Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[test-only] add more CORS tests #8254

Merged
merged 1 commit into from
Jan 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion tests/TestHelpers/WebDavHelper.php
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,7 @@ public static function getBodyForPropfind(?array $properties): string {
* @param string|null $type
* @param int|null $davPathVersionToUse
* @param string|null $doDavRequestAsUser
* @param array|null $headers
*
* @return ResponseInterface
* @throws Exception
Expand All @@ -194,7 +195,8 @@ public static function propfind(
?string $folderDepth = '1',
?string $type = "files",
?int $davPathVersionToUse = self::DAV_VERSION_NEW,
?string $doDavRequestAsUser = null
?string $doDavRequestAsUser = null,
?array $headers = []
):ResponseInterface {
$body = self::getBodyForPropfind($properties);
$folderDepth = (string) $folderDepth;
Expand Down
24 changes: 22 additions & 2 deletions tests/acceptance/features/apiCors/cors.feature
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,8 @@ Feature: CORS headers
Scenario Outline: CORS headers should not be returned when CORS domain does not match origin header
Given using OCS API version "<ocs_api_version>"
When user "Alice" sends HTTP method "GET" to OCS API endpoint "<endpoint>" with headers
| header | value |
| Origin | https://mero.badal |
| header | value |
| Origin | https://mero.badal |
Then the OCS status code should be "<ocs-code>"
And the HTTP status code should be "<http-code>"
And the following headers should not be set
Expand Down Expand Up @@ -70,3 +70,23 @@ Feature: CORS headers
| 2 | | /apps/files_sharing/api/v1/shares | PUT |
| 1 | | /apps/files_sharing/api/v1/shares | DELETE |
| 2 | | /apps/files_sharing/api/v1/shares | POST |


Scenario: CORS headers should be returned when setting CORS domain sending origin header in the Graph api
When user "Alice" lists all available spaces with headers using the Graph API
| header | value |
| Origin | https://aphno.badal |
Then the HTTP status code should be "200"
And the following headers should be set
| header | value |
| Access-Control-Allow-Origin | https://aphno.badal |

@issue-8231
Scenario: CORS headers should be returned when setting CORS domain sending origin header in the Webdav api
When user "Alice" sends PROPFIND request to space "Alice Hansen" with headers using the WebDAV API
| header | value |
| Origin | https://aphno.badal |
Then the HTTP status code should be "207"
And the following headers should be set
| header | value |
| Access-Control-Allow-Origin | https://aphno.badal |
62 changes: 58 additions & 4 deletions tests/acceptance/features/bootstrap/SpacesContext.php
Original file line number Diff line number Diff line change
Expand Up @@ -544,19 +544,22 @@ public function sendCreateFolderRequest(
/**
* @param string $user
* @param string $query
* @param array $headers
*
* @return ResponseInterface
*
* @throws GuzzleException
* @throws Exception
*/
public function listAllAvailableSpacesOfUser(string $user, string $query = ''): ResponseInterface {
public function listAllAvailableSpacesOfUser(string $user, string $query = '', array $headers = []): ResponseInterface {
$response = GraphHelper::getMySpaces(
$this->featureContext->getBaseUrl(),
$user,
$this->featureContext->getPasswordForUser($user),
"?" . $query,
$this->featureContext->getStepLineRef()
$this->featureContext->getStepLineRef(),
[],
$headers
);
$this->rememberTheAvailableSpaces($response);
return $response;
Expand All @@ -578,6 +581,28 @@ public function theUserListsAllHisAvailableSpacesUsingTheGraphApi(string $user,
$this->featureContext->setResponse($this->listAllAvailableSpacesOfUser($user, $query));
}

/**
* @When /^user "([^"]*)" lists all available spaces with headers using the Graph API$/
*
* @param string $user
* @param TableNode $headersTable
*
* @return void
*
* @throws GuzzleException
* @throws Exception
*/
public function theUserListsAllHisAvailableSpacesWithHeadersUsingTheGraphApi(string $user, TableNode $headersTable): void {
$this->featureContext->verifyTableNodeColumns(
$headersTable,
['header', 'value']
);
foreach ($headersTable as $row) {
$headers[$row['header']] = $row ['value'];
}
$this->featureContext->setResponse($this->listAllAvailableSpacesOfUser($user, '', $headers));
}

/**
* The method is used on the administration setting tab, which only the Admin user and the Space admin user have access to
*
Expand Down Expand Up @@ -3528,17 +3553,44 @@ public function userSendsPropfindRequestToSpace(string $user, string $spaceName,
);
}

/**
* @When /^user "([^"]*)" sends PROPFIND request to space "([^"]*)" with headers using the WebDAV API$/
*
* @param string $user
* @param string $spaceName
* @param TableNode $headersTable
*
* @return void
*
* @throws JsonException
*
* @throws GuzzleException
*/
public function userSendsPropfindRequestToSpaceWithHeaders(string $user, string $spaceName, $headersTable): void {
$this->featureContext->verifyTableNodeColumns(
$headersTable,
['header', 'value']
);
foreach ($headersTable as $row) {
$headers[$row['header']] = $row ['value'];
}
$this->featureContext->setResponse(
$this->sendPropfindRequestToSpace($user, $spaceName, '', $headers)
);
}

/**
* @param string $user
* @param string $spaceName
* @param string|null $resource
* @param array|null $headers
*
* @return ResponseInterface
* @throws GuzzleException
*
* @throws JsonException
*/
public function sendPropfindRequestToSpace(string $user, string $spaceName, ?string $resource = ""): ResponseInterface {
public function sendPropfindRequestToSpace(string $user, string $spaceName, ?string $resource = "", ?array $headers = []): ResponseInterface {
$this->setSpaceIDByName($user, $spaceName);
$properties = ['oc:permissions','oc:file-parent','oc:fileid','oc:share-types','oc:privatelink','d:resourcetype','oc:size','oc:name','d:getcontenttype','oc:tags','d:lockdiscovery','d:activelock'];
return WebDavHelper::propfind(
Expand All @@ -3550,7 +3602,9 @@ public function sendPropfindRequestToSpace(string $user, string $spaceName, ?str
$this->featureContext->getStepLineRef(),
"0",
"files",
WebDavHelper::DAV_VERSION_SPACES
WebDavHelper::DAV_VERSION_SPACES,
"",
$headers
);
}

Expand Down