Extend tests coverage for different role capability for group

tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md

@@ -44,7 +44,7 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 - [apiSpacesShares/copySpaces.feature:793](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/copySpaces.feature#L793)
 
 ### [Creating group with empty name returns status code 200](https://github.com/owncloud/ocis/issues/5050)
-- [apiGraph/createGroup.feature:40](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L40)
+- [apiGraph/createGroup.feature:60](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L60)
 
 ### [Settings service user can list other peoples assignments](https://github.com/owncloud/ocis/issues/5032)
 - [apiAccountsHashDifficulty/assignRole.feature:27](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature#L27)
@@ -59,7 +59,7 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 - [apiGraph/deleteGroup.feature:51](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L51)
 
 #### [Share lists deleted user as 'user'](https://github.com/owncloud/ocis/issues/903)
-- [apiGraph/deleteGroup.feature:62](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L62)
+- [apiGraph/deleteGroup.feature:68](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L68)
 
 #### [Updating group displayName request seems OK but group is not being renamed](https://github.com/owncloud/ocis/issues/5099)
 - [apiGraph/editGroup.feature:20](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L20)
@@ -68,6 +68,10 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 - [apiGraph/editGroup.feature:23](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L23)
 - [apiGraph/editGroup.feature:24](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L24)
 - [apiGraph/editGroup.feature:25](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L25)
+- [apiGraph/editGroup.feature:40](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L40)
+- [apiGraph/editGroup.feature:53](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L53)
+- [apiGraph/editGroup.feature:54](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L54)
+- [apiGraph/editGroup.feature:55](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L55)
 
 #### [CORS headers are not identical with oC10 headers](https://github.com/owncloud/ocis/issues/5195)
 - [apiCors/cors.feature:25](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L25)
@@ -98,11 +102,13 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 #### [Sharing to a group with an expiration date does not work #5442](https://github.com/owncloud/ocis/issues/5442)
 - [apiSpacesShares/shareSubItemOfSpace.feature:105](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/shareSubItemOfSpace.feature#L105)
 
-#### [Space admin should not not be able to change the user quota](https://github.com/owncloud/ocis/issues/5475)
+#### [Space admin should not be able to change the user quota](https://github.com/owncloud/ocis/issues/5475)
 - [apiSpaces/spaceManagement.feature:149](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpaces/spaceManagement.feature#L149)
 
 #### [Normal user can get expanded members information of a group](https://github.com/owncloud/ocis/issues/5604)
-- [apiGraph/getGroup.feature:100](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L100)
+- [apiGraph/getGroup.feature:130](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L130)
+- [apiGraph/getGroup.feature:131](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L131)
+- [apiGraph/getGroup.feature:132](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L132)
 
 #### [Changing user with an uppercase name gives 404 error](https://github.com/owncloud/ocis/issues/5763)
 - [apiGraph/editUser.feature:41](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editUser.feature#L41)
@@ -111,10 +117,10 @@ The expected failures in this file are from features in the owncloud/ocis repo.
 - [apiGraph/editUser.feature:44](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editUser.feature#L44)
 
 #### [Same users can be added in a group multiple time](https://github.com/owncloud/ocis/issues/5702)
-- [apiGraph/addUserToGroup.feature:222](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L222)
+- [apiGraph/addUserToGroup.feature:245](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L245)
 
 #### [Try to add group to a group return 204](https://github.com/owncloud/ocis/issues/5793)
-- [apiGraph/addUserToGroup.feature:244](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L244)
+- [apiGraph/addUserToGroup.feature:267](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L267)
 
 Note: always have an empty line at the end of this file.
 The bash script that processes this file requires that the last line has a newline on the end.

tests/acceptance/features/apiGraph/addUserToGroup.feature

@@ -120,26 +120,49 @@ Feature: add users to group
       | Alice    | var/../etc       |
 
 
-  Scenario: normal user tries to add himself to a group
-    Given group "groupA" has been created
+  Scenario Outline: normal user tries to add himself to a group
+    Given the administrator has given "Alice" the role "<role>" using the settings api
+    And group "groupA" has been created
     When user "Alice" tries to add himself to group "groupA" using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
-  Scenario: normal user tries to other user to a group
+  Scenario Outline: normal user tries to other user to a group
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "groupA" has been created
     When user "Alice" tries to add user "Brian" to group "groupA" using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: admin tries to add user to a non-existing group
     When the administrator tries to add user "Alice" to a nonexistent group using the Graph API
     Then the HTTP status code should be "404"
 
 
+  Scenario Outline: normal user tries to add user to a non-existing group
+    Given the administrator has given "Alice" the role "<role>" using the settings api
+    When the administrator tries to add user "Alice" to a nonexistent group using the Graph API
+    Then the HTTP status code should be "404"
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
+
+
   Scenario: admin tries to add a non-existing user to a group
     Given group "groupA" has been created
     When the administrator tries to add user "nonexistentuser" to group "groupA" using the provisioning API

tests/acceptance/features/apiGraph/createGroup.feature

@@ -30,13 +30,44 @@ Feature: create group
     And group "mygroup" should exist
 
 
-  Scenario: normal user tries to create a group
+  Scenario Outline: normal user tries to create a group
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<userRole>" using the settings api
     When user "Brian" tries to create a group "mygroup" using the Graph API
     Then the HTTP status code should be "401"
     And group "mygroup" should not exist
+    Examples:
+      | userRole    |
+      | Space Admin |
+      | User        |
+      | Guest       |
+
+
+  Scenario Outline: normal user tries to create a group that already exists
+    Given group "mygroup" has been created
+    And user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<userRole>" using the settings api
+    When user "Brian" tries to create a group "mygroup" using the Graph API
+    And the HTTP status code should be "401"
+    And group "mygroup" should exist
+    Examples:
+      | userRole    |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: admin user tries to create a group that is the empty string
     When user "Alice" tries to create a group "" using the Graph API
     Then the HTTP status code should be "400"
+
+
+  Scenario Outline: normal user tries to create a group that is the empty string
+    Given the administrator has given "Alice" the role "<userRole>" using the settings api
+    When user "Alice" tries to create a group "" using the Graph API
+    Then the HTTP status code should be "401"
+    Examples:
+      | userRole    |
+      | Space Admin |
+      | User        |
+      | Guest       |

tests/acceptance/features/apiGraph/deleteGroup.feature

@@ -51,12 +51,18 @@ Feature: delete groups
       | 50%2Fix             | %2F literal looks like an escaped slash |
 
 
-  Scenario: normal user tries to delete a group
+  Scenario Outline: normal user tries to delete a group
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "new-group" has been created
     When user "Brian" tries to delete group "new-group" using the Graph API
     Then the HTTP status code should be "401"
     And group "new-group" should exist
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
   @issue-903
   Scenario: deleted group should not be listed in the sharees list

tests/acceptance/features/apiGraph/editGroup.feature

@@ -1,4 +1,4 @@
-@api @skipOnOcV10
+@api @skipOnOcV10 @issue-5099
 Feature: edit group name
   As an admin
   I want to be able to edit group name
@@ -8,7 +8,7 @@ Feature: edit group name
     Given user "Alice" has been created with default attributes and without skeleton files
     And the administrator has given "Alice" the role "Admin" using the settings api
 
-  @issue-5099
+
   Scenario Outline: admin user renames a group
     Given group "<old_group>" has been created
     When user "Alice" renames group "<old_group>" to "<new_group>" using the Graph API
@@ -22,4 +22,34 @@ Feature: edit group name
       | grp1      | नेपाली          |
       | grp1      | $x<=>[y*z^2]! |
       | grp1      | staff?group   |
-      | grp1      | 50%pass       |
+      | grp1      | 50%pass       |
+
+
+  Scenario Outline: normal user tries to renames a group
+    Given the administrator has given "Alice" the role "<role>" using the settings api
+    And group "grp1" has been created
+    When user "Alice" tries to rename group "grp1" to "grp101" using the Graph API
+    Then the HTTP status code should be "401"
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
+
+
+  Scenario: admin user tries to rename non-existing group
+    When user "Alice" tries to rename non-existent group to "grp1" using the Graph API
+    Then the HTTP status code should be "404"
+    And group "grp1" should not exist
+
+
+  Scenario Outline: normal user tries to rename non-existing group
+    Given the administrator has given "Alice" the role "<role>" using the settings api
+    When user "Alice" tries to rename non-existent group to "grp1" using the Graph API
+    Then the HTTP status code should be "404"
+    And group "grp1" should not exist
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |

tests/acceptance/features/apiGraph/getGroup.feature

@@ -21,14 +21,20 @@ Feature: get groups and their members
       | h2o-lover    |
 
 
-  Scenario: normal user cannot get the groups list
+  Scenario Outline: normal user cannot get the groups list
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "tea-lover" has been created
     And group "coffee-lover" has been created
     And group "h2o-lover" has been created
     When user "Brian" gets all the groups using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: admin user gets users of a group
@@ -46,12 +52,18 @@ Feature: get groups and their members
       | Carol |
 
 
-  Scenario: normal user tries to get users of a group
+  Scenario Outline: normal user tries to get users of a group
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "tea-lover" has been created
     When user "Brian" gets all the members of group "tea-lover" using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: admin user gets all groups along with its member's information
@@ -75,15 +87,21 @@ Feature: get groups and their members
       | Carol King   | %uuid_v4% | carol@example.org | Carol                    |
 
 
-  Scenario: normal user gets all groups along with their members information
+  Scenario Outline: normal user gets all groups along with their members information
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "tea-lover" has been created
     And group "coffee-lover" has been created
     And user "Alice" has been added to group "tea-lover"
     And user "Brian" has been added to group "coffee-lover"
     When user "Brian" retrieves all groups along with their members using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: admin user gets a group along with their members information
@@ -97,14 +115,21 @@ Feature: get groups and their members
       | Alice Hansen | %uuid_v4% | alice@example.org | Alice                    |
       | Brian Murphy | %uuid_v4% | brian@example.org | Brian                    |
 
-  Scenario: normal user gets a group along with their members information
+
+  Scenario Outline: normal user gets a group along with their members information
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "tea-lover" has been created
     And user "Alice" has been added to group "tea-lover"
     And user "Brian" has been added to group "tea-lover"
     When user "Brian" gets all the members information of group "tea-lover" using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: Get details of a group

tests/acceptance/features/apiGraph/removeUserFromGroup.feature

@@ -157,15 +157,21 @@ Feature: remove a user from a group
     Then the HTTP status code should be "404"
 
 
-  Scenario: normal user tries to remove a user in their group
+  Scenario Outline: normal user tries to remove a user in their group
     Given user "Brian" has been created with default attributes and without skeleton files
+    And the administrator has given "Brian" the role "<role>" using the settings api
     And group "grp1" has been created
     And user "Alice" has been added to group "grp1"
     And user "Brian" has been added to group "grp1"
     When user "Alice" tries to remove user "Brian" from group "grp1" using the Graph API
     Then the HTTP status code should be "401"
     And the last response should be an unauthorized response
     And user "Brian" should belong to group "grp1"
+    Examples:
+      | role        |
+      | Space Admin |
+      | User        |
+      | Guest       |
 
 
   Scenario: admin removes a disabled user from a group