eliott/ocis
1
0
Fork 0
mirror of https://github.com/owncloud/ocis synced 2026-04-25 17:25:21 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
757fc04e55fc5e19b3207ce3fc2af5f1e32c3f48
ocis/tests/acceptance/features/apiSharingNgDriveLinkShare/createDriveLinkShare.feature
Roman Perekhod 757fc04e55 Fix the expiration date response for links
2025-07-11 00:18:50 +02:00

427 lines
18 KiB
Gherkin
Raw Blame History

@issue-7879
Feature: Link sharing of project spaces
https://owncloud.dev/libre-graph-api/#/drives.permissions/CreateLink
Background:
Given these users have been created with default attributes:
| username |
| Alice |
Scenario Outline: create a link share of a project-space drive using permissions endpoint
Given using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link"],
"properties": {
"hasPassword": {"const": true},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": ""},
"@libre.graph.quickLink": {"const": false},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
| displayName | Homework |
| expirationDateTime | 2200-07-15T14:00:00.000Z |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link","expirationDateTime"],
"properties": {
"hasPassword": {"const": true},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"expirationDateTime": {"const": "2200-07-15T14:00:00Z"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": "Homework"},
"@libre.graph.quickLink": {"const": false},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
| quickLink | true |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link"],
"properties": {
"hasPassword": {"const": true},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": ""},
"@libre.graph.quickLink": {"const": true},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
Examples:
| permissions-role | permissions-role-value |
| View | view |
| Edit | edit |
| Upload | upload |
| File Drop | createOnly |
| Secure View | blocksDownload |
Scenario Outline: create a link share of a project-space drive using root endpoint
Given using spaces DAV path
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using root endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link"],
"properties": {
"hasPassword": {"const": true},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": ""},
"@libre.graph.quickLink": {"const": false},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
When user "Alice" creates the following space link share using root endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
| displayName | Homework |
| expirationDateTime | 2200-07-15T14:00:00.000Z |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link","expirationDateTime"],
"properties": {
"hasPassword": {"const": true},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"expirationDateTime": {"const": "2200-07-15T14:00:00Z"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": "Homework"},
"@libre.graph.quickLink": {"const": false},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
When user "Alice" creates the following space link share using root endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
| password | %public% |
| quickLink | true |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link"],
"properties": {
"hasPassword": {"const": true},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": ""},
"@libre.graph.quickLink": {"const": true},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
Examples:
| permissions-role | permissions-role-value |
| View | view |
| Edit | edit |
| Upload | upload |
| File Drop | createOnly |
| Secure View | blocksDownload |
Scenario Outline: try to create a link share of a Personal and Shares drives using permissions endpoint
When user "Alice" tries to create the following space link share using permissions endpoint of the Graph API:
| space | <drive> |
| permissionsRole | <permissions-role> |
| password | %public% |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": ["code","innererror","message"],
"properties": {
"code": {"const": "invalidRequest"},
"innererror": {
"required": ["date","request-id"]
},
"message": {"const": "<message>"}
}
}
}
}
"""
Examples:
| permissions-role | drive | message |
| View | Shares | no share permission |
| Edit | Shares | no share permission |
| Upload | Shares | no share permission |
| File Drop | Shares | no share permission |
| Secure View | Shares | invalid link type |
| View | Personal | cannot create link on personal space root |
| Edit | Personal | cannot create link on personal space root |
| Upload | Personal | cannot create link on personal space root |
| File Drop | Personal | cannot create link on personal space root |
| Secure View | Personal | invalid link type |
Scenario Outline: try to create a link share of a Personal and Shares drives using root endpoint
When user "Alice" tries to create the following space link share using root endpoint of the Graph API:
| space | <drive> |
| permissionsRole | <permissions-role> |
| password | %public% |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": ["code","innererror","message"],
"properties": {
"code": {"const": "invalidRequest"},
"innererror": {
"required": ["date","request-id"]
},
"message": {"const": "unsupported space type"}
}
}
}
}
"""
Examples:
| permissions-role | drive |
| View | Shares |
| Edit | Shares |
| Upload | Shares |
| File Drop | Shares |
| Secure View | Shares |
| View | Personal |
| Edit | Personal |
| Upload | Personal |
| File Drop | Personal |
| Secure View | Personal |
@env-config
Scenario: try to create a link share of a project-space with a password that is listed in the Banned-Password-List using permissions endpoint
Given using spaces DAV path
And the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt"
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | View |
| password | 123 |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": ["code","message"],
"properties": {
"code": {"const": "invalidRequest"},
"message": {"const": "unfortunately, your password is commonly used. please pick a harder-to-guess password for your safety"}
}
}
}
}
"""
@env-config
Scenario: try to create a link share of a project-space with a password that is listed in the Banned-Password-List using root endpoint
Given using spaces DAV path
And the config "OCIS_PASSWORD_POLICY_BANNED_PASSWORDS_LIST" has been set to path "config/drone/banned-password-list.txt"
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using root endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | Edit |
| password | password |
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["error"],
"properties": {
"error": {
"type": "object",
"required": ["code","message"],
"properties": {
"code": {"const": "invalidRequest"},
"message": {"const": "unfortunately, your password is commonly used. please pick a harder-to-guess password for your safety"}
}
}
}
}
"""
@env-config
Scenario Outline: create a link share of a project-space when password is not enforced using permissions endpoint
Given using spaces DAV path
And the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false |
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using permissions endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link"],
"properties": {
"hasPassword": {"const": false},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": ""},
"@libre.graph.quickLink": {"const": false},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
Examples:
| permissions-role | permissions-role-value |
| View | view |
| Edit | edit |
| Upload | upload |
| File Drop | createOnly |
| Secure View | blocksDownload |
@env-config
Scenario Outline: create a link share of a project-space when password is not enforced using root endpoint
Given using spaces DAV path
And the following configs have been set:
| config | value |
| OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD | false |
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "projectSpace" with the default quota using the Graph API
When user "Alice" creates the following space link share using root endpoint of the Graph API:
| space | projectSpace |
| permissionsRole | <permissions-role> |
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": ["hasPassword","id","link"],
"properties": {
"hasPassword": {"const": false},
"id": {"pattern": "^[a-zA-Z]{15}$"},
"link": {
"type": "object",
"required": ["@libre.graph.displayName","@libre.graph.quickLink","preventsDownload","type","webUrl"],
"properties": {
"@libre.graph.displayName": {"const": ""},
"@libre.graph.quickLink": {"const": false},
"preventsDownload": {"const": false},
"type": {"const": "<permissions-role-value>"},
"webUrl": {"pattern": "^%base_url%/s/[a-zA-Z]{15}$"}
}
}
}
}
"""
Examples:
| permissions-role | permissions-role-value |
| View | view |
| Edit | edit |
| Upload | upload |
| File Drop | createOnly |
| Secure View | blocksDownload |
Reference in New Issue View Git Blame Copy Permalink