From facb79ed6ebeb5375d5e80ad2aa667ae1b7acd56 Mon Sep 17 00:00:00 2001 From: amrita Date: Tue, 7 Mar 2023 09:33:26 +0545 Subject: [PATCH] Extend tests coverage for different role capability for group --- ...ected-failures-localAPI-on-OCIS-storage.md | 18 ++++++---- .../features/apiGraph/addUserToGroup.feature | 29 +++++++++++++-- .../features/apiGraph/createGroup.feature | 33 ++++++++++++++++- .../features/apiGraph/deleteGroup.feature | 8 ++++- .../features/apiGraph/editGroup.feature | 36 +++++++++++++++++-- .../features/apiGraph/getGroup.feature | 33 ++++++++++++++--- .../apiGraph/removeUserFromGroup.feature | 8 ++++- .../features/bootstrap/GraphContext.php | 27 +++++++++++--- 8 files changed, 168 insertions(+), 24 deletions(-) diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md index b891a4681d6..3142ba87b2a 100644 --- a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md @@ -44,7 +44,7 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiSpacesShares/copySpaces.feature:793](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/copySpaces.feature#L793) ### [Creating group with empty name returns status code 200](https://github.com/owncloud/ocis/issues/5050) -- [apiGraph/createGroup.feature:40](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L40) +- [apiGraph/createGroup.feature:60](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/createGroup.feature#L60) ### [Settings service user can list other peoples assignments](https://github.com/owncloud/ocis/issues/5032) - [apiAccountsHashDifficulty/assignRole.feature:27](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiAccountsHashDifficulty/assignRole.feature#L27) @@ -59,7 +59,7 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiGraph/deleteGroup.feature:51](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L51) #### [Share lists deleted user as 'user'](https://github.com/owncloud/ocis/issues/903) -- [apiGraph/deleteGroup.feature:62](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L62) +- [apiGraph/deleteGroup.feature:68](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/deleteGroup.feature#L68) #### [Updating group displayName request seems OK but group is not being renamed](https://github.com/owncloud/ocis/issues/5099) - [apiGraph/editGroup.feature:20](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L20) @@ -68,6 +68,10 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiGraph/editGroup.feature:23](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L23) - [apiGraph/editGroup.feature:24](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L24) - [apiGraph/editGroup.feature:25](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L25) +- [apiGraph/editGroup.feature:40](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L40) +- [apiGraph/editGroup.feature:53](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L53) +- [apiGraph/editGroup.feature:54](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L54) +- [apiGraph/editGroup.feature:55](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editGroup.feature#L55) #### [CORS headers are not identical with oC10 headers](https://github.com/owncloud/ocis/issues/5195) - [apiCors/cors.feature:25](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiCors/cors.feature#L25) @@ -98,11 +102,13 @@ The expected failures in this file are from features in the owncloud/ocis repo. #### [Sharing to a group with an expiration date does not work #5442](https://github.com/owncloud/ocis/issues/5442) - [apiSpacesShares/shareSubItemOfSpace.feature:105](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpacesShares/shareSubItemOfSpace.feature#L105) -#### [Space admin should not not be able to change the user quota](https://github.com/owncloud/ocis/issues/5475) +#### [Space admin should not be able to change the user quota](https://github.com/owncloud/ocis/issues/5475) - [apiSpaces/spaceManagement.feature:149](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiSpaces/spaceManagement.feature#L149) #### [Normal user can get expanded members information of a group](https://github.com/owncloud/ocis/issues/5604) -- [apiGraph/getGroup.feature:100](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L100) +- [apiGraph/getGroup.feature:130](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L130) +- [apiGraph/getGroup.feature:131](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L131) +- [apiGraph/getGroup.feature:132](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L132) #### [Changing user with an uppercase name gives 404 error](https://github.com/owncloud/ocis/issues/5763) - [apiGraph/editUser.feature:41](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editUser.feature#L41) @@ -111,10 +117,10 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiGraph/editUser.feature:44](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editUser.feature#L44) #### [Same users can be added in a group multiple time](https://github.com/owncloud/ocis/issues/5702) -- [apiGraph/addUserToGroup.feature:222](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L222) +- [apiGraph/addUserToGroup.feature:245](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L245) #### [Try to add group to a group return 204](https://github.com/owncloud/ocis/issues/5793) -- [apiGraph/addUserToGroup.feature:244](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L244) +- [apiGraph/addUserToGroup.feature:267](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L267) Note: always have an empty line at the end of this file. The bash script that processes this file requires that the last line has a newline on the end. diff --git a/tests/acceptance/features/apiGraph/addUserToGroup.feature b/tests/acceptance/features/apiGraph/addUserToGroup.feature index b6ba2c540a9..3168d9a88a3 100644 --- a/tests/acceptance/features/apiGraph/addUserToGroup.feature +++ b/tests/acceptance/features/apiGraph/addUserToGroup.feature @@ -120,19 +120,31 @@ Feature: add users to group | Alice | var/../etc | - Scenario: normal user tries to add himself to a group - Given group "groupA" has been created + Scenario Outline: normal user tries to add himself to a group + Given the administrator has given "Alice" the role "" using the settings api + And group "groupA" has been created When user "Alice" tries to add himself to group "groupA" using the Graph API Then the HTTP status code should be "401" And the last response should be an unauthorized response + Examples: + | role | + | Space Admin | + | User | + | Guest | - Scenario: normal user tries to other user to a group + Scenario Outline: normal user tries to other user to a group Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "groupA" has been created When user "Alice" tries to add user "Brian" to group "groupA" using the Graph API Then the HTTP status code should be "401" And the last response should be an unauthorized response + Examples: + | role | + | Space Admin | + | User | + | Guest | Scenario: admin tries to add user to a non-existing group @@ -140,6 +152,17 @@ Feature: add users to group Then the HTTP status code should be "404" + Scenario Outline: normal user tries to add user to a non-existing group + Given the administrator has given "Alice" the role "" using the settings api + When the administrator tries to add user "Alice" to a nonexistent group using the Graph API + Then the HTTP status code should be "404" + Examples: + | role | + | Space Admin | + | User | + | Guest | + + Scenario: admin tries to add a non-existing user to a group Given group "groupA" has been created When the administrator tries to add user "nonexistentuser" to group "groupA" using the provisioning API diff --git a/tests/acceptance/features/apiGraph/createGroup.feature b/tests/acceptance/features/apiGraph/createGroup.feature index 48af53fb0fa..3c3ceedfd3f 100644 --- a/tests/acceptance/features/apiGraph/createGroup.feature +++ b/tests/acceptance/features/apiGraph/createGroup.feature @@ -30,13 +30,44 @@ Feature: create group And group "mygroup" should exist - Scenario: normal user tries to create a group + Scenario Outline: normal user tries to create a group Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api When user "Brian" tries to create a group "mygroup" using the Graph API Then the HTTP status code should be "401" And group "mygroup" should not exist + Examples: + | userRole | + | Space Admin | + | User | + | Guest | + + + Scenario Outline: normal user tries to create a group that already exists + Given group "mygroup" has been created + And user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api + When user "Brian" tries to create a group "mygroup" using the Graph API + And the HTTP status code should be "401" + And group "mygroup" should exist + Examples: + | userRole | + | Space Admin | + | User | + | Guest | Scenario: admin user tries to create a group that is the empty string When user "Alice" tries to create a group "" using the Graph API Then the HTTP status code should be "400" + + + Scenario Outline: normal user tries to create a group that is the empty string + Given the administrator has given "Alice" the role "" using the settings api + When user "Alice" tries to create a group "" using the Graph API + Then the HTTP status code should be "401" + Examples: + | userRole | + | Space Admin | + | User | + | Guest | diff --git a/tests/acceptance/features/apiGraph/deleteGroup.feature b/tests/acceptance/features/apiGraph/deleteGroup.feature index 0fb377347ca..22d105e411f 100644 --- a/tests/acceptance/features/apiGraph/deleteGroup.feature +++ b/tests/acceptance/features/apiGraph/deleteGroup.feature @@ -51,12 +51,18 @@ Feature: delete groups | 50%2Fix | %2F literal looks like an escaped slash | - Scenario: normal user tries to delete a group + Scenario Outline: normal user tries to delete a group Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "new-group" has been created When user "Brian" tries to delete group "new-group" using the Graph API Then the HTTP status code should be "401" And group "new-group" should exist + Examples: + | role | + | Space Admin | + | User | + | Guest | @issue-903 Scenario: deleted group should not be listed in the sharees list diff --git a/tests/acceptance/features/apiGraph/editGroup.feature b/tests/acceptance/features/apiGraph/editGroup.feature index e188c04be21..5d9a7293936 100644 --- a/tests/acceptance/features/apiGraph/editGroup.feature +++ b/tests/acceptance/features/apiGraph/editGroup.feature @@ -1,4 +1,4 @@ -@api @skipOnOcV10 +@api @skipOnOcV10 @issue-5099 Feature: edit group name As an admin I want to be able to edit group name @@ -8,7 +8,7 @@ Feature: edit group name Given user "Alice" has been created with default attributes and without skeleton files And the administrator has given "Alice" the role "Admin" using the settings api - @issue-5099 + Scenario Outline: admin user renames a group Given group "" has been created When user "Alice" renames group "" to "" using the Graph API @@ -22,4 +22,34 @@ Feature: edit group name | grp1 | नेपाली | | grp1 | $x<=>[y*z^2]! | | grp1 | staff?group | - | grp1 | 50%pass | \ No newline at end of file + | grp1 | 50%pass | + + + Scenario Outline: normal user tries to renames a group + Given the administrator has given "Alice" the role "" using the settings api + And group "grp1" has been created + When user "Alice" tries to rename group "grp1" to "grp101" using the Graph API + Then the HTTP status code should be "401" + Examples: + | role | + | Space Admin | + | User | + | Guest | + + + Scenario: admin user tries to rename non-existing group + When user "Alice" tries to rename non-existent group to "grp1" using the Graph API + Then the HTTP status code should be "404" + And group "grp1" should not exist + + + Scenario Outline: normal user tries to rename non-existing group + Given the administrator has given "Alice" the role "" using the settings api + When user "Alice" tries to rename non-existent group to "grp1" using the Graph API + Then the HTTP status code should be "404" + And group "grp1" should not exist + Examples: + | role | + | Space Admin | + | User | + | Guest | diff --git a/tests/acceptance/features/apiGraph/getGroup.feature b/tests/acceptance/features/apiGraph/getGroup.feature index 9479dc99bac..d8fc6e23337 100644 --- a/tests/acceptance/features/apiGraph/getGroup.feature +++ b/tests/acceptance/features/apiGraph/getGroup.feature @@ -21,14 +21,20 @@ Feature: get groups and their members | h2o-lover | - Scenario: normal user cannot get the groups list + Scenario Outline: normal user cannot get the groups list Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "tea-lover" has been created And group "coffee-lover" has been created And group "h2o-lover" has been created When user "Brian" gets all the groups using the Graph API Then the HTTP status code should be "401" And the last response should be an unauthorized response + Examples: + | role | + | Space Admin | + | User | + | Guest | Scenario: admin user gets users of a group @@ -46,12 +52,18 @@ Feature: get groups and their members | Carol | - Scenario: normal user tries to get users of a group + Scenario Outline: normal user tries to get users of a group Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "tea-lover" has been created When user "Brian" gets all the members of group "tea-lover" using the Graph API Then the HTTP status code should be "401" And the last response should be an unauthorized response + Examples: + | role | + | Space Admin | + | User | + | Guest | Scenario: admin user gets all groups along with its member's information @@ -75,8 +87,9 @@ Feature: get groups and their members | Carol King | %uuid_v4% | carol@example.org | Carol | - Scenario: normal user gets all groups along with their members information + Scenario Outline: normal user gets all groups along with their members information Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "tea-lover" has been created And group "coffee-lover" has been created And user "Alice" has been added to group "tea-lover" @@ -84,6 +97,11 @@ Feature: get groups and their members When user "Brian" retrieves all groups along with their members using the Graph API Then the HTTP status code should be "401" And the last response should be an unauthorized response + Examples: + | role | + | Space Admin | + | User | + | Guest | Scenario: admin user gets a group along with their members information @@ -97,14 +115,21 @@ Feature: get groups and their members | Alice Hansen | %uuid_v4% | alice@example.org | Alice | | Brian Murphy | %uuid_v4% | brian@example.org | Brian | - Scenario: normal user gets a group along with their members information + + Scenario Outline: normal user gets a group along with their members information Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "tea-lover" has been created And user "Alice" has been added to group "tea-lover" And user "Brian" has been added to group "tea-lover" When user "Brian" gets all the members information of group "tea-lover" using the Graph API Then the HTTP status code should be "401" And the last response should be an unauthorized response + Examples: + | role | + | Space Admin | + | User | + | Guest | Scenario: Get details of a group diff --git a/tests/acceptance/features/apiGraph/removeUserFromGroup.feature b/tests/acceptance/features/apiGraph/removeUserFromGroup.feature index 554773c8c23..5e7d42bbbaa 100644 --- a/tests/acceptance/features/apiGraph/removeUserFromGroup.feature +++ b/tests/acceptance/features/apiGraph/removeUserFromGroup.feature @@ -157,8 +157,9 @@ Feature: remove a user from a group Then the HTTP status code should be "404" - Scenario: normal user tries to remove a user in their group + Scenario Outline: normal user tries to remove a user in their group Given user "Brian" has been created with default attributes and without skeleton files + And the administrator has given "Brian" the role "" using the settings api And group "grp1" has been created And user "Alice" has been added to group "grp1" And user "Brian" has been added to group "grp1" @@ -166,6 +167,11 @@ Feature: remove a user from a group Then the HTTP status code should be "401" And the last response should be an unauthorized response And user "Brian" should belong to group "grp1" + Examples: + | role | + | Space Admin | + | User | + | Guest | Scenario: admin removes a disabled user from a group diff --git a/tests/acceptance/features/bootstrap/GraphContext.php b/tests/acceptance/features/bootstrap/GraphContext.php index 068c7162d84..a2ad6e989fe 100644 --- a/tests/acceptance/features/bootstrap/GraphContext.php +++ b/tests/acceptance/features/bootstrap/GraphContext.php @@ -1256,38 +1256,55 @@ public function theFollowingUsersShouldBeListedInFollowingGroups(TableNode $tabl /** * rename group name * - * @param string $oldGroup + * @param string $oldGroupId * @param string $newGroup * @param string $user * * @return ResponseInterface * @throws GuzzleException */ - public function renameGroup(string $oldGroup, string $newGroup, ?string $user = null): ResponseInterface { + public function renameGroup(string $oldGroupId, string $newGroup, ?string $user = null): ResponseInterface { $credentials = $this->getAdminOrUserCredentials($user); - $groupId = $this->featureContext->getAttributeOfCreatedGroup($oldGroup, "id"); return GraphHelper::updateGroup( $this->featureContext->getBaseUrl(), $this->featureContext->getStepLineRef(), $credentials['username'], $credentials['password'], - $groupId, + $oldGroupId, $newGroup ); } /** * @When user :user renames group :oldGroup to :newGroup using the Graph API + * @When user :user tries to rename group :oldGroup to :newGroup using the Graph API * * @param string $user * @param string $oldGroup * @param string $newGroup * * @return void + * @throws GuzzleException */ public function userRenamesGroupUsingTheGraphApi(string $user, string $oldGroup, string $newGroup): void { - $this->featureContext->setResponse($this->renameGroup($oldGroup, $newGroup, $user)); + $oldGroupId = $this->featureContext->getAttributeOfCreatedGroup($oldGroup, "id"); + $this->featureContext->setResponse($this->renameGroup($oldGroupId, $newGroup, $user)); + } + + /** + * @When user :user tries to rename non-existent group to :newGroup using the Graph API + * + * @param string $user + * @param string $newGroup + * + * @return void + * @throws GuzzleException + * @throws Exception + */ + public function userTriesToRenamesGroupNonExistentGroupToUsingTheGraphApi(string $user, string $newGroup): void { + $oldGroupId = WebDavHelper::generateUUIDv4(); + $this->featureContext->setResponse($this->renameGroup($oldGroupId, $newGroup, $user)); } /**