From 7350bf22475de11c7d319336e74725b93033e604 Mon Sep 17 00:00:00 2001
From: prajwol <prajwolamatya11@gmail.com>
Date: Tue, 30 May 2023 15:33:42 +0545
Subject: [PATCH] api test for enforce password for public link

---
 tests/acceptance/config/behat.yml             |  1 +
 .../enforcePasswordPublicLink.feature         | 37 +++++++++++++++++++
 .../features/bootstrap/OcisConfigContext.php  | 22 +++++++++++
 3 files changed, 60 insertions(+)
 create mode 100644 tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature

diff --git a/tests/acceptance/config/behat.yml b/tests/acceptance/config/behat.yml
index 74d2e8fda5e..bd1ee8a9d37 100644
--- a/tests/acceptance/config/behat.yml
+++ b/tests/acceptance/config/behat.yml
@@ -137,6 +137,7 @@ default:
         - WebDavPropertiesContext:
         - TUSContext:
         - SpacesTUSContext:
+        - OcisConfigContext:
 
     apiCors:
       paths:
diff --git a/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature b/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature
new file mode 100644
index 00000000000..57a1607bbc2
--- /dev/null
+++ b/tests/acceptance/features/apiGraph/enforcePasswordPublicLink.feature
@@ -0,0 +1,37 @@
+@api @env-config
+Feature: enforce password on public link
+  As a user
+  I want to enforce passwords on public links shared with upload, edit, or contribute permission
+  So that the password is required to make changes to the shared resources
+
+  Background:
+    Given the config "OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" has been set to "true"
+    And these users have been created with default attributes and without skeleton files:
+      | username |
+      | Alice    |
+    And user "Alice" has uploaded file with content "test file" to "/testfile.txt"
+
+
+  Scenario: user tries to update a public link to edit permission without a password when enforce-password is enabled
+    Given user "Alice" has created a public link share with settings
+      | path        | /testfile.txt |
+      | permissions | 1             |
+    When user "Alice" updates the last public link share using the sharing API with
+      | permissions | 3 |
+    Then the OCS status code should be "996"
+    And the OCS status message should be "Error sending update request to public link provider: the public share needs to have a password"
+
+
+  Scenario: user tries to update a public link to edit permission with a password when enforce-password is enabled
+    Given user "Alice" has created a public link share with settings
+      | path        | /testfile.txt |
+      | permissions | 1             |
+    When user "Alice" updates the last public link share using the sharing API with
+      | permissions | 3    |
+      | password    | 1234 |
+    Then the OCS status code should be "100"
+    And the OCS status message should be "OK"
+    When the public accesses the preview of the following files from the last shared public link using the sharing API
+      | path         |
+      | /textfile.txt |
+    Then the HTTP status code of responses on all endpoints should be "404"
diff --git a/tests/acceptance/features/bootstrap/OcisConfigContext.php b/tests/acceptance/features/bootstrap/OcisConfigContext.php
index ad48236bc0d..f8cde27e020 100644
--- a/tests/acceptance/features/bootstrap/OcisConfigContext.php
+++ b/tests/acceptance/features/bootstrap/OcisConfigContext.php
@@ -72,6 +72,28 @@ public function corsAllowedOriginsHasBeenSet(string $allowedOrigins): void {
 		);
 	}
 
+	/**
+	 * @Given the config :config has been set to :value
+	 *
+	 * @param string $config
+	 * @param string $value
+	 *
+	 * @return void
+	 * @throws GuzzleExecption
+	 */
+	public function theConfigHasBeenSetTo(string $config, string $value): void {
+		$envs = [
+			$config => $value
+		];
+
+		$response = OcisConfigHelper::reConfigureOcis($envs);
+		Assert::assertEquals(
+			200,
+			$response->getStatusCode(),
+			"Failed to set" . $config . "=" . $value
+		);
+	}
+
 	/**
 	 * @AfterScenario @env-config
 	 *