Skip to content

Commit

Permalink
Add tests related to different user role manipulating space
Browse files Browse the repository at this point in the history
  • Loading branch information
@amrita-shrestha
amrita-shrestha committed Mar 16, 2023
1 parent e836b2d commit a0c891a
Show file tree
Hide file tree
Showing 6 changed files with 371 additions and 157 deletions.
155 changes: 155 additions & 0 deletions tests/acceptance/features/apiSpaces/createSpace.feature
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,155 @@
@api
Feature: create space
Only user with admin and SpaceAdmin permissions can create new spaces

Background:
Given user "Alice" has been created with default attributes and without skeleton files


Scenario Outline: The user without permissions to create space cannot create a Space via Graph API
Given the administrator has given "Alice" the role "<role>" using the settings api
When user "Alice" creates a space "Project Mars" of type "project" with the default quota using the GraphApi
Then the HTTP status code should be "401"
And the user "Alice" should not have a space called "share space"
Examples:
| role |
| User |
| Guest |


Scenario Outline: An admin or space admin user can create a Space via the Graph API with default quota
Given the administrator has given "Alice" the role "<role>" using the settings api
When user "Alice" creates a space "Project Mars" of type "project" with the default quota using the GraphApi
Then the HTTP status code should be "201"
And the JSON response should contain space called "Project Mars" and match
"""
{
"type": "object",
"required": [
"driveType",
"driveAlias",
"name",
"id",
"quota",
"root",
"webUrl"
],
"properties": {
"name": {
"type": "string",
"enum": ["Project Mars"]
},
"driveType": {
"type": "string",
"enum": ["project"]
},
"driveAlias": {
"type": "string",
"enum": ["project/project-mars"]
},
"id": {
"type": "string",
"enum": ["%space_id%"]
},
"quota": {
"type": "object",
"required": [
"total"
],
"properties": {
"state": {
"type": "number",
"enum": [1000000000]
}
}
},
"root": {
"type": "object",
"required": [
"webDavUrl"
],
"properties": {
"webDavUrl": {
"type": "string",
"enum": ["%base_url%/dav/spaces/%space_id%"]
}
}
},
"webUrl": {
"type": "string",
"enum": ["%base_url%/f/%space_id%"]
}
}
}
"""
Examples:
| role |
| Admin |
| Space Admin |


Scenario Outline: An admin or space admin user can create a Space via the Graph API with certain quota
Given the administrator has given "Alice" the role "<role>" using the settings api
When user "Alice" creates a space "Project Venus" of type "project" with quota "2000" using the GraphApi
Then the HTTP status code should be "201"
And the JSON response should contain space called "Project Venus" and match
"""
{
"type": "object",
"required": [
"driveType",
"name",
"id",
"quota",
"root",
"webUrl"
],
"properties": {
"name": {
"type": "string",
"enum": ["Project Venus"]
},
"driveType": {
"type": "string",
"enum": ["project"]
},
"id": {
"type": "string",
"enum": ["%space_id%"]
},
"quota": {
"type": "object",
"required": [
"total"
],
"properties": {
"state": {
"type": "number",
"enum": [2000]
}
}
},
"root": {
"type": "object",
"required": [
"webDavUrl"
],
"properties": {
"webDavUrl": {
"type": "string",
"enum": ["%base_url%/dav/spaces/%space_id%"]
}
}
},
"webUrl": {
"type": "string",
"enum": ["%base_url%/f/%space_id%"]
}
}
}
"""
Examples:
| role |
| Admin |
| Space Admin |

211 changes: 203 additions & 8 deletions tests/acceptance/features/apiSpaces/deleteSpaces.feature
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ Feature: Disabling and deleting space
| Alice |
| Brian |
| Bob |
| Carol |
And the administrator has given "Alice" the role "Space Admin" using the settings api
And user "Alice" has created a space "Project Moon" with the default quota using the GraphApi
And user "Alice" has shared a space "Project Moon" with settings:
Expand Down Expand Up @@ -93,13 +94,6 @@ Feature: Disabling and deleting space
| Bob |


Scenario: A space manager can delete a disabled Space via the webDav API
Given user "Alice" has disabled a space "Project Moon"
When user "Alice" deletes a space "Project Moon"
Then the HTTP status code should be "204"
And the user "Alice" should not have a space called "Project Moon"


Scenario: An space manager can disable and delete Space in which files and folders exist via the webDav API
Given user "Alice" has uploaded a file inside space "Project Moon" with content "test" to "test.txt"
And user "Alice" has created a folder "MainFolder" in space "Project Moon"
Expand All @@ -110,7 +104,8 @@ Feature: Disabling and deleting space
And the user "Alice" should not have a space called "Project Moon"


Scenario: An space manager cannot delete a space via the webDav API without first disabling it
Scenario Outline: Admin and Space Admin cannot delete a space without first disabling it
Given the administrator has given "Alice" the role "<role>" using the settings api
When user "Alice" deletes a space "Project Moon"
Then the HTTP status code should be "400"
And for user "Alice" the JSON response should contain space called "Project Moon" and match
Expand All @@ -128,3 +123,203 @@ Feature: Disabling and deleting space
}
}
"""
Examples:
| role |
| Admin |
| Space Admin |


Scenario Outline: Admin and Space Admin role user can disable their own Space via the Graph API
Given the administrator has given "Alice" the role "<role>" using the settings api
When user "Alice" disables a space "Project Moon"
Then the HTTP status code should be "204"
And for user "Alice" the JSON response should contain space called "Project Moon" and match
"""
{
"type": "object",
"required": [
"name",
"root"
],
"properties": {
"name": {
"type": "string",
"enum": ["Project Moon"]
},
"root": {
"type": "object",
"required": [
"deleted"
],
"properties": {
"deleted": {
"type": "object",
"required": [
"state"
],
"properties": {
"state": {
"type": "string",
"enum": ["trashed"]
}
}
}
}
}
}
}
"""
Examples:
| role |
| Admin |
| Space Admin |


Scenario Outline: normal role user can disable their own Space via the Graph API
Given the administrator has given "Alice" the role "<role>" using the settings api
When user "Alice" disables a space "Project Moon"
Then the HTTP status code should be "204"
And for user "Alice" the JSON response should contain space called "Project Moon" and match
"""
{
"type": "object",
"required": [
"name",
"root"
],
"properties": {
"name": {
"type": "string",
"enum": ["Project Moon"]
},
"root": {
"type": "object",
"required": [
"deleted"
],
"properties": {
"deleted": {
"type": "object",
"required": [
"state"
],
"properties": {
"state": {
"type": "string",
"enum": ["trashed"]
}
}
}
}
}
}
}
"""
Examples:
| role |
| User |
| Guest |


Scenario Outline: Admin and Space Admin role user can delete their own disabled Space via the Graph API
Given the administrator has given "Alice" the role "<role>" using the settings api
And user "Alice" has disabled a space "Project Moon"
When user "Alice" deletes a space "Project Moon"
Then the HTTP status code should be "204"
And the user "Alice" should not have a space called "Project Moon"
Examples:
| role |
| Admin |
| Space Admin |


Scenario Outline: normal role user can delete their own disabled Space via the Graph API
Given the administrator has given "Alice" the role "<role>" using the settings api
And user "Alice" has disabled a space "Project Moon"
When user "Alice" deletes a space "Project Moon"
Then the HTTP status code should be "204"
And the user "Alice" should not have a space called "Project Moon"
Examples:
| role |
| User |
| Guest |


Scenario Outline: Admin and Space manager can disable others Space via the Graph API
Given the administrator has given "Carol" the role "<role>" using the settings api
When user "Carol" disables a space "Project Moon"
Then the HTTP status code should be "204"
And for user "Alice" the JSON response should contain space called "Project Moon" and match
"""
{
"type": "object",
"required": [
"name",
"root"
],
"properties": {
"name": {
"type": "string",
"enum": ["Project Moon"]
},
"root": {
"type": "object",
"required": [
"deleted"
],
"properties": {
"deleted": {
"type": "object",
"required": [
"state"
],
"properties": {
"state": {
"type": "string",
"enum": ["trashed"]
}
}
}
}
}
}
}
"""
Examples:
| role |
| Admin |
| Space Admin |


Scenario Outline: normal user cannot disable others Space via the Graph API
Given the administrator has given "Carol" the role "<role>" using the settings api
When user "Carol" tries to disable a space "Project Moon" owned by user "Alice"
Then the HTTP status code should be "403"
And the json responded should not contain a space with name "Project Moon"
Examples:
| role |
| User |
| Guest |

Scenario Outline: Admin and Space manager can delete others disabled Space
Given the administrator has given "Carol" the role "<role>" using the settings api
And user "Alice" has disabled a space "Project Moon"
When user "Carol" deletes a space "Project Moon"
Then the HTTP status code should be "204"
And the user "Alice" should not have a space called "Project Moon"
Examples:
| role |
| Admin |
| Space Admin |


Scenario Outline: normal user cannot delete others disabled Space via the Graph API
Given the administrator has given "Carol" the role "<role>" using the settings api
And user "Alice" has disabled a space "Project Moon"
When user "Carol" tries to delete a space "Project Moon" owned by user "Alice"
Then the HTTP status code should be "403"
And the user "Alice" should not have a space called "Project Moon"
Examples:
| role |
| User |
| Guest |
Loading

0 comments on commit a0c891a

Please sign in to comment.