Skip to content

Commit

Permalink
tests: fix test expectations for cors
Browse files Browse the repository at this point in the history
  • Loading branch information
micbar committed Jan 24, 2024
1 parent 17b14ee commit 098ab23
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 28 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -45,13 +45,6 @@ The expected failures in this file are from features in the owncloud/ocis repo.

- [apiGraphUserGroup/deleteGroup.feature:67](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature#L67)

#### [CORS headers are not identical with oC10 headers](https://github.com/owncloud/ocis/issues/5195)

- [apiCors/cors.feature:28](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L28)
- [apiCors/cors.feature:29](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L29)
- [apiCors/cors.feature:30](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L30)
- [apiCors/cors.feature:31](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L31)

#### [Requests with invalid credentials do not return CORS headers](https://github.com/owncloud/ocis/issues/5194)

- [apiCors/cors.feature:70](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L70)
Expand Down
43 changes: 22 additions & 21 deletions tests/acceptance/features/apiCors/cors.feature
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
# NOTE: set env OCIS_CORS_ALLOW_ORIGINS=https://aphno.badal while running ocis server
@env-config
#@env-config
Feature: CORS headers
As a user
I want to send a cross-origin request
So that I can check if the correct headers are set

Background:
Given user "Alice" has been created with default attributes and without skeleton files
And the config "OCIS_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal"
#And the config "OCIS_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal"

@issue-5195
Scenario Outline: CORS headers should be returned when setting CORS domain sending origin header
Expand All @@ -18,11 +18,10 @@ Feature: CORS headers
Then the OCS status code should be "<ocs-code>"
And the HTTP status code should be "<http-code>"
And the following headers should be set
| header | value |
| Access-Control-Allow-Headers | OC-Checksum,OC-Total-Length,OCS-APIREQUEST,X-OC-Mtime,OC-RequestAppPassword,Accept,Authorization,Brief,Content-Length,Content-Range,Content-Type,Date,Depth,Destination,Host,If,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Location,Lock-Token,Overwrite,Prefer,Range,Schedule-Reply,Timeout,User-Agent,X-Expected-Entity-Length,Accept-Language,Access-Control-Request-Method,Access-Control-Allow-Origin,Cache-Control,ETag,OC-Autorename,OC-CalDav-Import,OC-Chunked,OC-Etag,OC-FileId,OC-LazyOps,OC-Total-File-Length,Origin,X-Request-ID,X-Requested-With |
| Access-Control-Expose-Headers | Content-Location,DAV,ETag,Link,Lock-Token,OC-ETag,OC-Checksum,OC-FileId,OC-JobStatus-Location,OC-RequestAppPassword,Vary,Webdav-Location,X-Sabre-Status |
| Access-Control-Allow-Origin | https://aphno.badal |
| Access-Control-Allow-Methods | GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT |
| header | value |
| Access-Control-Expose-Headers | Location |
| Access-Control-Allow-Origin | https://aphno.badal |
| Access-Control-Allow-Credentials | true |
Examples:
| ocs_api_version | endpoint | ocs-code | http-code |
| 1 | /config | 100 | 200 |
Expand Down Expand Up @@ -52,20 +51,22 @@ Feature: CORS headers
| 2 | /apps/files_sharing/api/v1/shares | 200 | 200 |

@issue-5194
Scenario Outline: CORS headers should be returned when an invalid password is used
Scenario Outline: CORS headers should be returned when an preflight request is sent
Given using OCS API version "<ocs_api_version>"
When user "Alice" sends HTTP method "GET" to OCS API endpoint "<endpoint>" with headers using password "invalid"
| header | value |
| Origin | https://aphno.badal |
Then the OCS status code should be "997"
And the HTTP status code should be "401"
When user "Alice" sends HTTP method "OPTIONS" to OCS API endpoint "<endpoint>" with headers
| header | value |
| Origin | https://aphno.badal |
| Access-Control-Request-Headers | Origin, Accept, Content-Type, Depth, Authorization, Ocs-Apirequest, If-None-Match, If-Match, Destination, Overwrite, X-Request-Id, X-Requested-With, Tus-Resumable, Tus-Checksum-Algorithm, Upload-Concat, Upload-Length, Upload-Metadata, Upload-Defer-Length, Upload-Expires, Upload-Checksum, Upload-Offset, X-Http-Method-Override, Cache-Control |
| Access-Control-Request-Method | <request_method> |
And the HTTP status code should be "204"
And the following headers should be set
| header | value |
| Access-Control-Allow-Headers | OC-Checksum,OC-Total-Length,OCS-APIREQUEST,X-OC-Mtime,OC-RequestAppPassword,Accept,Authorization,Brief,Content-Length,Content-Range,Content-Type,Date,Depth,Destination,Host,If,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Location,Lock-Token,Overwrite,Prefer,Range,Schedule-Reply,Timeout,User-Agent,X-Expected-Entity-Length,Accept-Language,Access-Control-Request-Method,Access-Control-Allow-Origin,Cache-Control,ETag,OC-Autorename,OC-CalDav-Import,OC-Chunked,OC-Etag,OC-FileId,OC-LazyOps,OC-Total-File-Length,Origin,X-Request-ID,X-Requested-With |
| Access-Control-Expose-Headers | Content-Location,DAV,ETag,Link,Lock-Token,OC-ETag,OC-Checksum,OC-FileId,OC-JobStatus-Location,OC-RequestAppPassword,Vary,Webdav-Location,X-Sabre-Status |
| Access-Control-Allow-Origin | https://aphno.badal |
| Access-Control-Allow-Methods | GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT |
| header | value |
| Access-Control-Allow-Headers | Origin, Accept, Content-Type, Depth, Authorization, Ocs-Apirequest, If-None-Match, If-Match, Destination, Overwrite, X-Request-Id, X-Requested-With, Tus-Resumable, Tus-Checksum-Algorithm, Upload-Concat, Upload-Length, Upload-Metadata, Upload-Defer-Length, Upload-Expires, Upload-Checksum, Upload-Offset, X-Http-Method-Override, Cache-Control |
| Access-Control-Allow-Origin | https://aphno.badal |
| Access-Control-Allow-Methods | <request_method> |
Examples:
| ocs_api_version | endpoint |
| 1 | /apps/files_sharing/api/v1/shares |
| 2 | /apps/files_sharing/api/v1/shares |
| ocs_api_version | | endpoint | request_method |
| 1 | | /apps/files_sharing/api/v1/shares | GET |
| 2 | | /apps/files_sharing/api/v1/shares | PUT |
| 1 | | /apps/files_sharing/api/v1/shares | DELETE |
| 2 | | /apps/files_sharing/api/v1/shares | POST |

0 comments on commit 098ab23

Please sign in to comment.