0 | viewer | @@ -54,25 +52,21 @@ Feature: Share spaces Scenario: When a user unshares a space, the space becomes unavailable to the receiver Given user "Alice" has shared a space "share space" to user "Brian" with role "viewer" - When user "Brian" lists all available spaces via the GraphApi - Then the json responded should contain a space "share space" with these key and value pairs: + And the user "Brian" should have a space called "share space" with these key and value pairs: | key | value | | driveType | project | | id | %space_id% | | name | share space | When user "Alice" unshares a space "share space" to user "Brian" Then the HTTP status code should be "200" - And user "Brian" lists all available spaces via the GraphApi - And the json responded should not contain a space with name "share space" + Then the user "Brian" should not have a space called "share space" Scenario: A user can add another user to the space managers to enable him Given user "Alice" has uploaded a file inside space "share space" with content "Test" to "test.txt" - And user "Alice" has shared a space "share space" to user "Brian" with role "manager" - When user "Brian" lists all available spaces via the GraphApi - Then the json responded should contain a space "share space" granted to "Brian" with role "manager" - When user "Brian" has shared a space "share space" to user "Bob" with role "viewer" - And user "Bob" lists all available spaces via the GraphApi - Then the json responded should contain a space "share space" granted to "Bob" with role "viewer" + When user "Alice" shares a space "share space" to user "Brian" with role "manager" + Then the user "Brian" should have a space called "share space" granted to "Brian" with role "manager" + When user "Brian" shares a space "share space" to user "Bob" with role "viewer" + Then the user "Bob" should have a space called "share space" granted to "Bob" with role "viewer" And for user "Bob" the space "share space" should contain these entries: | test.txt | diff --git a/tests/acceptance/features/apiSpaces/shareSubItemOfSpace.feature b/tests/acceptance/features/apiSpaces/shareSubItemOfSpace.feature index 6c5545feb05..4a22178e1ff 100644 --- a/tests/acceptance/features/apiSpaces/shareSubItemOfSpace.feature +++ b/tests/acceptance/features/apiSpaces/shareSubItemOfSpace.feature @@ -1,13 +1,8 @@ @api @skipOnOcV10 Feature: Share a file or folder that is inside a space - As an user with manager space role - I want to be able to share the data inside the space + As an user with manager space role + I want to be able to share the data inside the space - | role | permissions | - | viewer | 1 | - | uploader | 4 | - | contributor | 5 | - | editor | 15 | Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 @@ -18,64 +13,41 @@ Feature: Share a file or folder that is inside a space | Alice | | Brian | | Bob | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "share sub-item" with the default quota using the GraphApi And user "Alice" has created a folder "folder" in space "share sub-item" - And user "Alice" has uploaded a file inside space "share sub-item" with content "some content" to "folder/file.txt" + And user "Alice" has uploaded a file inside space "share sub-item" with content "some content" to "file.txt" - Scenario Outline: An user-owner can share a folder inside project space to another user with role: - When user "Alice" shares the following entity "folder" inside of space "share sub-item" with user "Brian" with role "" + Scenario Outline: A manager of the space can share an entity inside project space to another user with role: + When user "Alice" shares the following entity "" inside of space "share sub-item" with user "Brian" with role "" Then the HTTP status code should be "200" And the OCS status code should be "200" And the OCS status message should be "OK" - And user "Brian" accepts share "/folder" offered by user "Alice" using the sharing API - And as "Brian" folder "Shares/folder" should exist + When user "Brian" accepts share "/" offered by user "Alice" using the sharing API + And as "Brian" "Shares/" should exist Examples: - | role | - | viewer | - | editor | + | entity | type | role | + | folder | folder | viewer | + | folder | folder | editor | + | file.txt | file | viewer | + | file.txt | file | editor | - Scenario Outline: An user-owner can share a file inside project space to another user with role: - When user "Alice" shares the following entity "folder/file.txt" inside of space "share sub-item" with user "Brian" with role "" - Then the HTTP status code should be "200" - And the OCS status code should be "200" - And the OCS status message should be "OK" - And user "Brian" accepts share "/file.txt" offered by user "Alice" using the sharing API - Then as "Brian" file "Shares/file.txt" should exist - Examples: - | role | - | viewer | - | editor | - - - Scenario Outline: An user participant of the project space with manager role can share a folder to another user - Given user "Alice" has shared a space "share sub-item" to user "Brian" with role "manager" - When user "Brian" shares the following entity "folder" inside of space "share sub-item" with user "Bob" with role "" - Then the HTTP status code should be "200" - And the OCS status code should be "200" - And the OCS status message should be "OK" - And user "Bob" accepts share "/folder" offered by user "Brian" using the sharing API - And as "Bob" folder "Shares/folder" should exist - Examples: - | role | - | viewer | - | editor | - - - Scenario Outline: An user participant of the project space with manager role can share a file to another user + Scenario Outline: An user participant of the project space with manager role can share an entity to another user Given user "Alice" has shared a space "share sub-item" to user "Brian" with role "manager" - When user "Brian" shares the following entity "folder/file.txt" inside of space "share sub-item" with user "Bob" with role "" + When user "Brian" shares the following entity "" inside of space "share sub-item" with user "Bob" with role "" Then the HTTP status code should be "200" And the OCS status code should be "200" And the OCS status message should be "OK" - And user "Bob" accepts share "/file.txt" offered by user "Brian" using the sharing API - Then as "Bob" file "Shares/file.txt" should exist + When user "Bob" accepts share "/" offered by user "Brian" using the sharing API + And as "Bob" "Shares/" should exist Examples: - | role | - | viewer | - | editor | + | entity | type | role | + | folder | folder | viewer | + | folder | folder | editor | + | file.txt | file | viewer | + | file.txt | file | editor | Scenario Outline: An user participant of the project space without space manager role cannot share an entity to another user @@ -85,8 +57,8 @@ Feature: Share a file or folder that is inside a space And the OCS status code should be "" And the OCS status message should be "" Examples: - | entity | spaceRole | statusCode | statusMessage | - | folder | editor | 404 | No share permission | - | folder/file.txt | editor | 404 | No share permission | - | folder/file.txt | viewer | 404 | No share permission | - | folder | viewer | 404 | No share permission | + | entity | spaceRole | statusCode | statusMessage | + | folder | editor | 404 | No share permission | + | file.txt | editor | 404 | No share permission | + | file.txt | viewer | 404 | No share permission | + | folder | viewer | 404 | No share permission | diff --git a/tests/acceptance/features/apiSpaces/shareSubItemOfSpaceViaPublicLink.feature b/tests/acceptance/features/apiSpaces/shareSubItemOfSpaceViaPublicLink.feature index 75dc8fe238d..b38d3399f1a 100644 --- a/tests/acceptance/features/apiSpaces/shareSubItemOfSpaceViaPublicLink.feature +++ b/tests/acceptance/features/apiSpaces/shareSubItemOfSpaceViaPublicLink.feature @@ -23,13 +23,13 @@ Feature: Share a file or folder that is inside a space via public link | username | | Alice | | Brian | - And the administrator has given "Alice" the role "Admin" using the settings api + And the administrator has given "Alice" the role "Space Admin" using the settings api And user "Alice" has created a space "share sub-item" with the default quota using the GraphApi And user "Alice" has created a folder "folder" in space "share sub-item" And user "Alice" has uploaded a file inside space "share sub-item" with content "some content" to "folder/file.txt" - Scenario Outline: An user-owner can share an entity inside project space via public link + Scenario Outline: A manager of the space can share an entity inside project space via public link When user "Alice" creates a public link share inside of space "share sub-item" with settings: | path | | | shareType | 3 | diff --git a/tests/acceptance/features/apiSpaces/uploadSpaces.feature b/tests/acceptance/features/apiSpaces/uploadSpaces.feature index 769da807dee..9b170787cf9 100644 --- a/tests/acceptance/features/apiSpaces/uploadSpaces.feature +++ b/tests/acceptance/features/apiSpaces/uploadSpaces.feature @@ -1,131 +1,75 @@ @api @skipOnOcV10 Feature: Upload files into a space - As a user - I want to be able to work with project spaces and quota + As an user + I want to be able to create folders and files in the space Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 Background: - Given user "Alice" has been created with default attributes and without skeleton files - And user "Bob" has been created with default attributes and without skeleton files - And the administrator has given "Alice" the role "Admin" using the settings api - - - Scenario: A user can create a folder in a Space via the Graph API - Given user "Alice" has created a space "Project Ceres" of type "project" with quota "2000" - When user "Alice" creates a folder "mainFolder" in space "Project Ceres" using the WebDav Api + Given these users have been created with default attributes and without skeleton files: + | username | + | Alice | + | Brian | + | Bob | + And the administrator has given "Alice" the role "Space Admin" using the settings api + And user "Alice" has created a space "Project Ceres" of type "project" with quota "2000" + + + Scenario Outline: An user creates a folder in the Space via the Graph API + And user "Alice" has shared a space "Project Ceres" to user "Brian" with role "" + When user "Brian" creates a folder "mainFolder" in space "Project Ceres" using the WebDav Api + Then the HTTP status code should be "" + And for user "Brian" the space "Project Ceres" contain these entries: + | mainFolder | + Examples: + | role | code | shouldOrNot | + | manager | 201 | should | + | editor | 201 | should | + | viewer | 403 | should not | + + + Scenario Outline: An user uploads a file in shared Space via the Graph API + And user "Alice" has shared a space "Project Ceres" to user "Brian" with role "" + When user "Brian" uploads a file inside space "Project Ceres" with content "Test" to "test.txt" using the WebDAV API + Then the HTTP status code should be "" + And for user "Brian" the space "Project Ceres" contain these entries: + | test.txt | + And the user "Brian" should have a space called "Project Ceres" with these key and value pairs: + | key | value | + | name | Project Ceres | + | quota@@@used | | + Examples: + | role | code | shouldOrNot | usedQuota | + | manager | 201 | should | 4 | + | editor | 201 | should | 4 | + | viewer | 403 | should not | 0 | + + + Scenario: An user can create subfolders in a Space via the Graph API + When user "Alice" creates a subfolder "mainFolder/subFolder1/subFolder2" in space "Project Ceres" using the WebDav Api Then the HTTP status code should be "201" And for user "Alice" the space "Project Ceres" should contain these entries: - | mainFolder | - - - Scenario: A user can create subfolders in a Space via the Graph API - Given user "Alice" has created a space "Subfolders in Project" of type "project" with quota "2000" - When user "Alice" creates a subfolder "mainFolder/subFolder1/subFolder2" in space "Subfolders in Project" using the WebDav Api - Then the HTTP status code should be "201" - And for user "Alice" the space "Subfolders in Project" should contain these entries: | mainFolder | - And for user "Alice" folder "mainFolder/subFolder1/" of the space "Subfolders in Project" should contain these entries: + And for user "Alice" folder "mainFolder/subFolder1/" of the space "Project Ceres" should contain these entries: | subFolder2 | - Scenario: A user cannot create a folder in a Space if they do not have permission - Given user "Alice" has created a space "Project Merkur" of type "project" with quota "2000" - And user "Bob" creates a folder "forAlice" in space "Project Merkur" owned by the user "Alice" using the WebDav Api - Then the HTTP status code should be "404" - And for user "Alice" the space "Project Merkur" should not contain these entries: - | forAlice | - - - Scenario: A user can create a folder and upload a file to a Space - Given user "Alice" has created a space "Project Moon" of type "project" with quota "2000" - When user "Alice" creates a folder "NewFolder" in space "Project Moon" using the WebDav Api + Scenario: An user can create a folder and upload a file to a Space + When user "Alice" creates a folder "NewFolder" in space "Project Ceres" using the WebDav Api Then the HTTP status code should be "201" - And user "Alice" uploads a file inside space "Project Moon" with content "Test" to "test.txt" using the WebDAV API + And user "Alice" uploads a file inside space "Project Ceres" with content "Test" to "test.txt" using the WebDAV API Then the HTTP status code should be "201" - And for user "Alice" the space "Project Moon" should contain these entries: - | NewFolder | - | test.txt | + And for user "Alice" the space "Project Ceres" should contain these entries: + | NewFolder | + | test.txt | - Scenario: A user cannot upload a file in a Space if they do not have permission - Given user "Alice" has created a space "Project Pluto" of type "project" with quota "2000" - When user "Bob" uploads a file inside space "Project Pluto" owned by the user "Alice" with content "Test" to "test.txt" using the WebDAV API + Scenario: An user cannot create a folder or a file in a Space if they do not have permission + When user "Bob" creates a folder "forAlice" in space "Project Ceres" owned by the user "Alice" using the WebDav Api Then the HTTP status code should be "404" - And for user "Alice" the space "Project Pluto" should not contain these entries: - | test.txt | - - - Scenario: A user can upload a file in a Space and see the remaining quota - When user "Alice" creates a space "Project Saturn" of type "project" with quota "2000" using the GraphApi - And the json responded should contain a space "Project Saturn" with these key and value pairs: - | key | value | - | driveType | project | - | id | %space_id% | - | name | Project Saturn| - | quota@@@total | 2000 | - And user "Alice" uploads a file inside space "Project Saturn" with content "Test" to "test.txt" using the WebDAV API - Then the HTTP status code should be "201" - And for user "Alice" the space "Project Saturn" should contain these entries: - | test.txt | - When user "Alice" lists all available spaces via the GraphApi - Then the json responded should contain a space "Project Saturn" with these key and value pairs: - | key | value | - | driveType | project | - | id | %space_id% | - | name | Project Saturn| - | quota@@@state | normal | - | quota@@@total | 2000 | - | quota@@@remaining| 1996 | - | quota@@@used | 4 | - - - Scenario: A user with role editor can create a folder in shared Space via the Graph API - Given user "Alice" has created a space "Editor can create folder" of type "project" with quota "2000" - And user "Alice" has shared a space "Editor can create folder" to user "Bob" with role "editor" - When user "Bob" creates a folder "mainFolder" in space "Editor can create folder" using the WebDav Api - Then the HTTP status code should be "201" - And for user "Bob" the space "Editor can create folder" should contain these entries: - | mainFolder | - And for user "Alice" the space "Editor can create folder" should contain these entries: - | mainFolder | - - - Scenario: A user with role viewer cannot create a folder in shared Space via the Graph API - Given user "Alice" has created a space "Viewer cannot create folder" of type "project" with quota "2000" - And user "Alice" has shared a space "Viewer cannot create folder" to user "Bob" with role "viewer" - When user "Bob" creates a folder "mainFolder" in space "Viewer cannot create folder" using the WebDav Api - Then the HTTP status code should be "403" - And for user "Bob" the space "Viewer cannot create folder" should not contain these entries: - | mainFolder | - And for user "Alice" the space "Viewer cannot create folder" should not contain these entries: - | mainFolder | - - - Scenario: A user with role editor can upload a file in shared Space via the Graph API - Given user "Alice" has created a space "Editor can upload file" of type "project" with quota "20" - And user "Alice" has shared a space "Editor can upload file" to user "Bob" with role "editor" - When user "Bob" uploads a file inside space "Editor can upload file" with content "Test" to "test.txt" using the WebDAV API - Then the HTTP status code should be "201" - And for user "Bob" the space "Editor can upload file" should contain these entries: - | test.txt | - And for user "Alice" the space "Editor can upload file" should contain these entries: - | test.txt | - When user "Bob" lists all available spaces via the GraphApi - Then the json responded should contain a space "Editor can upload file" with these key and value pairs: - | key | value | - | name | Editor can upload file | - | quota@@@used | 4 | - - - Scenario: A user with role viewer cannot upload a file in shared Space via the Graph API - Given user "Alice" has created a space "Viewer cannot upload file" of type "project" with quota "20" - And user "Alice" has shared a space "Viewer cannot upload file" to user "Bob" with role "viewer" - When user "Bob" uploads a file inside space "Viewer cannot upload file" with content "Test" to "test.txt" using the WebDAV API - Then the HTTP status code should be "403" - And for user "Bob" the space "Viewer cannot upload file" should not contain these entries: - | test.txt | - And for user "Alice" the space "Viewer cannot upload file" should not contain these entries: - | test.txt | - \ No newline at end of file + When user "Bob" uploads a file inside space "Project Ceres" owned by the user "Alice" with content "Test" to "test.txt" using the WebDAV API + Then the HTTP status code should be "404" + And for user "Alice" the space "Project Ceres" should not contain these entries: + | forAlice | + | test.txt | diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index 2a27dbf1453..062975342d3 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -398,6 +398,8 @@ public function theAdminHasCreatedUser( /** * adds a user to a group * + * @Given /^the administrator has added a user "([^"]*)" to the group "([^"]*)" using GraphApi$/ + * * @param string $user * @param string $group * @param bool $checkResult diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php index 93b5b608e1a..df291e845f1 100644 --- a/tests/acceptance/features/bootstrap/SpacesContext.php +++ b/tests/acceptance/features/bootstrap/SpacesContext.php @@ -389,13 +389,13 @@ public function deleteAllSpacesOfTheType(string $driveType): void { $userAdmin = $this->featureContext->getAdminUsername(); for ($i = 0; $i < 2; ++$i) { - $this->theUserListsAllHisAvailableSpacesUsingTheGraphApiWithFilter( + $this->theUserListsAllHisAvailableSpacesUsingTheGraphApi( $userAdmin, $query ); $rawBody = $this->featureContext->getResponse()->getBody()->getContents(); - $drives = json_decode($rawBody, true, 512, JSON_THROW_ON_ERROR); + $drives = json_decode($rawBody, true, 512); if (isset($drives["value"])) { $drives = $drives["value"]; } @@ -569,19 +569,22 @@ public function sendPutRequestToUrl( /** * @When /^user "([^"]*)" lists all available spaces via the GraphApi$/ + * @When /^user "([^"]*)" lists all available spaces via the GraphApi with query "([^"]*)"$/ * * @param string $user + * @param string $query * * @return void * * @throws GuzzleException * @throws Exception */ - public function theUserListsAllHisAvailableSpacesUsingTheGraphApi(string $user): void { + public function theUserListsAllHisAvailableSpacesUsingTheGraphApi(string $user, string $query = ''): void { $this->featureContext->setResponse( $this->listMySpacesRequest( $user, - $this->featureContext->getPasswordForUser($user) + $this->featureContext->getPasswordForUser($user), + "?" . $query ) ); $this->rememberTheAvailableSpaces(); @@ -606,26 +609,6 @@ public function theUserListsAllAvailableSpacesUsingTheGraphApi(string $user): vo $this->rememberTheAvailableSpaces(); } - /** - * @When /^user "([^"]*)" lists all available spaces via the GraphApi with query "([^"]*)"$/ - * - * @param string $user - * @param string $query - * - * @return void - * - * @throws GuzzleException - */ - public function theUserListsAllHisAvailableSpacesUsingTheGraphApiWithFilter(string $user, string $query): void { - $this->featureContext->setResponse( - $this->listMySpacesRequest( - $user, - $this->featureContext->getPasswordForUser($user), - "?" . $query - ) - ); - } - /** * @When /^user "([^"]*)" looks up the single space "([^"]*)" via the GraphApi by using its id$/ * @@ -966,7 +949,6 @@ public function checkFileContent( /** * @Then /^the json responded should contain a space "([^"]*)" (?:|(?:owned by|granted to) "([^"]*)" )(?:|(?:with description file|with space image) "([^"]*)" )with these key and value pairs:$/ - * * @param string $spaceName * @param string $userName * @param string $fileName @@ -1034,23 +1016,60 @@ public function jsonRespondedShouldContain( } /** - * @Then /^the json responded should contain a space "([^"]*)" granted to "([^"]*)" with role "([^"]*)"$/ + * @Then /^the user "([^"]*)" should have a space called "([^"]*)" with these key and value pairs:$/ + * @Then /^the user "([^"]*)" should have a space called "([^"]*)" (?:owned by|granted to) "([^"]*)" with these key and value pairs:$/ + * @Then /^the user "([^"]*)" should have a space called "([^"]*)" (?:with description file|with space image) "([^"]*)" with these key and value pairs:$/ + * @Then /^the user "([^"]*)" should have a space called "([^"]*)" (?:owned by|granted to) "([^"]*)" (?:with description file|with space image) "([^"]*)" with these key and value pairs:$/ * + * @param string $user * @param string $spaceName - * @param string $userName + * @param string $grantedUser + * @param string $fileName + * @param TableNode $table + * + * @return void + * @throws Exception|GuzzleException + */ + public function userHasSpaceWith( + string $user, + string $spaceName, + string $grantedUser = '', + string $fileName = '', + TableNode $table + ): void { + $this->theUserListsAllHisAvailableSpacesUsingTheGraphApi($user); + $this->featureContext->theHTTPStatusCodeShouldBe( + 200, + "Expected response status code should be 200" + ); + $this->jsonRespondedShouldContain($spaceName, $grantedUser, $fileName, $table); + } + + /** + * @Then /^the user "([^"]*)" should have a space called "([^"]*)" granted to "([^"]*)" with role "([^"]*)"$/ + * + * @param string $user + * @param string $spaceName + * @param string $grantedUser * @param string $role * * @return void * @throws Exception|GuzzleException */ public function checkPermissionsInResponse( + string $user, string $spaceName, - string $userName, + string $grantedUser, string $role ): void { + $this->theUserListsAllHisAvailableSpacesUsingTheGraphApi($user); + $this->featureContext->theHTTPStatusCodeShouldBe( + 200, + "Expected response status code should be 200" + ); Assert::assertIsArray($spaceAsArray = $this->getSpaceByNameFromResponse($spaceName), "No space with name $spaceName found"); $permissions = $spaceAsArray["root"]["permissions"]; - $userId = $this->getUserIdByUserName($userName); + $userId = $this->getUserIdByUserName($grantedUser); $userRole = ""; foreach ($permissions as $permission) { @@ -1060,7 +1079,7 @@ public function checkPermissionsInResponse( } } } - Assert::assertEquals($userRole, $role, "the user $userName with the role $role could not be found"); + Assert::assertEquals($userRole, $role, "the user $grantedUser with the role $role could not be found"); } /** @@ -1077,6 +1096,27 @@ public function jsonRespondedShouldNotContain( Assert::assertEmpty($this->getSpaceByNameFromResponse($spaceName), "space $spaceName should not be available for a user"); } + /** + * @Then /^the user "([^"]*)" should not have a space called "([^"]*)"$/ + * + * @param string $user + * @param string $spaceName + * + * @return void + * @throws Exception + */ + public function usershouldNotHaveSpace( + string $user, + string $spaceName + ): void { + $this->theUserListsAllHisAvailableSpacesUsingTheGraphApi($user); + $this->featureContext->theHTTPStatusCodeShouldBe( + 200, + "Expected response status code should be 200" + ); + $this->jsonRespondedShouldNotContain($spaceName); + } + /** * @Then /^the json responded should (not|only|)\s?contain spaces of type "([^"]*)"$/ *