Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[tests-only][full-ci] added test to remove access to share after the share role has been disabled #10759

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions tests/acceptance/TestHelpers/GraphHelper.php
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@ class GraphHelper {
public const ADDITIONAL_PERMISSIONS_ROLES = [
'Secure Viewer' => 'aa97fe03-7980-45ac-9e50-b325749fd7e6',
'Space Editor Without Versions' => '3284f2d5-0070-4ad8-ac40-c247f7c1fb27',
'Denied' => '63e64e19-8d43-42ec-a738-2b6af2610efa',
];

public const SHARES_SPACE_ID = 'a0ca6a90-a365-4782-871e-d44447bbc668$a0ca6a90-a365-4782-871e-d44447bbc668';
Expand Down
45 changes: 45 additions & 0 deletions tests/acceptance/bootstrap/OcisConfigContext.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,24 @@
* steps needed to re-configure oCIS server
*/
class OcisConfigContext implements Context {
private array $enabledRoles = [];

/**
* @return array
*/
public function getEnabledRoles(): array {
return $this->enabledRoles;
}

/**
* @param array $enabledRoles
*
* @return void
*/
public function setEnabledRoles(array $enabledRoles): void {
$this->enabledRoles = $enabledRoles;
}

/**
* @Given async upload has been enabled with post-processing delayed to :delayTime seconds
*
Expand Down Expand Up @@ -99,6 +117,33 @@ public function theAdministratorHasEnabledTheRole(string $role): void {
$response->getStatusCode(),
"Failed to enable role $role"
);
$this->setEnabledRoles($defaultRoles);
}

/**
* @Given the administrator has disabled the permissions role :role
*
* @param string $role
*
* @return void
*/
public function theAdministratorHasDisabledThePermissionsRole(string $role): void {
$roleId = GraphHelper::getPermissionsRoleIdByName($role);
$availableRoles = $this->getEnabledRoles();

if ($key = array_search($roleId, $availableRoles)) {
unset($availableRoles[$key]);
}
$envs = [
"GRAPH_AVAILABLE_ROLES" => implode(',', $availableRoles),
];
$response = OcisConfigHelper::reConfigureOcis($envs);
Assert::assertEquals(
200,
$response->getStatusCode(),
"Failed to disable role $role"
);
$this->setEnabledRoles($availableRoles);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -246,3 +246,19 @@ Feature: Remove access to a drive
When user "Alice" removes the last link share of space "projectSpace" using permissions endpoint of the Graph API
Then the HTTP status code should be "204"
And user "Alice" should not have any "link" permissions on space "projectSpace"

@env-config
Scenario: delete space share after the share role Space Editor Without Versions has been disabled
Given using spaces DAV path
And the administrator has enabled the permissions role "Space Editor Without Versions"
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "new-space" with the default quota using the Graph API
And user "Alice" has sent the following space share invitation:
| space | new-space |
| sharee | Brian |
| shareType | user |
| permissionsRole | Space Editor Without Versions |
And the administrator has disabled the permissions role "Space Editor Without Versions"
When user "Alice" removes the access of user "Brian" from space "new-space" using root endpoint of the Graph API
Then the HTTP status code should be "204"
And the user "Brian" should not have a space called "NewSpace"
Original file line number Diff line number Diff line change
Expand Up @@ -143,3 +143,83 @@ Feature: Remove access to a drive item
| Space Viewer |
| Space Editor |
| Manager |

@env-config
Scenario Outline: delete share after the share role Secure Viewer has been disabled (Personal Space)
Given the administrator has enabled the permissions role "Secure Viewer"
And user "Alice" has uploaded file with content "some content" to "textfile.txt"
And user "Alice" has created folder "folderToShare"
And user "Alice" has sent the following resource share invitation:
| resource | <resource> |
| space | Personal |
| sharee | Brian |
| shareType | user |
| permissionsRole | Secure Viewer |
And the administrator has disabled the permissions role "Secure Viewer"
When user "Alice" removes the access of user "Brian" from resource "<resource>" of space "Personal" using the Graph API
Then the HTTP status code should be "204"
And for user "Brian" the space "Shares" should not contain these entries:
| <resource> |
Examples:
| resource |
| textfile.txt |
| folderToShare |

@env-config
Scenario: delete share after the share role Denied has been disabled (Personal Space)
Given the administrator has enabled the permissions role "Denied"
And user "Alice" has created folder "folderToShare"
And user "Alice" has sent the following resource share invitation:
| resource | folderToShare |
| space | Personal |
| sharee | Brian |
| shareType | user |
| permissionsRole | Denied |
And the administrator has disabled the permissions role "Denied"
When user "Alice" removes the access of user "Brian" from resource "folderToShare" of space "Personal" using the Graph API
Then the HTTP status code should be "204"
And for user "Brian" the space "Shares" should not contain these entries:
| folderToShare |

@env-config
Scenario Outline: delete share after the share role Secure Viewer has been disabled (Project Space)
Given using spaces DAV path
And the administrator has enabled the permissions role "Secure Viewer"
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "new-space" with the default quota using the Graph API
And user "Alice" has uploaded a file inside space "new-space" with content "some content" to "textfile.txt"
And user "Alice" has created a folder "folderToShare" in space "new-space"
And user "Alice" has sent the following resource share invitation:
| resource | <resource> |
| space | new-space |
| sharee | Brian |
| shareType | user |
| permissionsRole | Secure Viewer |
And the administrator has disabled the permissions role "Secure Viewer"
When user "Alice" removes the access of user "Brian" from resource "<resource>" of space "new-space" using the Graph API
Then the HTTP status code should be "204"
And for user "Brian" the space "Shares" should not contain these entries:
| <resource> |
Examples:
| resource |
| textfile.txt |
| folderToShare |

@env-config
Scenario: delete share after the share role Denied has been disabled (Project Space)
Given using spaces DAV path
And the administrator has enabled the permissions role "Denied"
And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "new-space" with the default quota using the Graph API
And user "Alice" has created a folder "folderToShare" in space "new-space"
And user "Alice" has sent the following resource share invitation:
| resource | folderToShare |
| space | new-space |
| sharee | Brian |
| shareType | user |
| permissionsRole | Denied |
And the administrator has disabled the permissions role "Denied"
When user "Alice" removes the access of user "Brian" from resource "folderToShare" of space "new-space" using the Graph API
Then the HTTP status code should be "204"
And for user "Brian" the space "Shares" should not contain these entries:
| folderToShare |
Loading