mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-25 22:42:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add apiOcisSpecific features from apiAuthOcs

Browse Source
This commit is contained in:
Phil Davis
2020-07-30 14:40:11 +05:45
parent 9d147b157a
commit 71f1c752ff
3 changed files with 165 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
tests/acceptance/features/apiOcisSpecific/ocsGETAuth.feature Normal file
View File

@@ -0,0 +1,112 @@
@api
Feature: auth
Background:
Given user "Alice" has been created with default attributes and skeleton files
@issue-ocis-reva-29
@issue-ocis-reva-30
# after fixing all issues delete this Scenario and use the one from oC10 core
Scenario: using OCS anonymously
When a user requests these endpoints with "GET" and no authentication
| endpoint |
| /ocs/v1.php/apps/files_external/api/v1/mounts |
| /ocs/v2.php/apps/files_external/api/v1/mounts |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/cloud/apps |
| /ocs/v2.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v2.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/users |
| /ocs/v1.php/config |
| /ocs/v2.php/config |
| /ocs/v1.php/privatedata/getattribute |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on all endpoints should be "401"
And the OCS status code of responses on all endpoints should be "notset"
@issue-ocis-reva-11
@issue-ocis-reva-30
@issue-ocis-reva-31
@issue-ocis-reva-32
@issue-ocis-reva-33
@issue-ocis-reva-34
@issue-ocis-reva-35
# after fixing all issues delete this Scenario and use the one from oC10 core
Scenario: using OCS with non-admin basic auth
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v1.php/apps/files_external/api/v1/mounts |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/privatedata/getattribute |
| /ocs/v1.php/cloud/groups |
| /ocs/v1.php/cloud/apps |
Then the HTTP status code of responses on all endpoints should be "200"
And the OCS status code of responses on all endpoints should be "998"
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v1.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
And the OCS status code of responses on all endpoints should be "100"
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v2.php/apps/files_external/api/v1/mounts |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
# | /ocs/v1.php/apps/files_sharing/api/v1/shares | 100 | 200 |
# | /ocs/v2.php/apps/files_sharing/api/v1/shares | 100 | 200 |
| /ocs/v2.php/cloud/apps |
| /ocs/v2.php/cloud/groups |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on all endpoints should be "404"
And the OCS status code of responses on all endpoints should be "998"
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v1.php/cloud/users |
Then the HTTP status code of responses on all endpoints should be "200"
And the OCS status code of responses on all endpoints should be "403"
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v2.php/cloud/users |
Then the HTTP status code of responses on all endpoints should be "403"
And the OCS status code of responses on all endpoints should be "403"
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v2.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
And the OCS status code of responses on all endpoints should be "200"
@issue-ocis-reva-29
@issue-ocis-reva-30
# after fixing all issues delete this Scenario and use the one from oC10 core
Scenario: using OCS as normal user with wrong password
When user "Alice" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v1.php/apps/files_external/api/v1/mounts |
| /ocs/v2.php/apps/files_external/api/v1/mounts |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/cloud/apps |
| /ocs/v2.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v2.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/users |
| /ocs/v1.php/config |
| /ocs/v2.php/config |
| /ocs/v1.php/privatedata/getattribute |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on all endpoints should be "401"
And the OCS status code of responses on all endpoints should be "notset"

35
tests/acceptance/features/apiOcisSpecific/ocsPOSTAuth.feature Normal file
View File

@@ -0,0 +1,35 @@
@api
Feature: auth
Background:
Given user "Alice" has been created with default attributes and skeleton files
@issue-ocis-reva-30
# after fixing all issues delete this Scenario and use the one from oC10 core
Scenario: send POST requests to OCS endpoints as normal user with wrong password
When user "Alice" requests these endpoints with "POST" including body "doesnotmatter" using password "invalid" about user "Alice"
| endpoint |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending/123 |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending/123 |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/apps/files_sharing/api/v1/shares/pending/123 |
| /ocs/v2.php/apps/files_sharing/api/v1/shares/pending/123 |
| /ocs/v1.php/cloud/apps/testing |
| /ocs/v2.php/cloud/apps/testing |
| /ocs/v1.php/cloud/groups |
| /ocs/v2.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/users |
| /ocs/v1.php/cloud/users/%username%/groups |
| /ocs/v2.php/cloud/users/%username%/groups |
| /ocs/v1.php/cloud/users/%username%/subadmins |
| /ocs/v2.php/cloud/users/%username%/subadmins |
| /ocs/v1.php/person/check |
| /ocs/v2.php/person/check |
| /ocs/v1.php/privatedata/deleteattribute/testing/test |
| /ocs/v2.php/privatedata/deleteattribute/testing/test |
| /ocs/v1.php/privatedata/setattribute/testing/test |
| /ocs/v2.php/privatedata/setattribute/testing/test |
Then the HTTP status code of responses on all endpoints should be "401"
And the OCS status code of responses on all endpoints should be "notset"

18
tests/acceptance/features/apiOcisSpecific/ocsPUTAuth.feature Normal file
View File

@@ -0,0 +1,18 @@
@api
Feature: auth
@issue-ocis-reva-30
# after fixing all issues delete this Scenario and use the one from oC10 core
Scenario: send PUT request to OCS endpoints as admin with wrong password
When the administrator requests these endpoints with "PUT" with body "doesnotmatter" using password "invalid" about user "Alice"
| endpoint |
| /ocs/v1.php/cloud/users/%username% |
| /ocs/v2.php/cloud/users/%username% |
| /ocs/v1.php/cloud/users/%username%/disable |
| /ocs/v2.php/cloud/users/%username%/disable |
| /ocs/v1.php/cloud/users/%username%/enable |
| /ocs/v2.php/cloud/users/%username%/enable |
| /ocs/v1.php/apps/files_sharing/api/v1/shares/123 |
| /ocs/v2.php/apps/files_sharing/api/v1/shares/123 |
Then the HTTP status code of responses on all endpoints should be "401"
And the OCS status code of responses on all endpoints should be "notset"