1
0

provisioning-v1.feature 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598
  1. Feature: provisioning
  2. Background:
  3. Given using api version "1"
  4. Scenario: Getting an not existing user
  5. Given As an "admin"
  6. When sending "GET" to "/cloud/users/test"
  7. Then the OCS status code should be "404"
  8. And the HTTP status code should be "200"
  9. Scenario: Listing all users
  10. Given As an "admin"
  11. When sending "GET" to "/cloud/users"
  12. Then the OCS status code should be "100"
  13. And the HTTP status code should be "200"
  14. Scenario: Create a user
  15. Given As an "admin"
  16. And user "brand-new-user" does not exist
  17. When sending "POST" to "/cloud/users" with
  18. | userid | brand-new-user |
  19. | password | 123456 |
  20. Then the OCS status code should be "100"
  21. And the HTTP status code should be "200"
  22. And user "brand-new-user" exists
  23. Scenario: Create an existing user
  24. Given As an "admin"
  25. And user "brand-new-user" exists
  26. When sending "POST" to "/cloud/users" with
  27. | userid | brand-new-user |
  28. | password | 123456 |
  29. Then the OCS status code should be "102"
  30. And the HTTP status code should be "200"
  31. And user "brand-new-user" has
  32. | id | brand-new-user |
  33. | displayname | brand-new-user |
  34. | email | |
  35. | phone | |
  36. | address | |
  37. | website | |
  38. | twitter | |
  39. Scenario: Get an existing user
  40. Given As an "admin"
  41. When sending "GET" to "/cloud/users/brand-new-user"
  42. Then the OCS status code should be "100"
  43. And the HTTP status code should be "200"
  44. Scenario: Getting all users
  45. Given As an "admin"
  46. And user "brand-new-user" exists
  47. And user "admin" exists
  48. When sending "GET" to "/cloud/users"
  49. Then users returned are
  50. | brand-new-user |
  51. | admin |
  52. Scenario: Edit a user
  53. Given As an "admin"
  54. And user "brand-new-user" exists
  55. When sending "PUT" to "/cloud/users/brand-new-user" with
  56. | key | displayname |
  57. | value | Brand New User |
  58. And the OCS status code should be "100"
  59. And the HTTP status code should be "200"
  60. And sending "PUT" to "/cloud/users/brand-new-user" with
  61. | key | quota |
  62. | value | 12MB |
  63. And the OCS status code should be "100"
  64. And the HTTP status code should be "200"
  65. And sending "PUT" to "/cloud/users/brand-new-user" with
  66. | key | email |
  67. | value | brand-new-user@gmail.com |
  68. And the OCS status code should be "100"
  69. And the HTTP status code should be "200"
  70. And sending "PUT" to "/cloud/users/brand-new-user" with
  71. | key | phone |
  72. | value | 0123 456 789 |
  73. And the OCS status code should be "100"
  74. And the HTTP status code should be "200"
  75. And sending "PUT" to "/cloud/users/brand-new-user" with
  76. | key | address |
  77. | value | Foo Bar Town |
  78. And the OCS status code should be "100"
  79. And the HTTP status code should be "200"
  80. And sending "PUT" to "/cloud/users/brand-new-user" with
  81. | key | website |
  82. | value | https://nextcloud.com |
  83. And the OCS status code should be "100"
  84. And the HTTP status code should be "200"
  85. And sending "PUT" to "/cloud/users/brand-new-user" with
  86. | key | twitter |
  87. | value | Nextcloud |
  88. And the OCS status code should be "100"
  89. And the HTTP status code should be "200"
  90. Then user "brand-new-user" has
  91. | id | brand-new-user |
  92. | displayname | Brand New User |
  93. | email | brand-new-user@gmail.com |
  94. | phone | 0123 456 789 |
  95. | address | Foo Bar Town |
  96. | website | https://nextcloud.com |
  97. | twitter | Nextcloud |
  98. Scenario: Create a group
  99. Given As an "admin"
  100. And group "new-group" does not exist
  101. When sending "POST" to "/cloud/groups" with
  102. | groupid | new-group |
  103. | password | 123456 |
  104. Then the OCS status code should be "100"
  105. And the HTTP status code should be "200"
  106. And group "new-group" exists
  107. Scenario: Create a group with special characters
  108. Given As an "admin"
  109. And group "España" does not exist
  110. When sending "POST" to "/cloud/groups" with
  111. | groupid | España |
  112. | password | 123456 |
  113. Then the OCS status code should be "100"
  114. And the HTTP status code should be "200"
  115. And group "España" exists
  116. Scenario: adding user to a group without sending the group
  117. Given As an "admin"
  118. And user "brand-new-user" exists
  119. When sending "POST" to "/cloud/users/brand-new-user/groups" with
  120. | groupid | |
  121. Then the OCS status code should be "101"
  122. And the HTTP status code should be "200"
  123. Scenario: adding user to a group which doesn't exist
  124. Given As an "admin"
  125. And user "brand-new-user" exists
  126. And group "not-group" does not exist
  127. When sending "POST" to "/cloud/users/brand-new-user/groups" with
  128. | groupid | not-group |
  129. Then the OCS status code should be "102"
  130. And the HTTP status code should be "200"
  131. Scenario: adding user to a group without privileges
  132. Given As an "brand-new-user"
  133. When sending "POST" to "/cloud/users/brand-new-user/groups" with
  134. | groupid | new-group |
  135. Then the OCS status code should be "997"
  136. And the HTTP status code should be "401"
  137. Scenario: adding user to a group
  138. Given As an "admin"
  139. And user "brand-new-user" exists
  140. And group "new-group" exists
  141. When sending "POST" to "/cloud/users/brand-new-user/groups" with
  142. | groupid | new-group |
  143. Then the OCS status code should be "100"
  144. And the HTTP status code should be "200"
  145. Scenario: getting groups of an user
  146. Given As an "admin"
  147. And user "brand-new-user" exists
  148. And group "new-group" exists
  149. When sending "GET" to "/cloud/users/brand-new-user/groups"
  150. Then groups returned are
  151. | new-group |
  152. And the OCS status code should be "100"
  153. Scenario: adding a user which doesn't exist to a group
  154. Given As an "admin"
  155. And user "not-user" does not exist
  156. And group "new-group" exists
  157. When sending "POST" to "/cloud/users/not-user/groups" with
  158. | groupid | new-group |
  159. Then the OCS status code should be "103"
  160. And the HTTP status code should be "200"
  161. Scenario: getting a group
  162. Given As an "admin"
  163. And group "new-group" exists
  164. When sending "GET" to "/cloud/groups/new-group"
  165. Then the OCS status code should be "100"
  166. And the HTTP status code should be "200"
  167. Scenario: Getting all groups
  168. Given As an "admin"
  169. And group "new-group" exists
  170. And group "admin" exists
  171. When sending "GET" to "/cloud/groups"
  172. Then groups returned are
  173. | España |
  174. | admin |
  175. | new-group |
  176. Scenario: create a subadmin
  177. Given As an "admin"
  178. And user "brand-new-user" exists
  179. And group "new-group" exists
  180. When sending "POST" to "/cloud/users/brand-new-user/subadmins" with
  181. | groupid | new-group |
  182. Then the OCS status code should be "100"
  183. And the HTTP status code should be "200"
  184. Scenario: get users using a subadmin
  185. Given As an "admin"
  186. And user "brand-new-user" exists
  187. And group "new-group" exists
  188. And user "brand-new-user" belongs to group "new-group"
  189. And user "brand-new-user" is subadmin of group "new-group"
  190. And As an "brand-new-user"
  191. When sending "GET" to "/cloud/users"
  192. Then users returned are
  193. | brand-new-user |
  194. And the OCS status code should be "100"
  195. And the HTTP status code should be "200"
  196. Scenario: removing a user from a group which doesn't exists
  197. Given As an "admin"
  198. And user "brand-new-user" exists
  199. And group "not-group" does not exist
  200. When sending "DELETE" to "/cloud/users/brand-new-user/groups" with
  201. | groupid | not-group |
  202. Then the OCS status code should be "102"
  203. Scenario: removing a user from a group
  204. Given As an "admin"
  205. And user "brand-new-user" exists
  206. And group "new-group" exists
  207. And user "brand-new-user" belongs to group "new-group"
  208. When sending "DELETE" to "/cloud/users/brand-new-user/groups" with
  209. | groupid | new-group |
  210. Then the OCS status code should be "100"
  211. And user "brand-new-user" does not belong to group "new-group"
  212. Scenario: create a subadmin using a user which not exist
  213. Given As an "admin"
  214. And user "not-user" does not exist
  215. And group "new-group" exists
  216. When sending "POST" to "/cloud/users/not-user/subadmins" with
  217. | groupid | new-group |
  218. Then the OCS status code should be "101"
  219. And the HTTP status code should be "200"
  220. Scenario: create a subadmin using a group which not exist
  221. Given As an "admin"
  222. And user "brand-new-user" exists
  223. And group "not-group" does not exist
  224. When sending "POST" to "/cloud/users/brand-new-user/subadmins" with
  225. | groupid | not-group |
  226. Then the OCS status code should be "102"
  227. And the HTTP status code should be "200"
  228. Scenario: Getting subadmin groups
  229. Given As an "admin"
  230. And user "brand-new-user" exists
  231. And group "new-group" exists
  232. When sending "GET" to "/cloud/users/brand-new-user/subadmins"
  233. Then subadmin groups returned are
  234. | new-group |
  235. Then the OCS status code should be "100"
  236. And the HTTP status code should be "200"
  237. Scenario: Getting subadmin groups of a user which not exist
  238. Given As an "admin"
  239. And user "not-user" does not exist
  240. And group "new-group" exists
  241. When sending "GET" to "/cloud/users/not-user/subadmins"
  242. Then the OCS status code should be "404"
  243. And the HTTP status code should be "200"
  244. Scenario: Getting subadmin users of a group
  245. Given As an "admin"
  246. And user "brand-new-user" exists
  247. And group "new-group" exists
  248. When sending "GET" to "/cloud/groups/new-group/subadmins"
  249. Then subadmin users returned are
  250. | brand-new-user |
  251. And the OCS status code should be "100"
  252. And the HTTP status code should be "200"
  253. Scenario: Getting subadmin users of a group which doesn't exist
  254. Given As an "admin"
  255. And user "brand-new-user" exists
  256. And group "not-group" does not exist
  257. When sending "GET" to "/cloud/groups/not-group/subadmins"
  258. Then the OCS status code should be "101"
  259. And the HTTP status code should be "200"
  260. Scenario: Removing subadmin from a group
  261. Given As an "admin"
  262. And user "brand-new-user" exists
  263. And group "new-group" exists
  264. And user "brand-new-user" is subadmin of group "new-group"
  265. When sending "DELETE" to "/cloud/users/brand-new-user/subadmins" with
  266. | groupid | new-group |
  267. And the OCS status code should be "100"
  268. And the HTTP status code should be "200"
  269. Scenario: Delete a user
  270. Given As an "admin"
  271. And user "brand-new-user" exists
  272. When sending "DELETE" to "/cloud/users/brand-new-user"
  273. Then the OCS status code should be "100"
  274. And the HTTP status code should be "200"
  275. And user "brand-new-user" does not exist
  276. Scenario: Delete a group
  277. Given As an "admin"
  278. And group "new-group" exists
  279. When sending "DELETE" to "/cloud/groups/new-group"
  280. Then the OCS status code should be "100"
  281. And the HTTP status code should be "200"
  282. And group "new-group" does not exist
  283. Scenario: Delete a group with special characters
  284. Given As an "admin"
  285. And group "España" exists
  286. When sending "DELETE" to "/cloud/groups/España"
  287. Then the OCS status code should be "100"
  288. And the HTTP status code should be "200"
  289. And group "España" does not exist
  290. Scenario: get enabled apps
  291. Given As an "admin"
  292. When sending "GET" to "/cloud/apps?filter=enabled"
  293. Then the OCS status code should be "100"
  294. And the HTTP status code should be "200"
  295. And apps returned are
  296. | accessibility |
  297. | cloud_federation_api |
  298. | comments |
  299. | contactsinteraction |
  300. | dashboard |
  301. | dav |
  302. | federatedfilesharing |
  303. | federation |
  304. | files |
  305. | files_sharing |
  306. | files_trashbin |
  307. | files_versions |
  308. | lookup_server_connector |
  309. | provisioning_api |
  310. | settings |
  311. | sharebymail |
  312. | systemtags |
  313. | theming |
  314. | twofactor_backupcodes |
  315. | updatenotification |
  316. | user_ldap |
  317. | user_status |
  318. | viewer |
  319. | workflowengine |
  320. | weather_status |
  321. | files_external |
  322. | oauth2 |
  323. Scenario: get app info
  324. Given As an "admin"
  325. When sending "GET" to "/cloud/apps/files"
  326. Then the OCS status code should be "100"
  327. And the HTTP status code should be "200"
  328. Scenario: get app info from app that does not exist
  329. Given As an "admin"
  330. When sending "GET" to "/cloud/apps/this_app_should_never_exist"
  331. Then the OCS status code should be "998"
  332. And the HTTP status code should be "200"
  333. Scenario: enable an app
  334. Given As an "admin"
  335. And app "testing" is disabled
  336. When sending "POST" to "/cloud/apps/testing"
  337. Then the OCS status code should be "100"
  338. And the HTTP status code should be "200"
  339. And app "testing" is enabled
  340. Scenario: enable an app that does not exist
  341. Given As an "admin"
  342. When sending "POST" to "/cloud/apps/this_app_should_never_exist"
  343. Then the OCS status code should be "998"
  344. And the HTTP status code should be "200"
  345. Scenario: disable an app
  346. Given As an "admin"
  347. And app "testing" is enabled
  348. When sending "DELETE" to "/cloud/apps/testing"
  349. Then the OCS status code should be "100"
  350. And the HTTP status code should be "200"
  351. And app "testing" is disabled
  352. Scenario: disable an user
  353. Given As an "admin"
  354. And user "user1" exists
  355. When sending "PUT" to "/cloud/users/user1/disable"
  356. Then the OCS status code should be "100"
  357. And the HTTP status code should be "200"
  358. And user "user1" is disabled
  359. Scenario: enable an user
  360. Given As an "admin"
  361. And user "user1" exists
  362. And assure user "user1" is disabled
  363. When sending "PUT" to "/cloud/users/user1/enable"
  364. Then the OCS status code should be "100"
  365. And the HTTP status code should be "200"
  366. And user "user1" is enabled
  367. Scenario: Subadmin should be able to enable or disable an user in their group
  368. Given As an "admin"
  369. And user "subadmin" exists
  370. And user "user1" exists
  371. And group "new-group" exists
  372. And user "subadmin" belongs to group "new-group"
  373. And user "user1" belongs to group "new-group"
  374. And Assure user "subadmin" is subadmin of group "new-group"
  375. And As an "subadmin"
  376. When sending "PUT" to "/cloud/users/user1/disable"
  377. Then the OCS status code should be "100"
  378. Then the HTTP status code should be "200"
  379. And As an "admin"
  380. And user "user1" is disabled
  381. Scenario: Subadmin should not be able to enable or disable an user not in their group
  382. Given As an "admin"
  383. And user "subadmin" exists
  384. And user "user1" exists
  385. And group "new-group" exists
  386. And group "another-group" exists
  387. And user "subadmin" belongs to group "new-group"
  388. And user "user1" belongs to group "another-group"
  389. And Assure user "subadmin" is subadmin of group "new-group"
  390. And As an "subadmin"
  391. When sending "PUT" to "/cloud/users/user1/disable"
  392. Then the OCS status code should be "997"
  393. Then the HTTP status code should be "401"
  394. And As an "admin"
  395. And user "user1" is enabled
  396. Scenario: Subadmins should not be able to disable users that have admin permissions in their group
  397. Given As an "admin"
  398. And user "another-admin" exists
  399. And user "subadmin" exists
  400. And group "new-group" exists
  401. And user "another-admin" belongs to group "admin"
  402. And user "subadmin" belongs to group "new-group"
  403. And user "another-admin" belongs to group "new-group"
  404. And Assure user "subadmin" is subadmin of group "new-group"
  405. And As an "subadmin"
  406. When sending "PUT" to "/cloud/users/another-admin/disable"
  407. Then the OCS status code should be "997"
  408. Then the HTTP status code should be "401"
  409. And As an "admin"
  410. And user "another-admin" is enabled
  411. Scenario: Admin can disable another admin user
  412. Given As an "admin"
  413. And user "another-admin" exists
  414. And user "another-admin" belongs to group "admin"
  415. When sending "PUT" to "/cloud/users/another-admin/disable"
  416. Then the OCS status code should be "100"
  417. Then the HTTP status code should be "200"
  418. And user "another-admin" is disabled
  419. Scenario: Admin can enable another admin user
  420. Given As an "admin"
  421. And user "another-admin" exists
  422. And user "another-admin" belongs to group "admin"
  423. And assure user "another-admin" is disabled
  424. When sending "PUT" to "/cloud/users/another-admin/enable"
  425. Then the OCS status code should be "100"
  426. Then the HTTP status code should be "200"
  427. And user "another-admin" is enabled
  428. Scenario: Admin can disable subadmins in the same group
  429. Given As an "admin"
  430. And user "subadmin" exists
  431. And group "new-group" exists
  432. And user "subadmin" belongs to group "new-group"
  433. And user "admin" belongs to group "new-group"
  434. And Assure user "subadmin" is subadmin of group "new-group"
  435. When sending "PUT" to "/cloud/users/subadmin/disable"
  436. Then the OCS status code should be "100"
  437. Then the HTTP status code should be "200"
  438. And user "subadmin" is disabled
  439. Scenario: Admin can enable subadmins in the same group
  440. Given As an "admin"
  441. And user "subadmin" exists
  442. And group "new-group" exists
  443. And user "subadmin" belongs to group "new-group"
  444. And user "admin" belongs to group "new-group"
  445. And Assure user "subadmin" is subadmin of group "new-group"
  446. And assure user "another-admin" is disabled
  447. When sending "PUT" to "/cloud/users/subadmin/disable"
  448. Then the OCS status code should be "100"
  449. Then the HTTP status code should be "200"
  450. And user "subadmin" is disabled
  451. Scenario: Admin user cannot disable himself
  452. Given As an "admin"
  453. And user "another-admin" exists
  454. And user "another-admin" belongs to group "admin"
  455. And As an "another-admin"
  456. When sending "PUT" to "/cloud/users/another-admin/disable"
  457. Then the OCS status code should be "101"
  458. And the HTTP status code should be "200"
  459. And As an "admin"
  460. And user "another-admin" is enabled
  461. Scenario:Admin user cannot enable himself
  462. Given As an "admin"
  463. And user "another-admin" exists
  464. And user "another-admin" belongs to group "admin"
  465. And assure user "another-admin" is disabled
  466. And As an "another-admin"
  467. When sending "PUT" to "/cloud/users/another-admin/enable"
  468. And As an "admin"
  469. Then user "another-admin" is disabled
  470. Scenario: disable an user with a regular user
  471. Given As an "admin"
  472. And user "user1" exists
  473. And user "user2" exists
  474. And As an "user1"
  475. When sending "PUT" to "/cloud/users/user2/disable"
  476. Then the OCS status code should be "997"
  477. And the HTTP status code should be "401"
  478. And As an "admin"
  479. And user "user2" is enabled
  480. Scenario: enable an user with a regular user
  481. Given As an "admin"
  482. And user "user1" exists
  483. And user "user2" exists
  484. And assure user "user2" is disabled
  485. And As an "user1"
  486. When sending "PUT" to "/cloud/users/user2/enable"
  487. Then the OCS status code should be "997"
  488. And the HTTP status code should be "401"
  489. And As an "admin"
  490. And user "user2" is disabled
  491. Scenario: Subadmin should not be able to disable himself
  492. Given As an "admin"
  493. And user "subadmin" exists
  494. And group "new-group" exists
  495. And user "subadmin" belongs to group "new-group"
  496. And Assure user "subadmin" is subadmin of group "new-group"
  497. And As an "subadmin"
  498. When sending "PUT" to "/cloud/users/subadmin/disable"
  499. Then the OCS status code should be "101"
  500. Then the HTTP status code should be "200"
  501. And As an "admin"
  502. And user "subadmin" is enabled
  503. Scenario: Subadmin should not be able to enable himself
  504. Given As an "admin"
  505. And user "subadmin" exists
  506. And group "new-group" exists
  507. And user "subadmin" belongs to group "new-group"
  508. And Assure user "subadmin" is subadmin of group "new-group"
  509. And assure user "subadmin" is disabled
  510. And As an "subadmin"
  511. When sending "PUT" to "/cloud/users/subadmin/enabled"
  512. And As an "admin"
  513. And user "subadmin" is disabled
  514. Scenario: Making a ocs request with an enabled user
  515. Given As an "admin"
  516. And user "user0" exists
  517. And As an "user0"
  518. When sending "GET" to "/cloud/capabilities"
  519. Then the HTTP status code should be "200"
  520. And the OCS status code should be "100"
  521. Scenario: Making a web request with an enabled user
  522. Given As an "admin"
  523. And user "user0" exists
  524. And As an "user0"
  525. When sending "GET" with exact url to "/index.php/apps/files"
  526. Then the HTTP status code should be "200"
  527. Scenario: Making a ocs request with a disabled user
  528. Given As an "admin"
  529. And user "user0" exists
  530. And assure user "user0" is disabled
  531. And As an "user0"
  532. When sending "GET" to "/cloud/capabilities"
  533. Then the OCS status code should be "997"
  534. And the HTTP status code should be "401"
  535. Scenario: Making a web request with a disabled user
  536. Given As an "admin"
  537. And user "user0" exists
  538. And assure user "user0" is disabled
  539. And As an "user0"
  540. When sending "GET" with exact url to "/index.php/apps/files"
  541. And the HTTP status code should be "403"