diff --git a/tests/TestHelpers/GraphHelper.php b/tests/TestHelpers/GraphHelper.php index 14335d6b830..0a66926b76b 100644 --- a/tests/TestHelpers/GraphHelper.php +++ b/tests/TestHelpers/GraphHelper.php @@ -308,6 +308,32 @@ public static function getUserWithDriveInformation( ); } + /** + * @param string $baseUrl + * @param string $xRequestId + * @param string $byUser + * @param string $userPassword + * @param string|null $user + * + * @return ResponseInterface + * @throws GuzzleException + */ + public static function getUserWithGroupInformation( + string $baseUrl, + string $xRequestId, + string $byUser, + string $userPassword, + ?string $user = null + ): ResponseInterface { + $url = self::getFullUrl($baseUrl, 'users/' . $user . '?%24expand=memberOf'); + return HttpRequestHelper::get( + $url, + $xRequestId, + $byUser, + $userPassword, + ); + } + /** * @param string $baseUrl * @param string $xRequestId diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md index 4ac319d5da8..450a01a2539 100644 --- a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md @@ -93,3 +93,12 @@ The expected failures in this file are from features in the owncloud/ocis repo. #### [A User can get information of another user with Graph API](https://github.com/owncloud/ocis/issues/5125) - [apiGraph/getUser.feature:23](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L23) +- [apiGraph/getUser.feature:92](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getUser.feature#L92) + +#### [GET a file while it's in processing doesn't return 425 code (async uploads)](https://github.com/owncloud/ocis/issues/5326) +- [apiAsyncUpload/delayPostprocessing.feature:14](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAsyncUpload/delayPostprocessing.feature#L14) +- [apiAsyncUpload/delayPostprocessing.feature:15](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAsyncUpload/delayPostprocessing.feature#L15) +- [apiAsyncUpload/delayPostprocessing.feature:16](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAsyncUpload/delayPostprocessing.feature#L16) + +Note: always have an empty line at the end of this file. +The bash script that processes this file requires that the last line has a newline on the end. diff --git a/tests/acceptance/features/apiGraph/getUser.feature b/tests/acceptance/features/apiGraph/getUser.feature index b125df55585..f98170a1de8 100644 --- a/tests/acceptance/features/apiGraph/getUser.feature +++ b/tests/acceptance/features/apiGraph/getUser.feature @@ -75,3 +75,25 @@ Feature: get users | root@@@id | %space_id% | | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | | webUrl | %base_url%/f/%space_id% | + + + Scenario: admin user gets the group information of a user + Given group "tea-lover" has been created + And group "coffee-lover" has been created + And user "Brian" has been added to group "tea-lover" + And user "Brian" has been added to group "coffee-lover" + When the user "Alice" gets user "Brian" along with his group information using Graph API + Then the HTTP status code should be "200" + And the user retrieve API response should contain the following information: + | displayName | id | mail | onPremisesSamAccountName | memberOf | + | Brian Murphy | %uuid_v4% | brian@example.org | Brian | tea-lover, coffee-lover | + + + Scenario: non-admin user tries to get the group information of a user + Given user "Carol" has been created with default attributes and without skeleton files + And group "coffee-lover" has been created + And user "Brian" has been added to group "coffee-lover" + When the user "Carol" gets user "Brian" along with his group information using Graph API + Then the HTTP status code should be "401" + And the last response should be an unauthorized response + \ No newline at end of file diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index 7dac4131375..9c2ef44e9ce 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -1333,6 +1333,29 @@ public function retrieveUserInformationAlongWithDriveUsingGraphApi( ); } + /** + * @param string $byUser + * @param string|null $user + * + * @return ResponseInterface + * @throws JsonException + * @throws GuzzleException + */ + public function retrieveUserInformationAlongWithGroupUsingGraphApi( + string $byUser, + ?string $user = null + ):ResponseInterface { + $user = $user ?? $byUser; + $credentials = $this->getAdminOrUserCredentials($user); + return GraphHelper::getUserWithGroupInformation( + $this->featureContext->getBaseUrl(), + $this->featureContext->getStepLineRef(), + $credentials["username"], + $credentials["password"], + $user + ); + } + /** * @When /^the user "([^"]*)" gets user "([^"]*)" along with (his|her) drive information using Graph API$/ * @@ -1346,6 +1369,19 @@ public function userTriesToGetInformationOfUserAlongWithHisDriveData(string $byU $this->featureContext->setResponse($response); } + /** + * @When /^the user "([^"]*)" gets user "([^"]*)" along with (his|her) group information using Graph API$/ + * + * @param string $byUser + * @param string $user + * + * @return void + */ + public function userTriesToGetInformationOfUserAlongWithHisGroup(string $byUser, string $user) { + $response = $this->retrieveUserInformationAlongWithGroupUsingGraphApi($byUser, $user); + $this->featureContext->setResponse($response); + } + /** * * @When /^the user "([^"]*)" gets (his|her) drive information using Graph API$/