mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-04-12 11:28:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

add more CORS tests (#8254)

Browse Source
This commit is contained in:
Viktor Scharf
2024-01-24 19:25:20 +01:00
committed by GitHub
parent 8c966a81cb
commit ee6f155e1c
3 changed files with 83 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/TestHelpers/WebDavHelper.php
View File

@@ -179,6 +179,7 @@ class WebDavHelper {
* @param string|null $type
* @param int|null $davPathVersionToUse
* @param string|null $doDavRequestAsUser
* @param array|null $headers
*
* @return ResponseInterface
* @throws Exception
@@ -194,7 +195,8 @@ class WebDavHelper {
?string $folderDepth = '1',
?string $type = "files",
?int $davPathVersionToUse = self::DAV_VERSION_NEW,
?string $doDavRequestAsUser = null
?string $doDavRequestAsUser = null,
?array $headers = []
):ResponseInterface {
$body = self::getBodyForPropfind($properties);
$folderDepth = (string) $folderDepth;

24
tests/acceptance/features/apiCors/cors.feature
View File

@@ -33,8 +33,8 @@ Feature: CORS headers
Scenario Outline: CORS headers should not be returned when CORS domain does not match origin header
Given using OCS API version "<ocs_api_version>"
When user "Alice" sends HTTP method "GET" to OCS API endpoint "<endpoint>" with headers
| header | value |
| Origin | https://mero.badal |
| header | value |
| Origin | https://mero.badal |
Then the OCS status code should be "<ocs-code>"
And the HTTP status code should be "<http-code>"
And the following headers should not be set
@@ -70,3 +70,23 @@ Feature: CORS headers
| 2 | | /apps/files_sharing/api/v1/shares | PUT |
| 1 | | /apps/files_sharing/api/v1/shares | DELETE |
| 2 | | /apps/files_sharing/api/v1/shares | POST |
Scenario: CORS headers should be returned when setting CORS domain sending origin header in the Graph api
When user "Alice" lists all available spaces with headers using the Graph API
| header | value |
| Origin | https://aphno.badal |
Then the HTTP status code should be "200"
And the following headers should be set
| header | value |
| Access-Control-Allow-Origin | https://aphno.badal |
@issue-8231
Scenario: CORS headers should be returned when setting CORS domain sending origin header in the Webdav api
When user "Alice" sends PROPFIND request to space "Alice Hansen" with headers using the WebDAV API
| header | value |
| Origin | https://aphno.badal |
Then the HTTP status code should be "207"
And the following headers should be set
| header | value |
| Access-Control-Allow-Origin | https://aphno.badal |

62
tests/acceptance/features/bootstrap/SpacesContext.php
View File

@@ -544,19 +544,22 @@ class SpacesContext implements Context {
/**
* @param string $user
* @param string $query
* @param array $headers
*
* @return ResponseInterface
*
* @throws GuzzleException
* @throws Exception
*/
public function listAllAvailableSpacesOfUser(string $user, string $query = ''): ResponseInterface {
public function listAllAvailableSpacesOfUser(string $user, string $query = '', array $headers = []): ResponseInterface {
$response = GraphHelper::getMySpaces(
$this->featureContext->getBaseUrl(),
$user,
$this->featureContext->getPasswordForUser($user),
"?" . $query,
$this->featureContext->getStepLineRef()
$this->featureContext->getStepLineRef(),
[],
$headers
);
$this->rememberTheAvailableSpaces($response);
return $response;
@@ -578,6 +581,28 @@ class SpacesContext implements Context {
$this->featureContext->setResponse($this->listAllAvailableSpacesOfUser($user, $query));
}
/**
* @When /^user "([^"]*)" lists all available spaces with headers using the Graph API$/
*
* @param string $user
* @param TableNode $headersTable
*
* @return void
*
* @throws GuzzleException
* @throws Exception
*/
public function theUserListsAllHisAvailableSpacesWithHeadersUsingTheGraphApi(string $user, TableNode $headersTable): void {
$this->featureContext->verifyTableNodeColumns(
$headersTable,
['header', 'value']
);
foreach ($headersTable as $row) {
$headers[$row['header']] = $row ['value'];
}
$this->featureContext->setResponse($this->listAllAvailableSpacesOfUser($user, '', $headers));
}
/**
* The method is used on the administration setting tab, which only the Admin user and the Space admin user have access to
*
@@ -3528,17 +3553,44 @@ class SpacesContext implements Context {
);
}
/**
* @When /^user "([^"]*)" sends PROPFIND request to space "([^"]*)" with headers using the WebDAV API$/
*
* @param string $user
* @param string $spaceName
* @param TableNode $headersTable
*
* @return void
*
* @throws JsonException
*
* @throws GuzzleException
*/
public function userSendsPropfindRequestToSpaceWithHeaders(string $user, string $spaceName, $headersTable): void {
$this->featureContext->verifyTableNodeColumns(
$headersTable,
['header', 'value']
);
foreach ($headersTable as $row) {
$headers[$row['header']] = $row ['value'];
}
$this->featureContext->setResponse(
$this->sendPropfindRequestToSpace($user, $spaceName, '', $headers)
);
}
/**
* @param string $user
* @param string $spaceName
* @param string|null $resource
* @param array|null $headers
*
* @return ResponseInterface
* @throws GuzzleException
*
* @throws JsonException
*/
public function sendPropfindRequestToSpace(string $user, string $spaceName, ?string $resource = ""): ResponseInterface {
public function sendPropfindRequestToSpace(string $user, string $spaceName, ?string $resource = "", ?array $headers = []): ResponseInterface {
$this->setSpaceIDByName($user, $spaceName);
$properties = ['oc:permissions','oc:file-parent','oc:fileid','oc:share-types','oc:privatelink','d:resourcetype','oc:size','oc:name','d:getcontenttype','oc:tags','d:lockdiscovery','d:activelock'];
return WebDavHelper::propfind(
@@ -3550,7 +3602,9 @@ class SpacesContext implements Context {
$this->featureContext->getStepLineRef(),
"0",
"files",
WebDavHelper::DAV_VERSION_SPACES
WebDavHelper::DAV_VERSION_SPACES,
"",
$headers
);
}