mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-01-24 05:51:33 -05:00
63ba5613c0
* Extend tests coverage for different role capability for group * Remove unwanted scenario * Change http status code
338 lines
15 KiB
Gherkin
338 lines
15 KiB
Gherkin
@api @skipOnOcV10
|
|
Feature: add users to group
|
|
As a admin
|
|
I want to be able to add users to a group
|
|
So that I can give a user access to the resources of the group
|
|
|
|
Background:
|
|
Given user "Alice" has been created with default attributes and without skeleton files
|
|
|
|
|
|
Scenario: adding a user to a group
|
|
Given these groups have been created:
|
|
| groupname | comment |
|
|
| simplegroup | nothing special here |
|
|
| España§àôœ€ | special European and other characters |
|
|
| नेपाली | Unicode group name |
|
|
When the administrator adds the following users to the following groups using the Graph API
|
|
| username | groupname |
|
|
| Alice | simplegroup |
|
|
| Alice | España§àôœ€ |
|
|
| Alice | नेपाली |
|
|
Then the HTTP status code of responses on all endpoints should be "204"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Alice | simplegroup |
|
|
| Alice | España§àôœ€ |
|
|
| Alice | नेपाली |
|
|
|
|
|
|
Scenario: adding a user to a group with special character in its name
|
|
Given these groups have been created:
|
|
| groupname | comment |
|
|
| brand-new-group | dash |
|
|
| the.group | dot |
|
|
| left,right | comma |
|
|
| 0 | The "false" group |
|
|
| Finance (NP) | Space and brackets |
|
|
| Admin&Finance | Ampersand |
|
|
| maint+eng | Plus sign |
|
|
| $x<=>[y*z^2]! | Maths symbols |
|
|
| 😁 😂 | emoji |
|
|
| admin:Pokhara@Nepal | Colon and @ |
|
|
When the administrator adds the following users to the following groups using the Graph API
|
|
| username | groupname |
|
|
| Alice | brand-new-group |
|
|
| Alice | the.group |
|
|
| Alice | left,right |
|
|
| Alice | 0 |
|
|
| Alice | Finance (NP) |
|
|
| Alice | Admin&Finance |
|
|
| Alice | maint+eng |
|
|
| Alice | $x<=>[y*z^2]! |
|
|
| Alice | 😁 😂 |
|
|
| Alice | admin:Pokhara@Nepal |
|
|
Then the HTTP status code of responses on all endpoints should be "204"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Alice | brand-new-group |
|
|
| Alice | the.group |
|
|
| Alice | left,right |
|
|
| Alice | 0 |
|
|
| Alice | Finance (NP) |
|
|
| Alice | Admin&Finance |
|
|
| Alice | maint+eng |
|
|
| Alice | $x<=>[y*z^2]! |
|
|
| Alice | 😁 😂 |
|
|
| Alice | admin:Pokhara@Nepal |
|
|
|
|
|
|
Scenario: adding a user to a group with % and # in its name
|
|
Given these groups have been created:
|
|
| groupname | comment |
|
|
| maintenance#123 | Hash sign |
|
|
| 50%pass | Percent sign (special escaping happens) |
|
|
| 50%25=0 | %25 literal looks like an escaped "%" |
|
|
| 50%2Eagle | %2E literal looks like an escaped "." |
|
|
| 50%2Fix | %2F literal looks like an escaped slash |
|
|
| Mgmt\Middle | Backslash |
|
|
| staff?group | Question mark |
|
|
When the administrator adds the following users to the following groups using the Graph API
|
|
| username | groupname |
|
|
| Alice | maintenance#123 |
|
|
| Alice | 50%pass |
|
|
| Alice | 50%25=0 |
|
|
| Alice | 50%2Eagle |
|
|
| Alice | 50%2Fix |
|
|
| Alice | Mgmt\Middle |
|
|
| Alice | staff?group |
|
|
Then the HTTP status code of responses on all endpoints should be "204"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Alice | maintenance#123 |
|
|
| Alice | 50%pass |
|
|
| Alice | 50%25=0 |
|
|
| Alice | 50%2Eagle |
|
|
| Alice | 50%2Fix |
|
|
| Alice | Mgmt\Middle |
|
|
| Alice | staff?group |
|
|
|
|
|
|
Scenario: adding a user to a group that has a forward-slash in the group name
|
|
Given these groups have been created:
|
|
| groupname | comment |
|
|
| Mgmt/Sydney | Slash (special escaping happens) |
|
|
| Mgmt//NSW/Sydney | Multiple slash |
|
|
| priv/subadmins/1 | Subadmins mentioned not at the end |
|
|
| var/../etc | using slash-dot-dot |
|
|
When the administrator adds the following users to the following groups using the Graph API
|
|
| username | groupname |
|
|
| Alice | Mgmt/Sydney |
|
|
| Alice | Mgmt//NSW/Sydney |
|
|
| Alice | priv/subadmins/1 |
|
|
| Alice | var/../etc |
|
|
Then the HTTP status code of responses on all endpoints should be "204"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Alice | Mgmt/Sydney |
|
|
| Alice | Mgmt//NSW/Sydney |
|
|
| Alice | priv/subadmins/1 |
|
|
| Alice | var/../etc |
|
|
|
|
|
|
Scenario Outline: user other than the admin tries to add himself to a group
|
|
Given the administrator has given "Alice" the role "<role>" using the settings api
|
|
And group "groupA" has been created
|
|
When user "Alice" tries to add himself to group "groupA" using the Graph API
|
|
Then the HTTP status code should be "403"
|
|
And the last response should be an unauthorized response
|
|
Examples:
|
|
| role |
|
|
| Space Admin |
|
|
| User |
|
|
| Guest |
|
|
|
|
|
|
Scenario Outline: user other than the admin tries to add other user to a group
|
|
Given user "Brian" has been created with default attributes and without skeleton files
|
|
And the administrator has given "Brian" the role "<role>" using the settings api
|
|
And group "groupA" has been created
|
|
When user "Alice" tries to add user "Brian" to group "groupA" using the Graph API
|
|
Then the HTTP status code should be "403"
|
|
And the last response should be an unauthorized response
|
|
Examples:
|
|
| role |
|
|
| Space Admin |
|
|
| User |
|
|
| Guest |
|
|
|
|
|
|
Scenario: admin tries to add user to a nonexistent group
|
|
When the administrator tries to add user "Alice" to a nonexistent group using the Graph API
|
|
Then the HTTP status code should be "404"
|
|
|
|
|
|
Scenario Outline: user other than the admin tries to add user to a nonexistent group
|
|
Given user "Brian" has been created with default attributes and without skeleton files
|
|
And the administrator has given "Alice" the role "<role>" using the settings api
|
|
When the user "Alice" tries to add user "Brian" to a nonexistent group using the Graph API
|
|
Then the HTTP status code should be "404"
|
|
Examples:
|
|
| role |
|
|
| Space Admin |
|
|
| User |
|
|
| Guest |
|
|
|
|
|
|
Scenario: admin tries to add a nonexistent user to a group
|
|
Given group "groupA" has been created
|
|
When the administrator tries to add user "nonexistentuser" to group "groupA" using the provisioning API
|
|
Then the HTTP status code should be "405"
|
|
|
|
|
|
Scenario: admin tries to add user to a group without sending the group
|
|
When the administrator tries to add user "Alice" to a nonexistent group using the Graph API
|
|
Then the HTTP status code should be "404"
|
|
|
|
|
|
Scenario: add multiple users to a group at once
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When the administrator "Alice" adds the following users to a group "grp1" at once using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "204"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Brian | grp1 |
|
|
| Carol | grp1 |
|
|
|
|
|
|
Scenario: admin tries to add users to a nonexistent group at once
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
When the administrator "Alice" tries to add the following users to a nonexistent group at once using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "404"
|
|
|
|
|
|
Scenario: admin tries to add multiple nonexistent users to a group at once
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When the administrator "Alice" tries to add the following nonexistent users to a group "grp1" at once using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "404"
|
|
|
|
|
|
Scenario: admin tries to add nonexistent and existing users to a group at once
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When the administrator "Alice" tries to add the following existent and nonexistent users to a group "grp1" at once using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "404"
|
|
|
|
|
|
Scenario: adding a disabled user to a group
|
|
Given these groups have been created:
|
|
| groupname | comment |
|
|
| sales | normal group |
|
|
And the user "Admin" has disabled user "Alice" using the Graph API
|
|
When the administrator adds the following users to the following groups using the Graph API
|
|
| username | groupname |
|
|
| Alice | sales |
|
|
Then the HTTP status code of responses on all endpoints should be "204"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Alice | sales |
|
|
|
|
@issue-5702
|
|
Scenario: try to add users to a group twice
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
And the administrator "Alice" has added the following users to a group "grp1" at once using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
When the administrator "Alice" adds the following users to a group "grp1" at once using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "400"
|
|
And the following users should be listed in the following groups
|
|
| username | groupname |
|
|
| Brian | grp1 |
|
|
| Carol | grp1 |
|
|
|
|
@issue-5793
|
|
Scenario: try to add a group to a group
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
And these groups have been created:
|
|
| groupname |
|
|
| student |
|
|
| music |
|
|
And user "Brian" has been added to group "music"
|
|
When the administrator "Alice" tries to add a group "music" to a group "student" using the Graph API
|
|
Then the HTTP status code should be "400"
|
|
|
|
|
|
Scenario Outline: admin tries to add a user to a group with invalid JSON
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When user "Alice" tries to add user "Brian" to group "grp1" with invalid JSON "<invalid-json>" using the Graph API
|
|
Then the HTTP status code should be "400"
|
|
Examples:
|
|
| invalid-json |
|
|
| {'@odata.id': 'https://localhost:9200/graph/v1.0/users/%user_id%',} |
|
|
| {'@odata.id'- 'https://localhost:9200/graph/v1.0/users/%user_id%'} |
|
|
| {@odata.id: https://localhost:9200/graph/v1.0/users/%user_id%} |
|
|
|
|
|
|
Scenario Outline: admin tries to add multiple users to a group at once with invalid JSON
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When user "Alice" tries to add the following users to a group "grp1" at once with invalid JSON "<invalid-json>" using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "400"
|
|
Examples:
|
|
| invalid-json |
|
|
| {'members@odata.bind': ['https://localhost:9200/graph/v1.0/users/%user_id%',,'https://localhost:9200/graph/v1.0/users/%user_id%']} |
|
|
| {'members@odata.bind'- ['https://localhost:9200/graph/v1.0/users/%user_id%','https://localhost:9200/graph/v1.0/users/%user_id%']} |
|
|
| {'members@odata.bind': ['https://localhost:9200/graph/v1.0/users/%user_id%'.'https://localhost:9200/graph/v1.0/users/%user_id%']} |
|
|
|
|
@issue-5871
|
|
Scenario: admin tries to add multiple users with wrong host
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When user "Alice" tries to add the following users to a group "grp1" at once with an invalid host using the Graph API
|
|
| username |
|
|
| Brian |
|
|
| Carol |
|
|
Then the HTTP status code should be "400"
|
|
|
|
@issue-5871
|
|
Scenario: admin tries to add single user with wrong host
|
|
Given the administrator has given "Alice" the role "Admin" using the settings api
|
|
And these users have been created with default attributes and without skeleton files:
|
|
| username |
|
|
| Brian |
|
|
And user "Alice" has created a group "grp1" using the Graph API
|
|
When user "Alice" tries to add user "Brian" to group "grp1" with an invalid host using the Graph API
|
|
Then the HTTP status code should be "400"
|