Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[tests-only][full-ci] added test to enable disable Secure Viewer permissions role for federated shares #10823

Merged
merged 1 commit into from
Feb 28, 2025
Merged

[tests-only][full-ci] added test to enable disable Secure Viewer permissions role for federated shares #10823

merged 1 commit into from
Feb 28, 2025

Conversation

PrajwolAmatya
Copy link
Contributor

@PrajwolAmatya PrajwolAmatya commented Jan 2, 2025
edited by amrita-shrestha
Loading

Description

This PR adds tests to enable and disable the share permissions role Secure VIewer for federated shares.

Related Issue

Test Coverage for #10824 and #10822

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:

@PrajwolAmatya PrajwolAmatya self-assigned this Jan 2, 2025
@PrajwolAmatya PrajwolAmatya mentioned this pull request Jan 2, 2025
Open
9 tasks
@PrajwolAmatya PrajwolAmatya force-pushed the federation-share branch 2 times, most recently from 85b7a21 to 222314c Compare January 8, 2025 08:27
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jan 8, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@PrajwolAmatya
Copy link
Contributor Author

For federated user, with API request the resources can be shared with permissions role Secure Viewer, which is not the case when sharing the resources via web UI, as only two permissions role Can View and Can Edit are available for federated share. Issue is reported in #10824, and there has not been confirmation with the behavior. So, currently moved this PR to blocked.

@PrajwolAmatya PrajwolAmatya mentioned this pull request Feb 10, 2025
Open
16 tasks
@PrajwolAmatya PrajwolAmatya force-pushed the federation-share branch 3 times, most recently from 62be978 to 1bce918 Compare February 11, 2025 07:14
@PrajwolAmatya
Copy link
Contributor Author

Making this PR back to review and added failing scenarios to expected to failure file.

@PrajwolAmatya PrajwolAmatya marked this pull request as ready for review February 11, 2025 08:23
amrita-shrestha
amrita-shrestha requested changes Feb 12, 2025
View reviewed changes
Copy link
Contributor

@amrita-shrestha amrita-shrestha left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what about allowed permission

@PrajwolAmatya
Copy link
Contributor Author

what about allowed permission

These test cases would be good to have:

  • pre-condition: enable role -> share -> disable role
  • roles to check: Secure Viewer, Editor Without Version, Denied

This is the part of issue to check for the additional roles. Also, the test coverage for issues #10824 and #10822. So only the added scenarios will fit in this PR.

@amrita-shrestha amrita-shrestha changed the title [tests-only][full-ci] added test to enable disable share permissions role for federated shares [tests-only][full-ci] added test to enable disable Secure Viewer permissions role for federated shares Feb 13, 2025
@PrajwolAmatya PrajwolAmatya force-pushed the federation-share branch 3 times, most recently from 34cab98 to 138eb5c Compare February 21, 2025 03:22
@prashant-gurung899
Copy link
Contributor

LGTM 👍

@saw-jan
Copy link
Member

saw-jan commented Feb 24, 2025

Are you going to add tests coverage for allowed permission roles or not?

Not under the mentioned issue. Test for enabling and disabling permissions role are mostly for the additional roles. If we want to add smillar tests for allowed permissions role then we can create a separate issue and work on that.

@saw-jan @nirajacharya2 @Salipa-Gurung what you think? Should we add tests scenario for allowed permission role or not. If yes this please create new issue or add point in existing related issue.

If you want to check disabling of default roles then please only check this scenario:

Given share with Editor role
When disable Editor role
Then check the share permissions (Should be viewer or something lower permission)

@PrajwolAmatya
Copy link
Contributor Author

PrajwolAmatya commented Feb 24, 2025
edited by amrita-shrestha
Loading

If you want to check disabling of default roles then please only check this scenario:

Given share with Editor role
When disable Editor role
Then check the share permissions (Should be viewer or something lower permission)

Will do that in next PR. 👍
point added in this issue : #10711

@PrajwolAmatya PrajwolAmatya force-pushed the federation-share branch 3 times, most recently from ed4fdf9 to 3beb419 Compare February 25, 2025 09:00
amrita-shrestha
amrita-shrestha requested changes Feb 25, 2025
View reviewed changes
tests/acceptance/bootstrap/ArchiverContext.php Outdated
* @return void
*/
public function userShouldBeAbleToDownloadArchiveOfFederatedSharedFolder(string $user, string $resource): void {
$queryString = $this->getArchiverQueryString($user, $resource, 'remoteItemIds');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i had seen use of $this->archiverContext->getArchiverUrl in tests/acceptance/bootstrap/SpacesContext.php.
So, confused about the perfect place to add this step definition
@saw-jan @nirajacharya2 what do you think about where should we add a related step- definition if that step is part of space context also.

             * @When /^public downloads the folder "([^"]*)" from the last created public link using the public files API$/
	 * @When user :user tries to download the space :spaceName owned by user :owner using the WebDAV API
	 * @When /^user "([^"]*)" (?:downloads|tries to download) the space "([^"]*)" using the WebDAV API$/

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is fine.

tests/acceptance/bootstrap/SpacesContext.php Outdated
Comment on lines 2113 to 2121
/**
* @Then user :user should be able to download federated shared file :resource
*
* @param string $user
* @param string $resource
*
* @return void
*/
public function userShouldBeAbleToDownloadFederatedSharedFile(string $user, string $resource): void {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't we just modify the existing step for internal sharing? Better modifying step rather than repetition of code

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not that much of a duplication. If we have a single method that handles everything, it would be messy and difficult to manage. So, we need to always maintain between DRY and readability/maintainability

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i don't think readability gets compromised if we just merge two step because only different is "$baseUrl/$davPath/$remoteItemId", this value and as you said this function is small so this will not be complicated logic . Another point is file size, as you can see number of line is crossing 4k.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The current download related step uses makeDavRequest function, and the dav path is set inside that function. To update this path $baseUrl/$davPath/$remoteItemId we need to specify in makeDavRequest function that this is a federated shared file. This makes the function more complex.
That's also the reason I have used HttpRequestHtlper::get() directly in this step. Its just to make things less complex.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about splitting context file. Dedicated context file for federation?

Copy link
Contributor Author

@PrajwolAmatya PrajwolAmatya Feb 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can move these steps to OcmContext.php.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ocmcontext is a great place. 👍

@PrajwolAmatya PrajwolAmatya force-pushed the federation-share branch 3 times, most recently from 4810439 to 13cb44c Compare February 28, 2025 04:14
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@saw-jan saw-jan merged commit c960321 into master Feb 28, 2025
4 checks passed
@saw-jan saw-jan deleted the federation-share branch February 28, 2025 05:33
ownclouders pushed a commit that referenced this pull request Feb 28, 2025
@saw-jan
Merge pull request #10823 from owncloud/federation-share
a171eac 
[tests-only][full-ci] added test to enable disable Secure Viewer permissions role for federated shares
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@saw-jan saw-jan saw-jan approved these changes

@amrita-shrestha amrita-shrestha amrita-shrestha approved these changes

@anon-pradip anon-pradip Awaiting requested review from anon-pradip

@ishabaral ishabaral Awaiting requested review from ishabaral

@Salipa-Gurung Salipa-Gurung Awaiting requested review from Salipa-Gurung

@nabim777 nabim777 Awaiting requested review from nabim777

@S-Panta S-Panta Awaiting requested review from S-Panta

@nirajacharya2 nirajacharya2 Awaiting requested review from nirajacharya2

@prashant-gurung899 prashant-gurung899 Awaiting requested review from prashant-gurung899

Assignees

@PrajwolAmatya PrajwolAmatya

Labels
QA:team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@PrajwolAmatya @amrita-shrestha @prashant-gurung899 @saw-jan @nirajacharya2