aboutsummaryrefslogtreecommitdiffstats
path: root/build/integration
diff options
context:
space:
mode:
authorVincent Petry <vincent@nextcloud.com>2022-08-26 10:26:14 +0200
committerVincent Petry <vincent@nextcloud.com>2022-08-26 14:18:47 +0200
commite9a344a6444d59a63a00c2a291ae6d1dbe30a24e (patch)
tree3ca6dfdb45c044927faf1789ca0e25ce684dfacc /build/integration
parentaa150b9f85a2543fdbac8e73b5e6f8bb39f125f4 (diff)
downloadnextcloud-server-e9a344a6444d59a63a00c2a291ae6d1dbe30a24e.tar.gz
nextcloud-server-e9a344a6444d59a63a00c2a291ae6d1dbe30a24e.zip
Add int test for view-only download
Asserts that downloading a view-only document returns 403. Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Diffstat (limited to 'build/integration')
-rw-r--r--build/integration/features/bootstrap/Sharing.php27
-rw-r--r--build/integration/sharing_features/sharing-v1-part2.feature20
2 files changed, 40 insertions, 7 deletions
diff --git a/build/integration/features/bootstrap/Sharing.php b/build/integration/features/bootstrap/Sharing.php
index deff350475b..f804f64e59a 100644
--- a/build/integration/features/bootstrap/Sharing.php
+++ b/build/integration/features/bootstrap/Sharing.php
@@ -275,7 +275,8 @@ trait Sharing {
$shareWith = null,
$publicUpload = null,
$password = null,
- $permissions = null) {
+ $permissions = null,
+ $viewOnly = false) {
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares";
$client = new Client();
$options = [
@@ -309,6 +310,10 @@ trait Sharing {
$body['permissions'] = $permissions;
}
+ if ($viewOnly === true) {
+ $body['attributes'] = json_encode([['scope' => 'permissions', 'key' => 'download', 'enabled' => false]]);
+ }
+
$options['form_params'] = $body;
try {
@@ -402,13 +407,17 @@ trait Sharing {
}
/**
- * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?$/
+ * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?( view-only)?$/
*
* @param string $filepath
* @param string $user1
* @param string $user2
*/
- public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null) {
+ public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null, $viewOnly = null) {
+ // when view-only is set, permissions is empty string instead of null...
+ if ($permissions === '') {
+ $permissions = null;
+ }
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath";
$client = new Client();
$options = [];
@@ -424,20 +433,24 @@ trait Sharing {
if ($this->isUserOrGroupInSharedData($user2, $permissions)) {
return;
} else {
- $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions);
+ $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions, $viewOnly !== null);
}
$this->response = $client->get($fullUrl, $options);
Assert::assertEquals(true, $this->isUserOrGroupInSharedData($user2, $permissions));
}
/**
- * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))?$/
+ * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))( view-only)?$/
*
* @param string $filepath
* @param string $user
* @param string $group
*/
- public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null) {
+ public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null, $viewOnly = null) {
+ // when view-only is set, permissions is empty string instead of null...
+ if ($permissions === '') {
+ $permissions = null;
+ }
$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath";
$client = new Client();
$options = [];
@@ -453,7 +466,7 @@ trait Sharing {
if ($this->isUserOrGroupInSharedData($group, $permissions)) {
return;
} else {
- $this->createShare($user, $filepath, 1, $group, null, null, $permissions);
+ $this->createShare($user, $filepath, 1, $group, null, null, $permissions, $viewOnly !== null);
}
$this->response = $client->get($fullUrl, $options);
Assert::assertEquals(true, $this->isUserOrGroupInSharedData($group, $permissions));
diff --git a/build/integration/sharing_features/sharing-v1-part2.feature b/build/integration/sharing_features/sharing-v1-part2.feature
index f9ebf6782b1..ba927250649 100644
--- a/build/integration/sharing_features/sharing-v1-part2.feature
+++ b/build/integration/sharing_features/sharing-v1-part2.feature
@@ -1167,4 +1167,24 @@ Feature: sharing
|{http://open-collaboration-services.org/ns}share-permissions |
Then the single response should contain a property "{http://open-collaboration-services.org/ns}share-permissions" with value "19"
+ Scenario: Cannot download a file when it's shared view-only
+ Given user "user0" exists
+ And user "user1" exists
+ And User "user0" moves file "/textfile0.txt" to "/document.odt"
+ And file "document.odt" of user "user0" is shared with user "user1" view-only
+ And user "user1" accepts last share
+ When As an "user1"
+ And Downloading file "/document.odt"
+ Then the HTTP status code should be "403"
+
+ Scenario: Cannot download a file when its parent is shared view-only
+ Given user "user0" exists
+ And user "user1" exists
+ And User "user0" created a folder "/sharedviewonly"
+ And User "user0" moves file "/textfile0.txt" to "/sharedviewonly/document.odt"
+ And folder "sharedviewonly" of user "user0" is shared with user "user1" view-only
+ And user "user1" accepts last share
+ When As an "user1"
+ And Downloading file "/sharedviewonly/document.odt"
+ Then the HTTP status code should be "403"
# See sharing-v1-part3.feature