summaryrefslogtreecommitdiffstats
path: root/build/integration
diff options
context:
space:
mode:
authorDaniel Calviño Sánchez <danxuliu@gmail.com>2020-06-22 19:40:11 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2020-07-09 11:14:44 +0200
commite0fbf4d0338d4e8fff4658d2b03618770e5ddd7d (patch)
tree372d7d63b73f4a4969c13b03eacacd211e865616 /build/integration
parent43efac345ec2850ea42629431d8a8beb353e0b77 (diff)
downloadnextcloud-server-e0fbf4d0338d4e8fff4658d2b03618770e5ddd7d.tar.gz
nextcloud-server-e0fbf4d0338d4e8fff4658d2b03618770e5ddd7d.zip
Add more integration tests for resharing permissions
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Diffstat (limited to 'build/integration')
-rw-r--r--build/integration/sharing_features/sharing-v1-part2.feature244
1 files changed, 244 insertions, 0 deletions
diff --git a/build/integration/sharing_features/sharing-v1-part2.feature b/build/integration/sharing_features/sharing-v1-part2.feature
index 52fbe73dc9c..8fc06fbddeb 100644
--- a/build/integration/sharing_features/sharing-v1-part2.feature
+++ b/build/integration/sharing_features/sharing-v1-part2.feature
@@ -562,6 +562,36 @@ Feature: sharing
Then the OCS status code should be "404"
And the HTTP status code should be "200"
+ Scenario: User is allowed to reshare file with more permissions if shares of same file to same user have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And group "group1" exists
+ And user "user1" belongs to group "group1"
+ And As an "user0"
+ And creating a share with
+ | path | /textfile0.txt |
+ | shareType | 1 |
+ | shareWith | group1 |
+ | permissions | 15 |
+ And As an "user1"
+ And accepting last share
+ And As an "user0"
+ And creating a share with
+ | path | /textfile0.txt |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 17 |
+ And As an "user1"
+ And accepting last share
+ When creating a share with
+ | path | /textfile0 (2).txt |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 19 |
+ Then the OCS status code should be "100"
+ And the HTTP status code should be "200"
+
Scenario: User is not allowed to reshare file with more permissions
As an "admin"
Given user "user0" exists
@@ -583,6 +613,92 @@ Feature: sharing
Then the OCS status code should be "404"
And the HTTP status code should be "200"
+ Scenario: User is not allowed to reshare file with more permissions even if shares of same file to other users have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And user "user3" exists
+ And As an "user0"
+ And creating a share with
+ | path | /textfile0.txt |
+ | shareType | 0 |
+ | shareWith | user3 |
+ | permissions | 15 |
+ And As an "user3"
+ And accepting last share
+ And As an "user0"
+ And creating a share with
+ | path | /textfile0.txt |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 17 |
+ And As an "user1"
+ And accepting last share
+ When creating a share with
+ | path | /textfile0 (2).txt |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 19 |
+ Then the OCS status code should be "404"
+ And the HTTP status code should be "200"
+
+ Scenario: User is not allowed to reshare file with more permissions even if shares of other files from same user have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And As an "user0"
+ And creating a share with
+ | path | /textfile0.txt |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 15 |
+ And As an "user1"
+ And accepting last share
+ And As an "user0"
+ And creating a share with
+ | path | /textfile1.txt |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 17 |
+ And As an "user1"
+ And accepting last share
+ When creating a share with
+ | path | /textfile1 (2).txt |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 19 |
+ Then the OCS status code should be "404"
+ And the HTTP status code should be "200"
+
+ Scenario: User is not allowed to reshare file with more permissions even if shares of other files from other users have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And user "user3" exists
+ And As an "user3"
+ And creating a share with
+ | path | /textfile0.txt |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 15 |
+ And As an "user1"
+ And accepting last share
+ And As an "user0"
+ And creating a share with
+ | path | /textfile1.txt |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 17 |
+ And As an "user1"
+ And accepting last share
+ When creating a share with
+ | path | /textfile1 (2).txt |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 19 |
+ Then the OCS status code should be "404"
+ And the HTTP status code should be "200"
+
Scenario: User is not allowed to reshare file with additional delete permissions
As an "admin"
Given user "user0" exists
@@ -857,6 +973,39 @@ Feature: sharing
Then the OCS status code should be "100"
And the HTTP status code should be "200"
+ Scenario: Allow reshare to exceed permissions if shares of same file to same user have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And group "group1" exists
+ And user "user1" belongs to group "group1"
+ And user "user0" created a folder "/TMP"
+ And As an "user0"
+ And creating a share with
+ | path | /TMP |
+ | shareType | 1 |
+ | shareWith | group1 |
+ | permissions | 15 |
+ And As an "user1"
+ And accepting last share
+ And As an "user0"
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 17 |
+ And As an "user1"
+ And accepting last share
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 17 |
+ When Updating last share with
+ | permissions | 31 |
+ Then the OCS status code should be "100"
+ And the HTTP status code should be "200"
+
Scenario: Do not allow reshare to exceed permissions
Given user "user0" exists
And user "user1" exists
@@ -880,6 +1029,101 @@ Feature: sharing
Then the OCS status code should be "404"
And the HTTP status code should be "200"
+ Scenario: Do not allow reshare to exceed permissions even if shares of same file to other users have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And user "user3" exists
+ And user "user0" created a folder "/TMP"
+ And As an "user0"
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user3 |
+ | permissions | 15 |
+ And As an "user3"
+ And accepting last share
+ And As an "user0"
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 21 |
+ And As an "user1"
+ And accepting last share
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 21 |
+ When Updating last share with
+ | permissions | 31 |
+ Then the OCS status code should be "404"
+ And the HTTP status code should be "200"
+
+ Scenario: Do not allow reshare to exceed permissions even if shares of other files from same user have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And As an "user0"
+ And creating a share with
+ | path | /FOLDER |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 15 |
+ And As an "user1"
+ And accepting last share
+ And user "user0" created a folder "/TMP"
+ And As an "user0"
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 21 |
+ And As an "user1"
+ And accepting last share
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 21 |
+ When Updating last share with
+ | permissions | 31 |
+ Then the OCS status code should be "404"
+ And the HTTP status code should be "200"
+
+ Scenario: Do not allow reshare to exceed permissions even if shares of other files from other users have them
+ Given user "user0" exists
+ And user "user1" exists
+ And user "user2" exists
+ And user "user3" exists
+ And As an "user3"
+ And creating a share with
+ | path | /FOLDER |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 15 |
+ And As an "user1"
+ And accepting last share
+ And user "user0" created a folder "/TMP"
+ And As an "user0"
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user1 |
+ | permissions | 21 |
+ And As an "user1"
+ And accepting last share
+ And creating a share with
+ | path | /TMP |
+ | shareType | 0 |
+ | shareWith | user2 |
+ | permissions | 21 |
+ When Updating last share with
+ | permissions | 31 |
+ Then the OCS status code should be "404"
+ And the HTTP status code should be "200"
+
Scenario: Do not allow sub reshare to exceed permissions
Given user "user0" exists
And user "user1" exists