diff --git a/tests/acceptance/features/apiSharing-v1/disableSharing.feature b/tests/acceptance/features/apiSharing-v1/disableSharing.feature
index ef60a5a6f7eb..0e73ac278313 100644
--- a/tests/acceptance/features/apiSharing-v1/disableSharing.feature
+++ b/tests/acceptance/features/apiSharing-v1/disableSharing.feature
@@ -9,8 +9,7 @@ So that ownCloud users cannot share file or folder
 		And using old DAV path
 
 	Scenario: user tries to share a file with another user when the sharing api has been disabled
-		Given as user "admin"
-		And user "user0" has been created
+		Given user "user0" has been created
 		And user "user1" has been created
 		And as user "admin"
 		When parameter "shareapi_enabled" of app "core" has been set to "no"
@@ -19,8 +18,7 @@ So that ownCloud users cannot share file or folder
 		And the HTTP status code should be "200"
 
 	Scenario: user tries to share a folder with another user when the sharing api has been disabled
-		Given as user "admin"
-		And user "user0" has been created
+		Given user "user0" has been created
 		And user "user1" has been created
 		And as user "admin"
 		When parameter "shareapi_enabled" of app "core" has been set to "no"
@@ -29,24 +27,20 @@ So that ownCloud users cannot share file or folder
 		And the HTTP status code should be "200"
 
 	Scenario: user tries to share a file with group when the sharing api has been disabled
-		Given as user "admin"
-		And user "user0" has been created
+		Given user "user0" has been created
 		And user "user1" has been created
 		And group "sharinggroup" has been created
 		And user "user1" has been added to group "sharinggroup"
-		And as user "admin"
 		When parameter "shareapi_enabled" of app "core" has been set to "no"
 		Then user "user0" should not be able to share file "welcome.txt" with group "sharinggroup" using the API
 		And the OCS status code should be "404"
 		And the HTTP status code should be "200"
 
 	Scenario: user tries to share a folder with group when the sharing api has been disabled
-		Given as user "admin"
-		And user "user0" has been created
+		Given user "user0" has been created
 		And user "user1" has been created
 		And group "sharinggroup" has been created
 		And user "user1" has been added to group "sharinggroup"
-		And as user "admin"
 		When parameter "shareapi_enabled" of app "core" has been set to "no"
 		Then user "user0" should not be able to share folder "/FOLDER" with group "sharinggroup" using the API
 		And the OCS status code should be "404"
@@ -54,16 +48,57 @@ So that ownCloud users cannot share file or folder
 
 	Scenario: user tries to create public share of a file when the sharing api has been disabled
 		Given user "user0" has been created
-		And as user "admin"
 		When parameter "shareapi_enabled" of app "core" has been set to "no"
 		Then user "user0" should not be able to create public share of file "welcome.txt" using the API
-		Then the OCS status code should be "404"
+		And the OCS status code should be "404"
 		And the HTTP status code should be "200"
 
 	Scenario: user tries to create public share of a folder when the sharing api has been disabled
 		Given user "user0" has been created
-		And as user "admin"
 		When parameter "shareapi_enabled" of app "core" has been set to "no"
 		Then user "user0" should not be able to create public share of folder "/FOLDER" using the API
-		Then the OCS status code should be "404"
+		And the OCS status code should be "404"
+		And the HTTP status code should be "200"
+
+	Scenario: user tries to share a file with user who is not in his group when sharing outside the group has been restricted
+		Given user "user0" has been created
+		And user "user1" has been created
+		And group "sharinggroup" has been created
+		And user "user0" has been added to group "sharinggroup"
+		When parameter "shareapi_only_share_with_group_members" of app "core" has been set to "yes"
+		Then user "user0" should not be able to share file "welcome.txt" with user "user1" using the API
+		And the OCS status code should be "403"
+		And the HTTP status code should be "200"
+
+	Scenario: user shares a file with user who is in his group when sharing outside the group has been restricted
+		Given user "user0" has been created
+		And user "user1" has been created
+		And group "sharinggroup" has been created
+		And user "user0" has been added to group "sharinggroup"
+		And user "user1" has been added to group "sharinggroup"
+		When parameter "shareapi_only_share_with_group_members" of app "core" has been set to "yes"
+		Then user "user0" should be able to share file "welcome.txt" with user "user1" using the API
+		And the OCS status code should be "100"
+		And the HTTP status code should be "200"
+
+	Scenario: user shares a file with the group he is not member of when sharing outside the group has been restricted
+		Given user "user0" has been created
+		And user "user1" has been created
+		And group "sharinggroup" has been created
+		And group "anothersharinggroup" has been created
+		And user "user0" has been added to group "sharinggroup"
+		And user "user1" has been added to group "anothersharinggroup"
+		When parameter "shareapi_only_share_with_group_members" of app "core" has been set to "yes"
+		Then user "user0" should be able to share file "welcome.txt" with group "anothersharinggroup" using the API
+		And the OCS status code should be "100"
+		And the HTTP status code should be "200"
+
+	Scenario: user shares a file with the group he is member of when sharing outside the group has been restricted
+		Given user "user0" has been created
+		And user "user1" has been created
+		And group "sharinggroup" has been created
+		And user "user0" has been added to group "sharinggroup"
+		When parameter "shareapi_only_share_with_group_members" of app "core" has been set to "yes"
+		Then user "user0" should be able to share file "welcome.txt" with group "sharinggroup" using the API
+		And the OCS status code should be "100"
 		And the HTTP status code should be "200"
\ No newline at end of file
diff --git a/tests/acceptance/features/bootstrap/Sharing.php b/tests/acceptance/features/bootstrap/Sharing.php
index 2ade395e7a14..3eac638482f4 100644
--- a/tests/acceptance/features/bootstrap/Sharing.php
+++ b/tests/acceptance/features/bootstrap/Sharing.php
@@ -865,16 +865,49 @@ public function userSharesFileWithGroupUsingTheAPI(
 	}
 
 	/**
-	 * @Then /^user "([^"]*)" should not be able to share (?:file|folder|entry) "([^"]*)" with (?:user|group) "([^"]*)"(?: with permissions ([\d]*))? using the API$/
+	 * @Then /^user "([^"]*)" should not be able to share (?:file|folder|entry) "([^"]*)" with (user|group) "([^"]*)"(?: with permissions ([\d]*))? using the API$/
 	 *
 	 * @param string $sharer
 	 * @param string $filepath
+	 * @param string $userOrGroup
+	 * @param string $sharee
+	 * @param int $permissions
+	 *
+	 * @return void
+	 */
+	public function userTriesToShareFileUsingTheApi($sharer, $filepath, $userOrGroup, $sharee, $permissions = null) {
+		$shareType = ($userOrGroup === "user" ? 0 : 1);
+		$time = \time();
+		if ($this->lastShareTime !== null && $time - $this->lastShareTime < 1) {
+			// prevent creating two shares with the same "stime" which is
+			// based on seconds, this affects share merging order and could
+			// affect expected test result order
+			\sleep(1);
+		}
+		$this->lastShareTime = $time;
+		$this->createShare(
+			$sharer, $filepath, $shareType, $sharee, null, null, $permissions
+		);
+		$statusCode = $this->getOCSResponseStatusCode($this->response);
+		PHPUnit_Framework_Assert::assertTrue(
+			($statusCode == 404) || ($statusCode == 403),
+			"Sharing should have failed but passed with status code " . $statusCode
+		);
+	}
+
+	/**
+	 * @Then /^user "([^"]*)" should be able to share (?:file|folder|entry) "([^"]*)" with (user|group) "([^"]*)"(?: with permissions ([\d]*))? using the API$/
+	 *
+	 * @param string $sharer
+	 * @param string $filepath
+	 * @param string $userOrGroup
 	 * @param string $sharee
 	 * @param int $permissions
 	 *
 	 * @return void
 	 */
-	public function userTriesToShareFileWithUserUsingTheApi($sharer, $filepath, $sharee, $permissions = null) {
+	public function userShouldBeAbleToShareUsingTheApi($sharer, $filepath, $userOrGroup, $sharee, $permissions = null) {
+		$shareType = ($userOrGroup === "user" ? 0 : 1);
 		$time = \time();
 		if ($this->lastShareTime !== null && $time - $this->lastShareTime < 1) {
 			// prevent creating two shares with the same "stime" which is
@@ -884,10 +917,10 @@ public function userTriesToShareFileWithUserUsingTheApi($sharer, $filepath, $sha
 		}
 		$this->lastShareTime = $time;
 		$this->createShare(
-			$sharer, $filepath, 0, $sharee, null, null, $permissions
+			$sharer, $filepath, $shareType, $sharee, null, null, $permissions
 		);
 		PHPUnit_Framework_Assert::assertEquals(
-			404,
+			100,
 			$this->getOCSResponseStatusCode($this->response)
 		);
 	}