зеркало из https://github.com/nextcloud/spreed.git
Add integration tests for self-joined users in files shared by link
Self-joined users and guests can join the room for a file if the file is shared by link. In order to check that, however, the share token should have been previously stored in the session, as the room is linked to the file id and users without direct access to a file can not find out if the file is shared by link or not. Therefore self-joined users and guests must get the room for the share (which stores the share token in the session) before being able to join the room. Besides that, in the case of self-joined users they must be logged in too. Otherwise the session is regenerated on each new request, which prevents getting the share token stored in a previous request. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This commit is contained in:
Родитель
8de6a11bc7
Коммит
3d894598ae
|
@ -1107,6 +1107,51 @@ class FeatureContext implements Context, SnippetAcceptingContext {
|
|||
* Requests
|
||||
*/
|
||||
|
||||
/**
|
||||
* @Given /^user "([^"]*)" logs in$/
|
||||
*/
|
||||
public function userLogsIn(string $user) {
|
||||
$loginUrl = $this->baseUrl . '/login';
|
||||
|
||||
$cookieJar = $this->getUserCookieJar($user);
|
||||
|
||||
// Request a new session and extract CSRF token
|
||||
$client = new Client();
|
||||
$this->response = $client->get(
|
||||
$loginUrl,
|
||||
[
|
||||
'cookies' => $cookieJar,
|
||||
]
|
||||
);
|
||||
|
||||
$requestToken = $this->extractRequestTokenFromResponse($this->response);
|
||||
|
||||
// Login and extract new token
|
||||
$password = ($user === 'admin') ? 'admin' : '123456';
|
||||
$client = new Client();
|
||||
$this->response = $client->post(
|
||||
$loginUrl,
|
||||
[
|
||||
'body' => [
|
||||
'user' => $user,
|
||||
'password' => $password,
|
||||
'requesttoken' => $requestToken,
|
||||
],
|
||||
'cookies' => $cookieJar,
|
||||
]
|
||||
);
|
||||
|
||||
$this->assertStatusCode($this->response, 200);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param ResponseInterface $response
|
||||
* @return string
|
||||
*/
|
||||
private function extractRequestTokenFromResponse(ResponseInterface $response): string {
|
||||
return substr(preg_replace('/(.*)data-requesttoken="(.*)">(.*)/sm', '\2', $response->getBody()->getContents()), 0, 89);
|
||||
}
|
||||
|
||||
/**
|
||||
* @When /^sending "([^"]*)" to "([^"]*)" with$/
|
||||
* @param string $verb
|
||||
|
|
|
@ -249,6 +249,16 @@ Feature: conversation/files
|
|||
When user "participant2" joins room "file last share room" with 200
|
||||
Then user "participant2" is participant of room "file last share room"
|
||||
|
||||
Scenario: user without access to a file shared by link can join its room
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
# Users without access to a file shared by link need to log in (so further
|
||||
# requests keep the same session) and get the room (so the share token is
|
||||
# stored in the session) to be able to join it.
|
||||
And user "participant2" logs in
|
||||
And user "participant2" gets the room for last share with 200
|
||||
When user "participant2" joins room "file last share room" with 200
|
||||
Then user "participant2" is participant of room "file last share room"
|
||||
|
||||
Scenario: guest can join the room of a file shared by link
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
And user "guest" gets the room for last share with 200
|
||||
|
@ -296,6 +306,18 @@ Feature: conversation/files
|
|||
When user "participant2" leaves room "file last share room" with 200
|
||||
Then user "participant2" is participant of room "file last share room"
|
||||
|
||||
Scenario: user without access to a file shared by link is removed from its room after leaving it
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
# Users without access to a file shared by link need to log in (so further
|
||||
# requests keep the same session) and get the room (so the share token is
|
||||
# stored in the session) to be able to join it.
|
||||
And user "participant2" logs in
|
||||
And user "participant2" gets the room for last share with 200
|
||||
And user "participant2" joins room "file last share room" with 200
|
||||
And user "participant2" is participant of room "file last share room"
|
||||
When user "participant2" leaves room "file last share room" with 200
|
||||
Then user "participant2" is not participant of room "file last share room"
|
||||
|
||||
Scenario: guest is removed from the room of a file shared by link after leaving it
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
And user "guest" gets the room for last share with 200
|
||||
|
@ -353,6 +375,20 @@ Feature: conversation/files
|
|||
And user "participant2" joins room "file last share room" with 200
|
||||
Then user "participant2" is participant of room "file last share room"
|
||||
|
||||
Scenario: user without access to a file shared by link can join its room again after removing self from it
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
# Users without access to a file shared by link need to log in (so further
|
||||
# requests keep the same session) and get the room (so the share token is
|
||||
# stored in the session) to be able to join it.
|
||||
And user "participant2" logs in
|
||||
And user "participant2" gets the room for last share with 200
|
||||
And user "participant2" joins room "file last share room" with 200
|
||||
And user "participant2" is participant of room "file last share room"
|
||||
When user "participant2" removes themselves from room "file last share room" with 200
|
||||
And user "participant2" is not participant of room "file last share room"
|
||||
And user "participant2" joins room "file last share room" with 200
|
||||
Then user "participant2" is participant of room "file last share room"
|
||||
|
||||
# Guests can not remove themselves from a room.
|
||||
|
||||
|
||||
|
@ -409,6 +445,21 @@ Feature: conversation/files
|
|||
And user "participant2" joins room "file last share room" with 200
|
||||
And user "participant2" is participant of room "file last share room"
|
||||
|
||||
Scenario: user is not participant of room for file no longer shared by link and without access to it
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
# Users without access to a file shared by link need to log in (so further
|
||||
# requests keep the same session) and get the room (so the share token is
|
||||
# stored in the session) to be able to join it.
|
||||
And user "participant2" logs in
|
||||
And user "participant2" gets the room for last share with 200
|
||||
And user "participant2" joins room "file last share room" with 200
|
||||
And user "participant2" leaves room "file last share room" with 200
|
||||
And user "participant2" is not participant of room "file last share room"
|
||||
When user "participant1" deletes last share
|
||||
Then user "participant2" is not participant of room "file last share room"
|
||||
And user "participant2" joins room "file last share room" with 404
|
||||
And user "participant2" is not participant of room "file last share room"
|
||||
|
||||
Scenario: guest is not participant of room for file no longer shared by link
|
||||
Given user "participant1" shares "welcome.txt" by link with OCS 100
|
||||
And user "guest" gets the room for last share with 200
|
||||
|
|
Загрузка…
Ссылка в новой задаче