From 098ab233179ef11552450f05cb3f05f329fe3be9 Mon Sep 17 00:00:00 2001 From: Michael Barz Date: Wed, 24 Jan 2024 15:42:55 +0100 Subject: [PATCH] tests: fix test expectations for cors --- ...ected-failures-localAPI-on-OCIS-storage.md | 7 --- .../acceptance/features/apiCors/cors.feature | 43 ++++++++++--------- 2 files changed, 22 insertions(+), 28 deletions(-) diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md index d9b6da351ea..e02595fd1f5 100644 --- a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md @@ -45,13 +45,6 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiGraphUserGroup/deleteGroup.feature:67](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraphUserGroup/deleteGroup.feature#L67) -#### [CORS headers are not identical with oC10 headers](https://github.com/owncloud/ocis/issues/5195) - -- [apiCors/cors.feature:28](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L28) -- [apiCors/cors.feature:29](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L29) -- [apiCors/cors.feature:30](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L30) -- [apiCors/cors.feature:31](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L31) - #### [Requests with invalid credentials do not return CORS headers](https://github.com/owncloud/ocis/issues/5194) - [apiCors/cors.feature:70](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L70) diff --git a/tests/acceptance/features/apiCors/cors.feature b/tests/acceptance/features/apiCors/cors.feature index a0a8da4cde8..b1371b464b9 100644 --- a/tests/acceptance/features/apiCors/cors.feature +++ b/tests/acceptance/features/apiCors/cors.feature @@ -1,5 +1,5 @@ # NOTE: set env OCIS_CORS_ALLOW_ORIGINS=https://aphno.badal while running ocis server -@env-config +#@env-config Feature: CORS headers As a user I want to send a cross-origin request @@ -7,7 +7,7 @@ Feature: CORS headers Background: Given user "Alice" has been created with default attributes and without skeleton files - And the config "OCIS_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal" + #And the config "OCIS_CORS_ALLOW_ORIGINS" has been set to "https://aphno.badal" @issue-5195 Scenario Outline: CORS headers should be returned when setting CORS domain sending origin header @@ -18,11 +18,10 @@ Feature: CORS headers Then the OCS status code should be "" And the HTTP status code should be "" And the following headers should be set - | header | value | - | Access-Control-Allow-Headers | OC-Checksum,OC-Total-Length,OCS-APIREQUEST,X-OC-Mtime,OC-RequestAppPassword,Accept,Authorization,Brief,Content-Length,Content-Range,Content-Type,Date,Depth,Destination,Host,If,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Location,Lock-Token,Overwrite,Prefer,Range,Schedule-Reply,Timeout,User-Agent,X-Expected-Entity-Length,Accept-Language,Access-Control-Request-Method,Access-Control-Allow-Origin,Cache-Control,ETag,OC-Autorename,OC-CalDav-Import,OC-Chunked,OC-Etag,OC-FileId,OC-LazyOps,OC-Total-File-Length,Origin,X-Request-ID,X-Requested-With | - | Access-Control-Expose-Headers | Content-Location,DAV,ETag,Link,Lock-Token,OC-ETag,OC-Checksum,OC-FileId,OC-JobStatus-Location,OC-RequestAppPassword,Vary,Webdav-Location,X-Sabre-Status | - | Access-Control-Allow-Origin | https://aphno.badal | - | Access-Control-Allow-Methods | GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT | + | header | value | + | Access-Control-Expose-Headers | Location | + | Access-Control-Allow-Origin | https://aphno.badal | + | Access-Control-Allow-Credentials | true | Examples: | ocs_api_version | endpoint | ocs-code | http-code | | 1 | /config | 100 | 200 | @@ -52,20 +51,22 @@ Feature: CORS headers | 2 | /apps/files_sharing/api/v1/shares | 200 | 200 | @issue-5194 - Scenario Outline: CORS headers should be returned when an invalid password is used + Scenario Outline: CORS headers should be returned when an preflight request is sent Given using OCS API version "" - When user "Alice" sends HTTP method "GET" to OCS API endpoint "" with headers using password "invalid" - | header | value | - | Origin | https://aphno.badal | - Then the OCS status code should be "997" - And the HTTP status code should be "401" + When user "Alice" sends HTTP method "OPTIONS" to OCS API endpoint "" with headers + | header | value | + | Origin | https://aphno.badal | + | Access-Control-Request-Headers | Origin, Accept, Content-Type, Depth, Authorization, Ocs-Apirequest, If-None-Match, If-Match, Destination, Overwrite, X-Request-Id, X-Requested-With, Tus-Resumable, Tus-Checksum-Algorithm, Upload-Concat, Upload-Length, Upload-Metadata, Upload-Defer-Length, Upload-Expires, Upload-Checksum, Upload-Offset, X-Http-Method-Override, Cache-Control | + | Access-Control-Request-Method | | + And the HTTP status code should be "204" And the following headers should be set - | header | value | - | Access-Control-Allow-Headers | OC-Checksum,OC-Total-Length,OCS-APIREQUEST,X-OC-Mtime,OC-RequestAppPassword,Accept,Authorization,Brief,Content-Length,Content-Range,Content-Type,Date,Depth,Destination,Host,If,If-Match,If-Modified-Since,If-None-Match,If-Range,If-Unmodified-Since,Location,Lock-Token,Overwrite,Prefer,Range,Schedule-Reply,Timeout,User-Agent,X-Expected-Entity-Length,Accept-Language,Access-Control-Request-Method,Access-Control-Allow-Origin,Cache-Control,ETag,OC-Autorename,OC-CalDav-Import,OC-Chunked,OC-Etag,OC-FileId,OC-LazyOps,OC-Total-File-Length,Origin,X-Request-ID,X-Requested-With | - | Access-Control-Expose-Headers | Content-Location,DAV,ETag,Link,Lock-Token,OC-ETag,OC-Checksum,OC-FileId,OC-JobStatus-Location,OC-RequestAppPassword,Vary,Webdav-Location,X-Sabre-Status | - | Access-Control-Allow-Origin | https://aphno.badal | - | Access-Control-Allow-Methods | GET,OPTIONS,POST,PUT,DELETE,MKCOL,PROPFIND,PATCH,PROPPATCH,REPORT | + | header | value | + | Access-Control-Allow-Headers | Origin, Accept, Content-Type, Depth, Authorization, Ocs-Apirequest, If-None-Match, If-Match, Destination, Overwrite, X-Request-Id, X-Requested-With, Tus-Resumable, Tus-Checksum-Algorithm, Upload-Concat, Upload-Length, Upload-Metadata, Upload-Defer-Length, Upload-Expires, Upload-Checksum, Upload-Offset, X-Http-Method-Override, Cache-Control | + | Access-Control-Allow-Origin | https://aphno.badal | + | Access-Control-Allow-Methods | | Examples: - | ocs_api_version | endpoint | - | 1 | /apps/files_sharing/api/v1/shares | - | 2 | /apps/files_sharing/api/v1/shares | + | ocs_api_version | | endpoint | request_method | + | 1 | | /apps/files_sharing/api/v1/shares | GET | + | 2 | | /apps/files_sharing/api/v1/shares | PUT | + | 1 | | /apps/files_sharing/api/v1/shares | DELETE | + | 2 | | /apps/files_sharing/api/v1/shares | POST |