diff options
author | Vincent Petry <vincent@nextcloud.com> | 2022-08-26 10:26:14 +0200 |
---|---|---|
committer | backportbot-nextcloud[bot] <backportbot-nextcloud[bot]@users.noreply.github.com> | 2022-08-26 18:04:06 +0000 |
commit | 04fac4f540b17976e20d5678eff23352510befcf (patch) | |
tree | b18986281e0381b95b4dd90b30552619e8f06408 /build | |
parent | e9b6b6c42150e23389cf40be1f02e4dbe2a933a5 (diff) | |
download | nextcloud-server-04fac4f540b17976e20d5678eff23352510befcf.tar.gz nextcloud-server-04fac4f540b17976e20d5678eff23352510befcf.zip |
Add int test for view-only download
Asserts that downloading a view-only document returns 403.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Diffstat (limited to 'build')
-rw-r--r-- | build/integration/features/bootstrap/Sharing.php | 27 | ||||
-rw-r--r-- | build/integration/sharing_features/sharing-v1-part2.feature | 20 |
2 files changed, 40 insertions, 7 deletions
diff --git a/build/integration/features/bootstrap/Sharing.php b/build/integration/features/bootstrap/Sharing.php index deff350475b..f804f64e59a 100644 --- a/build/integration/features/bootstrap/Sharing.php +++ b/build/integration/features/bootstrap/Sharing.php @@ -275,7 +275,8 @@ trait Sharing { $shareWith = null, $publicUpload = null, $password = null, - $permissions = null) { + $permissions = null, + $viewOnly = false) { $fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares"; $client = new Client(); $options = [ @@ -309,6 +310,10 @@ trait Sharing { $body['permissions'] = $permissions; } + if ($viewOnly === true) { + $body['attributes'] = json_encode([['scope' => 'permissions', 'key' => 'download', 'enabled' => false]]); + } + $options['form_params'] = $body; try { @@ -402,13 +407,17 @@ trait Sharing { } /** - * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?$/ + * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?( view-only)?$/ * * @param string $filepath * @param string $user1 * @param string $user2 */ - public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null) { + public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null, $viewOnly = null) { + // when view-only is set, permissions is empty string instead of null... + if ($permissions === '') { + $permissions = null; + } $fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath"; $client = new Client(); $options = []; @@ -424,20 +433,24 @@ trait Sharing { if ($this->isUserOrGroupInSharedData($user2, $permissions)) { return; } else { - $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions); + $this->createShare($user1, $filepath, 0, $user2, null, null, $permissions, $viewOnly !== null); } $this->response = $client->get($fullUrl, $options); Assert::assertEquals(true, $this->isUserOrGroupInSharedData($user2, $permissions)); } /** - * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))?$/ + * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))( view-only)?$/ * * @param string $filepath * @param string $user * @param string $group */ - public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null) { + public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null, $viewOnly = null) { + // when view-only is set, permissions is empty string instead of null... + if ($permissions === '') { + $permissions = null; + } $fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath"; $client = new Client(); $options = []; @@ -453,7 +466,7 @@ trait Sharing { if ($this->isUserOrGroupInSharedData($group, $permissions)) { return; } else { - $this->createShare($user, $filepath, 1, $group, null, null, $permissions); + $this->createShare($user, $filepath, 1, $group, null, null, $permissions, $viewOnly !== null); } $this->response = $client->get($fullUrl, $options); Assert::assertEquals(true, $this->isUserOrGroupInSharedData($group, $permissions)); diff --git a/build/integration/sharing_features/sharing-v1-part2.feature b/build/integration/sharing_features/sharing-v1-part2.feature index f9ebf6782b1..ba927250649 100644 --- a/build/integration/sharing_features/sharing-v1-part2.feature +++ b/build/integration/sharing_features/sharing-v1-part2.feature @@ -1167,4 +1167,24 @@ Feature: sharing |{http://open-collaboration-services.org/ns}share-permissions | Then the single response should contain a property "{http://open-collaboration-services.org/ns}share-permissions" with value "19" + Scenario: Cannot download a file when it's shared view-only + Given user "user0" exists + And user "user1" exists + And User "user0" moves file "/textfile0.txt" to "/document.odt" + And file "document.odt" of user "user0" is shared with user "user1" view-only + And user "user1" accepts last share + When As an "user1" + And Downloading file "/document.odt" + Then the HTTP status code should be "403" + + Scenario: Cannot download a file when its parent is shared view-only + Given user "user0" exists + And user "user1" exists + And User "user0" created a folder "/sharedviewonly" + And User "user0" moves file "/textfile0.txt" to "/sharedviewonly/document.odt" + And folder "sharedviewonly" of user "user0" is shared with user "user1" view-only + And user "user1" accepts last share + When As an "user1" + And Downloading file "/sharedviewonly/document.odt" + Then the HTTP status code should be "403" # See sharing-v1-part3.feature |