diff --git a/tests/acceptance/features/apiGraph/addUserToGroup.feature b/tests/acceptance/features/apiGraph/addUserToGroup.feature index b6ba2c540a9..d0906e75c8e 100644 --- a/tests/acceptance/features/apiGraph/addUserToGroup.feature +++ b/tests/acceptance/features/apiGraph/addUserToGroup.feature @@ -253,3 +253,37 @@ Feature: add users to group And user "Brian" has been added to group "music" When the administrator "Alice" tries to add a group "music" to a group "student" using the Graph API Then the HTTP status code should be "400" + + + Scenario Outline: admin tries to add a user to a group with invalid JSON + Given the administrator has given "Alice" the role "Admin" using the settings api + And these users have been created with default attributes and without skeleton files: + | username | + | Brian | + And user "Alice" has created a group "grp1" using the Graph API + When user "Alice" tries to add user "Brian" to group "grp1" with invalid JSON "" using the Graph API + Then the HTTP status code should be "400" + Examples: + | invalid-json | + | {'@odata.id': 'https://localhost:9200/graph/v1.0/users/%user_id%',} | + | {'@odata.id'- 'https://localhost:9200/graph/v1.0/users/%user_id%'} | + | {@odata.id: https://localhost:9200/graph/v1.0/users/%user_id%} | + + + Scenario Outline: admin tries to add multiple users to a group at once with invalid JSON + Given the administrator has given "Alice" the role "Admin" using the settings api + And these users have been created with default attributes and without skeleton files: + | username | + | Brian | + | Carol | + And user "Alice" has created a group "grp1" using the Graph API + When user "Alice" tries to add the following users to a group "grp1" at once with invalid JSON "" using the Graph API + | username | + | Brian | + | Carol | + Then the HTTP status code should be "400" + Examples: + | invalid-json | + | {'members@odata.bind': ['https://localhost:9200/graph/v1.0/users/%user_id%',,'https://localhost:9200/graph/v1.0/users/%user_id%']} | + | {'members@odata.bind'- ['https://localhost:9200/graph/v1.0/users/%user_id%','https://localhost:9200/graph/v1.0/users/%user_id%']} | + | {'members@odata.bind': ['https://localhost:9200/graph/v1.0/users/%user_id%'.'https://localhost:9200/graph/v1.0/users/%user_id%']} | diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index d4b9a6854fa..e17c5eb77db 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -16,6 +16,7 @@ use TestHelpers\GraphHelper; use TestHelpers\WebDavHelper; use PHPUnit\Framework\Assert; +use TestHelpers\HttpRequestHelper; require_once 'bootstrap.php'; @@ -2191,4 +2192,80 @@ public function theAdministratorAddGroupToAGroupAtOnceUsingTheGraphApi(string $u ) ); } + + /** + * @When /^user "([^"]*)" tries to add user "([^"]*)" to group "([^"]*)" with invalid JSON "([^"]*)" using the Graph API$/ + * + * @param string $adminUser + * @param string $user + * @param string $group + * @param string $invalidJSON + * + * @return void + * @throws Exception + * @throws GuzzleException + */ + public function userTriesToAddUserToGroupWithInvalidJsonUsingTheGraphApi(string $adminUser, string $user, string $group, string $invalidJSON): void { + $groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id"); + $credentials = $this->getAdminOrUserCredentials($adminUser); + + $invalidJSON = $this->featureContext->substituteInLineCodes( + $invalidJSON, + null, + [], + [], + null, + $user + ); + + $this->featureContext->setResponse( + HttpRequestHelper::post( + GraphHelper::getFullUrl($this->featureContext->getBaseUrl(), 'groups/' . $groupId . '/members/$ref'), + $this->featureContext->getStepLineRef(), + $credentials["username"], + $credentials["password"], + ['Content-Type' => 'application/json'], + \json_encode($invalidJSON) + ) + ); + } + + /** + * @When /^user "([^"]*)" tries to add the following users to a group "([^"]*)" at once with invalid JSON "([^"]*)" using the Graph API$/ + * + * @param string $user + * @param string $group + * @param string $invalidJSON + * @param TableNode $table + * + * @return void + * @throws Exception + * @throws GuzzleException + */ + public function userTriesToAddTheFollowingUsersToAGroupAtOnceWithInvalidJsonUsingTheGraphApi(string $user, string $group, string $invalidJSON, TableNode $table): void { + $groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id"); + $credentials = $this->getAdminOrUserCredentials($user); + foreach ($table->getHash() as $row) { + $invalidJSON = $this->featureContext->substituteInLineCodes( + $invalidJSON, + null, + [], + [], + null, + $row['username'] + ); + } + + $this->featureContext->setResponse( + HttpRequestHelper::sendRequest( + GraphHelper::getFullUrl($this->featureContext->getBaseUrl(), 'groups/' . $groupId), + $this->featureContext->getStepLineRef(), + 'PATCH', + $credentials["username"], + $credentials["password"], + ['Content-Type' => 'application/json'], + \json_encode($invalidJSON) + ) + ); + } }