From 924246c0a65142c67a89b28ac162c0310fc6ee07 Mon Sep 17 00:00:00 2001 From: Phil Davis Date: Thu, 28 Jan 2021 11:56:07 +0545 Subject: [PATCH] Rename apiBasic to apiAccountsHashDifficulty --- .drone.star | 4 ++-- tests/acceptance/config/behat.yml | 4 ++-- tests/acceptance/docker/Makefile | 16 +++++++------- .../apiAccountsHashDifficulty/addUser.feature | 21 +++++++++++++++++++ .../createShareToSharesFolder.feature | 6 ++++++ .../uploadFile.feature | 9 +++++--- .../webDavPUTAuthInvalid.feature | 6 ++++++ .../features/apiBasic/addUser.feature | 18 ---------------- 8 files changed, 51 insertions(+), 33 deletions(-) create mode 100644 tests/acceptance/features/apiAccountsHashDifficulty/addUser.feature rename tests/acceptance/features/{apiBasic => apiAccountsHashDifficulty}/createShareToSharesFolder.feature (73%) rename tests/acceptance/features/{apiBasic => apiAccountsHashDifficulty}/uploadFile.feature (61%) rename tests/acceptance/features/{apiBasic => apiAccountsHashDifficulty}/webDavPUTAuthInvalid.feature (80%) delete mode 100644 tests/acceptance/features/apiBasic/addUser.feature diff --git a/.drone.star b/.drone.star index 76dcbeefc7..2e599403e9 100644 --- a/.drone.star +++ b/.drone.star @@ -239,8 +239,8 @@ def testPipelines(ctx): pipelines = [ localApiTests(ctx, 'owncloud', 'apiOcisSpecific'), localApiTests(ctx, 'ocis', 'apiOcisSpecific'), - localApiTests(ctx, 'owncloud', 'apiBasic', 'default'), - localApiTests(ctx, 'ocis', 'apiBasic', 'default') + localApiTests(ctx, 'owncloud', 'apiAccountsHashDifficulty', 'default'), + localApiTests(ctx, 'ocis', 'apiAccountsHashDifficulty', 'default') ] for runPart in range(1, config['apiTests']['numberOfParts'] + 1): diff --git a/tests/acceptance/config/behat.yml b/tests/acceptance/config/behat.yml index bb33b728d7..e2480b6f2b 100644 --- a/tests/acceptance/config/behat.yml +++ b/tests/acceptance/config/behat.yml @@ -3,9 +3,9 @@ default: '': '%paths.base%/../features/bootstrap' suites: - apiBasic: + apiAccountsHashDifficulty: paths: - - '%paths.base%/../features/apiBasic' + - '%paths.base%/../features/apiAccountsHashDifficulty' context: &common_ldap_suite_context parameters: ldapAdminPassword: admin diff --git a/tests/acceptance/docker/Makefile b/tests/acceptance/docker/Makefile index dcec4ed638..554c8c37fc 100644 --- a/tests/acceptance/docker/Makefile +++ b/tests/acceptance/docker/Makefile @@ -51,11 +51,11 @@ help: @echo -e "https://hub.docker.com/r/owncloud/ocis." @echo @echo -e "${GREEN}Run full oCIS test suites against oCIS with oCIS storage:${RESET}\n" - @echo -e "\tmake localApiTests-apiBasic-ocis\t\t${BLUE}run apiBasic test suite${RESET}" + @echo -e "\tmake localApiTests-apiAccountsHashDifficulty-ocis\t\t${BLUE}run apiAccountsHashDifficulty test suite${RESET}" @echo -e "\tmake localApiTests-apiOcisSpecific-ocis\t\t${BLUE}run apiOcisSPecific test suite${RESET}" @echo @echo -e "${GREEN}Run full oCIS test suites against oCIS with ownCloud storage:${RESET}\n" - @echo -e "\tmake localApiTests-apiBasic-owncloud\t\t${BLUE}run apiBasic test suite${RESET}" + @echo -e "\tmake localApiTests-apiAccountsHashDifficulty-owncloud\t\t${BLUE}run apiAccountsHashDifficulty test suite${RESET}" @echo -e "\tmake localApiTests-apiOcisSpecific-owncloud\t${BLUE}run apiOcisSpecific test suite${RESET}" @echo @echo -e "${GREEN}Run full ownCloud test suites against oCIS with oCIS storage:${RESET}\n" @@ -133,11 +133,11 @@ localApiTests-apiOcisSpecific-owncloud: ## run apiOcisSpecific test suite with o BEHAT_SUITE=apiOcisSpecific \ $(MAKE) --no-print-directory testSuite -.PHONY: localApiTests-apiBasic-owncloud -localApiTests-apiBasic-owncloud: ## run apiBasic test suite with owncloud storage +.PHONY: localApiTests-apiAccountsHashDifficulty-owncloud +localApiTests-apiAccountsHashDifficulty-owncloud: ## run apiAccountsHashDifficulty test suite with owncloud storage @TEST_SOURCE=ocis \ STORAGE=owncloud \ - BEHAT_SUITE=apiBasic \ + BEHAT_SUITE=apiAccountsHashDifficulty \ $(MAKE) --no-print-directory testSuite .PHONY: localApiTests-apiOcisSpecific-ocis @@ -147,11 +147,11 @@ localApiTests-apiOcisSpecific-ocis: ## run apiOcisSPecific test suite with ocis BEHAT_SUITE=apiOcisSpecific \ $(MAKE) --no-print-directory testSuite -.PHONY: localApiTests-apiBasic-ocis -localApiTests-apiBasic-ocis: ## run apiBasic test suite with ocis storage +.PHONY: localApiTests-apiAccountsHashDifficulty-ocis +localApiTests-apiAccountsHashDifficulty-ocis: ## run apiAccountsHashDifficulty test suite with ocis storage @TEST_SOURCE=ocis \ STORAGE=ocis \ - BEHAT_SUITE=apiBasic \ + BEHAT_SUITE=apiAccountsHashDifficulty \ $(MAKE) --no-print-directory testSuite targets = $(addprefix Core-API-Tests-owncloud-storage-,$(PARTS)) diff --git a/tests/acceptance/features/apiAccountsHashDifficulty/addUser.feature b/tests/acceptance/features/apiAccountsHashDifficulty/addUser.feature new file mode 100644 index 0000000000..eb271388b9 --- /dev/null +++ b/tests/acceptance/features/apiAccountsHashDifficulty/addUser.feature @@ -0,0 +1,21 @@ +@api @provisioning_api-app-required @skipOnLDAP +Feature: add user + As an admin + I want to be able to add users and store their password with the full hash difficulty + So that I can give people controlled individual access to resources on the ownCloud server + + Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production + See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 + + Scenario Outline: admin creates a user + Given using OCS API version "" + And user "brand-new-user" has been deleted + When the administrator sends a user creation request for user "brand-new-user" password "%alt1%" using the provisioning API + Then the OCS status code should be "" + And the HTTP status code should be "200" + And user "brand-new-user" should exist + And user "brand-new-user" should be able to access a skeleton file + Examples: + | ocs_api_version | ocs_status_code | + | 1 | 100 | + | 2 | 200 | diff --git a/tests/acceptance/features/apiBasic/createShareToSharesFolder.feature b/tests/acceptance/features/apiAccountsHashDifficulty/createShareToSharesFolder.feature similarity index 73% rename from tests/acceptance/features/apiBasic/createShareToSharesFolder.feature rename to tests/acceptance/features/apiAccountsHashDifficulty/createShareToSharesFolder.feature index b2b1af193a..524e38b5ae 100644 --- a/tests/acceptance/features/apiBasic/createShareToSharesFolder.feature +++ b/tests/acceptance/features/apiAccountsHashDifficulty/createShareToSharesFolder.feature @@ -1,5 +1,11 @@ @api @files_sharing-app-required Feature: sharing + As a user + I want to be able to share files when passwords are stored with the full hash difficulty + So that I can give people secure controlled access to my data + + Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production + See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 Scenario Outline: Creating a share of a file with a user Given the administrator has set the default folder for received shares to "Shares" diff --git a/tests/acceptance/features/apiBasic/uploadFile.feature b/tests/acceptance/features/apiAccountsHashDifficulty/uploadFile.feature similarity index 61% rename from tests/acceptance/features/apiBasic/uploadFile.feature rename to tests/acceptance/features/apiAccountsHashDifficulty/uploadFile.feature index 1cc63b89a1..d0518fa92d 100644 --- a/tests/acceptance/features/apiBasic/uploadFile.feature +++ b/tests/acceptance/features/apiAccountsHashDifficulty/uploadFile.feature @@ -1,8 +1,11 @@ @api Feature: upload file As a user - I want to be able to upload files - So that I can store and share files between multiple client systems + I want to be able to upload files when passwords are stored with the full hash difficulty + So that I can store and share files securely between multiple client systems + + Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production + See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 Scenario Outline: upload a file and check download content Given using OCS API version "" @@ -15,4 +18,4 @@ Feature: upload file | 1 | old | | 1 | new | | 2 | old | - | 2 | new | \ No newline at end of file + | 2 | new | diff --git a/tests/acceptance/features/apiBasic/webDavPUTAuthInvalid.feature b/tests/acceptance/features/apiAccountsHashDifficulty/webDavPUTAuthInvalid.feature similarity index 80% rename from tests/acceptance/features/apiBasic/webDavPUTAuthInvalid.feature rename to tests/acceptance/features/apiAccountsHashDifficulty/webDavPUTAuthInvalid.feature index 79f0b3adb5..37ba017d39 100644 --- a/tests/acceptance/features/apiBasic/webDavPUTAuthInvalid.feature +++ b/tests/acceptance/features/apiAccountsHashDifficulty/webDavPUTAuthInvalid.feature @@ -1,5 +1,11 @@ @api Feature: attempt to PUT files with invalid password + As an admin + I want to the system to be secure when passwords are stored with the full hash difficulty + So that unauthorised users do not have access to data + + Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production + See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839 Background: Given user "Alice" has been created with default attributes and without skeleton files diff --git a/tests/acceptance/features/apiBasic/addUser.feature b/tests/acceptance/features/apiBasic/addUser.feature deleted file mode 100644 index 935325269e..0000000000 --- a/tests/acceptance/features/apiBasic/addUser.feature +++ /dev/null @@ -1,18 +0,0 @@ -@api @provisioning_api-app-required @skipOnLDAP -Feature: add user - As an admin - I want to be able to add users - So that I can give people controlled individual access to resources on the ownCloud server - - Scenario Outline: admin creates a user - Given using OCS API version "" - And user "brand-new-user" has been deleted - When the administrator sends a user creation request for user "brand-new-user" password "%alt1%" using the provisioning API - Then the OCS status code should be "" - And the HTTP status code should be "200" - And user "brand-new-user" should exist - And user "brand-new-user" should be able to access a skeleton file - Examples: - | ocs_api_version | ocs_status_code | - | 1 | 100 | - | 2 | 200 | \ No newline at end of file