Skip to content

Commit

Permalink
add federated users to space
Browse files Browse the repository at this point in the history
  • Loading branch information
@ScharfViktor
ScharfViktor committed Sep 25, 2024
1 parent 3305bbd commit cda5e71
Show file tree
Hide file tree
Showing 3 changed files with 122 additions and 25 deletions.
29 changes: 8 additions & 21 deletions tests/acceptance/bootstrap/SharingNgContext.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,15 +239,14 @@ public function userTriesToListThePermissionsOfSpaceUsingPermissionsEndpointOfTh
* @param string $user
* @param array $shareInfo
* @param string|null $fileId
* @param bool $isFederated
*
* @return ResponseInterface
*
* @throws JsonException
* @throws GuzzleException
* @throws Exception
*/
public function sendShareInvitation(string $user, array $shareInfo, string $fileId = null, $isFederated = false): ResponseInterface {
public function sendShareInvitation(string $user, array $shareInfo, string $fileId = null): ResponseInterface {
if ($shareInfo['space'] === 'Personal' || $shareInfo['space'] === 'Shares') {
$space = $this->spacesContext->getSpaceByName($user, $shareInfo['space']);
} else {
Expand Down Expand Up @@ -283,7 +282,7 @@ public function sendShareInvitation(string $user, array $shareInfo, string $file
$shareeId = "";
if ($shareType === "user") {
$shareeId = $this->featureContext->getAttributeOfCreatedUser($sharee, 'id');
if ($isFederated) {
if ($shareInfo['federatedServer']) {
$shareeId = base64_encode($shareeId . $shareInfo['federatedServer']);
}
} elseif ($shareType === "group") {
Expand Down Expand Up @@ -352,6 +351,9 @@ public function sendDriveShareInvitation(string $user, TableNode $table): Respon
$shareeId = "";
if ($shareType === "user") {
$shareeId = $this->featureContext->getAttributeOfCreatedUser($sharee, 'id');
if ($rows['federatedServer']) {
$shareeId = base64_encode($shareeId . $rows['federatedServer']);
}
} elseif ($shareType === "group") {
$shareeId = $this->featureContext->getAttributeOfCreatedGroup($sharee, 'id');
}
Expand Down Expand Up @@ -414,6 +416,7 @@ public function userHasSentTheFollowingShareShareInvitation(string $user, TableN
/**
* @When /^user "([^"]*)" sends the following resource share invitation using the Graph API:$/
* @When /^user "([^"]*)" tries to send the following resource share invitation using the Graph API:$/
* @When /^user "([^"]*)" sends the following resource share invitation to federated user using the Graph API:$/
*
* @param string $user
* @param TableNode $table
Expand All @@ -430,26 +433,9 @@ public function userSendsTheFollowingResourceShareInvitationUsingTheGraphApi(str
);
}

/**
* @When /^user "([^"]*)" sends the following resource share invitation to federated user using the Graph API:$/
*
* @param string $user
* @param TableNode $table
*
* @return void
* @throws Exception
* @throws GuzzleException
*/
public function userSendsTheFollowingResourceShareInvitationTofederatedUserUsingTheGraphApi(string $user, TableNode $table): void {
$rows = $table->getRowsHash();
Assert::assertArrayHasKey("resource", $rows, "'resource' should be provided in the data-table while sharing a resource");
$this->featureContext->setResponse(
$this->sendShareInvitation($user, $rows, null, true)
);
}

/**
* @When /^user "([^"]*)" sends the following space share invitation using permissions endpoint of the Graph API:$/
* @When /^user "([^"]*)" tries to send the following space share invitation using permissions endpoint to federated user using the Graph API:$/
*
* @param string $user
* @param TableNode $table
Expand Down Expand Up @@ -1443,6 +1429,7 @@ public function userListsThePermissionsOfDriveUsingRootEndPointOFTheGraphApi(str

/**
* @When /^user "([^"]*)" (?:tries to send|sends) the following space share invitation using root endpoint of the Graph API:$/
* @When /^user "([^"]*)" tries to send the following space share invitation using root endpoint to federated user using the Graph API:$/
*
* @param string $user
* @param TableNode $table
Expand Down
1 change: 1 addition & 0 deletions tests/acceptance/features/apiCollaboration/wopi.feature
View file
Original file line number Diff line number Diff line change
Expand Up @@ -619,6 +619,7 @@ Feature: collaboration (wopi)
| permissionsRole | Viewer |
When user "Brian" tries to create a file "testFile.txt" inside folder "testFolder" in space "Shares" using wopi endpoint
Then the HTTP status code should be "403"
And the JSON data of the response should match
"""
{
"type": "object",
Expand Down
117 changes: 113 additions & 4 deletions tests/acceptance/features/apiOcm/share.feature
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,11 +50,15 @@ Feature: an user shares resources usin ScienceMesh application
"properties": {
"@UI.Hidden": {
"type": "boolean",
"enum": [false]
"enum": [
false
]
},
"@client.synchronize": {
"type": "boolean",
"enum": [false]
"enum": [
false
]
},
"createdBy": {
"type": "object",
Expand Down Expand Up @@ -132,11 +136,15 @@ Feature: an user shares resources usin ScienceMesh application
"properties": {
"@UI.Hidden": {
"type": "boolean",
"enum": [false]
"enum": [
false
]
},
"@client.synchronize": {
"type": "boolean",
"enum": [false]
"enum": [
false
]
},
"createdBy": {
"type": "object",
Expand Down Expand Up @@ -171,3 +179,104 @@ Feature: an user shares resources usin ScienceMesh application
}
}
"""


Scenario Outline: users cannot add the federated users as members of the project space (permissions endpoint)
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Brian" using the Graph API
And user "Brian" has created a space "brian's space" with the default quota using the Graph API
When user "Brian" tries to send the following space share invitation using permissions endpoint to federated user using the Graph API:
| space | brian's space |
| sharee | Alice |
| shareType | user |
| permissionsRole | <permissions-role> |
| federatedServer | @ocis-server:9200 |
Then the HTTP status code should be "405"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "notAllowed"
},
"message": {
"const": "federated user can not become a space member"
}
}
}
}
}
"""
And using server "LOCAL"
And the user "Alice" should not have a space called "brian's space"
Examples:
| permissions-role |
| Space Viewer |
| Space Editor |
| Manager |


Scenario Outline: users cannot add the federated users as members of the project space (root endpoint)
Given using server "LOCAL"
And using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "alice's space" with the default quota using the Graph API
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
When user "Alice" tries to send the following space share invitation using root endpoint to federated user using the Graph API:
| space | alice's space |
| sharee | Brian |
| shareType | user |
| permissionsRole | <permissions-role> |
| federatedServer | @federation-ocis-server:10200 |
Then the HTTP status code should be "405"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "notAllowed"
},
"message": {
"const": "federated user can not become a space member"
}
}
}
}
}
"""
And using server "REMOTE"
And the user "Brian" should not have a space called "alice's space"
Examples:
| permissions-role |
| Space Viewer |
| Space Editor |
| Manager |

0 comments on commit cda5e71

Please sign in to comment.