added checks: who is owner, who has be granted

2026-01-18 02:49:01 -05:00 · 2022-02-10 20:21:22 +01:00
parent 21c7b10f98
commit 85714c113d
3 changed files with 102 additions and 14 deletions
--- a/tests/acceptance/features/apiSpaces/restoreSpaces.feature
+++ b/tests/acceptance/features/apiSpaces/restoreSpaces.feature
@@ -53,4 +53,19 @@ Feature: Restoring space
    Then for user "Brian" the space "create data in restored space" should contain these entries:
      | test.txt         |
      | mainFolder       |
-    
+    
+
+  Scenario: User with viewer permissions cannot restore space
+    Given user "Alice" has created a space "viewer restores space" of type "project" with quota "10"
+    And user "Alice" has shared a space "viewer restores space" to user "Brian" with role "viewer"
+    And user "Alice" has disabled a space "viewer restores space"
+    When user "Brian" restores a disabled space "viewer restores space" without manager rights
+    Then the HTTP status code should be "404"
+
+
+  Scenario: User with editor permissions cannot restore space
+    Given user "Alice" has created a space "editor restores space" of type "project" with quota "10"
+    And user "Alice" has shared a space "editor restores space" to user "Brian" with role "editor"
+    And user "Alice" has disabled a space "editor restores space"
+    When user "Brian" restores a disabled space "editor restores space" without manager rights
+    Then the HTTP status code should be "404"
--- a/tests/acceptance/features/apiSpaces/shareSpaces.feature
+++ b/tests/acceptance/features/apiSpaces/shareSpaces.feature
@@ -9,6 +9,7 @@ Feature: Share spaces
  Background:
    Given user "Alice" has been created with default attributes and without skeleton files
    And user "Brian" has been created with default attributes and without skeleton files
+    And user "Bob" has been created with default attributes and without skeleton files
    And the administrator has given "Alice" the role "Admin" using the settings api


@@ -32,13 +33,22 @@ Feature: Share spaces
    Given user "Alice" has created a space "Share space to Brian" of type "project" with quota "10"
    And user "Alice" has shared a space "Share space to Brian" to user "Brian" with role "viewer"
    When user "Brian" lists all available spaces via the GraphApi
-    Then the json responded should contain a space "Share space to Brian" with these key and value pairs:
-      | key              | value                            |
-      | driveType        | project                          |
-      | id               | %space_id%                       |
-      | name             | Share space to Brian             |
-      | quota@@@state    | normal                           |
-      | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% |
+    Then the json responded should contain a space "Share space to Brian" owned by "Alice" with these key and value pairs:
+      | key               | value                |
+      | driveType         | project              |
+      | id                | %space_id%           |
+      | name              | Share space to Brian |
+      | owner@@@user@@@id | %user_id%            | 
+
+  
+  Scenario: A user can see who has been granted access
+    Given user "Alice" has created a space "Share space to Brian" of type "project" with quota "10"
+    And user "Alice" has shared a space "Share space to Brian" to user "Brian" with role "viewer"
+    When user "Alice" lists all available spaces via the GraphApi
+    And the json responded should contain a space "Share space to Brian" granted to "Brian" with these key and value pairs:
+      | key                                                    | value      |
+      | root@@@permissions@@@1@@@grantedTo@@@0@@@user@@@id     | %user_id%  | 
+      | root@@@permissions@@@1@@@roles@@@0                     | viewer     |


  Scenario: A user can see a file in a received shared space
--- a/tests/acceptance/features/bootstrap/SpacesContext.php
+++ b/tests/acceptance/features/bootstrap/SpacesContext.php
@@ -205,6 +205,40 @@ class SpacesContext implements Context {
 		return $spaces[$spaceName];
 	}

+	/**
+	 * The method returns userId
+	 *
+	 * @param string $userName
+	 *
+	 * @return string
+	 */
+	public function getUserIdByUserName(string $userName): string {
+
+		$fullUrl = $this->baseUrl . "/api/v0/accounts/accounts-list";
+		$this->featureContext->setResponse(
+			HttpRequestHelper::post(
+				$fullUrl, 
+				"", 
+				$this->featureContext->getAdminUsername(), 
+				$this->featureContext->getAdminPassword(), 
+				[], 
+				"{}"
+			)
+		);
+		if ($this->featureContext->getResponse()) {
+			$rawBody = $this->featureContext->getResponse()->getBody()->getContents();
+			if (isset(\json_decode($rawBody, true, 512, JSON_THROW_ON_ERROR)["accounts"])) {
+				$accounts = \json_decode($rawBody, true, 512, JSON_THROW_ON_ERROR)["accounts"];
+			}
+		}
+		foreach ($accounts as $account) {
+			if ($account["preferredName"] === $userName) {
+				return $account["id"];
+			}
+		}
+		throw new Exception(__METHOD__ . " user with name $userName not found");
+	}
+
 	/**
 	 * @BeforeScenario
 	 *
@@ -718,9 +752,10 @@ class SpacesContext implements Context {
 	}

 	/**
-	 * @Then /^the json responded should contain a space "([^"]*)" with these key and value pairs:$/
-	 *
+	 * @Then /^the json responded should contain a space "([^"]*)" (?:|(?:owned by|granted to) "([^"]*)" )with these key and value pairs:$/
+	 * 
 	 * @param string $spaceName
+	 * @param string $userName
 	 * @param TableNode $table
 	 *
 	 * @return void
@@ -728,6 +763,7 @@ class SpacesContext implements Context {
 	 */
 	public function jsonRespondedShouldContain(
 		string $spaceName,
+		string $userName = '',
 		TableNode $table
 	): void {
 		$this->featureContext->verifyTableNodeColumns($table, ['key', 'value']);
@@ -745,7 +781,13 @@ class SpacesContext implements Context {
 						"function" =>
 							[$this, "getSpaceIdByNameFromResponse"],
 						"parameter" => [$spaceName]
-					]
+					],
+					[ 
+						"code" => "%user_id%",
+						"function" =>
+							[$this, "getUserIdByUserName"],
+						"parameter" => [$userName]
+					],
 				]
 			);
 			$segments = explode("@@@", $row["key"]);
@@ -1488,19 +1530,24 @@ class SpacesContext implements Context {
 	 *
 	 * @param  string $user
 	 * @param  string $spaceName
+	 * @param  string $userWithManagerRigths
 	 *
 	 * @return void
 	 * @throws GuzzleException
 	 */
 	public function sendRestoreSpaceRequest(
 		string $user,
-		string $spaceName
+		string $spaceName,
+		string $userWithManagerRigths = ''
 	): void {
+		if (!empty($userWithManagerRigths)) {
+			$space = $this->getSpaceByName($userWithManagerRigths, $spaceName);
+		} else {
+			$space = $this->getSpaceByName($user, $spaceName);
+		}
 		$header = ["restore" => true];
 		$body = '{}';
-		$space = $this->getSpaceByName($user, $spaceName);
 		$fullUrl = $this->baseUrl . "/graph/v1.0/drives/" . $space["id"];
-
 		$this->featureContext->setResponse(
 			HttpRequestHelper::sendRequest(
 				$fullUrl,
@@ -1514,6 +1561,22 @@ class SpacesContext implements Context {
 		);
 	}

+	/**
+	 * @When /^user "([^"]*)" restores a disabled space "([^"]*)" without manager rights$/
+	 *
+	 * @param  string $user
+	 * @param  string $spaceName
+	 *
+	 * @return void
+	 * @throws GuzzleException
+	 */
+	public function sendRestoreSpaceWithoutRightsRequest(
+		string $user,
+		string $spaceName
+	): void {
+		$this->sendRestoreSpaceRequest($user, $spaceName, $this->featureContext->getAdminUsername());
+	}
+
 	/**
 	 * @When /^user "([^"]*)" has restored a disabled space "([^"]*)"$/
 	 *