mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-02 19:20:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
replaceCIImages
opencloud/tests/acceptance/features/coreApiAuth/ocsGETAuth.feature

140 lines
7.8 KiB
Gherkin
Raw Permalink Blame History

Feature: auth
As a user
I want to send GET request to various endpoints
So that I can make sure the endpoints need proper authentication
Background:
Given user "Alice" has been created with default attributes
@issue-1337 @smokeTest
Scenario: using OCS anonymously
When a user requests these endpoints with "GET" and no authentication
| endpoint |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/cloud/apps |
| /ocs/v2.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v2.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/users |
| /ocs/v1.php/privatedata/getattribute |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on all endpoints should be "401"
@issue-1338
Scenario: ocs config end point accessible by unauthorized users
When a user requests these endpoints with "GET" and no authentication
| endpoint |
| /ocs/v1.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
And the OCS status code of responses on all endpoints should be "100"
When a user requests these endpoints with "GET" and no authentication
| endpoint |
| /ocs/v2.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
And the OCS status code of responses on all endpoints should be "200"
@issue-1337 @issue-1336 @issue-1335 @issue-1334 @issue-1333
Scenario: using OCS with non-admin basic auth
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/config |
| /ocs/v1.php/privatedata/getattribute |
Then the HTTP status code of responses on each endpoint should be "404,404,200,200,404" respectively
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/config |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on each endpoint should be "404,404,200,200,404" respectively
When the user "Alice" requests these endpoints with "GET" with basic auth
| endpoint |
| /ocs/v1.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/apps |
| /ocs/v2.php/cloud/groups |
| /ocs/v2.php/cloud/users |
Then the HTTP status code of responses on all endpoints should be "404"
@issue-1338 @issue-1337 @smokeTest
Scenario: using OCS as normal user with wrong password
When user "Alice" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/cloud/apps |
| /ocs/v2.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v2.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/users |
| /ocs/v1.php/privatedata/getattribute |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on all endpoints should be "401"
When user "Alice" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v1.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
When user "Alice" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v2.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
@issue-1319
Scenario: using OCS with admin basic auth
When the administrator requests these endpoints with "GET"
| endpoint |
| /ocs/v1.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v1.php/cloud/users |
Then the HTTP status code of responses on all endpoints should be "404"
When the administrator requests these endpoints with "GET"
| endpoint |
| /ocs/v2.php/cloud/apps |
| /ocs/v2.php/cloud/groups |
| /ocs/v2.php/cloud/users |
Then the HTTP status code of responses on all endpoints should be "404"
@issue-1337 @issue-1319
Scenario: using OCS as admin user with wrong password
When user "admin" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares |
| /ocs/v1.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v2.php/apps/files_sharing/api/v1/remote_shares/pending |
| /ocs/v1.php/apps/files_sharing/api/v1/shares |
| /ocs/v2.php/apps/files_sharing/api/v1/shares |
| /ocs/v1.php/cloud/apps |
| /ocs/v2.php/cloud/apps |
| /ocs/v1.php/cloud/groups |
| /ocs/v2.php/cloud/groups |
| /ocs/v1.php/cloud/users |
| /ocs/v2.php/cloud/users |
| /ocs/v1.php/privatedata/getattribute |
| /ocs/v2.php/privatedata/getattribute |
Then the HTTP status code of responses on all endpoints should be "401"
When user "another-admin" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v1.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
When user "another-admin" requests these endpoints with "GET" using password "invalid"
| endpoint |
| /ocs/v2.php/config |
Then the HTTP status code of responses on all endpoints should be "200"
Reference in New Issue View Git Blame Copy Permalink