api test for enforce password for public link

owncloud · Jun 2, 2023 · 7350bf2 · 7350bf2
1 parent d35f413
commit 7350bf2
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 0 deletions.
diff --git a/tests/acceptance/config/behat.yml b/tests/acceptance/config/behat.yml
@@ -137,6 +137,7 @@ default:
         - WebDavPropertiesContext:
         - TUSContext:
         - SpacesTUSContext:
+        - OcisConfigContext:
 
     apiCors:
       paths:

diff --git a/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature b/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature
@@ -0,0 +1,37 @@
+@api @env-config
+Feature: enforce password on public link
+  As a user
+  I want to enforce passwords on public links shared with upload, edit, or contribute permission
+  So that the password is required to make changes to the shared resources
+
+  Background:
+    Given the config "OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" has been set to "true"
+    And these users have been created with default attributes and without skeleton files:
+      | username |
+      | Alice    |
+    And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
+
+
+  Scenario: user tries to update a public link to edit permission without a password when enforce-password is enabled
+    Given user "Alice" has created a public link share with settings
+      | path        | /testfile.txt |
+      | permissions | 1             |
+    When user "Alice" updates the last public link share using the sharing API with
+      | permissions | 3 |
+    Then the OCS status code should be "996"
+    And the OCS status message should be "Error sending update request to public link provider: the public share needs to have a password"
+
+
+  Scenario: user tries to update a public link to edit permission with a password when enforce-password is enabled
+    Given user "Alice" has created a public link share with settings
+      | path        | /testfile.txt |
+      | permissions | 1             |
+    When user "Alice" updates the last public link share using the sharing API with
+      | permissions | 3    |
+      | password    | 1234 |
+    Then the OCS status code should be "100"
+    And the OCS status message should be "OK"
+    When the public accesses the preview of the following files from the last shared public link using the sharing API
+      | path         |
+      | /textfile.txt |
+    Then the HTTP status code of responses on all endpoints should be "404"
diff --git a/tests/acceptance/features/bootstrap/OcisConfigContext.php b/tests/acceptance/features/bootstrap/OcisConfigContext.php
@@ -72,6 +72,28 @@ public function corsAllowedOriginsHasBeenSet(string $allowedOrigins): void {
 		);
 	}
 
+	/**
+	 * @Given the config :config has been set to :value
+	 *
+	 * @param string $config
+	 * @param string $value
+	 *
+	 * @return void
+	 * @throws GuzzleExecption
+	 */
+	public function theConfigHasBeenSetTo(string $config, string $value): void {
+		$envs = [
+			$config => $value
+		];
+
+		$response = OcisConfigHelper::reConfigureOcis($envs);
+		Assert::assertEquals(
+			200,
+			$response->getStatusCode(),
+			"Failed to set" . $config . "=" . $value
+		);
+	}
+
 	/**
 	 * @AfterScenario @env-config
 	 *