Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[full-ci] Test indirect resource existence leaks #40406

Merged
merged 9 commits into from
Oct 14, 2022
Merged

[full-ci] Test indirect resource existence leaks #40406

merged 9 commits into from
Oct 14, 2022

Conversation

butonic
Copy link
Member

@butonic butonic commented Oct 5, 2022
edited
Loading

We now expect a not found error instead of permission denied error for some trash interactions.

Needed for cs3org/reva#3300

Driven by owncloud/ocis#3561

@butonic butonic mentioned this pull request Oct 5, 2022
Merged
@ownclouders
Copy link
Contributor

ownclouders commented Oct 5, 2022
edited
Loading

💥 Acceptance tests pipeline cliManageApps-mariadb10.2-php7.4 failed. The build has been cancelled.

https://drone.owncloud.com/owncloud/core/36948/113

@butonic
Copy link
Member Author

butonic commented Oct 5, 2022

@phil-davis so, I need to duplicate these, right?

runsh: Total unexpected failed scenarios throughout the test run:
apiTrashbin/trashbinFilesFolders.feature:218
apiTrashbinRestore/trashbinRestore.feature:204
apiTrashbinRestore/trashbinRestore.feature:205

@phil-davis
Copy link
Contributor

so, I need to duplicate these, right?

If there are different results expected on oC10 and oCIS then you need to have Scenario Outline with multiple Examples tables with the expected results for each implementation. (and put the appropriate skipOnOcV10 or skipOnOcis tags so that the examples only run on the correct implementations.

That causes line numbers to change - a pain for expected failures! But I haven't been able to find a way to avoid that.

Another approach is to make the test expectations more general, for example:
Then the HTTP status code should be "401" or "404"

Then the HTTP status code should be between "400" and "499"

If the requirement of any implementation is just that, for example, a 4xx status is returned, then you can just test for that. But that means that clients have to know that requirement and be capable of accepting any of the allowed statuses, because the detail of a server implementation could change and the tests continue to pass.

@phil-davis
Copy link
Contributor

Example tables can be in this format:

    @skipOnOcis
    Examples:
      | ocs_api_version | ocs_status_code | path                  |
      | 1               | 100             | /Shares/textfile0.txt |
      | 2               | 200             | /Shares/textfile0.txt |
    @skipOnOcV10
    Examples:
      | ocs_api_version | ocs_status_code | path           |
      | 1               | 100             | /textfile0.txt |
      | 2               | 200             | /textfile0.txt |

That allows different particular examples for each implementation.

@phil-davis
Copy link
Contributor

You might want to add [full-ci] to the PR title, so that all the pipelines run to completion and you can then look through and see all the things that fail.

@butonic butonic changed the title Test indirect resource existence leaks [full-ci] Test indirect resource existence leaks Oct 6, 2022
@butonic
Copy link
Member Author

butonic commented Oct 6, 2022

is ci flaky? I get tons of su-exec: not found or similar ...

@butonic butonic force-pushed the test-indirect-resource-existence-leaks branch from 73bd8ec to 6e4c28d Compare October 6, 2022 12:05
@phil-davis
Copy link
Contributor

is ci flaky? I get tons of su-exec: not found or similar ...

Fixed by #40409 - please rebase.

@butonic butonic force-pushed the test-indirect-resource-existence-leaks branch from 60d1387 to 1d11b1d Compare October 7, 2022 14:18
@butonic
Copy link
Member Author

butonic commented Oct 13, 2022
edited
Loading

@phil-davis hmmmm is there code in the testsute that can deal with the /dav/spaces/trash-bin/{spaceid} endpoint that was introduced with cs3org/reva#2628 by @C0rby

I only found:

	/**
	 * List a collection in the trashbin
	 *
	 * @param string|null $user user
	 * @param string|null $collectionPath the string of ids of the folder and sub-folders
	 * @param string $depth
	 * @param int $level
	 *
	 * @return array response
	 * @throws Exception
	 */
	public function listTrashbinFolderCollection(?string $user, ?string $collectionPath = "", string $depth = "1", int $level = 1):array {
		// $collectionPath should be some list of file-ids like 2147497661/2147497662
		// or the empty string, which will list the whole trashbin from the top.
		$collectionPath = \trim($collectionPath, "/");
		$password = $this->featureContext->getPasswordForUser($user);
		$davPathVersion = $this->featureContext->getDavPathVersion();
		$response = WebDavHelper::listFolder(
			$this->featureContext->getBaseUrl(),
			$user,
			$password,
			$collectionPath,
			$depth,
			$this->featureContext->getStepLineRef(),
			[
				'oc:trashbin-original-filename',
				'oc:trashbin-original-location',
				'oc:trashbin-delete-timestamp',
				'd:resourcetype',
				'd:getlastmodified'
			],
			'trash-bin',
			$davPathVersion
		);
		$responseXml = HttpRequestHelper::getResponseXml(
			$response,
			__METHOD__ . " $collectionPath"
		);

		$files = $this->getTrashbinContentFromResponseXml($responseXml);
		// filter out the collection itself, we only want to return the members
		$files = \array_filter(
			$files,
			static function ($element) use ($user, $collectionPath) {
				$path = $collectionPath;
				if ($path !== "") {
					$path = $path . "/";
				}
				return ($element['href'] !== "/remote.php/dav/trash-bin/$user/$path");
			}
		);

		foreach ($files as $file) {
			// check for unexpected/invalid href values and fail early in order to
			// avoid "common" situations that could cause infinite recursion.
			$trashbinRef = $file["href"];
			$trimmedTrashbinRef = \trim($trashbinRef, "/");
			$expectedStart = "remote.php/dav/trash-bin/$user";
			$expectedStartLength = \strlen($expectedStart);
			if ((\substr($trimmedTrashbinRef, 0, $expectedStartLength) !== $expectedStart)
				|| (\strlen($trimmedTrashbinRef) === $expectedStartLength)
			) {
				// A top href (maybe without even the username) has been returned
				// in the response. That should never happen, or have been filtered out
				// by code above.
				throw new Exception(
					__METHOD__ . " Error: unexpected href in trashbin propfind at level $level: '$trashbinRef'"
				);
			}
			if ($file["collection"]) {
				$trimmedHref = \trim($trashbinRef, "/");
				$explodedHref = \explode("/", $trimmedHref);
				$trashbinId = $collectionPath . "/" . end($explodedHref);
				$nextFiles = $this->listTrashbinFolderCollection(
					$user,
					$trashbinId,
					$depth,
					$level + 1
				);
				// filter the collection element. We only want the members.
				$nextFiles = \array_filter(
					$nextFiles,
					static function ($element) use ($user, $trashbinRef) {
						return ($element['href'] !== $trashbinRef);
					}
				);
				\array_push($files, ...$nextFiles);
			}
		}
		return $files;
	}

and in the webdavhelpers getDavPath

			if ($type === "trash-bin") {
				return "/remote.php/dav/spaces/trash-bin/" . $spaceId . '/';
			}

but it does not seem to deal with the hrefs in the response

@butonic
test indirect resource existence
1533362 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
add changelog
d6be002 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
split trash scenarios for oc10 and ocis
7ff86bf 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
refactor trashbin scenarios
3c21665 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
proper quoting
1f2ff90 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
fix tag
da32f80 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
better separation of oc10 and ocis
3d55f9e 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
whitespace
41fc50b 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic
fix examples
408fb23 
Signed-off-by: Jörn Friedrich Dreyer <[email protected]>
@butonic butonic force-pushed the test-indirect-resource-existence-leaks branch from a0eeed2 to 408fb23 Compare October 13, 2022 19:35
@sonarcloud
Copy link

sonarcloud bot commented Oct 13, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@butonic
Copy link
Member Author

butonic commented Oct 14, 2022

@phil-davis @individual-it I also ran into owncloud/ocis#4820. The way the test is written right now can never work. Should we just leave out the spaces line?

@butonic butonic mentioned this pull request Oct 14, 2022
Closed
@butonic butonic merged commit aa770a5 into master Oct 14, 2022
@delete-merged-branch delete-merged-branch bot deleted the test-indirect-resource-existence-leaks branch October 14, 2022 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ScharfViktor ScharfViktor ScharfViktor left review comments

@micbar micbar micbar approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@butonic @ownclouders @phil-davis @micbar @ScharfViktor