From aa135f2efb2ef1892996f6878eaa4de04d8b8e3e Mon Sep 17 00:00:00 2001 From: Prarup Gurung Date: Tue, 22 Feb 2022 10:08:25 +0545 Subject: [PATCH 1/2] Added Then steps to improve checks in tests for apiWebdavProperties1 and apiWebdavProperties2 suites --- .../apiWebdavProperties1/copyFile.feature | 4 +- .../apiWebdavProperties1/createFolder.feature | 9 ++- .../apiWebdavProperties1/getQuota.feature | 15 ++-- .../getFileProperties.feature | 75 ++++++++++++------- 4 files changed, 68 insertions(+), 35 deletions(-) diff --git a/tests/acceptance/features/apiWebdavProperties1/copyFile.feature b/tests/acceptance/features/apiWebdavProperties1/copyFile.feature index 40a49f374625..0365784efee0 100644 --- a/tests/acceptance/features/apiWebdavProperties1/copyFile.feature +++ b/tests/acceptance/features/apiWebdavProperties1/copyFile.feature @@ -77,8 +77,8 @@ Feature: copy file And user "Alice" has accepted share "/testshare" offered by user "Brian" When user "Alice" copies file "/textfile0.txt" to "/Shares/testshare/textfile0.txt" using the WebDAV API Then the HTTP status code should be "403" - And user "Alice" downloads file "/Shares/testshare/textfile0.txt" using the WebDAV API - And the HTTP status code should be "404" + When user "Alice" downloads file "/Shares/testshare/textfile0.txt" using the WebDAV API + Then the HTTP status code should be "404" Examples: | dav_version | | old | diff --git a/tests/acceptance/features/apiWebdavProperties1/createFolder.feature b/tests/acceptance/features/apiWebdavProperties1/createFolder.feature index e1f33ada2c8d..bfb3cdb319b1 100644 --- a/tests/acceptance/features/apiWebdavProperties1/createFolder.feature +++ b/tests/acceptance/features/apiWebdavProperties1/createFolder.feature @@ -12,7 +12,8 @@ Feature: create folder Scenario Outline: create a folder Given using DAV path When user "Alice" creates folder "" using the WebDAV API - Then as "Alice" folder "" should exist + Then the HTTP status code should be "201" + And as "Alice" folder "" should exist Examples: | dav_version | folder_name | | old | /upload | @@ -48,7 +49,8 @@ Feature: create folder When user "Alice" gets the following properties of folder "/test_folder" using the WebDAV API | propertyName | | d:resourcetype | - Then the single response should contain a property "d:resourcetype" with a child property "d:collection" + Then the HTTP status code should be "201" + And the single response should contain a property "d:resourcetype" with a child property "d:collection" Examples: | dav_version | | old | @@ -66,7 +68,8 @@ Feature: create folder When user "Alice" gets the following properties of folder "/test_folder:5" using the WebDAV API | propertyName | | d:resourcetype | - Then the single response should contain a property "d:resourcetype" with a child property "d:collection" + Then the HTTP status code should be "201" + And the single response should contain a property "d:resourcetype" with a child property "d:collection" Examples: | dav_version | | old | diff --git a/tests/acceptance/features/apiWebdavProperties1/getQuota.feature b/tests/acceptance/features/apiWebdavProperties1/getQuota.feature index 6519ecf183ee..0958023d6b35 100644 --- a/tests/acceptance/features/apiWebdavProperties1/getQuota.feature +++ b/tests/acceptance/features/apiWebdavProperties1/getQuota.feature @@ -11,7 +11,8 @@ Feature: get quota Scenario Outline: Retrieving folder quota when no quota is set Given using DAV path When the administrator gives unlimited quota to user "Alice" using the provisioning API - Then as user "Alice" folder "/" should contain a property "d:quota-available-bytes" with value "-3" + Then the HTTP status code should be "200" + And as user "Alice" folder "/" should contain a property "d:quota-available-bytes" with value "-3" Examples: | dav_version | | old | @@ -26,7 +27,8 @@ Feature: get quota Scenario Outline: Retrieving folder quota when quota is set Given using DAV path When the administrator sets the quota of user "Alice" to "10 MB" using the provisioning API - Then as user "Alice" folder "/" should contain a property "d:quota-available-bytes" with value "10485406" + Then the HTTP status code should be "200" + And as user "Alice" folder "/" should contain a property "d:quota-available-bytes" with value "10485406" Examples: | dav_version | | old | @@ -52,7 +54,8 @@ Feature: get quota When user "Alice" gets the following properties of folder "/testquota" using the WebDAV API | propertyName | | d:quota-available-bytes | - Then the single response should contain a property "d:quota-available-bytes" with value "10485406" + Then the HTTP status code should be "200" + And the single response should contain a property "d:quota-available-bytes" with value "10485406" Examples: | dav_version | | old | @@ -71,7 +74,8 @@ Feature: get quota When user "Alice" gets the following properties of folder "/" using the WebDAV API | propertyName | | d:quota-available-bytes | - Then the single response should contain a property "d:quota-available-bytes" with value "577" + Then the HTTP status code should be "201" + And the single response should contain a property "d:quota-available-bytes" with value "577" Examples: | dav_version | | old | @@ -92,7 +96,8 @@ Feature: get quota When user "Brian" gets the following properties of folder "/" using the WebDAV API | propertyName | | d:quota-available-bytes | - Then the single response should contain a property "d:quota-available-bytes" with value "670" + Then the HTTP status code should be "200" + And the single response should contain a property "d:quota-available-bytes" with value "670" Examples: | dav_version | | old | diff --git a/tests/acceptance/features/apiWebdavProperties2/getFileProperties.feature b/tests/acceptance/features/apiWebdavProperties2/getFileProperties.feature index d87b1360909e..715f261b7871 100644 --- a/tests/acceptance/features/apiWebdavProperties2/getFileProperties.feature +++ b/tests/acceptance/features/apiWebdavProperties2/getFileProperties.feature @@ -13,7 +13,8 @@ Feature: get file properties Given using DAV path And user "Alice" has uploaded file with content "uploaded content" to "" When user "Alice" gets the properties of file "" using the WebDAV API - Then the properties response should contain an etag + Then the HTTP status code should be "201" + And the properties response should contain an etag Examples: | dav_version | file_name | | old | /upload.txt | @@ -38,7 +39,8 @@ Feature: get file properties Given using DAV path And user "Alice" has uploaded file with content "uploaded content" to "" When user "Alice" gets the properties of file "" using the WebDAV API - Then the properties response should contain an etag + Then the HTTP status code should be "201" + And the properties response should contain an etag And the value of the item "//d:response/d:href" in the response to user "Alice" should match "//" Examples: | dav_version | file_name | expected_href | @@ -66,7 +68,8 @@ Feature: get file properties And user "Alice" has uploaded file with content "uploaded content" to "/file1.txt" And user "Alice" has uploaded file with content "uploaded content" to "/file2.txt" When user "Alice" gets the properties of folder "" with depth 1 using the WebDAV API - Then there should be an entry with href matching "/\//" in the response to user "Alice" + Then the HTTP status code should be "201" + And there should be an entry with href matching "/\//" in the response to user "Alice" And there should be an entry with href matching "/\/file1.txt/" in the response to user "Alice" And there should be an entry with href matching "/\/file2.txt/" in the response to user "Alice" Examples: @@ -103,7 +106,8 @@ Feature: get file properties And user "Alice" has created folder "" And user "Alice" has uploaded file with content "uploaded content" to "/" When user "Alice" gets the properties of file "/" using the WebDAV API - Then the properties response should contain an etag + Then the HTTP status code should be "201" + And the properties response should contain an etag Examples: | dav_version | folder_name | file_name | | old | /upload | abc.txt | @@ -133,7 +137,8 @@ Feature: get file properties And user "Alice" has created folder "" And user "Alice" has uploaded file with content "uploaded content" to "/" When user "Alice" gets the properties of file "/" using the WebDAV API - Then the properties response should contain an etag + Then the HTTP status code should be "201" + And the properties response should contain an etag Examples: | dav_version | folder_name | file_name | | old | /folder ?2.txt | file ?2.txt | @@ -151,7 +156,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:share-types | - Then the response should contain an empty property "oc:share-types" + Then the HTTP status code should be "201" + And the response should contain an empty property "oc:share-types" Examples: | dav_version | | old | @@ -175,7 +181,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:share-types | - Then the response should contain a share-types property with + Then the HTTP status code should be "200" + And the response should contain a share-types property with | 0 | Examples: | dav_version | @@ -200,7 +207,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:share-types | - Then the response should contain a share-types property with + Then the HTTP status code should be "200" + And the response should contain a share-types property with | 1 | Examples: | dav_version | @@ -222,7 +230,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:share-types | - Then the response should contain a share-types property with + Then the HTTP status code should be "200" + And the response should contain a share-types property with | 3 | Examples: | dav_version | @@ -256,7 +265,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:share-types | - Then the response should contain a share-types property with + Then the HTTP status code should be "200" + And the response should contain a share-types property with | 0 | | 1 | | 3 | @@ -289,7 +299,8 @@ Feature: get file properties When user "Alice" gets the following properties of file "/somefile.txt" using the WebDAV API | propertyName | | oc:privatelink | - Then the single response should contain a property "oc:privatelink" with value like "%(/(index.php/)?f/[0-9]*)%" + Then the HTTP status code should be "201" + And the single response should contain a property "oc:privatelink" with value like "%(/(index.php/)?f/[0-9]*)%" Examples: | dav_version | | old | @@ -303,7 +314,8 @@ Feature: get file properties Scenario Outline: Do a PROPFIND to a nonexistent URL When user "Alice" requests "" with "PROPFIND" using basic auth - Then the value of the item "/d:error/s:message" in the response about user "Alice" should be "" or "" + Then the HTTP status code should be "404" + And the value of the item "/d:error/s:message" in the response about user "Alice" should be "" or "" And the value of the item "/d:error/s:exception" in the response about user "Alice" should be "Sabre\DAV\Exception\NotFound" @skipOnOcV10 @@ -405,7 +417,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | d:getlastmodified | - Then the single response should contain a property "d:getlastmodified" with value like "/^[MTWFS][uedhfriatno]{2},\s(\d){2}\s[JFMAJSOND][anebrpyulgctov]{2}\s\d{4}\s\d{2}:\d{2}:\d{2} GMT$/" + Then the HTTP status code should be "201" + And the single response should contain a property "d:getlastmodified" with value like "/^[MTWFS][uedhfriatno]{2},\s(\d){2}\s[JFMAJSOND][anebrpyulgctov]{2}\s\d{4}\s\d{2}:\d{2}:\d{2} GMT$/" Examples: | dav_version | | old | @@ -423,7 +436,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | d:getcontenttype | - Then the single response should contain a property "d:getcontenttype" with value "" + Then the HTTP status code should be "201" + And the single response should contain a property "d:getcontenttype" with value "" Examples: | dav_version | | old | @@ -441,7 +455,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "file.txt" using the WebDAV API | propertyName | | d:getcontenttype | - Then the single response should contain a property "d:getcontenttype" with value "text/plain.*" + Then the HTTP status code should be "201" + And the single response should contain a property "d:getcontenttype" with value "text/plain.*" Examples: | dav_version | | old | @@ -459,7 +474,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "file.txt" using the WebDAV API | propertyName | | d:getetag | - Then the single response should contain a property "d:getetag" with value like '%\"[a-z0-9:]{1,32}\"%' + Then the HTTP status code should be "201" + And the single response should contain a property "d:getetag" with value like '%\"[a-z0-9:]{1,32}\"%' Examples: | dav_version | | old | @@ -477,7 +493,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "file.txt" using the WebDAV API | propertyName | | d:resourcetype | - Then the single response should contain a property "d:resourcetype" with value "" + Then the HTTP status code should be "201" + And the single response should contain a property "d:resourcetype" with value "" Examples: | dav_version | | old | @@ -495,7 +512,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "file.txt" using the WebDAV API | propertyName | | oc:size | - Then the single response should contain a property "oc:size" with value "16" + Then the HTTP status code should be "201" + And the single response should contain a property "oc:size" with value "16" Examples: | dav_version | | old | @@ -513,7 +531,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:size | - Then the single response should contain a property "oc:size" with value "0" + Then the HTTP status code should be "201" + And the single response should contain a property "oc:size" with value "0" Examples: | dav_version | | old | @@ -531,7 +550,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "file.txt" using the WebDAV API | propertyName | | oc:fileid | - Then the single response should contain a property "oc:fileid" with value like '/[a-zA-Z0-9]+/' + Then the HTTP status code should be "201" + And the single response should contain a property "oc:fileid" with value like '/[a-zA-Z0-9]+/' Examples: | dav_version | | old | @@ -549,7 +569,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:fileid | - Then the single response should contain a property "oc:fileid" with value like '/[a-zA-Z0-9]+/' + Then the HTTP status code should be "201" + And the single response should contain a property "oc:fileid" with value like '/[a-zA-Z0-9]+/' Examples: | dav_version | | old | @@ -567,7 +588,8 @@ Feature: get file properties When user "Alice" gets the following properties of file "file.txt" using the WebDAV API | propertyName | | oc:owner-display-name | - Then the single response about the file owned by "Alice" should contain a property "oc:owner-display-name" with value "%displayname%" + Then the HTTP status code should be "201" + And the single response about the file owned by "Alice" should contain a property "oc:owner-display-name" with value "%displayname%" Examples: | dav_version | | old | @@ -585,7 +607,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:owner-display-name | - Then the single response about the file owned by "Alice" should contain a property "oc:owner-display-name" with value "%displayname%" + Then the HTTP status code should be "201" + And the single response about the file owned by "Alice" should contain a property "oc:owner-display-name" with value "%displayname%" Examples: | dav_version | | old | @@ -603,7 +626,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "file.txt" using the WebDAV API | propertyName | | oc:permissions | - Then the single response should contain a property "oc:permissions" with value like '/RM{0,1}DNVW/' + Then the HTTP status code should be "201" + And the single response should contain a property "oc:permissions" with value like '/RM{0,1}DNVW/' Examples: | dav_version | | old | @@ -621,7 +645,8 @@ Feature: get file properties When user "Alice" gets the following properties of folder "/test" using the WebDAV API | propertyName | | oc:permissions | - Then the single response should contain a property "oc:permissions" with value like '/RM{0,1}DNVCK/' + Then the HTTP status code should be "201" + And the single response should contain a property "oc:permissions" with value like '/RM{0,1}DNVCK/' Examples: | dav_version | | old | From e68124837bdfb015a9b730357ad7b27396e53b5c Mon Sep 17 00:00:00 2001 From: Prarup Gurung Date: Tue, 22 Feb 2022 15:58:44 +0545 Subject: [PATCH 2/2] Added step implementation for share file should not be downloadable --- .../apiWebdavProperties1/copyFile.feature | 3 +- .../acceptance/features/bootstrap/WebDav.php | 31 +++++++++++++++++++ 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/tests/acceptance/features/apiWebdavProperties1/copyFile.feature b/tests/acceptance/features/apiWebdavProperties1/copyFile.feature index 0365784efee0..47bae78f2b10 100644 --- a/tests/acceptance/features/apiWebdavProperties1/copyFile.feature +++ b/tests/acceptance/features/apiWebdavProperties1/copyFile.feature @@ -77,8 +77,7 @@ Feature: copy file And user "Alice" has accepted share "/testshare" offered by user "Brian" When user "Alice" copies file "/textfile0.txt" to "/Shares/testshare/textfile0.txt" using the WebDAV API Then the HTTP status code should be "403" - When user "Alice" downloads file "/Shares/testshare/textfile0.txt" using the WebDAV API - Then the HTTP status code should be "404" + And user "Alice" should not be able to download file "/Shares/testshare/textfile0.txt" Examples: | dav_version | | old | diff --git a/tests/acceptance/features/bootstrap/WebDav.php b/tests/acceptance/features/bootstrap/WebDav.php index 281afb8f5e4d..e3206dbbebe5 100644 --- a/tests/acceptance/features/bootstrap/WebDav.php +++ b/tests/acceptance/features/bootstrap/WebDav.php @@ -1016,6 +1016,37 @@ public function userUsingPasswordShouldNotBeAbleToDownloadFile( ); } + /** + * @Then /^user "([^"]*)" should not be able to download file "([^"]*)"$/ + * + * @param string $user + * @param string $fileName + * + * @return void + * @throws JsonException + */ + public function userShouldNotBeAbleToDownloadFile( + string $user, + string $fileName + ):void { + $user = $this->getActualUsername($user); + $password = $this->getPasswordForUser($user); + $this->downloadFileAsUserUsingPassword($user, $fileName, $password); + Assert::assertGreaterThanOrEqual( + 400, + $this->getResponse()->getStatusCode(), + __METHOD__ + . ' download must fail' + ); + Assert::assertLessThanOrEqual( + 499, + $this->getResponse()->getStatusCode(), + __METHOD__ + . ' 4xx error expected but got status code "' + . $this->getResponse()->getStatusCode() . '"' + ); + } + /** * @Then /^user "([^"]*)" should be able to access a skeleton file$/ *