Change http status code

owncloud · Mar 27, 2023 · 57b221a · 57b221a
1 parent a3aba6c
commit 57b221a
Show file tree

Hide file tree

Showing 7 changed files with 47 additions and 13 deletions.
diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md
@@ -133,10 +133,44 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 - [apiGraph/editUser.feature:44](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editUser.feature#L44)
 
 #### [Same users can be added in a group multiple time](https://github.com/owncloud/ocis/issues/5702)
-- [apiGraph/addUserToGroup.feature:246](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L245)
+- [apiGraph/addUserToGroup.feature:246](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L246)
 
 #### [Try to add group to a group return 204](https://github.com/owncloud/ocis/issues/5793)
-- [apiGraph/addUserToGroup.feature:268](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L267)
+- [apiGraph/addUserToGroup.feature:268](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L268)
+
+#### [API requests from an unauthorized user should return 403](https://github.com/owncloud/ocis/issues/5938)
+- [apiGraph/addUserToGroup.feature:131](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L131)
+- [apiGraph/addUserToGroup.feature:132](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L132)
+- [apiGraph/addUserToGroup.feature:133](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L133)
+- [apiGraph/addUserToGroup.feature:145](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L145)
+- [apiGraph/addUserToGroup.feature:146](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L146)
+- [apiGraph/addUserToGroup.feature:147](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L147)
+- [apiGraph/createGroup.feature:41](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L41)
+- [apiGraph/createGroup.feature:42](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L42)
+- [apiGraph/createGroup.feature:43](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L43)
+- [apiGraph/deleteGroup.feature:63](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L63)
+- [apiGraph/deleteGroup.feature:64](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L64)
+- [apiGraph/deleteGroup.feature:65](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L65)
+- [apiGraph/editGroup.feature:35](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L35)
+- [apiGraph/editGroup.feature:36](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L36)
+- [apiGraph/editGroup.feature:37](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L37)
+- [apiGraph/getGroup.feature:35](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L35)
+- [apiGraph/getGroup.feature:36](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L36)
+- [apiGraph/getGroup.feature:37](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L37)
+- [apiGraph/getGroup.feature:64](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L64)
+- [apiGraph/getGroup.feature:65](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L65)
+- [apiGraph/getGroup.feature:66](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L66)
+- [apiGraph/getGroup.feature:102](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L102)
+- [apiGraph/getGroup.feature:103](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L103)
+- [apiGraph/getGroup.feature:104](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L104)
+- [apiGraph/removeUserFromGroup.feature:172](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/removeUserFromGroup.feature#L172)
+- [apiGraph/removeUserFromGroup.feature:173](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/removeUserFromGroup.feature#L173)
+- [apiGraph/removeUserFromGroup.feature:174](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/removeUserFromGroup.feature#L174)
+
+#### [API requests for a non-existent resources should return 404](https://github.com/owncloud/ocis/issues/5939)
+- [apiGraph/addUserToGroup.feature:162](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L162)
+- [apiGraph/addUserToGroup.feature:163](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L163)
+- [apiGraph/addUserToGroup.feature:164](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L164)
 
 ### [Users are added in a group with wrong host in host-part of user](https://github.com/owncloud/ocis/issues/5871)
 - [apiGraph/addUserToGroup.feature:292](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L292)

diff --git a/tests/acceptance/features/apiGraph/addUserToGroup.feature b/tests/acceptance/features/apiGraph/addUserToGroup.feature
@@ -124,7 +124,7 @@ Feature: add users to group
     Given the administrator has given "Alice" the role "<role>" using the settings api
     And group "groupA" has been created
     When user "Alice" tries to add himself to group "groupA" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     Examples:
       | role        |
@@ -138,7 +138,7 @@ Feature: add users to group
     And the administrator has given "Brian" the role "<role>" using the settings api
     And group "groupA" has been created
     When user "Alice" tries to add user "Brian" to group "groupA" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     Examples:
       | role        |
@@ -156,7 +156,7 @@ Feature: add users to group
     Given user "Brian" has been created with default attributes and without skeleton files
     And the administrator has given "Alice" the role "<role>" using the settings api
     When the user "Alice" tries to add user "Brian" to a nonexistent group using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "404"
     Examples:
       | role        |
       | Space Admin |

diff --git a/tests/acceptance/features/apiGraph/createGroup.feature b/tests/acceptance/features/apiGraph/createGroup.feature
@@ -34,7 +34,7 @@ Feature: create group
     Given user "Brian" has been created with default attributes and without skeleton files
     And the administrator has given "Brian" the role "<userRole>" using the settings api
     When user "Brian" tries to create a group "mygroup" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And group "mygroup" should not exist
     Examples:
       | userRole    |

diff --git a/tests/acceptance/features/apiGraph/deleteGroup.feature b/tests/acceptance/features/apiGraph/deleteGroup.feature
@@ -56,7 +56,7 @@ Feature: delete groups
     And the administrator has given "Brian" the role "<role>" using the settings api
     And group "new-group" has been created
     When user "Brian" tries to delete group "new-group" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And group "new-group" should exist
     Examples:
       | role        |

diff --git a/tests/acceptance/features/apiGraph/editGroup.feature b/tests/acceptance/features/apiGraph/editGroup.feature
@@ -29,7 +29,7 @@ Feature: edit group name
     Given the administrator has given "Alice" the role "<role>" using the settings api
     And group "grp1" has been created
     When user "Alice" tries to rename group "grp1" to "grp101" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     Examples:
       | role        |
       | Space Admin |

diff --git a/tests/acceptance/features/apiGraph/getGroup.feature b/tests/acceptance/features/apiGraph/getGroup.feature
@@ -28,7 +28,7 @@ Feature: get groups and their members
     And group "coffee-lover" has been created
     And group "h2o-lover" has been created
     When user "Brian" gets all the groups using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     Examples:
       | role        |
@@ -57,7 +57,7 @@ Feature: get groups and their members
     And the administrator has given "Brian" the role "<role>" using the settings api
     And group "tea-lover" has been created
     When user "Brian" gets all the members of group "tea-lover" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     Examples:
       | role        |
@@ -95,7 +95,7 @@ Feature: get groups and their members
     And user "Alice" has been added to group "tea-lover"
     And user "Brian" has been added to group "coffee-lover"
     When user "Brian" retrieves all groups along with their members using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     Examples:
       | role        |
@@ -123,7 +123,7 @@ Feature: get groups and their members
     And user "Alice" has been added to group "tea-lover"
     And user "Brian" has been added to group "tea-lover"
     When user "Brian" gets all the members information of group "tea-lover" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     Examples:
       | role        |

diff --git a/tests/acceptance/features/apiGraph/removeUserFromGroup.feature b/tests/acceptance/features/apiGraph/removeUserFromGroup.feature
@@ -164,7 +164,7 @@ Feature: remove a user from a group
     And user "Alice" has been added to group "grp1"
     And user "Brian" has been added to group "grp1"
     When user "Alice" tries to remove user "Brian" from group "grp1" using the Graph API
-    Then the HTTP status code should be "401"
+    Then the HTTP status code should be "403"
     And the last response should be an unauthorized response
     And user "Brian" should belong to group "grp1"
     Examples: