From 85714c113d8183ed1927d05abdd7bb3d5dcd2a94 Mon Sep 17 00:00:00 2001 From: Viktor Scharf Date: Thu, 10 Feb 2022 20:21:22 +0100 Subject: [PATCH] added checks: who is owner, who has be granted --- .../features/apiSpaces/restoreSpaces.feature | 17 ++++- .../features/apiSpaces/shareSpaces.feature | 24 ++++-- .../features/bootstrap/SpacesContext.php | 75 +++++++++++++++++-- 3 files changed, 102 insertions(+), 14 deletions(-) diff --git a/tests/acceptance/features/apiSpaces/restoreSpaces.feature b/tests/acceptance/features/apiSpaces/restoreSpaces.feature index 6c2f4c42aa..0351fc2d20 100644 --- a/tests/acceptance/features/apiSpaces/restoreSpaces.feature +++ b/tests/acceptance/features/apiSpaces/restoreSpaces.feature @@ -53,4 +53,19 @@ Feature: Restoring space Then for user "Brian" the space "create data in restored space" should contain these entries: | test.txt | | mainFolder | - \ No newline at end of file + + + Scenario: User with viewer permissions cannot restore space + Given user "Alice" has created a space "viewer restores space" of type "project" with quota "10" + And user "Alice" has shared a space "viewer restores space" to user "Brian" with role "viewer" + And user "Alice" has disabled a space "viewer restores space" + When user "Brian" restores a disabled space "viewer restores space" without manager rights + Then the HTTP status code should be "404" + + + Scenario: User with editor permissions cannot restore space + Given user "Alice" has created a space "editor restores space" of type "project" with quota "10" + And user "Alice" has shared a space "editor restores space" to user "Brian" with role "editor" + And user "Alice" has disabled a space "editor restores space" + When user "Brian" restores a disabled space "editor restores space" without manager rights + Then the HTTP status code should be "404" diff --git a/tests/acceptance/features/apiSpaces/shareSpaces.feature b/tests/acceptance/features/apiSpaces/shareSpaces.feature index c475513b98..df41dd452b 100644 --- a/tests/acceptance/features/apiSpaces/shareSpaces.feature +++ b/tests/acceptance/features/apiSpaces/shareSpaces.feature @@ -9,6 +9,7 @@ Feature: Share spaces Background: Given user "Alice" has been created with default attributes and without skeleton files And user "Brian" has been created with default attributes and without skeleton files + And user "Bob" has been created with default attributes and without skeleton files And the administrator has given "Alice" the role "Admin" using the settings api @@ -32,13 +33,22 @@ Feature: Share spaces Given user "Alice" has created a space "Share space to Brian" of type "project" with quota "10" And user "Alice" has shared a space "Share space to Brian" to user "Brian" with role "viewer" When user "Brian" lists all available spaces via the GraphApi - Then the json responded should contain a space "Share space to Brian" with these key and value pairs: - | key | value | - | driveType | project | - | id | %space_id% | - | name | Share space to Brian | - | quota@@@state | normal | - | root@@@webDavUrl | %base_url%/dav/spaces/%space_id% | + Then the json responded should contain a space "Share space to Brian" owned by "Alice" with these key and value pairs: + | key | value | + | driveType | project | + | id | %space_id% | + | name | Share space to Brian | + | owner@@@user@@@id | %user_id% | + + + Scenario: A user can see who has been granted access + Given user "Alice" has created a space "Share space to Brian" of type "project" with quota "10" + And user "Alice" has shared a space "Share space to Brian" to user "Brian" with role "viewer" + When user "Alice" lists all available spaces via the GraphApi + And the json responded should contain a space "Share space to Brian" granted to "Brian" with these key and value pairs: + | key | value | + | root@@@permissions@@@1@@@grantedTo@@@0@@@user@@@id | %user_id% | + | root@@@permissions@@@1@@@roles@@@0 | viewer | Scenario: A user can see a file in a received shared space diff --git a/tests/acceptance/features/bootstrap/SpacesContext.php b/tests/acceptance/features/bootstrap/SpacesContext.php index 5648a3af97..fbcf2b7c45 100644 --- a/tests/acceptance/features/bootstrap/SpacesContext.php +++ b/tests/acceptance/features/bootstrap/SpacesContext.php @@ -205,6 +205,40 @@ class SpacesContext implements Context { return $spaces[$spaceName]; } + /** + * The method returns userId + * + * @param string $userName + * + * @return string + */ + public function getUserIdByUserName(string $userName): string { + + $fullUrl = $this->baseUrl . "/api/v0/accounts/accounts-list"; + $this->featureContext->setResponse( + HttpRequestHelper::post( + $fullUrl, + "", + $this->featureContext->getAdminUsername(), + $this->featureContext->getAdminPassword(), + [], + "{}" + ) + ); + if ($this->featureContext->getResponse()) { + $rawBody = $this->featureContext->getResponse()->getBody()->getContents(); + if (isset(\json_decode($rawBody, true, 512, JSON_THROW_ON_ERROR)["accounts"])) { + $accounts = \json_decode($rawBody, true, 512, JSON_THROW_ON_ERROR)["accounts"]; + } + } + foreach ($accounts as $account) { + if ($account["preferredName"] === $userName) { + return $account["id"]; + } + } + throw new Exception(__METHOD__ . " user with name $userName not found"); + } + /** * @BeforeScenario * @@ -718,9 +752,10 @@ class SpacesContext implements Context { } /** - * @Then /^the json responded should contain a space "([^"]*)" with these key and value pairs:$/ - * + * @Then /^the json responded should contain a space "([^"]*)" (?:|(?:owned by|granted to) "([^"]*)" )with these key and value pairs:$/ + * * @param string $spaceName + * @param string $userName * @param TableNode $table * * @return void @@ -728,6 +763,7 @@ class SpacesContext implements Context { */ public function jsonRespondedShouldContain( string $spaceName, + string $userName = '', TableNode $table ): void { $this->featureContext->verifyTableNodeColumns($table, ['key', 'value']); @@ -745,7 +781,13 @@ class SpacesContext implements Context { "function" => [$this, "getSpaceIdByNameFromResponse"], "parameter" => [$spaceName] - ] + ], + [ + "code" => "%user_id%", + "function" => + [$this, "getUserIdByUserName"], + "parameter" => [$userName] + ], ] ); $segments = explode("@@@", $row["key"]); @@ -1488,19 +1530,24 @@ class SpacesContext implements Context { * * @param string $user * @param string $spaceName + * @param string $userWithManagerRigths * * @return void * @throws GuzzleException */ public function sendRestoreSpaceRequest( string $user, - string $spaceName + string $spaceName, + string $userWithManagerRigths = '' ): void { + if (!empty($userWithManagerRigths)) { + $space = $this->getSpaceByName($userWithManagerRigths, $spaceName); + } else { + $space = $this->getSpaceByName($user, $spaceName); + } $header = ["restore" => true]; $body = '{}'; - $space = $this->getSpaceByName($user, $spaceName); $fullUrl = $this->baseUrl . "/graph/v1.0/drives/" . $space["id"]; - $this->featureContext->setResponse( HttpRequestHelper::sendRequest( $fullUrl, @@ -1514,6 +1561,22 @@ class SpacesContext implements Context { ); } + /** + * @When /^user "([^"]*)" restores a disabled space "([^"]*)" without manager rights$/ + * + * @param string $user + * @param string $spaceName + * + * @return void + * @throws GuzzleException + */ + public function sendRestoreSpaceWithoutRightsRequest( + string $user, + string $spaceName + ): void { + $this->sendRestoreSpaceRequest($user, $spaceName, $this->featureContext->getAdminUsername()); + } + /** * @When /^user "([^"]*)" has restored a disabled space "([^"]*)"$/ *