cloud/ocis
1
0
Fork 0
mirror of https://github.com/owncloud/ocis.git synced 2025-04-18 23:44:07 +03:00
Code

list grant roles permission

Browse Source
This commit is contained in:
amrita-shrestha 2025-04-03 18:32:11 +05:45
parent c118bada1e
commit c2007e12f5
No known key found for this signature in database
GPG Key ID: A3040598D5B018ED
4 changed files with 279 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.drone.star
View File

@ -167,14 +167,14 @@ config = {
"sharingNg1": {
"suites": [
"apiSharingNgShares",
"apiReshare",
"apiSharingNgPermissions",
],
"skip": False,
"withRemotePhp": [True],
},
"sharingNg2": {
"sharingNgAdditionalShareRole": {
"suites": [
"apiSharingNgPermissions",
"apiReshare",
"apiSharingNgAdditionalShareRole",
],
"skip": False,

95
tests/acceptance/bootstrap/SharingNgContext.php
View File

@ -155,7 +155,6 @@ class SharingNgContext implements Context {
/**
* @param string $user
* @param string $fileOrFolder (file|folder)
* @param string $space
* @param string|null $resource
* @param string|null $query
@ -165,17 +164,16 @@ class SharingNgContext implements Context {
*/
public function getPermissionsList(
string $user,
string $fileOrFolder,
string $space,
?string $resource = '',
?string $query = null
): ResponseInterface {
$spaceId = ($this->spacesContext->getSpaceByName($user, $space))["id"];
if ($fileOrFolder === 'folder') {
$itemId = $this->spacesContext->getResourceId($user, $space, $resource);
if ($space === "Shares") {
$spaceId = $this->spacesContext->getSharesRemoteItemParentDriveId($user, $resource);
$itemId = $this->spacesContext->getSharesRemoteItemId($user, $resource);
} else {
$itemId = $this->spacesContext->getFileId($user, $space, $resource);
$spaceId = ($this->spacesContext->getSpaceByName($user, $space))["id"];
$itemId = $this->spacesContext->getResourceId($user, $space, $resource);
}
return GraphHelper::getPermissionsList(
@ -190,24 +188,22 @@ class SharingNgContext implements Context {
}
/**
* @When /^user "([^"]*)" gets permissions list for (folder|file) "([^"]*)" of the space "([^"]*)" using the Graph API$/
* @When /^user "([^"]*)" gets permissions list for (?:folder|file) "([^"]*)" of the space "([^"]*)" using the Graph API$/
*
* @param string $user
* @param string $fileOrFolder (file|folder)
* @param string $resource
* @param string $space
*
* @return void
* @throws Exception
* @throws GuzzleException
*/
public function userGetsPermissionsListForResourceOfTheSpaceUsingTheGraphAPI(
string $user,
string $fileOrFolder,
string $resource,
string $space
): void {
$this->featureContext->setResponse(
$this->getPermissionsList($user, $fileOrFolder, $space, $resource)
$this->getPermissionsList($user, $space, $resource)
);
}
@ -221,8 +217,18 @@ class SharingNgContext implements Context {
* @throws Exception
*/
public function userListsThePermissionsOfSpaceUsingTheGraphApi(string $user, string $space): void {
$spaceId = ($this->spacesContext->getSpaceByName($user, $space))["id"];
$itemId = $this->spacesContext->getResourceId($user, $space, '');
$this->featureContext->setResponse(
$this->getPermissionsList($user, 'folder', $space)
GraphHelper::getPermissionsList(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$user,
$this->featureContext->getPasswordForUser($user),
$spaceId,
$itemId,
null
)
);
}
@ -2302,10 +2308,9 @@ class SharingNgContext implements Context {
}
/**
* @When /^user "([^"]*)" lists permissions with following filters for (folder|file) "([^"]*)" of the space "([^"]*)" using the Graph API:$/
* @When /^user "([^"]*)" lists permissions with following filters for (?:folder|file) "([^"]*)" of the space "([^"]*)" using the Graph API:$/
*
* @param string $user
* @param string $fileOrFolder (file|folder)
* @param string $resource
* @param string $space
* @param TableNode $table
@ -2315,14 +2320,70 @@ class SharingNgContext implements Context {
*/
public function userListsPermissionsWithFollowingFiltersForFileOrFolderOfTheSpaceUsingTheGraphApi(
string $user,
string $fileOrFolder,
string $resource,
string $space,
TableNode $table
): void {
$query = implode('&', $table->getColumn(0));
$this->featureContext->setResponse(
$this->getPermissionsList($user, $fileOrFolder, $space, $resource, $query)
$this->getPermissionsList($user, $space, $resource, $query)
);
}
/**
* @Then /^user "([^"]*)" should have the following shares of the (?:folder|file) "([^"]*)":$/
*
* @param string $user
* @param string $resource
* @param TableNode $table
*
* @return void
* @throws GuzzleException
* @throws JsonException
*/
public function userGetsAllTheSharesOfTheResource(
string $user,
string $resource,
TableNode $table
): void {
$permission = $this->getPermissionsList($user, "Shares", $resource);
$jsonBody = $this->featureContext->getJsonDecodedResponseBodyContent($permission);
$errors = [];
foreach ($table->getHash() as $row) {
$expectedRoleId = GraphHelper::getPermissionsRoleIdByName($row['permissionsRole']);
if ($row['shareType'] === 'user') {
$expectedSharee = $this->featureContext->getDisplayNameForUser($row['sharee']);
} else {
$expectedSharee = $row['sharee'];
}
$found = false;
foreach ($jsonBody->value as $share) {
$actualSharee = '';
if ($row['shareType'] === 'user') {
if (isset($share->grantedToV2->user->displayName)) {
$actualSharee = $share->grantedToV2->user->displayName;
}
} else {
if (isset($share->grantedToV2->group->displayName)) {
$actualSharee = $share->grantedToV2->group->displayName;
}
}
if ($actualSharee === $expectedSharee) {
$found = true;
if ($share->roles[0] !== $expectedRoleId) {
$errors[] = "Expected user $actualSharee share role id to be '$expectedRoleId'
but found '$share->roles[0]'";
}
break;
}
}
if (!$found) {
$errors[] = "Expected sharee '$expectedSharee' to be present but found '$actualSharee'";
}
}
if (!empty($errors)) {
Assert::fail(implode("\n", $errors));
}
}
}

41
tests/acceptance/bootstrap/SpacesContext.php
View File

@ -293,11 +293,11 @@ class SpacesContext implements Context {
* @param string $user
* @param string $share
*
* @return string
* @return object
*
* @throws Exception|GuzzleException
*/
public function getSharesRemoteItemId(string $user, string $share): string {
public function getSharesRemoteItem(string $user, string $share): object {
$share = ltrim($share, '/');
$credentials = $this->featureContext->graphContext->getAdminOrUserCredentials($user);
$response = GraphHelper::getSharesSharedWithMe(
@ -312,16 +312,45 @@ class SpacesContext implements Context {
// Search remoteItem ID of a given share
foreach ($jsonBody->value as $item) {
if (isset($item->name) && $item->name === $share) {
if (isset($item->remoteItem->id)) {
return $item->remoteItem->id;
}
throw new Exception("Failed to find remoteItem ID for share: $share");
return $item->remoteItem;
}
}
throw new Exception("Cannot find share: $share");
}
/**
* @param string $user
* @param string $share
*
* @return string
*
* @throws Exception|GuzzleException
*/
public function getSharesRemoteItemId(string $user, string $share): string {
$remoteItem = $this->getSharesRemoteItem($user, $share);
if (isset($remoteItem->id)) {
return $remoteItem->id;
}
throw new Exception("Failed to find remoteItem ID for share: $share");
}
/**
* @param string $user
* @param string $share
*
* @return string
*
* @throws Exception|GuzzleException
*/
public function getSharesRemoteItemParentDriveId(string $user, string $share): string {
$remoteItem = $this->getSharesRemoteItem($user, $share);
if (isset($remoteItem->parentReference->driveId)) {
return $remoteItem->parentReference->driveId;
}
throw new Exception("Failed to find remoteItem ID for share: $share");
}
/**
* The method finds file by fileName and spaceName and returns data of file which contains in responseHeader
* fileName contains the path, if the file is in the folder

165
tests/acceptance/features/apiSharingNgAdditionalShareRole/listGrantsShareRole.feature
View File

@ -62,6 +62,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the file "textfile1.txt":
| sharee | shareType | permissionsRole |
| Brian | user | <permissions-role> |
Examples:
| permissions-role |
| Viewer With ListGrants |
@ -119,6 +122,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "FolderToShare":
| sharee | shareType | permissionsRole |
| Brian | user | <permissions-role> |
Examples:
| permissions-role |
| Viewer With ListGrants |
@ -179,6 +185,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the file "textfile1.txt":
| sharee | shareType | permissionsRole |
| Brian | user | <permissions-role> |
Examples:
| permissions-role |
| Viewer With ListGrants |
@ -239,6 +248,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "FolderToShare":
| sharee | shareType | permissionsRole |
| Brian | user | <permissions-role> |
Examples:
| permissions-role |
| Viewer With ListGrants |
@ -289,6 +301,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the file "textfile1.txt":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| permissions-role | new-permissions-role |
| Viewer | Viewer With ListGrants |
@ -341,6 +356,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "FolderToShare":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| permissions-role | new-permissions-role |
| Viewer | Viewer With ListGrants |
@ -398,6 +416,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the file "textfile1.txt":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| permissions-role | new-permissions-role |
| Viewer | Viewer With ListGrants |
@ -453,6 +474,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "FolderToShare":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| permissions-role | new-permissions-role |
| Viewer | Viewer With ListGrants |
@ -507,6 +531,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the file "textfile1.txt":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| permissions-role | new-permissions-role |
| Viewer With ListGrants | Viewer |
@ -559,6 +586,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "FolderToShare":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| permissions-role | new-permissions-role |
| Viewer With ListGrants | Viewer |
@ -616,6 +646,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the file "textfile1.txt":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| new-permissions-role | permissions-role |
| Viewer With ListGrants | Viewer |
@ -671,6 +704,9 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "FolderToShare":
| sharee | shareType | permissionsRole |
| Brian | user | <new-permissions-role> |
Examples:
| new-permissions-role | permissions-role |
| Viewer With ListGrants | Viewer |
@ -1266,6 +1302,10 @@ Feature: ListGrants role
}
}
"""
And user "Brian" should have the following shares of the folder "folder":
| sharee | shareType | permissionsRole |
| Brian | user | Viewer |
| grp1 | group | <permissions-role> |
Examples:
| permissions-role |
| Viewer With ListGrants |
@ -1456,8 +1496,7 @@ Feature: ListGrants role
"properties": {
"user": {
"type": "object",
"required": ["displayName","id"
],
"required": ["displayName","id"],
"properties": {
"displayName": {"const": "Brian Murphy"}
}
@ -1604,3 +1643,125 @@ Feature: ListGrants role
| permissions-role |
| Viewer With ListGrants |
| Editor With ListGrants |
Scenario: user lists permissions of a folder after enabling 'Viewer With ListGrants' role (Personal space)
Given the administrator has enabled the permissions role "Viewer With ListGrants"
And user "Alice" has created folder "folder"
When user "Alice" gets permissions list for folder "folder" of the space "Personal" using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"@libre.graph.permissions.actions.allowedValues",
"@libre.graph.permissions.roles.allowedValues"
],
"properties": {
"@libre.graph.permissions.roles.allowedValues": {
"type": "array",
"minItems": 4,
"maxItems": 4,
"uniqueItems": true,
"items": {
"oneOf": [
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"@libre.graph.weight": {"const": 1},
"description": {"const": "View and download."},
"displayName": {"const": "Can view"},
"id": {"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"}
}
},
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"@libre.graph.weight": {"const": 2},
"description": {"const": "View, download and show all invited people."},
"displayName": {"const": "Can view"},
"id": {"const": "d5041006-ebb3-4b4a-b6a4-7c180ecfb17d"}
}
},
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"displayName": {"const": "Can upload"}
}
},
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"displayName": {"const": "Can edit without versions"}
}
}
]
}
}
}
}
"""
Scenario: user lists permissions of a file after enabling 'File Editor With ListGrants' role (Project space)
Given the administrator has enabled the permissions role "File Editor With ListGrants"
And using spaces DAV path
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And user "Alice" has created a space "new-space" with the default quota using the Graph API
And user "Alice" has uploaded a file inside space "new-space" with content "hello world" to "textfile0.txt"
When user "Alice" gets permissions list for file "textfile0.txt" of the space "new-space" using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"@libre.graph.permissions.actions.allowedValues",
"@libre.graph.permissions.roles.allowedValues"
],
"properties": {
"@libre.graph.permissions.roles.allowedValues": {
"type": "array",
"minItems": 3,
"maxItems": 3,
"uniqueItems": true,
"items": {
"oneOf": [
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"@libre.graph.weight": {"const": 1},
"displayName": {"const": "Can view"}
}
},
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"@libre.graph.weight": {"const": 2},
"displayName": {"const": "Can edit without versions"},
"id": {"const": "2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"}
}
},
{
"type": "object",
"required": ["@libre.graph.weight","description","displayName","id"],
"properties": {
"@libre.graph.weight": {"const": 3},
"description": {"const": "View, download, edit and show all invited people."},
"displayName": {"const": "Can edit without versions"},
"id": {"const": "c1235aea-d106-42db-8458-7d5610fb0a67"}
}
}
]
}
}
}
}
"""