diff --git a/tests/acceptance/config/behat.yml b/tests/acceptance/config/behat.yml index 3f5d8b7dc23..9c5956f722d 100644 --- a/tests/acceptance/config/behat.yml +++ b/tests/acceptance/config/behat.yml @@ -361,6 +361,7 @@ default: - SettingsContext: - SharingNgContext: - NotificationContext: + - OcisConfigContext: apiSharingNgShareInvitation: paths: diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md index 86a84f58118..167aa7967d1 100644 --- a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md @@ -21,11 +21,9 @@ The expected failures in this file are from features in the owncloud/ocis repo. #### [Settings service user can list other peoples assignments](https://github.com/owncloud/ocis/issues/5032) -- [apiAccountsHashDifficulty/assignRole.feature:27](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature#L27) -- [apiAccountsHashDifficulty/assignRole.feature:28](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature#L28) -- [apiGraph/getAssignedRole.feature:31](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getAssignedRole.feature#L31) -- [apiGraph/getAssignedRole.feature:32](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getAssignedRole.feature#L32) -- [apiGraph/getAssignedRole.feature:33](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getAssignedRole.feature#L33) +- [apiSettings/settings.feature:116](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSettings/settings.feature#L116) +- [apiSettings/settings.feature:117](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSettings/settings.feature#L117) +- [apiSettings/settings.feature:118](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSettings/settings.feature#L118) #### [A User can get information of another user with Graph API](https://github.com/owncloud/ocis/issues/5125) diff --git a/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature b/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature index 4154cb2ca90..d973b5bc369 100644 --- a/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature +++ b/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature @@ -4,35 +4,35 @@ Feature: assign role So that I can provide them different authority - Scenario Outline: only admin user can see all existing roles + Scenario Outline: user can see all existing roles Given user "Alice" has been created with default attributes And the administrator has given "Alice" the role "" using the settings api - When user "Alice" tries to get all existing roles using the settings API + When user "Alice" gets all applications using the Graph API Then the HTTP status code should be "" Examples: | user-role | http-status-code | - | Admin | 201 | - | Space Admin | 201 | - | User | 201 | + | Admin | 200 | + | Space Admin | 200 | + | User | 200 | + - @issue-5032 Scenario Outline: only admin user can see assignments list Given user "Alice" has been created with default attributes And the administrator has given "Alice" the role "" using the settings api - When user "Alice" tries to get list of assignment using the settings API + When user "Alice" tries to get the assigned role of user "Alice" using the Graph API Then the HTTP status code should be "" Examples: | user-role | http-status-code | - | Admin | 201 | - | Space Admin | 401 | - | User | 401 | + | Admin | 200 | + | Space Admin | 403 | + | User | 403 | Scenario Outline: a user cannot change own role Given user "Alice" has been created with default attributes And the administrator has given "Alice" the role "" using the settings api - When user "Alice" changes his own role to "" - Then the HTTP status code should be "400" + When user "Alice" tries to change the role of user "Alice" to role "" using the Graph API + Then the HTTP status code should be "403" And user "Alice" should have the role "" Examples: | user-role | desired-role | @@ -50,7 +50,7 @@ Feature: assign role | Alice | | Brian | And the administrator has given "Alice" the role "" using the settings api - When user "Alice" changes the role "" for user "Brian" + When user "Alice" changes the role of user "Brian" to role "" using the Graph API Then the HTTP status code should be "" And user "Brian" should have the role "" Examples: @@ -58,7 +58,7 @@ Feature: assign role | Admin | User | 201 | User | | Admin | Space Admin | 201 | Space Admin | | Admin | Admin | 201 | Admin | - | Space Admin | Admin | 400 | User | - | Space Admin | Space Admin | 400 | User | - | User | Admin | 400 | User | - | User | Space Admin | 400 | User | + | Space Admin | Admin | 403 | User | + | Space Admin | Space Admin | 403 | User | + | User | Admin | 403 | User | + | User | Space Admin | 403 | User | diff --git a/tests/acceptance/features/apiCors/cors.feature b/tests/acceptance/features/apiCors/cors.feature index f242cfe588d..5b332a72853 100644 --- a/tests/acceptance/features/apiCors/cors.feature +++ b/tests/acceptance/features/apiCors/cors.feature @@ -98,16 +98,6 @@ Feature: CORS headers | new | | spaces | - - Scenario: CORS headers should be returned when setting CORS domain sending origin header in the settings api - When user "Alice" lists values-list with headers using the Settings API - | header | value | - | Origin | https://aphno.badal | - Then the HTTP status code should be "201" - And the following headers should be set - | header | value | - | Access-Control-Allow-Origin | https://aphno.badal | - @issue-8380 Scenario: CORS headers should be returned when uploading file using Tus and when CORS domain sending origin header in the Webdav api Given user "Alice" has created a new TUS resource in the space "Personal" with the following headers: diff --git a/tests/acceptance/features/apiGraph/getAssignedRole.feature b/tests/acceptance/features/apiGraph/getAssignedRole.feature index 315e004cb92..7c0e9528b78 100644 --- a/tests/acceptance/features/apiGraph/getAssignedRole.feature +++ b/tests/acceptance/features/apiGraph/getAssignedRole.feature @@ -19,19 +19,6 @@ Feature: assign role | User | | User Light | - @issue-5032 - Scenario Outline: get assigned role of a user via setting api - Given the administrator has assigned the role "" to user "Alice" using the Graph API - When user "Alice" tries to get list of assignment using the settings API - Then the HTTP status code should be "" - And the setting API response should have the role "" - Examples: - | user-role | http-status-code | - | Admin | 201 | - | Space Admin | 401 | - | User | 401 | - | User Light | 401 | - Scenario Outline: get role of a user assigned via setting api Given the administrator has given "Alice" the role "" using the settings api diff --git a/tests/acceptance/features/apiSettings/settings.feature b/tests/acceptance/features/apiSettings/settings.feature index 9ee66a84edf..7775a5a6b13 100644 --- a/tests/acceptance/features/apiSettings/settings.feature +++ b/tests/acceptance/features/apiSettings/settings.feature @@ -81,10 +81,11 @@ Feature: settings api """ @issue-5032 - Scenario: user lists assignments - Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API + Scenario Outline: user lists assignments + Given the administrator has assigned the role "" to user "Alice" using the Graph API When user "Alice" tries to get list of assignment using the settings API - Then the HTTP status code should be "201" + Then the HTTP status code should be "" + And the setting API response should have the role "" And the JSON data of the response should match """ { @@ -109,6 +110,12 @@ Feature: settings api } } """ + Examples: + | user-role | http-status-code | + | Admin | 201 | + | Space Admin | 401 | + | User | 401 | + | User Light | 401 | Scenario: switch language @@ -275,3 +282,14 @@ Feature: settings api | Admin | | Space Admin | | User | + + + Scenario: CORS headers should be returned when setting CORS domain sending origin header in the settings api + Given the config "OCIS_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal" + When user "Alice" lists values-list with headers using the Settings API + | header | value | + | Origin | https://aphno.badal | + Then the HTTP status code should be "201" + And the following headers should be set + | header | value | + | Access-Control-Allow-Origin | https://aphno.badal |