diff options
author | Vincent Petry <vincent@nextcloud.com> | 2022-08-26 10:26:14 +0200 |
---|---|---|
committer | Vincent Petry <vincent@nextcloud.com> | 2022-08-26 14:18:47 +0200 |
commit | e9a344a6444d59a63a00c2a291ae6d1dbe30a24e (patch) | |
tree | 3ca6dfdb45c044927faf1789ca0e25ce684dfacc | |
parent | aa150b9f85a2543fdbac8e73b5e6f8bb39f125f4 (diff) | |
download | nextcloud-server-e9a344a6444d59a63a00c2a291ae6d1dbe30a24e.tar.gz nextcloud-server-e9a344a6444d59a63a00c2a291ae6d1dbe30a24e.zip |
Add int test for view-only download
Asserts that downloading a view-only document returns 403.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
-rw-r--r-- | build/integration/features/bootstrap/Sharing.php | 27 | ||||
-rw-r--r-- | build/integration/sharing_features/sharing-v1-part2.feature | 20 |
2 files changed, 40 insertions, 7 deletions
diff --git a/build/integration/features/bootstrap/Sharing.php b/build/integration/features/bootstrap/Sharing.php index deff350475b..f804f64e59a 100644 --- a/build/integration/features/bootstrap/Sharing.php +++ b/build/integration/features/bootstrap/Sharing.php @@ -275,7 +275,8 @@ trait Sharing { $shareWith = null, $publicUpload = null, $password = null, - $permissions = null) { + $permissions = null, + $viewOnly = false) { $fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares"; $client = new Client(); $options = [ @@ -309,6 +310,10 @@ trait Sharing { $body['permissions'] = $permissions; } + if ($viewOnly === true) { + $body['attributes'] = json_encode([['scope' => 'permissions', 'key' => 'download', 'enabled' => false]]); + } + $options['form_params'] = $body; try { @@ -402,13 +407,17 @@ trait Sharing { } /** - * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?$/ + * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?( view-only)?$/ * * @param string $filepath * @param string $user1 * @param string $user2 */ - public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null) { + public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null, $viewOnly = null) { + // when view-only is set, permissions is empty string instead of null... + if ($permissions === '') { + $permissions = null; + } $fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath"; $client = new Client(); $options = []; @@ -424,20 +433,24 @@ trait Sharing { if ($this->isUserOrGroupInSharedData($user2, $permissions)) { return; } else { - $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions); + $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions, $viewOnly !== null); } $this->response = $client->get($fullUrl, $options); Assert::assertEquals(true, $this->isUserOrGroupInSharedData($user2, $permissions)); } /** - * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))?$/ + * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))( view-only)?$/ * * @param string $filepath * @param string $user * @param string $group */ - public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null) { + public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null, $viewOnly = null) { + // when view-only is set, permissions is empty string instead of null... + if ($permissions === '') { + $permissions = null; + } $fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath"; $client = new Client(); $options = []; @@ -453,7 +466,7 @@ trait Sharing { if ($this->isUserOrGroupInSharedData($group, $permissions)) { return; } else { - $this->createShare($user, $filepath, 1, $group, null, null, $permissions); + $this->createShare($user, $filepath, 1, $group, null, null, $permissions, $viewOnly !== null); } $this->response = $client->get($fullUrl, $options); Assert::assertEquals(true, $this->isUserOrGroupInSharedData($group, $permissions)); diff --git a/build/integration/sharing_features/sharing-v1-part2.feature b/build/integration/sharing_features/sharing-v1-part2.feature index f9ebf6782b1..ba927250649 100644 --- a/build/integration/sharing_features/sharing-v1-part2.feature +++ b/build/integration/sharing_features/sharing-v1-part2.feature @@ -1167,4 +1167,24 @@ Feature: sharing |{http://open-collaboration-services.org/ns}share-permissions | Then the single response should contain a property "{http://open-collaboration-services.org/ns}share-permissions" with value "19" + Scenario: Cannot download a file when it's shared view-only + Given user "user0" exists + And user "user1" exists + And User "user0" moves file "/textfile0.txt" to "/document.odt" + And file "document.odt" of user "user0" is shared with user "user1" view-only + And user "user1" accepts last share + When As an "user1" + And Downloading file "/document.odt" + Then the HTTP status code should be "403" + + Scenario: Cannot download a file when its parent is shared view-only + Given user "user0" exists + And user "user1" exists + And User "user0" created a folder "/sharedviewonly" + And User "user0" moves file "/textfile0.txt" to "/sharedviewonly/document.odt" + And folder "sharedviewonly" of user "user0" is shared with user "user1" view-only + And user "user1" accepts last share + When As an "user1" + And Downloading file "/sharedviewonly/document.odt" + Then the HTTP status code should be "403" # See sharing-v1-part3.feature |