blob: b9f423a9e93b4de5363fe8eda7581020d8cefd82 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
Feature: auth
Background:
Given user "user0" exists
Given a new restricted client token is added
Given a new unrestricted client token is added
Given the cookie jar is reset
# FILES APP
Scenario: access files app anonymously
When requesting "/index.php/apps/files" with "GET"
Then the HTTP status code should be "401"
Scenario: access files app with basic auth
When requesting "/index.php/apps/files" with "GET" using basic auth
Then the HTTP status code should be "200"
Scenario: access files app with unrestricted basic token auth
When requesting "/index.php/apps/files" with "GET" using unrestricted basic token auth
Then the HTTP status code should be "200"
Then requesting "/remote.php/files/welcome.txt" with "GET" using browser session
Then the HTTP status code should be "200"
Scenario: access files app with restricted basic token auth
When requesting "/index.php/apps/files" with "GET" using restricted basic token auth
Then the HTTP status code should be "200"
Then requesting "/remote.php/files/welcome.txt" with "GET" using browser session
Then the HTTP status code should be "404"
Scenario: access files app with an unrestricted client token
When requesting "/index.php/apps/files" with "GET" using an unrestricted client token
Then the HTTP status code should be "200"
Scenario: access files app with browser session
Given a new browser session is started
When requesting "/index.php/apps/files" with "GET" using browser session
Then the HTTP status code should be "200"
# WebDAV
Scenario: using WebDAV anonymously
When requesting "/remote.php/webdav" with "PROPFIND"
Then the HTTP status code should be "401"
Scenario: using WebDAV with basic auth
When requesting "/remote.php/webdav" with "PROPFIND" using basic auth
Then the HTTP status code should be "207"
Scenario: using WebDAV with unrestricted basic token auth
When requesting "/remote.php/webdav" with "PROPFIND" using unrestricted basic token auth
Then the HTTP status code should be "207"
Scenario: using WebDAV with restricted basic token auth
When requesting "/remote.php/webdav" with "PROPFIND" using restricted basic token auth
Then the HTTP status code should be "207"
Scenario: using WebDAV with browser session
Given a new browser session is started
When requesting "/remote.php/webdav" with "PROPFIND" using browser session
Then the HTTP status code should be "207"
# OCS
Scenario: using OCS anonymously
When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET"
Then the OCS status code should be "997"
Scenario: using OCS with basic auth
When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using basic auth
Then the OCS status code should be "100"
Scenario: using OCS with token auth
When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using unrestricted basic token auth
Then the OCS status code should be "100"
Scenario: using OCS with an unrestricted client token
When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using an unrestricted client token
Then the OCS status code should be "100"
Scenario: using OCS with browser session
Given a new browser session is started
When requesting "/ocs/v1.php/apps/files_sharing/api/v1/remote_shares" with "GET" using browser session
Then the OCS status code should be "100"
# REMEMBER ME
Scenario: remember login
Given a new remembered browser session is started
When the session cookie expires
And requesting "/index.php/apps/files" with "GET" using browser session
Then the HTTP status code should be "200"
# AUTH TOKENS
Scenario: Creating an auth token with regular auth token should not work
When requesting "/index.php/apps/files" with "GET" using restricted basic token auth
Then the HTTP status code should be "200"
When the CSRF token is extracted from the previous response
When a new unrestricted client token is added using restricted basic token auth
Then the HTTP status code should be "503"
Scenario: Creating a restricted auth token with regular login should work
When a new restricted client token is added
Then the HTTP status code should be "200"
Scenario: Creating an unrestricted auth token with regular login should work
When a new unrestricted client token is added
Then the HTTP status code should be "200"
|
