[test-only] add test for uploading with Tus using CORS (#8508)

* add test for uploading with Tus using CORS * fix
2026-05-06 15:13:22 -04:00 · 2024-02-23 11:47:52 +01:00
parent 3cea035d6d
commit ad7cf8f77a
4 changed files with 70 additions and 7 deletions
--- a/tests/acceptance/config/behat.yml
+++ b/tests/acceptance/config/behat.yml
@@ -150,6 +150,8 @@ default:
        - GraphContext:
        - OcisConfigContext:
        - SettingsContext:
+        - TUSContext:
+        - SpacesTUSContext:

    apiDepthInfinity:
      paths:
--- a/tests/acceptance/features/apiCors/cors.feature
+++ b/tests/acceptance/features/apiCors/cors.feature
@@ -100,3 +100,37 @@ Feature: CORS headers
    And the following headers should be set
      | header                      | value               |
      | Access-Control-Allow-Origin | https://aphno.badal |
+
+
+  @issue-8380
+  Scenario: CORS headers should be returned when uploading file using Tus and when CORS domain sending origin header in the Webdav api
+    Given user "Alice" has created a new TUS resource for the space "Personal" with content "" using the WebDAV API with these headers:
+      | Upload-Length   | 5                         |
+      #    dGV4dEZpbGUudHh0 is the base64 encode of textFile.txt
+      | Upload-Metadata | filename dGV4dEZpbGUudHh0 |
+      | Tus-Resumable   | 1.0.0                     |
+      | Origin          | https://aphno.badal       |
+    When user "Alice" sends a chunk to the last created TUS Location with data "01234" inside of the space "Personal" with headers:
+      | Origin          | https://aphno.badal                  |
+      | Upload-Checksum | MD5 4100c4d44da9177247e44a5fc1546778 |
+      | Upload-Offset   | 0                                    |
+    Then the HTTP status code should be "204"
+    And the following headers should be set
+      | header                      | value               |
+      | Access-Control-Allow-Origin | https://aphno.badal |
+    And for user "Alice" the content of the file "/textFile.txt" of the space "Personal" should be "01234"
+
+
+  @issue-8380
+  Scenario: uploading file using Tus using different CORS headers
+    Given user "Alice" has created a new TUS resource for the space "Personal" with content "" using the WebDAV API with these headers:
+      | Upload-Length   | 5                         |
+      #    dGV4dEZpbGUudHh0 is the base64 encode of textFile.txt
+      | Upload-Metadata | filename dGV4dEZpbGUudHh0 |
+      | Tus-Resumable   | 1.0.0                     |
+      | Origin          | https://something.else    |
+    When user "Alice" sends a chunk to the last created TUS Location with data "01234" inside of the space "Personal" with headers:
+      | Origin          | https://something.else               |
+      | Upload-Checksum | MD5 4100c4d44da9177247e44a5fc1546778 |
+      | Upload-Offset   | 0                                    |
+    Then the HTTP status code should be "403"
--- a/tests/acceptance/features/bootstrap/SpacesTUSContext.php
+++ b/tests/acceptance/features/bootstrap/SpacesTUSContext.php
@@ -286,6 +286,29 @@ class SpacesTUSContext implements Context {
 		$this->tusContext->userUploadsChunkFileWithChecksum($user, $offset, $data, $checksum);
 	}

+	/**
+	 * @When /^user "([^"]*)" sends a chunk to the last created TUS Location with data "([^"]*)" inside of the space "([^"]*)" with headers:$/
+	 *
+	 * @param string $user
+	 * @param string $data
+	 * @param string $spaceName
+	 * @param TableNode $headers
+	 *
+	 * @return void
+	 * @throws Exception|GuzzleException
+	 */
+	public function userSendsAChunkToTheLastCreatedTusLocationWithDataInsideOfTheSpaceWithHeaders(
+		string $user,
+		string $data,
+		string $spaceName,
+		TableNode $headers
+	): void {
+		$this->spacesContext->setSpaceIDByName($user, $spaceName);
+		$rows = $headers->getRowsHash();
+		$response = $this->tusContext->sendsAChunkToTUSLocationWithOffsetAndData($user, $rows['Upload-Offset'], $data, $rows['Upload-Checksum'], ['Origin' => $rows['Origin']]);
+		$this->featureContext->setResponse($response);
+	}
+
 	/**
 	 * @When /^user "([^"]*)" overwrites recently shared file with offset "([^"]*)" and data "([^"]*)" with checksum "([^"]*)" via TUS inside of the space "([^"]*)" using the WebDAV API with these headers:$/
 	 *
--- a/tests/acceptance/features/bootstrap/TUSContext.php
+++ b/tests/acceptance/features/bootstrap/TUSContext.php
@@ -116,27 +116,31 @@ class TUSContext implements Context {
 	 * @param string $offset
 	 * @param string $data
 	 * @param string $checksum
+	 * @param array|null $extraHeaders
 	 *
 	 * @return ResponseInterface
 	 *
 	 * @throws GuzzleException
 	 * @throws JsonException
 	 */
-	public function sendsAChunkToTUSLocationWithOffsetAndData(string $user, string $offset, string $data, string $checksum = ''): ResponseInterface {
+	public function sendsAChunkToTUSLocationWithOffsetAndData(string $user, string $offset, string $data, string $checksum = '', ?array $extraHeaders = null): ResponseInterface {
 		$user = $this->featureContext->getActualUsername($user);
 		$password = $this->featureContext->getUserPassword($user);
+		$headers = [
+		'Content-Type' => 'application/offset+octet-stream',
+		'Tus-Resumable' => '1.0.0',
+		'Upload-Checksum' => $checksum,
+		'Upload-Offset' => $offset
+		];
+		$headers = empty($extraHeaders) ? $headers : array_merge($headers, $extraHeaders);
+	
 		return HttpRequestHelper::sendRequest(
 			$this->resourceLocation,
 			$this->featureContext->getStepLineRef(),
 			'PATCH',
 			$user,
 			$password,
-			[
-				'Content-Type' => 'application/offset+octet-stream',
-				'Tus-Resumable' => '1.0.0',
-				'Upload-Checksum' => $checksum,
-				'Upload-Offset' => $offset
-			],
+			$headers,
 			$data
 		);
 	}