mirror of
https://github.com/nextcloud/server.git
synced 2026-03-28 21:33:40 -04:00
fbe2023d39
If the current user belongs to both one or more groups excluded from sharing and one or more groups not excluded from sharing the user is allowed to share. However, in the contacts menu, as soon as the current user belonged to a group excluded from sharing the user could not search for local contacts. This has been unified now with the sharing behaviour, so local contacts can still be searched if the user also belongs to a group not excluded from sharing (or to no group at all, which was also allowed before). Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
344 lines
14 KiB
Gherkin
344 lines
14 KiB
Gherkin
# SPDX-FileCopyrightText: 2021 Nextcloud GmbH and Nextcloud contributors
|
|
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
Feature: contacts-menu
|
|
|
|
Scenario: users can be searched by display name
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "Test name"
|
|
|
|
Scenario: users can be searched by email
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "user1"
|
|
|
|
Scenario: users can not be searched by id
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "user"
|
|
Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: search several users
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And user "user2" exists
|
|
And user "user3" exists
|
|
And user "user4" exists
|
|
And user "user5" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
And sending "PUT" to "/cloud/users/user2" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
And sending "PUT" to "/cloud/users/user3" with
|
|
| key | displayname |
|
|
| value | Unmatched name |
|
|
And sending "PUT" to "/cloud/users/user4" with
|
|
| key | email |
|
|
| value | unmatched@example.com |
|
|
And sending "PUT" to "/cloud/users/user5" with
|
|
| key | displayname |
|
|
| value | Another test name |
|
|
And sending "PUT" to "/cloud/users/user5" with
|
|
| key | email |
|
|
| value | another_test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "3" contacts
|
|
# Results are sorted alphabetically
|
|
And searched contact "0" is named "Another test name"
|
|
And searched contact "1" is named "Test name"
|
|
And searched contact "2" is named "user2"
|
|
|
|
|
|
|
|
Scenario: users can not be searched by display name when searcher belongs to a group excluded from sharing
|
|
Given user "user0" exists
|
|
And group "ExcludedGroup" exists
|
|
And user "user0" belongs to group "ExcludedGroup"
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "yes"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "ExcludedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: users can not be searched by email when searcher belongs to a group excluded from sharing
|
|
Given user "user0" exists
|
|
And group "ExcludedGroup" exists
|
|
And user "user0" belongs to group "ExcludedGroup"
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "yes"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "ExcludedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: users can be searched by display name when searcher belongs to both a group excluded from sharing and another group
|
|
Given user "user0" exists
|
|
And group "ExcludedGroup" exists
|
|
And user "user0" belongs to group "ExcludedGroup"
|
|
And group "AnotherGroup" exists
|
|
And user "user0" belongs to group "AnotherGroup"
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "yes"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "ExcludedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "Test name"
|
|
|
|
Scenario: users can be searched by email when searcher belongs to both a group excluded from sharing and another group
|
|
Given user "user0" exists
|
|
And group "ExcludedGroup" exists
|
|
And user "user0" belongs to group "ExcludedGroup"
|
|
And group "AnotherGroup" exists
|
|
And user "user0" belongs to group "AnotherGroup"
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "yes"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "ExcludedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "user1"
|
|
|
|
Scenario: users can not be searched by display name when searcher does not belong to a group allowed to share
|
|
Given user "user0" exists
|
|
And group "AllowedGroup" exists
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "allow"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "AllowedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: users can not be searched by email when searcher does not belong to a group allowed to share
|
|
Given user "user0" exists
|
|
And group "AllowedGroup" exists
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "allow"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "AllowedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: users can be searched by display name when searcher belongs to both a group allowed to share and another group
|
|
Given user "user0" exists
|
|
And group "AllowedGroup" exists
|
|
And user "user0" belongs to group "AllowedGroup"
|
|
And group "AnotherGroup" exists
|
|
And user "user0" belongs to group "AnotherGroup"
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "allow"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "AllowedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "Test name"
|
|
|
|
Scenario: users can be searched by email when searcher belongs to both a group allowed to share and another group
|
|
Given user "user0" exists
|
|
And group "AllowedGroup" exists
|
|
And user "user0" belongs to group "AllowedGroup"
|
|
And group "AnotherGroup" exists
|
|
And user "user0" belongs to group "AnotherGroup"
|
|
And parameter "shareapi_exclude_groups" of app "core" is set to "allow"
|
|
And parameter "shareapi_exclude_groups_list" of app "core" is set to "AllowedGroup"
|
|
And user "user1" exists
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "user1"
|
|
|
|
|
|
|
|
Scenario: users can not be found by display name if visibility is private
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And user "user2" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| displayname | Test name |
|
|
| displaynameScope | v2-private |
|
|
And Logging in using web as "user2"
|
|
And Sending a "PUT" to "/settings/users/user2/settings" with requesttoken
|
|
| displayname | Another test name |
|
|
| displaynameScope | v2-federated |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
# Disabled because it regularly fails on drone:
|
|
# Then the list of searched contacts has "1" contacts
|
|
# And searched contact "0" is named "Another test name"
|
|
|
|
Scenario: users can not be found by email if visibility is private
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And user "user2" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| email | test@example.com |
|
|
| emailScope | v2-private |
|
|
And Logging in using web as "user2"
|
|
And Sending a "PUT" to "/settings/users/user2/settings" with requesttoken
|
|
| email | another_test@example.com |
|
|
| emailScope | v2-federated |
|
|
# Disabled because it regularly fails on drone:
|
|
# When Logging in using web as "user0"
|
|
# And searching for contacts matching with "test"
|
|
# Then the list of searched contacts has "1" contacts
|
|
# And searched contact "0" is named "user2"
|
|
|
|
Scenario: users can be found by other properties if the visibility of one is private
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And user "user2" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| displayname | Test name |
|
|
| displaynameScope | v2-federated |
|
|
| email | test@example.com |
|
|
| emailScope | v2-private |
|
|
And Logging in using web as "user2"
|
|
And Sending a "PUT" to "/settings/users/user2/settings" with requesttoken
|
|
| displayname | Another test name |
|
|
| displaynameScope | v2-private |
|
|
| email | another_test@example.com |
|
|
| emailScope | v2-federated |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "2" contacts
|
|
# Disabled because it regularly fails on drone:
|
|
# And searched contact "0" is named ""
|
|
And searched contact "1" is named "Test name"
|
|
|
|
|
|
|
|
Scenario: users can be searched by display name if visibility is increased again
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| displayname | Test name |
|
|
| displaynameScope | v2-private |
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| displaynameScope | v2-federated |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
Then the list of searched contacts has "1" contacts
|
|
And searched contact "0" is named "Test name"
|
|
|
|
Scenario: users can be searched by email if visibility is increased again
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| email | test@example.com |
|
|
| emailScope | v2-private |
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| emailScope | v2-federated |
|
|
# Disabled because it regularly fails on drone:
|
|
# When Logging in using web as "user0"
|
|
# And searching for contacts matching with "test"
|
|
# Then the list of searched contacts has "1" contacts
|
|
# And searched contact "0" is named "user1"
|
|
|
|
|
|
|
|
Scenario: users can not be searched by display name if visibility is private even if updated with provisioning
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| displaynameScope | v2-private |
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | displayname |
|
|
| value | Test name |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
# Disabled because it regularly fails on drone:
|
|
# Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: users can not be searched by email if visibility is private even if updated with provisioning
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And Logging in using web as "user1"
|
|
And Sending a "PUT" to "/settings/users/user1/settings" with requesttoken
|
|
| emailScope | v2-private |
|
|
And As an "admin"
|
|
And sending "PUT" to "/cloud/users/user1" with
|
|
| key | email |
|
|
| value | test@example.com |
|
|
When Logging in using web as "user0"
|
|
And searching for contacts matching with "test"
|
|
# Disabled because it regularly fails on drone:
|
|
# Then the list of searched contacts has "0" contacts
|
|
|
|
Scenario: users cannot list other users from the system address book
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And invoking occ with "config:app:set dav system_addressbook_exposed --value false"
|
|
And Logging in using web as "user1"
|
|
And searching for contacts matching with ""
|
|
Then the list of searched contacts has "1" contacts
|
|
And invoking occ with "config:app:delete dav system_addressbook_exposed"
|
|
|
|
Scenario: users can list other users from the system address book
|
|
Given user "user0" exists
|
|
And user "user1" exists
|
|
And Logging in using web as "user1"
|
|
And searching for contacts matching with ""
|
|
Then the list of searched contacts has "2" contacts
|