[tests-only] [full-ci] Api test. edit public link (#4263)

* add test edit public link * Minor edits to public link tests * Adjust public link tests for comments of Sagar * change line in expected failures Co-authored-by: Phil Davis <[email protected]>
owncloud · Jul 26, 2022 · ecee8b6 · ecee8b6
1 parent b9a3031
commit ecee8b6
Show file tree

Hide file tree

Showing 4 changed files with 181 additions and 8 deletions.
diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md
@@ -43,3 +43,8 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 - [apiSpaces/moveSpaces.feature:186](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpaces/moveSpaces.feature#L186)
 - [apiSpaces/moveSpaces.feature:189](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpaces/moveSpaces.feature#L189)
 
+### [Removing the public link password is broken](https://github.com/owncloud/ocis/issues/4262)
+- [apiSpaces/editPublicLinkOfSpace.feature:55](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpaces/editPublicLinkOfSpace.feature#L55)
+
+### [A space manager cannot see the public links of another manager](https://github.com/owncloud/ocis/issues/4260)
+- [apiSpaces/editPublicLinkOfSpace.feature:67](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpaces/editPublicLinkOfSpace.feature#L67)
diff --git a/tests/acceptance/features/apiSpaces/editPublicLinkOfSpace.feature b/tests/acceptance/features/apiSpaces/editPublicLinkOfSpace.feature
@@ -0,0 +1,83 @@
+@api @skipOnOcV10
+Feature: A manager of the space can edit public link
+  As an user with manager space role
+  I want to be able to edit a public link.
+  So that I can remove or change permission, password, expireDate, and name attributes
+  Users without the manager role cannot see or edit the public link
+
+
+  Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production
+  See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839
+
+  Background:
+    Given these users have been created with default attributes and without skeleton files:
+      | username |
+      | Alice    |
+      | Brian    |
+    And the administrator has given "Alice" the role "Space Admin" using the settings api
+    And user "Alice" has created a space "edit space" with the default quota using the GraphApi
+    And user "Alice" has created a public link share of the space "edit space" with settings:
+      | permissions | 1                        |
+      | password    | qwerty                   |
+      | expireDate  | 2040-01-01T23:59:59+0100 |
+      | name        | someName                 |
+    And user "Alice" has uploaded a file inside space "edit space" with content "some content" to "test.txt"
+
+
+  Scenario Outline: A manager of the space can edit public link.
+    Given using OCS API version "2"
+    When user "Alice" updates the last public link share using the sharing API with
+      | permissions | <permissions> |
+      | password    | <password>    |
+      | name        | <linkName>    |
+      | expireDate  | <expireDate>  |
+    Then the HTTP status code should be "200"
+    And the OCS status code should be "200"
+    And the OCS status message should be "OK"
+    And the fields of the last response to user "Alice" should include
+      | item_type              | folder                |
+      | mimetype               | httpd/unix-directory  |
+      | file_target            | /                     |
+      | path                   | /                     |
+      | permissions            | <expectedPermissions> |
+      | share_type             | public_link           |
+      | displayname_file_owner | %displayname%         |
+      | displayname_owner      | %displayname%         |
+      | uid_file_owner         | %username%            |
+      | uid_owner              | %username%            |
+      | name                   | <linkName>            |
+      | expiration             | <expireDate>          |
+    And the public should be able to download file "/test.txt" from inside the last public link shared folder using the new public WebDAV API with password "<password>"
+    And the downloaded content should be "some content"
+    Examples:
+      | permissions | expectedPermissions       | password | linkName | expireDate               |
+      | 5           | read,create               | newPass  |          |                          |
+      | 15          | read,update,create,delete |          | newName  | 2042-03-25T23:59:59+0100 |
+
+
+  Scenario Outline: Only users with manager role can see a created public link
+    Given using OCS API version "2"
+    When user "Alice" shares a space "edit space" to user "Brian" with role "<role>"
+    Then the HTTP status code should be "200"
+    And the OCS status code should be "200"
+    And for user "Alice" the space "edit space" should contain the last created public link
+    And for user "Brian" the space "edit space" <shouldOrNot> contain the last created public link
+    Examples:
+      | role    | shouldOrNot |
+      | manager | should      |
+      | editor  | should not  |
+      | viewer  | should not  |
+
+
+  Scenario Outline: Members of the space try to edit a public link
+    Given using OCS API version "2"
+    And user "Alice" has shared a space "edit space" to user "Brian" with role "<role>"
+    When user "Brian" updates the last public link share using the sharing API with
+      | permissions | 15 |
+    Then the HTTP status code should be "<code>"
+    And the OCS status code should be "<codeOCS>"
+    Examples:
+      | role    | code | codeOCS |
+      | manager | 200  | 200     |
+      | editor  | 401  | 997     |
+      | viewer  | 401  | 997     |
diff --git a/tests/acceptance/features/apiSpaces/shareSpacesViaLink.feature b/tests/acceptance/features/apiSpaces/shareSpacesViaLink.feature
@@ -37,13 +37,14 @@ Feature: Share spaces via link
             | uid_file_owner         | %username%            |
             | uid_owner              | %username%            |
             | name                   | <linkName>            |
-        And the public should be able to download file "/test.txt" from inside the last public link shared folder using the new public WebDAV API with password "123"
+        And the public should be able to download file "/test.txt" from inside the last public link shared folder using the new public WebDAV API with password "<password>"
         And the downloaded content should be "some content"
+        But the public should not be able to download file "/test.txt" from inside the last public link shared folder using the new public WebDAV API with password "wrong pass"
         Examples:
-            | permissions | expectedPermissions       | password | linkName | expireDate               |
-            | 1           | read                      | 123      | link     | 2042-03-25T23:59:59+0100 |
-            | 5           | read,create               | 123      |          | 2042-03-25T23:59:59+0100 |
-            | 15          | read,update,create,delete |          | link     |                          |
+            | permissions | expectedPermissions       | password       | linkName | expireDate               |
+            | 1           | read                      | 123234         | link     | 2042-03-25T23:59:59+0100 |
+            | 5           | read,create               | qwerty 123     |          | 2042-03-25T23:59:59+0100 |
+            | 15          | read,update,create,delete | d*V^o*Y03R9n8Z | link     |                          |
 
 
     Scenario: An uploader should be able to upload a file
@@ -79,7 +80,17 @@ Feature: Share spaces via link
         Then the HTTP status code should be "404"
         And the OCS status code should be "404"
         And the OCS status message should be "No share permission"
+        And for user "Alice" the space "share space" should not contain the last created public link
         Examples:
             | role   |
             | viewer |
             | editor |
+
+
+    Scenario: An user with manager role can share a space to public via link
+        Given user "Alice" has shared a space "share space" to user "Brian" with role "manager"
+        When user "Brian" creates a public link share of the space "share space" with settings:
+            | permissions | 1 |
+        Then the HTTP status code should be "200"
+        And the OCS status code should be "200"
+        And for user "Alice" the space "share space" should contain the last created public link
diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php
@@ -558,7 +558,7 @@ public function sendPutRequestToUrl(
 	 * @param mixed $body
 	 * @param string $xRequestId
 	 * @param array $headers
-	 * 
+	 *
 	 *
 	 * @return ResponseInterface
 	 *
@@ -2771,7 +2771,7 @@ public function sendShareSpaceViaLinkRequest(
 		$rows["password"] = \array_key_exists("password", $rows) ? $rows["password"] : null;
 		$rows["name"] = \array_key_exists("name", $rows) ? $rows["name"] : null;
 		$rows["expireDate"] = \array_key_exists("expireDate", $rows) ? $rows["expireDate"] : null;
-		
+
 		$body = [
 			"space_ref" => $space['id'],
 			"shareType" => $rows["shareType"],
@@ -2791,8 +2791,82 @@ public function sendShareSpaceViaLinkRequest(
 				$body
 			)
 		);
-	
+
 		// set last response as PublicShareData. using method from core
 		$this->featureContext->setLastPublicShareData($this->featureContext->getResponseXml(null, __METHOD__));
+		// set last shareId if ShareData exists. using method from core
+		if (isset($this->featureContext->getLastPublicShareData()->data)) {
+			$this->featureContext->setLastPublicLinkShareId((string) $this->featureContext->getLastPublicShareData()->data[0]->id);
+		}
+	}
+
+	/**
+	 * @Given /^user "([^"]*)" has created a public link share of the space "([^"]*)" with settings:$/
+	 *
+	 * @param  string $user
+	 * @param  string $spaceName
+	 * @param TableNode|null $table
+	 *
+	 * @return void
+	 * @throws GuzzleException
+	 */
+	public function userHasCreatedPublicLinkShareOfSpace(
+		string $user,
+		string $spaceName,
+		?TableNode $table
+	): void {
+		$this->sendShareSpaceViaLinkRequest($user, $spaceName, $table);
+
+		$expectedHTTPStatus = "200";
+		$this->featureContext->theHTTPStatusCodeShouldBe(
+			$expectedHTTPStatus,
+			"Expected response status code should be $expectedHTTPStatus"
+		);
+		$this->featureContext->setLastPublicLinkShareId((string) $this->featureContext->getLastPublicShareData()->data[0]->id);
+	}
+
+	/**
+	 * @Then /^for user "([^"]*)" the space "([^"]*)" should (not|)\s?contain the last created public link$/
+	 *
+	 * @param string    $user
+	 * @param string    $spaceName
+	 * @param string    $shouldOrNot   (not|)
+	 *
+	 * @return void
+	 *
+	 * @throws Exception|GuzzleException
+	 */
+	public function forUserSpaceShouldContainLinks(
+		string $user,
+		string $spaceName,
+		string $shouldOrNot
+	): void {
+		$space = $this->getSpaceByName($user, $spaceName);
+		$url = "/apps/files_sharing/api/v1/shares";
+
+		$bodyTable = new TableNode([
+			["space_ref", $space['id']],
+			["reshares", true],
+		]);
+
+		$this->ocsContext->userSendsHTTPMethodToOcsApiEndpointWithBody(
+			$user,
+			'GET',
+			$url,
+			$bodyTable
+		);
+
+		$should = ($shouldOrNot !== "not");
+		$responseArray = json_decode(json_encode($this->featureContext->getResponseXml()->data),true, 512, JSON_THROW_ON_ERROR);
+
+		if ($should) {
+			Assert::assertNotEmpty($responseArray, __METHOD__ . ' Response should contain a link, but it is empty');
+			foreach ($responseArray as $element) {
+				$expectedLinkId = $this->featureContext->getLastPublicLinkShareId();
+				Assert::assertEquals($element["id"], $expectedLinkId, "link IDs are different");
+			}
+		} else {
+			Assert::assertEmpty($responseArray, __METHOD__ . ' Response should be empty');
+		}
 	}
 }