dav-v2.feature 5.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124
  1. # SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
  2. # SPDX-License-Identifier: AGPL-3.0-or-later
  3. Feature: dav-v2
  4. Background:
  5. Given using api version "1"
  6. Scenario: moving a file new endpoint way
  7. Given using new dav path
  8. And As an "admin"
  9. And user "user0" exists
  10. When User "user0" moves file "/textfile0.txt" to "/FOLDER/textfile0.txt"
  11. Then the HTTP status code should be "201"
  12. Scenario: download a file with range using new endpoint
  13. Given using new dav path
  14. And As an "admin"
  15. And user "user0" exists
  16. And As an "user0"
  17. When Downloading file "/welcome.txt" with range "bytes=52-78"
  18. Then Downloaded content should be "example file for developers"
  19. Scenario: Downloading a file on the new endpoint should serve security headers
  20. Given using new dav path
  21. And As an "admin"
  22. When Downloading file "/welcome.txt"
  23. Then The following headers should be set
  24. |Content-Disposition|attachment; filename*=UTF-8''welcome.txt; filename="welcome.txt"|
  25. |Content-Security-Policy|default-src 'none';|
  26. |X-Content-Type-Options |nosniff|
  27. |X-Frame-Options|SAMEORIGIN|
  28. |X-Permitted-Cross-Domain-Policies|none|
  29. |X-Robots-Tag|noindex, nofollow|
  30. |X-XSS-Protection|1; mode=block|
  31. And Downloaded content should start with "Welcome to your Nextcloud account!"
  32. Scenario: Doing a GET with a web login should work without CSRF token on the new backend
  33. Given Logging in using web as "admin"
  34. When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken
  35. Then Downloaded content should start with "Welcome to your Nextcloud account!"
  36. Then the HTTP status code should be "200"
  37. Scenario: Doing a GET with a web login should work with CSRF token on the new backend
  38. Given Logging in using web as "admin"
  39. When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken
  40. Then Downloaded content should start with "Welcome to your Nextcloud account!"
  41. Then the HTTP status code should be "200"
  42. Scenario: Download a folder
  43. Given using new dav path
  44. And As an "admin"
  45. And user "user0" exists
  46. And user "user0" created a folder "/testFolder"
  47. When User "user0" uploads file "data/textfile.txt" to "/testFolder/text.txt"
  48. When User "user0" uploads file "data/green-square-256.png" to "/testFolder/image.png"
  49. And As an "user0"
  50. When Downloading folder "/testFolder"
  51. Then the downloaded file is a zip file
  52. Then the downloaded zip file contains a folder named "testFolder/"
  53. And the downloaded zip file contains a file named "testFolder/text.txt" with the contents of "/testFolder/text.txt" from "user0" data
  54. And the downloaded zip file contains a file named "testFolder/image.png" with the contents of "/testFolder/image.png" from "user0" data
  55. Scenario: Doing a PROPFIND with a web login should not work without CSRF token on the new backend
  56. Given Logging in using web as "admin"
  57. When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken
  58. Then the HTTP status code should be "401"
  59. Scenario: Doing a PROPFIND with a web login should work with CSRF token on the new backend
  60. Given Logging in using web as "admin"
  61. When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken
  62. Then the HTTP status code should be "207"
  63. Scenario: Uploading a file having 0B as quota
  64. Given using new dav path
  65. And As an "admin"
  66. And user "user0" exists
  67. And user "user0" has a quota of "0 B"
  68. And As an "user0"
  69. When User "user0" uploads file "data/textfile.txt" to "/asdf.txt"
  70. Then the HTTP status code should be "507"
  71. Scenario: Uploading a file as recipient using webdav new endpoint having quota
  72. Given using new dav path
  73. And As an "admin"
  74. And user "user0" exists
  75. And user "user1" exists
  76. And user "user0" has a quota of "10 MB"
  77. And user "user1" has a quota of "10 MB"
  78. And As an "user1"
  79. And user "user1" created a folder "/testquota"
  80. And as "user1" creating a share with
  81. | path | testquota |
  82. | shareType | 0 |
  83. | permissions | 31 |
  84. | shareWith | user0 |
  85. And user "user0" accepts last share
  86. And As an "user0"
  87. When User "user0" uploads file "data/textfile.txt" to "/testquota/asdf.txt"
  88. Then the HTTP status code should be "201"
  89. Scenario: Create a search query on image
  90. Given using new dav path
  91. And As an "admin"
  92. And user "user0" exists
  93. And As an "user0"
  94. When User "user0" uploads file "data/textfile.txt" to "/testquota/asdf.txt"
  95. Then Image search should work
  96. And the response should be empty
  97. When User "user0" uploads file "data/green-square-256.png" to "/image.png"
  98. Then Image search should work
  99. And the single response should contain a property "{DAV:}getcontenttype" with value "image/png"
  100. Scenario: Create a search query on favorite
  101. Given using new dav path
  102. And As an "admin"
  103. And user "user0" exists
  104. And As an "user0"
  105. When User "user0" uploads file "data/green-square-256.png" to "/fav_image.png"
  106. Then Favorite search should work
  107. And the response should be empty
  108. When user "user0" favorites element "/fav_image.png"
  109. Then Favorite search should work
  110. And the single response should contain a property "{http://owncloud.org/ns}favorite" with value "1"