-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
move auth tests into separate behat suite
- Loading branch information
1 parent
7ef93e8
commit 13625fe
Showing
9 changed files
with
216 additions
and
175 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| @api @TestAlsoOnExternalUserBackend | ||
| Feature: auth | ||
|
|
||
| Background: | ||
| Given user "user0" has been created with default attributes | ||
| And a new client token for "user0" has been generated | ||
|
|
||
| @smokeTest | ||
| Scenario: access files app anonymously | ||
| When a user requests "/index.php/apps/files" with "GET" and no authentication | ||
| Then the HTTP status code should be "401" | ||
|
|
||
| @smokeTest | ||
| Scenario: access files app with basic auth | ||
| When user "user0" requests "/index.php/apps/files" with "GET" using basic auth | ||
| Then the HTTP status code should be "200" | ||
|
|
||
| @smokeTest | ||
| Scenario: access files app with basic token auth | ||
| When user "user0" requests "/index.php/apps/files" with "GET" using basic token auth | ||
| Then the HTTP status code should be "200" | ||
|
|
||
| @smokeTest | ||
| Scenario: access files app with a client token | ||
| When the user requests "/index.php/apps/files" with "GET" using the generated client token | ||
| Then the HTTP status code should be "200" | ||
|
|
||
| @smokeTest | ||
| Scenario: access files app with browser session | ||
| Given a new browser session for "user0" has been started | ||
| When the user requests "/index.php/apps/files" with "GET" using the browser session | ||
| Then the HTTP status code should be "200" | ||
|
|
||
| @smokeTest | ||
| Scenario: access files app with an app password | ||
| Given a new browser session for "user0" has been started | ||
| And the user has generated a new app password named "my-client" | ||
| When the user requests "/index.php/apps/files" with "GET" using the generated app password | ||
| Then the HTTP status code should be "200" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| @api @TestAlsoOnExternalUserBackend | ||
| Feature: auth | ||
|
|
||
| Background: | ||
| Given user "user0" has been created with default attributes | ||
| And a new client token for "user0" has been generated | ||
|
|
||
| @issue-32068 | ||
| Scenario Outline: send DELETE requests to OCS endpoints as admin with wrong password | ||
| Given using OCS API version "<ocs_api_version>" | ||
| And group "group1" has been created | ||
| When the administrator sends HTTP method "DELETE" to OCS API endpoint "<endpoint>" using password "invalid" | ||
| Then the OCS status code should be "<ocs-code>" | ||
| And the HTTP status code should be "<http-code>" | ||
| Examples: | ||
| | ocs_api_version |endpoint | ocs-code | http-code | | ||
| | 1 |/apps/files_sharing/api/v1/remote_shares/pending/123 | 997 | 401 | | ||
| | 2 |/apps/files_sharing/api/v1/remote_shares/pending/123 | 997 | 401 | | ||
| | 1 |/apps/files_sharing/api/v1/remote_shares/123 | 997 | 401 | | ||
| | 2 |/apps/files_sharing/api/v1/remote_shares/123 | 997 | 401 | | ||
| | 1 |/cloud/apps/testing | 997 | 401 | | ||
| | 2 |/cloud/apps/testing | 997 | 401 | | ||
| | 1 |/cloud/groups/group1 | 997 | 401 | | ||
| | 2 |/cloud/groups/group1 | 997 | 401 | | ||
| | 1 |/cloud/users/user0 | 997 | 401 | | ||
| | 2 |/cloud/users/user0 | 997 | 401 | | ||
| | 1 |/cloud/users/user0/groups | 997 | 401 | | ||
| | 2 |/cloud/users/user0/groups | 997 | 401 | | ||
| | 1 |/cloud/users/user0/subadmins | 997 | 401 | | ||
| | 2 |/cloud/users/user0/subadmins | 997 | 401 | | ||
|
|
||
| #merge into previous scenario when fixed | ||
| @issue-34626 | ||
| Scenario Outline: send DELETE requests to OCS endpoints as admin with wrong password | ||
| Given using OCS API version "<ocs_api_version>" | ||
| When the administrator sends HTTP method "DELETE" to OCS API endpoint "<endpoint>" using password "invalid" | ||
| Then the HTTP status code should be "200" | ||
| And the body of the response should be empty | ||
| #And the OCS status code should be "997" | ||
| Examples: | ||
| | ocs_api_version | endpoint | | ||
| | 1 | /apps/files_sharing/api/v1/shares/123 | | ||
| | 2 | /apps/files_sharing/api/v1/shares/123 | | ||
| | 1 | /apps/files_sharing/api/v1/shares/pending/123 | | ||
| | 2 | /apps/files_sharing/api/v1/shares/pending/123 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| @api @TestAlsoOnExternalUserBackend | ||
| Feature: auth | ||
|
|
||
| Background: | ||
| Given user "user0" has been created with default attributes | ||
| And a new client token for "user0" has been generated | ||
|
|
||
| @issue-32068 | ||
| Scenario Outline: send POST requests to OCS endpoints as normal user with wrong password | ||
| Given using OCS API version "<ocs_api_version>" | ||
| And user "user1" has been created with default attributes | ||
| When user "user0" sends HTTP method "POST" to OCS API endpoint "<endpoint>" with body using password "invalid" | ||
| | data | doesnotmatter | | ||
| Then the OCS status code should be "<ocs-code>" | ||
| And the HTTP status code should be "<http-code>" | ||
| Examples: | ||
| | ocs_api_version |endpoint | ocs-code | http-code | | ||
| | 1 |/apps/files_sharing/api/v1/remote_shares/pending/123 | 997 | 401 | | ||
| | 2 |/apps/files_sharing/api/v1/remote_shares/pending/123 | 997 | 401 | | ||
| | 1 |/cloud/apps/testing | 997 | 401 | | ||
| | 2 |/cloud/apps/testing | 997 | 401 | | ||
| | 1 |/cloud/groups | 997 | 401 | | ||
| | 2 |/cloud/groups | 997 | 401 | | ||
| | 1 |/cloud/users | 997 | 401 | | ||
| | 2 |/cloud/users | 997 | 401 | | ||
| | 1 |/cloud/users/user0/groups | 997 | 401 | | ||
| | 2 |/cloud/users/user0/groups | 997 | 401 | | ||
| | 1 |/cloud/users/user0/subadmins | 997 | 401 | | ||
| | 2 |/cloud/users/user0/subadmins | 997 | 401 | | ||
| | 1 |/person/check | 101 | 200 | | ||
| | 2 |/person/check | 400 | 400 | | ||
| | 1 |/privatedata/deleteattribute/testing/test | 997 | 401 | | ||
| | 2 |/privatedata/deleteattribute/testing/test | 997 | 401 | | ||
| | 1 |/privatedata/setattribute/testing/test | 997 | 401 | | ||
| | 2 |/privatedata/setattribute/testing/test | 997 | 401 | | ||
|
|
||
| #merge into previous scenario when fixed | ||
| @issue-34626 | ||
| Scenario Outline: send POST requests to OCS endpoints as normal user with wrong password | ||
| Given using OCS API version "<ocs_api_version>" | ||
| When user "user0" sends HTTP method "POST" to OCS API endpoint "<endpoint>" with body using password "invalid" | ||
| | data | doesnotmatter | | ||
| Then the HTTP status code should be "200" | ||
| And the body of the response should be empty | ||
| #And the OCS status code should be "997" | ||
| Examples: | ||
| | ocs_api_version | endpoint | | ||
| | 1 | /apps/files_sharing/api/v1/shares | | ||
| | 2 | /apps/files_sharing/api/v1/shares | | ||
| | 1 | /apps/files_sharing/api/v1/shares/pending/123 | | ||
| | 2 | /apps/files_sharing/api/v1/shares/pending/123 | |
Oops, something went wrong.