test: share with Denied role in Personal and Project space

owncloud · Dec 3, 2024 · e5c2350 · e5c2350
1 parent 46d397d
commit e5c2350
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 6 deletions.
diff --git a/tests/acceptance/TestHelpers/GraphHelper.php b/tests/acceptance/TestHelpers/GraphHelper.php
@@ -43,6 +43,7 @@ class GraphHelper {
 	public const ADDITIONAL_PERMISSIONS_ROLES = [
 		'Secure Viewer' => 'aa97fe03-7980-45ac-9e50-b325749fd7e6',
 		'Space Editor Without Versions' => '3284f2d5-0070-4ad8-ac40-c247f7c1fb27',
+		'Denied' => '63e64e19-8d43-42ec-a738-2b6af2610efa',
 	];
 
 	/**

diff --git a/tests/acceptance/bootstrap/SharingNgContext.php b/tests/acceptance/bootstrap/SharingNgContext.php
@@ -1766,13 +1766,14 @@ public function userRemovesTheLastLinkShareOfSpaceUsingPermissionsEndpointOfGrap
 	 * @param string $share
 	 * @param string $sharee
 	 * @param string $sharer
+	 * @param string $shouldOrNot
 	 *
 	 * @return void
 	 * @throws GuzzleException
 	 * @throws JsonException
 	 * @throws Exception
 	 */
-	public function checkIfShareExists(string $share, string $sharee, string $sharer): void {
+	public function checkIfShareExists(string $share, string $sharee, string $sharer, string $shouldOrNot): void {
 		// check share mountpoint
 		$response = GraphHelper::getMySpaces(
 			$this->featureContext->getBaseUrl(),
@@ -1788,7 +1789,6 @@ public function checkIfShareExists(string $share, string $sharee, string $sharer
 				$foundShareMountpoint = true;
 			}
 		}
-		Assert::assertTrue($foundShareMountpoint, "Share mountpoint '$share' was not found in the drives list.");
 
 		// check share in shared-with-me list
 		$response = GraphHelper::getSharesSharedWithMe(
@@ -1804,20 +1804,28 @@ public function checkIfShareExists(string $share, string $sharee, string $sharer
 				$foundShareInSharedWithMe = true;
 			}
 		}
-		Assert::assertTrue($foundShareInSharedWithMe, "Share '$share' was not found in the shared-with-me list");
+
+		if ($shouldOrNot === "should not") {
+			Assert::assertFalse($foundShareMountpoint, "Share mountpoint '$share' was found in the drives list");
+			Assert::assertFalse($foundShareInSharedWithMe, "Share '$share' was found in the shared-with-me list");
+		} else {
+			Assert::assertTrue($foundShareMountpoint, "Share mountpoint '$share' was not found in the drives list");
+			Assert::assertTrue($foundShareInSharedWithMe, "Share '$share' was not found in the shared-with-me list");
+		}
 	}
 
 	/**
-	 * @Then user :sharee should have a share :share shared by user :sharer
+	 * @Then /^user "([^"]*)" (should|should not) have a share "([^"]*)" shared by user "([^"]*)"$/
 	 *
 	 * @param string $sharee
+	 * @param string $shouldOrNot
 	 * @param string $share
 	 * @param string $sharer
 	 *
 	 * @return void
 	 */
-	public function userShouldHaveShare(string $sharee, string $share, string $sharer): void {
-		$this->checkIfShareExists($share, $sharee, $sharer);
+	public function userShouldHaveShare(string $sharee, string $shouldOrNot, string $share, string $sharer): void {
+		$this->checkIfShareExists($share, $sharee, $sharer, $shouldOrNot);
 	}
 
 	/**

diff --git a/tests/acceptance/features/apiSharingNg1/sharedWithMe.feature b/tests/acceptance/features/apiSharingNg1/sharedWithMe.feature
@@ -5232,3 +5232,45 @@ Feature: an user gets the resources shared to them
     And the json response should contain the following shares:
       | textfile.txt  |
       | FolderToShare |
+
+  @env-config
+  Scenario Outline: check the permission access while sharing a resource with denied permission role (Personal Space)
+    Given using spaces DAV path
+    And the administrator has enabled the permissions role "Denied"
+    And user "Alice" has created folder "FolderToShare"
+    And user "Alice" has uploaded file with content "ocm test" to "/textfile.txt"
+    And user "Alice" has sent the following resource share invitation:
+      | resource        | <resource> |
+      | space           | Personal   |
+      | sharee          | Brian      |
+      | shareType       | user       |
+      | permissionsRole | Denied     |
+    When user "Brian" lists the shares shared with him using the Graph API
+    Then the HTTP status code should be "200"
+    And user "Brian" should not have a share "<resource>" shared by user "Alice"
+    Examples:
+      | resource      |
+      | FolderToShare |
+      | textfile.txt  |
+
+  @env-config
+  Scenario Outline: check the response while sharing a resource with denied permission role (Project Space)
+    Given using spaces DAV path
+    And the administrator has enabled the permissions role "Denied"
+    And the administrator has assigned the role "Space Admin" to user "Alice" using the Graph API
+    And user "Alice" has created a space "NewSpace" with the default quota using the Graph API
+    And user "Alice" has created a folder "FolderToShare" in space "NewSpace"
+    And user "Alice" has uploaded a file inside space "NewSpace" with content "project space" to "textfile.txt"
+    And user "Alice" has sent the following resource share invitation:
+      | resource        | <resource> |
+      | space           | NewSpace      |
+      | sharee          | Brian         |
+      | shareType       | user          |
+      | permissionsRole | Denied        |
+    When user "Brian" lists the shares shared with him using the Graph API
+    Then the HTTP status code should be "200"
+    And user "Brian" should not have a share "<resource>" shared by user "Alice"
+    Examples:
+      | resource      |
+      | FolderToShare |
+      | textfile.txt  |