Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[QA] 0.5.2 Testplan #206

Closed
jnweiger opened this issue Aug 15, 2022 · 5 comments
Closed

[QA] 0.5.2 Testplan #206

jnweiger opened this issue Aug 15, 2022 · 5 comments

Comments

@jnweiger
Copy link
Contributor

jnweiger commented Aug 15, 2022

Setup

Impersonate Test Plan

Test Case Expected Result Result Related Comment
Enable the app. No problems found. ✔️
As admin create a group 'group1' add three members 'user1', 'user2', 'user3'. Make 'user1' group admin of 'group1'. Login as 'user1', go to the users view. Impersonate 'user2'. 'user1' can impersonate 'user2'. See his files. Behave like him. Like if he were logged in. ✔️
Check that a user who is not group admin cannot impersonate anyone. ✔️
As admin create a group 'group1' add four members 'user1', 'user2', 'user3' and 'admin' being admin user of the server. Make 'user1' group admin of 'group1'. Login as 'user1', go to the users view. Impersonate 'admin'. Super admin cannot be impersonated. ✔️
When impersonating a user, a warning appears adverting that you have logged as another user. a warning appears and disappears after a while. ✔️
Check that impersonate options appears in the correct settings panel. ✔️
Interaction with other Apps
Having ldap set up, enable impersonation for an ldap group. Make a user group admin. Using that user impersonate one of the other members of the ldap group. Users can be impersonated without problems. ✔️
A guest user cannot impersonate other users. ✔️
Browsers
Check that all the UI elements are usable when browsing with safari. ✔️
Check that all the UI elements are usable when browsing with chrome. ✔️
Check that all the UI elements are usable when browsing with firefox. ✔️
Check that all the UI elements are usable when browsing with edge. ✔️
Check that all the UI elements are usable when browsing with IE11. 🦘

@jnweiger jnweiger mentioned this issue Aug 15, 2022
42 tasks
@jnweiger
Copy link
Contributor Author

jnweiger commented Sep 15, 2022

Issues to re-review

Changelog testing

@phil-davis
Copy link
Contributor

phil-davis commented Sep 15, 2022

@jnweiger I was going to try some scenario with multiple groups related to #202 because, from seeing the code, I think that there might be a problem.

I have groups called clients contractors staff. I want to make it so that only staff can be impersonated. User peter is a member of group staff. When I do:

php occ config:app:set impersonate enabled --value '["staff"]

then I expect that the admin will be able to impersonate peter but will not be able to impersonate other users.

But when I login as admin and go to the Users page, I don't see the "impersonate icon" for any of the users. And I don't see the Admin Settings, User Authentication setting any more.

The app settings are:

$ php occ config:list impersonate
{
    "apps": {
        "impersonate": {
            "enabled": "[\"staff\"]",
            "installed_version": "0.5.2",
            "types": ""
        }
    }
}

I suspect that something in core does not even think that the app is enabled, because "enabled" is not set to "yes".

It seems strange that the app enabled setting (normally "yes" or "no") now also has the possibility of being an array of group names. Edit: now I realize that there is a general app functionality that lets an app be enabled only for particular users. So that is not a really special thing for this app.

@phil-davis
Copy link
Contributor

phil-davis commented Sep 15, 2022

Now I understand that both the impersonator (usually an admin, or a subadmin of a group) has to be in one of the allowed groups, and also the target user (impersonatee - is that a word) also has to be in one of the allowed groups.

If I do:

php occ config:app:set impersonate enabled --value '["admin","staff"]

then I get closer. The admin user (who is in the admin group) can now go to the Users page and see the Impersonate icon for other users. But it will not let me impersonate any user. Even though user peter is in group staff, it will not let admin impersonate him.

The problem is that the code, accidentally, only allows a user to be impersonated if they are a member of every group in the list of allowed groups.

I adjusted the logic of that in PR #208 and now admin can impersonate user peter in group staff but cannot impersonate other users.

@phil-davis
Copy link
Contributor

@jnweiger there were a lot of changes merged to the release branch yesterday. I think the code should be good now. Needs another RC built, and test with that.

@phil-davis
Copy link
Contributor

@jnweiger I guess that this issue can be closed?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants