Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[tests-only][full-ci]Added test for banned password to create public link #8194

Merged
merged 2 commits into from
Jan 18, 2024
Merged

[tests-only][full-ci]Added test for banned password to create public link #8194

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4fa76a5
Added test for banned password to create public link
SagarGi Jan 15, 2024
9e57057
review address
SagarGi Jan 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
100 changes: 100 additions & 0 deletions tests/acceptance/features/apiSharingNg/linkShare.feature
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -584,3 +584,103 @@ Feature: Create a share link for a resource
"""
And the public should be able to download file "textfile1.txt" from the last link share with password "%public%" and the content should be "other data"
And the public download of file "textfile1.txt" from the last link share with password "$heLlo*1234*" should fail with HTTP status code "401" using shareNg


Scenario Outline: create a file's link share with a password that is listed in the Banned-Password-List
Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt"
And user "Alice" has uploaded file with content "other data" to "text.txt"
When user "Alice" creates the following link share using the Graph API:
| resourceType | file |
| resource | text.txt |
| space | Personal |
| permissionsRole | view |
| password | <banned-password> |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"type": "string",
"pattern": "invalidRequest"
},
"message": {
"type": "string",
"enum": [
"unfortunately, your password is commonly used. please pick a harder-to-guess password for your safety"
]
}
}
}
}
}
"""
Examples:
| banned-password |
| 123 |
| password |
| ownCloud |


Scenario Outline: update a file's link share with a password that is listed in the Banned-Password-List
Given the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt"
And user "Alice" has uploaded file with content "other data" to "text.txt"
And user "Alice" has created the following link share:
| resourceType | file |
| resource | text.txt |
| space | Personal |
| permissionsRole | view |
| password | %public% |
saw-jan marked this conversation as resolved.
Show resolved Hide resolved
When user "Alice" sets the following password for the last link share using the Graph API:
| resourceType | file |
| resource | text.txt |
| space | Personal |
| permissionsRole | view |
| password | <banned-password> |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"type": "string",
"pattern": "invalidRequest"
},
"message": {
"type": "string",
"enum": [
"unfortunately, your password is commonly used. please pick a harder-to-guess password for your safety"
]
}
}
}
}
}
"""
Examples:
| banned-password |
| 123 |
| password |
| ownCloud |