diff options
Diffstat (limited to 'build/integration/dav_features')
6 files changed, 220 insertions, 52 deletions
diff --git a/build/integration/dav_features/caldav.feature b/build/integration/dav_features/caldav.feature index f7baf76d4bc..f324f720bbd 100644 --- a/build/integration/dav_features/caldav.feature +++ b/build/integration/dav_features/caldav.feature @@ -1,3 +1,5 @@ +# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later Feature: caldav Scenario: Accessing a not existing calendar of another user Given user "user0" exists @@ -85,3 +87,8 @@ Feature: caldav When "user0" requests principal "users/user0" on the endpoint "/remote.php/dav/principals/" Then The CalDAV response should be multi status And The CalDAV response should contain a property "{urn:ietf:params:xml:ns:caldav}schedule-default-calendar-URL" with a href value "/remote.php/dav/calendars/user0/MyCalendar2/" + + Scenario: Should create default calendar on first login + Given user "first-login" exists + When "first-login" requests calendar "first-login/personal" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "207" diff --git a/build/integration/dav_features/carddav.feature b/build/integration/dav_features/carddav.feature index 9c9df6ddd94..35e85639817 100644 --- a/build/integration/dav_features/carddav.feature +++ b/build/integration/dav_features/carddav.feature @@ -1,3 +1,5 @@ +# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later Feature: carddav Scenario: Accessing a not existing addressbook of another user Given user "user0" exists @@ -47,7 +49,6 @@ Feature: carddav |X-Frame-Options|SAMEORIGIN| |X-Permitted-Cross-Domain-Policies|none| |X-Robots-Tag|noindex, nofollow| - |X-XSS-Protection|1; mode=block| Scenario: Exporting the picture of ones own contact Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" @@ -61,7 +62,6 @@ Feature: carddav |X-Frame-Options|SAMEORIGIN| |X-Permitted-Cross-Domain-Policies|none| |X-Robots-Tag|noindex, nofollow| - |X-XSS-Protection|1; mode=block| Scenario: Create addressbook request for non-existing addressbook of another user Given user "user0" exists @@ -77,3 +77,7 @@ Feature: carddav Then The CardDAV HTTP status code should be "404" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "File not found: admin in 'addressbooks'" + + Scenario: Should create default addressbook on first login + Given user "first-login" exists + Then "first-login" requests addressbook "first-login/contacts" with statuscode "207" on the endpoint "/remote.php/dav/addressbooks/users/" diff --git a/build/integration/dav_features/dav-v2-public.feature b/build/integration/dav_features/dav-v2-public.feature new file mode 100644 index 00000000000..a1ff85dc77b --- /dev/null +++ b/build/integration/dav_features/dav-v2-public.feature @@ -0,0 +1,78 @@ +# SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later +Feature: dav-v2-public + Background: + Given using api version "1" + + Scenario: See note to recipient in public shares + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user1" exists + And As an "user1" + And user "user1" created a folder "/testshare" + And as "user1" creating a share with + | path | testshare | + | shareType | 3 | + | permissions | 1 | + | note | Hello | + And As an "user0" + Given using new public dav path + When Requesting share note on dav endpoint + Then the single response should contain a property "{http://nextcloud.org/ns}note" with value "Hello" + + Scenario: Downloading a file from public share with Ajax header + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user1" exists + And As an "user1" + And user "user1" created a folder "/testshare" + When User "user1" uploads file "data/green-square-256.png" to "/testshare/image.png" + And as "user1" creating a share with + | path | testshare | + | shareType | 3 | + | permissions | 1 | + And As an "user0" + Given using new public dav path + When Downloading public file "/image.png" + Then the downloaded file has the content of "/testshare/image.png" from "user1" data + + # Test that downloading files work to ensure e.g. the viewer works or files can be downloaded + Scenario: Downloading a file from public share without Ajax header and disabled s2s share + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user1" exists + And As an "user1" + And user "user1" created a folder "/testshare" + When User "user1" uploads file "data/green-square-256.png" to "/testshare/image.png" + And as "user1" creating a share with + | path | testshare | + | shareType | 3 | + | permissions | 1 | + And As an "user0" + Given parameter "outgoing_server2server_share_enabled" of app "files_sharing" is set to "no" + Given using new public dav path + When Downloading public file "/image.png" without ajax header + Then the downloaded file has the content of "/testshare/image.png" from "user1" data + + Scenario: Download a folder + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user0" created a folder "/testshare" + And user "user0" created a folder "/testshare/testFolder" + When User "user0" uploads file "data/textfile.txt" to "/testshare/testFolder/text.txt" + When User "user0" uploads file "data/green-square-256.png" to "/testshare/testFolder/image.png" + And as "user0" creating a share with + | path | testshare | + | shareType | 3 | + | permissions | 1 | + And As an "user1" + Given using new public dav path + When Downloading public folder "testFolder" + Then the downloaded file is a zip file + Then the downloaded zip file contains a folder named "testFolder/" + And the downloaded zip file contains a file named "testFolder/text.txt" with the contents of "/testshare/testFolder/text.txt" from "user0" data + And the downloaded zip file contains a file named "testFolder/image.png" with the contents of "/testshare/testFolder/image.png" from "user0" data diff --git a/build/integration/dav_features/dav-v2.feature b/build/integration/dav_features/dav-v2.feature index a3ac59578e9..dbd2295497f 100644 --- a/build/integration/dav_features/dav-v2.feature +++ b/build/integration/dav_features/dav-v2.feature @@ -1,3 +1,6 @@ +# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later + Feature: dav-v2 Background: Given using api version "1" @@ -9,6 +12,16 @@ Feature: dav-v2 When User "user0" moves file "/textfile0.txt" to "/FOLDER/textfile0.txt" Then the HTTP status code should be "201" + Scenario: Moving and overwriting it's parent + Given using new dav path + And As an "admin" + And user "user0" exists + And As an "user0" + And user "user0" created a folder "/test" + And user "user0" created a folder "/test/test" + When User "user0" moves file "/test/test" to "/test" + Then the HTTP status code should be "403" + Scenario: download a file with range using new endpoint Given using new dav path And As an "admin" @@ -28,7 +41,6 @@ Feature: dav-v2 |X-Frame-Options|SAMEORIGIN| |X-Permitted-Cross-Domain-Policies|none| |X-Robots-Tag|noindex, nofollow| - |X-XSS-Protection|1; mode=block| And Downloaded content should start with "Welcome to your Nextcloud account!" Scenario: Doing a GET with a web login should work without CSRF token on the new backend @@ -43,6 +55,20 @@ Feature: dav-v2 Then Downloaded content should start with "Welcome to your Nextcloud account!" Then the HTTP status code should be "200" + Scenario: Download a folder + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user0" created a folder "/testFolder" + When User "user0" uploads file "data/textfile.txt" to "/testFolder/text.txt" + When User "user0" uploads file "data/green-square-256.png" to "/testFolder/image.png" + And As an "user0" + When Downloading folder "/testFolder" + Then the downloaded file is a zip file + Then the downloaded zip file contains a folder named "testFolder/" + And the downloaded zip file contains a file named "testFolder/text.txt" with the contents of "/testFolder/text.txt" from "user0" data + And the downloaded zip file contains a file named "testFolder/image.png" with the contents of "/testFolder/image.png" from "user0" data + Scenario: Doing a PROPFIND with a web login should not work without CSRF token on the new backend Given Logging in using web as "admin" When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken @@ -76,32 +102,61 @@ Feature: dav-v2 | shareType | 0 | | permissions | 31 | | shareWith | user0 | - And user "user0" accepts last share + And user "user0" accepts last share And As an "user0" When User "user0" uploads file "data/textfile.txt" to "/testquota/asdf.txt" Then the HTTP status code should be "201" + Scenario: Uploading a file with very long filename + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user0" has a quota of "10 MB" + And As an "user0" + When User "user0" uploads file "data/textfile.txt" to "/long-filename-with-250-characters-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.txt" + Then the HTTP status code should be "201" + + Scenario: Uploading a file with a too long filename + Given using new dav path + And As an "admin" + And user "user0" exists + And user "user0" has a quota of "10 MB" + And As an "user0" + When User "user0" uploads file "data/textfile.txt" to "/long-filename-with-251-characters-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.txt" + Then the HTTP status code should be "400" + Scenario: Create a search query on image Given using new dav path And As an "admin" - And user "user0" exists - And As an "user0" - When User "user0" uploads file "data/textfile.txt" to "/testquota/asdf.txt" - Then Image search should work - And the response should be empty - When User "user0" uploads file "data/green-square-256.png" to "/image.png" + And user "user0" exists + And As an "user0" + When User "user0" uploads file "data/textfile.txt" to "/testquota/asdf.txt" + Then Image search should work + And the response should be empty + When User "user0" uploads file "data/green-square-256.png" to "/image.png" Then Image search should work - And the single response should contain a property "{DAV:}getcontenttype" with value "image/png" - - Scenario: Create a search query on favorite - Given using new dav path - And As an "admin" - And user "user0" exists - And As an "user0" - When User "user0" uploads file "data/green-square-256.png" to "/fav_image.png" - Then Favorite search should work - And the response should be empty - When user "user0" favorites element "/fav_image.png" - Then Favorite search should work - And the single response should contain a property "{http://owncloud.org/ns}favorite" with value "1" + And the single response should contain a property "{DAV:}getcontenttype" with value "image/png" + Scenario: Create a search query on favorite + Given using new dav path + And As an "admin" + And user "user0" exists + And As an "user0" + When User "user0" uploads file "data/green-square-256.png" to "/fav_image.png" + Then Favorite search should work + And the response should be empty + When user "user0" favorites element "/fav_image.png" + Then Favorite search should work + And the single response should contain a property "{http://owncloud.org/ns}favorite" with value "1" + + Scenario: Create a search query on favorite + Given using new dav path + And As an "admin" + And user "user0" exists + And As an "user0" + When User "user0" uploads file "data/green-square-256.png" to "/fav_image.png" + Then Favorite search should work + And the response should be empty + When user "user0" favorites element "/fav_image.png" + Then Favorite search should work + And the single response should contain a property "{http://owncloud.org/ns}favorite" with value "1" diff --git a/build/integration/dav_features/principal-property-search.feature b/build/integration/dav_features/principal-property-search.feature new file mode 100644 index 00000000000..b2195489263 --- /dev/null +++ b/build/integration/dav_features/principal-property-search.feature @@ -0,0 +1,13 @@ +# SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later + +Feature: principal-property-search + Background: + Given user "user0" exists + Given As an "admin" + Given invoking occ with "app:enable --force testing" + + Scenario: Find a principal by a given displayname + When searching for a principal matching "user0" + Then The search HTTP status code should be "207" + And The search response should contain "<d:href>/remote.php/dav/principals/users/user0/</d:href>" diff --git a/build/integration/dav_features/webdav-related.feature b/build/integration/dav_features/webdav-related.feature index 28a0cad619b..12fd3d44c4f 100644 --- a/build/integration/dav_features/webdav-related.feature +++ b/build/integration/dav_features/webdav-related.feature @@ -1,3 +1,5 @@ +# SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors +# SPDX-License-Identifier: AGPL-3.0-or-later Feature: webdav-related Background: Given using api version "1" @@ -36,6 +38,43 @@ Feature: webdav-related Then the HTTP status code should be "204" And Downloaded content when downloading file "/textfile0.txt" with range "bytes=0-6" should be "Welcome" + Scenario: Moving and overwriting it's parent + Given using old dav path + And As an "admin" + And user "user0" exists + And As an "user0" + And user "user0" created a folder "/test" + And user "user0" created a folder "/test/test" + When User "user0" moves file "/test/test" to "/test" + Then the HTTP status code should be "403" + + Scenario: Moving a file from shared folder to root folder + Given using old dav path + And user "user0" exists + And user "user1" exists + And user "user0" created a folder "/testshare" + And User "user0" copies file "/welcome.txt" to "/testshare/welcome.txt" + And as "user0" creating a share with + | path | testshare | + | shareType | 0 | + | shareWith | user1 | + When User "user1" moves file "/testshare/welcome.txt" to "/movedwelcome.txt" + Then As an "user1" + And Downloaded content when downloading file "/movedwelcome.txt" with range "bytes=0-6" should be "Welcome" + + Scenario: Moving a file from root folder to shared folder + Given using old dav path + And user "user0" exists + And user "user1" exists + And user "user0" created a folder "/testshare" + And as "user0" creating a share with + | path | testshare | + | shareType | 0 | + | shareWith | user1 | + When User "user1" moves file "/welcome.txt" to "/testshare/movedwelcome.txt" + Then As an "user1" + And Downloaded content when downloading file "/testshare/movedwelcome.txt" with range "bytes=0-6" should be "Welcome" + Scenario: Moving a file to a folder with no permissions Given using old dav path And As an "admin" @@ -252,7 +291,6 @@ Feature: webdav-related |X-Frame-Options|SAMEORIGIN| |X-Permitted-Cross-Domain-Policies|none| |X-Robots-Tag|noindex, nofollow| - |X-XSS-Protection|1; mode=block| And Downloaded content should start with "Welcome to your Nextcloud account!" Scenario: Doing a GET with a web login should work without CSRF token on the old backend @@ -277,33 +315,6 @@ Feature: webdav-related When Sending a "PROPFIND" to "/remote.php/webdav/welcome.txt" with requesttoken Then the HTTP status code should be "207" - Scenario: Upload chunked file asc - Given user "user0" exists - And user "user0" uploads chunk file "1" of "3" with "AAAAA" to "/myChunkedFile.txt" - And user "user0" uploads chunk file "2" of "3" with "BBBBB" to "/myChunkedFile.txt" - And user "user0" uploads chunk file "3" of "3" with "CCCCC" to "/myChunkedFile.txt" - When As an "user0" - And Downloading file "/myChunkedFile.txt" - Then Downloaded content should be "AAAAABBBBBCCCCC" - - Scenario: Upload chunked file desc - Given user "user0" exists - And user "user0" uploads chunk file "3" of "3" with "CCCCC" to "/myChunkedFile.txt" - And user "user0" uploads chunk file "2" of "3" with "BBBBB" to "/myChunkedFile.txt" - And user "user0" uploads chunk file "1" of "3" with "AAAAA" to "/myChunkedFile.txt" - When As an "user0" - And Downloading file "/myChunkedFile.txt" - Then Downloaded content should be "AAAAABBBBBCCCCC" - - Scenario: Upload chunked file random - Given user "user0" exists - And user "user0" uploads chunk file "2" of "3" with "BBBBB" to "/myChunkedFile.txt" - And user "user0" uploads chunk file "3" of "3" with "CCCCC" to "/myChunkedFile.txt" - And user "user0" uploads chunk file "1" of "3" with "AAAAA" to "/myChunkedFile.txt" - When As an "user0" - And Downloading file "/myChunkedFile.txt" - Then Downloaded content should be "AAAAABBBBBCCCCC" - Scenario: A file that is not shared does not have a share-types property Given user "user0" exists And user "user0" created a folder "/test" @@ -694,7 +705,7 @@ Feature: webdav-related And user "user0" uploads new chunk v2 file "2" to id "chunking-random" And user "user0" uploads new chunk v2 file "4" to id "chunking-random" And user "user0" moves new chunk v2 file with id "chunking-random" - Then the upload should fail on object storage + Then the upload should fail on object storage @s3-multipart Scenario: Upload chunked file with special characters with new chunking v2 |