4 files changed, 386 insertions, 0 deletions
diff --git a/cypress/e2e/files_external/StorageUtils.ts b/cypress/e2e/files_external/StorageUtils.ts
new file mode 100644
index 00000000000..0f7fec65edf
--- /dev/null
+++ b/cypress/e2e/files_external/StorageUtils.ts
@@ -0,0 +1,38 @@
+/**
+ * SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import type { User } from "@nextcloud/cypress"
+
+export type StorageConfig = {
+	[key: string]: string
+}
+
+export enum StorageBackend {
+	DAV = 'dav',
+	SMB = 'smb',
+	SFTP = 'sftp',
+}
+
+export enum AuthBackend {
+	GlobalAuth = 'password::global',
+	LoginCredentials = 'password::logincredentials',
+	Password = 'password::password',
+	SessionCredentials = 'password::sessioncredentials',
+	UserGlobalAuth = 'password::global::user',
+	UserProvided = 'password::userprovided',
+}
+
+/**
+ * Create a storage via occ
+ */
+export function createStorageWithConfig(mountPoint: string, storageBackend: StorageBackend, authBackend: AuthBackend, configs: StorageConfig, user?: User): Cypress.Chainable {
+	const configsFlag = Object.keys(configs).map(key => `--config "${key}=${configs[key]}"`).join(' ')
+	const userFlag = user ? `--user ${user.userId}` : ''
+
+	const command = `files_external:create "${mountPoint}" "${storageBackend}" "${authBackend}" ${configsFlag} ${userFlag}`
+
+	cy.log(`Creating storage with command: ${command}`)
+	return cy.runOccCommand(command)
+}
diff --git a/cypress/e2e/files_external/files-external-failed.cy.ts b/cypress/e2e/files_external/files-external-failed.cy.ts
new file mode 100644
index 00000000000..29e5454dd60
--- /dev/null
+++ b/cypress/e2e/files_external/files-external-failed.cy.ts
@@ -0,0 +1,75 @@
+/**
+ * SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import { User } from '@nextcloud/cypress'
+import { AuthBackend, createStorageWithConfig, StorageBackend } from './StorageUtils'
+import { getRowForFile } from '../files/FilesUtils'
+
+describe('Files user credentials', { testIsolation: true }, () => {
+	let currentUser: User
+
+	beforeEach(() => {
+	})
+
+	before(() => {
+		cy.runOccCommand('app:enable files_external')
+		cy.createRandomUser().then((user) => { currentUser = user })
+	})
+
+	afterEach(() => {
+		// Cleanup global storages
+		cy.runOccCommand('files_external:list --output=json').then(({ stdout }) => {
+			const list = JSON.parse(stdout)
+			list.forEach((storage) => cy.runOccCommand(`files_external:delete --yes ${storage.mount_id}`), { failOnNonZeroExit: false })
+		})
+	})
+
+	after(() => {
+		cy.runOccCommand('app:disable files_external')
+	})
+
+	it('Create a failed user storage with invalid url', () => {
+		const url = 'http://cloud.domain.com/remote.php/dav/files/abcdef123456'
+		createStorageWithConfig('Storage1', StorageBackend.DAV, AuthBackend.LoginCredentials, { host: url.replace('index.php/', ''), secure: 'false' })
+
+		cy.login(currentUser)
+		cy.visit('/apps/files')
+
+		// Ensure the row is visible and marked as unavailable
+		getRowForFile('Storage1').as('row').should('be.visible')
+		cy.get('@row').find('[data-cy-files-list-row-name-link]')
+			.should('have.attr', 'title', 'This node is unavailable')
+
+		// Ensure clicking on the location does not open the folder
+		cy.location().then((loc) => {
+			cy.get('@row').find('[data-cy-files-list-row-name-link]').click()
+			cy.location('href').should('eq', loc.href)
+		})
+	})
+
+	it('Create a failed user storage with invalid login credentials', () => {
+		const url = 'http://cloud.domain.com/remote.php/dav/files/abcdef123456'
+		createStorageWithConfig('Storage2', StorageBackend.DAV, AuthBackend.Password, {
+			host: url.replace('index.php/', ''),
+			user: 'invaliduser',
+			password: 'invalidpassword',
+			secure: 'false',
+		 })
+
+		cy.login(currentUser)
+		cy.visit('/apps/files')
+
+		// Ensure the row is visible and marked as unavailable
+		getRowForFile('Storage2').as('row').should('be.visible')
+		cy.get('@row').find('[data-cy-files-list-row-name-link]')
+			.should('have.attr', 'title', 'This node is unavailable')
+
+		// Ensure clicking on the location does not open the folder
+		cy.location().then((loc) => {
+			cy.get('@row').find('[data-cy-files-list-row-name-link]').click()
+			cy.location('href').should('eq', loc.href)
+		})
+	})
+})
diff --git a/cypress/e2e/files_external/files-user-credentials.cy.ts b/cypress/e2e/files_external/files-user-credentials.cy.ts
new file mode 100644
index 00000000000..b20b06b69ba
--- /dev/null
+++ b/cypress/e2e/files_external/files-user-credentials.cy.ts
@@ -0,0 +1,143 @@
+/**
+ * SPDX-FileCopyrightText: 2022 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import { User } from '@nextcloud/cypress'
+import { AuthBackend, createStorageWithConfig, StorageBackend } from './StorageUtils'
+import { getInlineActionEntryForFile, getRowForFile, navigateToFolder, triggerInlineActionForFile } from '../files/FilesUtils'
+
+import { ACTION_CREDENTIALS_EXTERNAL_STORAGE } from '../../../apps/files_external/src/actions/enterCredentialsAction'
+import { handlePasswordConfirmation } from '../settings/usersUtils'
+
+describe('Files user credentials', { testIsolation: true }, () => {
+	let user1: User
+	let user2: User
+	let storageUser: User
+
+	before(() => {
+		cy.runOccCommand('app:enable files_external')
+
+		// Create some users
+		cy.createRandomUser().then((user) => { user1 = user })
+		cy.createRandomUser().then((user) => { user2 = user })
+
+		// This user will hold the webdav storage
+		cy.createRandomUser().then((user) => {
+			storageUser = user
+			cy.uploadFile(user, 'image.jpg')
+		})
+	})
+
+	after(() => {
+		// Cleanup global storages
+		cy.runOccCommand('files_external:list --output=json').then(({ stdout }) => {
+			const list = JSON.parse(stdout)
+			list.forEach((storage) => cy.runOccCommand(`files_external:delete --yes ${storage.mount_id}`), { failOnNonZeroExit: false })
+		})
+
+		cy.runOccCommand('app:disable files_external')
+	})
+
+	it('Create a user storage with user credentials', () => {
+		// Its not the public server address but the address so the server itself can connect to it
+		const base = 'http://localhost'
+		const host = `${base}/remote.php/dav/files/${storageUser.userId}`
+		createStorageWithConfig(storageUser.userId, StorageBackend.DAV, AuthBackend.UserProvided, { host, secure: 'false' })
+
+		cy.login(user1)
+		cy.visit('/apps/files/extstoragemounts')
+		getRowForFile(storageUser.userId).should('be.visible')
+
+		cy.intercept('PUT', '**/apps/files_external/userglobalstorages/*').as('setCredentials')
+
+		triggerInlineActionForFile(storageUser.userId, ACTION_CREDENTIALS_EXTERNAL_STORAGE)
+
+		// See credentials dialog
+		cy.findByRole('dialog', { name: 'Storage credentials' }).as('storageDialog')
+		cy.get('@storageDialog').should('be.visible')
+		cy.get('@storageDialog').findByRole('textbox', { name: 'Login' }).type(storageUser.userId)
+		cy.get('@storageDialog').get('input[type="password"]').type(storageUser.password)
+		cy.get('@storageDialog').get('button').contains('Confirm').click()
+		cy.get('@storageDialog').should('not.exist')
+
+		// Storage dialog now closed, the user auth dialog should be visible
+		cy.findByRole('dialog', { name: 'Confirm your password' }).as('authDialog')
+		cy.get('@authDialog').should('be.visible')
+		handlePasswordConfirmation(user1.password)
+
+		// Wait for the credentials to be set
+		cy.wait('@setCredentials')
+
+		// Auth dialog should be closed and the set credentials button should be gone
+		cy.get('@authDialog').should('not.exist', { timeout: 2000 })
+
+		getInlineActionEntryForFile(storageUser.userId, ACTION_CREDENTIALS_EXTERNAL_STORAGE)
+			.should('not.exist')
+
+		// Finally, the storage should be accessible
+		cy.visit('/apps/files')
+		navigateToFolder(storageUser.userId)
+		getRowForFile('image.jpg').should('be.visible')
+	})
+
+	it('Create a user storage with GLOBAL user credentials', () => {
+		// Its not the public server address but the address so the server itself can connect to it
+		const base = 'http://localhost'
+		const host = `${base}/remote.php/dav/files/${storageUser.userId}`
+		createStorageWithConfig('storage1', StorageBackend.DAV, AuthBackend.UserGlobalAuth, { host, secure: 'false' })
+
+		cy.login(user2)
+		cy.visit('/apps/files/extstoragemounts')
+		getRowForFile('storage1').should('be.visible')
+
+		cy.intercept('PUT', '**/apps/files_external/userglobalstorages/*').as('setCredentials')
+
+		triggerInlineActionForFile('storage1', ACTION_CREDENTIALS_EXTERNAL_STORAGE)
+
+		// See credentials dialog
+		cy.findByRole('dialog', { name: 'Storage credentials' }).as('storageDialog')
+		cy.get('@storageDialog').should('be.visible')
+		cy.get('@storageDialog').findByRole('textbox', { name: 'Login' }).type(storageUser.userId)
+		cy.get('@storageDialog').get('input[type="password"]').type(storageUser.password)
+		cy.get('@storageDialog').get('button').contains('Confirm').click()
+		cy.get('@storageDialog').should('not.exist')
+
+		// Storage dialog now closed, the user auth dialog should be visible
+		cy.findByRole('dialog', { name: 'Confirm your password' }).as('authDialog')
+		cy.get('@authDialog').should('be.visible')
+		handlePasswordConfirmation(user2.password)
+
+		// Wait for the credentials to be set
+		cy.wait('@setCredentials')
+
+		// Auth dialog should be closed and the set credentials button should be gone
+		cy.get('@authDialog').should('not.exist', { timeout: 2000 })
+		getInlineActionEntryForFile('storage1', ACTION_CREDENTIALS_EXTERNAL_STORAGE).should('not.exist')
+
+		// Finally, the storage should be accessible
+		cy.visit('/apps/files')
+		navigateToFolder('storage1')
+		getRowForFile('image.jpg').should('be.visible')
+	})
+
+	it('Create another user storage while reusing GLOBAL user credentials', () => {
+		// Its not the public server address but the address so the server itself can connect to it
+		const base = 'http://localhost'
+		const host = `${base}/remote.php/dav/files/${storageUser.userId}`
+		createStorageWithConfig('storage2', StorageBackend.DAV, AuthBackend.UserGlobalAuth, { host, secure: 'false' })
+
+		cy.login(user2)
+		cy.visit('/apps/files/extstoragemounts')
+		getRowForFile('storage2').should('be.visible')
+
+		// Since we already have set the credentials, the action should not be present
+		getInlineActionEntryForFile('storage1', ACTION_CREDENTIALS_EXTERNAL_STORAGE).should('not.exist')
+		getInlineActionEntryForFile('storage2', ACTION_CREDENTIALS_EXTERNAL_STORAGE).should('not.exist')
+
+		// Finally, the storage should be accessible
+		cy.visit('/apps/files')
+		navigateToFolder('storage2')
+		getRowForFile('image.jpg').should('be.visible')
+	})
+})
diff --git a/cypress/e2e/files_external/settings.cy.ts b/cypress/e2e/files_external/settings.cy.ts
new file mode 100644
index 00000000000..9f017bbf951
--- /dev/null
+++ b/cypress/e2e/files_external/settings.cy.ts
@@ -0,0 +1,130 @@
+/*!
+ * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+describe('files_external settings', () => {
+	before(() => {
+		cy.runOccCommand('app:enable files_external')
+		cy.login({ language: 'en', password: 'admin', userId: 'admin' })
+	})
+
+	beforeEach(() => {
+		cy.runOccCommand('files_external:list --output json')
+			.then((exec) => {
+				const list = JSON.parse(exec.stdout)
+				for (const entry of list) {
+					cy.runOccCommand('files_external:delete ' + entry)
+				}
+			})
+		cy.visit('/settings/admin/externalstorages')
+	})
+
+	it('can see the settings section', () => {
+		cy.findByRole('heading', { name: 'External storage' })
+			.should('be.visible')
+		cy.get('table#externalStorage')
+			.should('be.visible')
+	})
+
+	it('populates the row and creates a new empty one', () => {
+		selectBackend('local')
+
+		// See cell now contains the backend
+		getTable()
+			.findAllByRole('row')
+			.first()
+			.find('.backend')
+			.should('contain.text', 'Local')
+
+		// and the backend select is available but clear
+		getBackendSelect()
+			.should('have.value', null)
+
+		// the suggested mount point name is set to the backend
+		getTable()
+			.findAllByRole('row')
+			.first()
+			.find('input[name="mountPoint"]')
+			.should('have.value', 'Local')
+	})
+
+	it('does not save the storage with missing configuration', function() {
+		selectBackend('local')
+
+		getTable()
+			.findAllByRole('row').first()
+			.should('be.visible')
+			.within(() => {
+				cy.findByRole('checkbox', { name: 'All people' })
+					.check()
+				cy.get('button[title="Save"]')
+					.click()
+			})
+
+		cy.findByRole('dialog', { name: 'Confirm your password' })
+			.should('not.exist')
+	})
+
+	it('does not save the storage with applicable configuration', function() {
+		selectBackend('local')
+
+		getTable()
+			.findAllByRole('row').first()
+			.should('be.visible')
+			.within(() => {
+				cy.get('input[placeholder="Location"]')
+					.type('/tmp')
+				cy.get('button[title="Save"]')
+					.click()
+			})
+
+		cy.findByRole('dialog', { name: 'Confirm your password' })
+			.should('not.exist')
+	})
+
+	it('does save the storage with needed configuration', function() {
+		selectBackend('local')
+
+		getTable()
+			.findAllByRole('row').first()
+			.should('be.visible')
+			.within(() => {
+				cy.findByRole('checkbox', { name: 'All people' })
+					.check()
+				cy.get('input[placeholder="Location"]')
+					.type('/tmp')
+				cy.get('button[title="Save"]')
+					.click()
+			})
+
+		cy.findByRole('dialog', { name: 'Confirm your password' })
+			.should('be.visible')
+	})
+})
+
+/**
+ * Get the external storages table
+ */
+function getTable() {
+	return cy.get('table#externalStorage')
+		.find('tbody')
+}
+
+/**
+ * Get the backend select element
+ */
+function getBackendSelect() {
+	return getTable()
+		.findAllByRole('row')
+		.last()
+		.findByRole('combobox')
+}
+
+/**
+ * @param backend - Backend to select
+ */
+function selectBackend(backend: string): void {
+	getBackendSelect()
+		.select(backend)
+}