$shareWith = null,
$publicUpload = null,
$password = null,
- $permissions = null) {
+ $permissions = null,
+ $viewOnly = false) {
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares";
$client = new Client();
$options = [
$body['permissions'] = $permissions;
}
+ if ($viewOnly === true) {
+ $body['attributes'] = json_encode([['scope' => 'permissions', 'key' => 'download', 'enabled' => false]]);
+ }
+
$options['form_params'] = $body;
try {
}
/**
- * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?$/
+ * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?( view-only)?$/
*
* @param string $filepath
* @param string $user1
* @param string $user2
*/
- public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null) {
+ public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null, $viewOnly = null) {
+ // when view-only is set, permissions is empty string instead of null...
+ if ($permissions === '') {
+ $permissions = null;
+ }
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath";
$client = new Client();
$options = [];
if ($this->isUserOrGroupInSharedData($user2, $permissions)) {
return;
} else {
- $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions);
+ $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions, $viewOnly !== null);
}
$this->response = $client->get($fullUrl, $options);
Assert::assertEquals(true, $this->isUserOrGroupInSharedData($user2, $permissions));
}
/**
- * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))?$/
+ * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))( view-only)?$/
*
* @param string $filepath
* @param string $user
* @param string $group
*/
- public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null) {
+ public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null, $viewOnly = null) {
+ // when view-only is set, permissions is empty string instead of null...
+ if ($permissions === '') {
+ $permissions = null;
+ }
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath";
$client = new Client();
$options = [];
if ($this->isUserOrGroupInSharedData($group, $permissions)) {
return;
} else {
- $this->createShare($user, $filepath, 1, $group, null, null, $permissions);
+ $this->createShare($user, $filepath, 1, $group, null, null, $permissions, $viewOnly !== null);
}
$this->response = $client->get($fullUrl, $options);
Assert::assertEquals(true, $this->isUserOrGroupInSharedData($group, $permissions));
|{http://open-collaboration-services.org/ns}share-permissions |
Then the single response should contain a property "{http://open-collaboration-services.org/ns}share-permissions" with value "19"
+ Scenario: Cannot download a file when it's shared view-only
+ Given user "user0" exists
+ And user "user1" exists
+ And User "user0" moves file "/textfile0.txt" to "/document.odt"
+ And file "document.odt" of user "user0" is shared with user "user1" view-only
+ And user "user1" accepts last share
+ When As an "user1"
+ And Downloading file "/document.odt"
+ Then the HTTP status code should be "403"
+
+ Scenario: Cannot download a file when its parent is shared view-only
+ Given user "user0" exists
+ And user "user1" exists
+ And User "user0" created a folder "/sharedviewonly"
+ And User "user0" moves file "/textfile0.txt" to "/sharedviewonly/document.odt"
+ And folder "sharedviewonly" of user "user0" is shared with user "user1" view-only
+ And user "user1" accepts last share
+ When As an "user1"
+ And Downloading file "/sharedviewonly/document.odt"
+ Then the HTTP status code should be "403"
# See sharing-v1-part3.feature
projects / nextcloud-server.git / commitdiff