Initial QSfera import

This commit is contained in:
Курнат Андрей
2026-06-07 10:20:04 +03:00
commit 2315f25754
16485 changed files with 4826827 additions and 0 deletions
@@ -0,0 +1,146 @@
@ocm
Feature: accepting invitation
As a user
I can accept invitations from users of other КуСфера instances
Background:
Given user "Alice" has been created with default attributes
And using server "REMOTE"
And these users have been created with default attributes:
| username |
| Brian |
| Carol |
Scenario: user accepts invitation
Given using server "LOCAL"
And "Alice" has created the federation share invitation
When using server "REMOTE"
And "Brian" accepts the last federation share invitation
Then the HTTP status code should be "200"
Scenario: user accepts invitation sent with email and description
Given using server "LOCAL"
And "Alice" has created the federation share invitation with email "brian@example.com" and description "a share invitation from Alice"
When using server "REMOTE"
And "Brian" accepts the last federation share invitation
Then the HTTP status code should be "200"
Scenario: two users can accept one invitation
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When "Carol" accepts the last federation share invitation
Then the HTTP status code should be "200"
Scenario: user tries to accept the invitation twice
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When "Brian" tries to accept the last federation share invitation
Then the HTTP status code should be "409"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "ALREADY_EXIST"
},
"message": {
"const": "user already known"
}
}
}
"""
Scenario: users try to accept each other's invitation
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And "Brian" has created the federation share invitation
When using server "LOCAL"
And "Alice" tries to accept the last federation share invitation
Then the HTTP status code should be "409"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "ALREADY_EXIST"
},
"message": {
"const": "user already known"
}
}
}
"""
@env-config
Scenario: user cannot accept expired invitation tokens
Given using server "LOCAL"
And the config "OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION" has been set to "1s"
And "Alice" has created the federation share invitation
When using server "REMOTE"
And the user waits "2" seconds for the invitation token to expire
And "Brian" tries to accept the last federation share invitation
Then the HTTP status code should be "400"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "INVALID_PARAMETER"
},
"message": {
"const": "token has expired"
}
}
}
"""
Scenario: user cannot accept invalid invitation token
Given using server "LOCAL"
And "Alice" tries to accept the invitation with invalid token
Then the HTTP status code should be "404"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "RESOURCE_NOT_FOUND"
},
"message": {
"const": "token not found"
}
}
}
"""
@@ -0,0 +1,179 @@
@ocm
Feature: create invitation
As a user
I can create an invitations and send it to the person I want to share with
Background:
Given user "Alice" has been created with default attributes
Scenario: user creates invitation
Given using server "LOCAL"
When "Alice" creates the federation share invitation
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"expiration",
"token"
],
"properties": {
"expiration": {
"type": "integer",
"pattern": "^[0-9]{10}$"
},
"token": {
"type": "string",
"pattern": "%fed_invitation_token%"
}
}
}
"""
@issue-9591
Scenario: user creates invitation with valid email and description
Given using server "LOCAL"
When "Alice" creates the federation share invitation with email "brian@example.com" and description "a share invitation from Alice"
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"expiration",
"token",
"description"
],
"properties": {
"expiration": {
"type": "integer",
"pattern": "^[0-9]{10}$"
},
"token": {
"type": "string",
"pattern": "%fed_invitation_token%"
},
"description": {
"const": "a share invitation from Alice"
}
}
}
"""
Scenario Outline: user creates invitation with valid/invalid email
Given using server "LOCAL"
When "Alice" creates the federation share invitation with email "<email>" and description "a share invitation from Alice"
Then the HTTP status code should be "<code>"
Examples:
| email | code |
| user@subdomain.example.longdomain | 200 |
| user.bob+123@domain.test-123.com | 200 |
| user.example.com | 400 |
| user@.com | 400 |
| @domain.com | 400 |
| user@domain..com | 400 |
@email @issue-10059
Scenario: federated user gets an email notification if their email was specified when creating the federation share invitation
Given using server "REMOTE"
And user "David" has been created with default attributes
And using server "LOCAL"
When "Alice" has created the federation share invitation with email "david@example.com" and description "a share invitation from Alice"
And user "David" should have received the following email from user "Alice" ignoring whitespaces
"""
Hi,
Alice Hansen (alice@example.org) wants to start sharing collaboration resources with you.
Please visit your federation settings and use the following details:
Token: %fed_invitation_token%
ProviderDomain: %local_base_url%
"""
@env-config
Scenario: user cannot see expired invitation tokens
Given using server "LOCAL"
And the config "OCM_OCM_INVITE_MANAGER_TOKEN_EXPIRATION" has been set to "1s"
And "Alice" has created the federation share invitation
When the user waits "2" seconds for the invitation token to expire
And "Alice" lists the created invitations
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "array",
"minItems": 0,
"maxItems": 0
}
"""
Scenario: user lists created invitation
Given using server "LOCAL"
And "Alice" has created the federation share invitation
When "Alice" lists the created invitations
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"expiration",
"token"
],
"properties": {
"expiration": {
"type": "integer",
"pattern": "^[0-9]{10}$"
},
"token": {
"type": "string",
"pattern": "%fed_invitation_token%"
}
}
}
}
"""
@issue-9591
Scenario: user lists invitation created with valid email and description
Given using server "LOCAL"
And "Alice" has created the federation share invitation with email "brian@example.com" and description "a share invitation from Alice"
When "Alice" lists the created invitations
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"expiration",
"token",
"description"
],
"properties": {
"expiration": {
"type": "integer",
"pattern": "^[0-9]{10}$"
},
"token": {
"type": "string",
"pattern": "%fed_invitation_token%"
},
"description": {
"const": "a share invitation from Alice"
}
}
}
}
"""
@@ -0,0 +1,134 @@
@ocm
Feature: delete federated connections
As a user
I want to delete federated connections if they are no longer needed
Background:
Given user "Alice" has been created with default attributes
And using server "REMOTE"
And user "Brian" has been created with default attributes
Scenario: federated user deletes the federated connection
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When user "Brian" deletes federated connection with user "Alice" using the Graph API
Then the HTTP status code should be "200"
@issue-10216
Scenario: users should not be able to find federated user after federated user has deleted connection
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And user "Brian" has deleted federated connection with user "Alice"
And using server "LOCAL"
When user "Alice" searches for federated user "Brian" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 0,
"maxItems": 0
}
}
}
"""
And using server "REMOTE"
When user "Brian" searches for federated user "Alice" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 0,
"maxItems": 0
}
}
}
"""
@issue-10216
Scenario: federated user should not be able to find federated share after federated user has deleted connection
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
And user "Alice" has created folder "folderToShare"
And user "Alice" has sent the following resource share invitation to federated user:
| resource | folderToShare |
| space | Personal |
| sharee | Brian |
| shareType | user |
| permissionsRole | Viewer |
And using server "REMOTE"
And user "Brian" has deleted federated connection with user "Alice"
When user "Brian" lists the shares shared with him without retry using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 0,
"maxItems": 0,
}
}
}
"""
@issue-10213
Scenario: federated user should not be able to find federated share after local user has deleted connection
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
And user "Alice" has created folder "folderToShare"
And user "Alice" has sent the following resource share invitation to federated user:
| resource | folderToShare |
| space | Personal |
| sharee | Brian |
| shareType | user |
| permissionsRole | Viewer |
And user "Alice" has deleted federated connection with user "Brian"
And using server "REMOTE"
When user "Brian" lists the shares shared with him without retry using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 0,
"maxItems": 0,
}
}
}
"""
@@ -0,0 +1,272 @@
@ocm
Feature: List a federated sharing permissions
As a user
I want to list the permissions for federated share
So that the federated share is assigned the correct permissions
Background:
Given user "Alice" has been created with default attributes
@issue-9898
Scenario: user lists permissions of a resource shared to a federated user
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And user "Brian" has been created with default attributes
And "Brian" has accepted invitation
And using server "LOCAL"
And user "Alice" has uploaded file with content "ocm test" to "/textfile.txt"
And user "Alice" has sent the following resource share invitation to federated user:
| resource | textfile.txt |
| space | Personal |
| sharee | Brian |
| shareType | user |
| permissionsRole | Viewer |
When user "Alice" gets permissions list for file "textfile.txt" of the space "Personal" using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"@libre.graph.permissions.actions.allowedValues",
"@libre.graph.permissions.roles.allowedValues",
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"uniqueItems": true,
"items": {
"oneOf":[
{
"type": "object",
"required": [
"grantedToV2",
"id",
"roles"
],
"properties": {
"grantedToV2": {
"type": "object",
"required": ["user"],
"properties": {
"user": {
"type": "object",
"required": ["@libre.graph.userType","displayName","id"],
"properties": {
"@libre.graph.userType": {
"const": "Federated"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"displayName": {
"const": "Brian Murphy"
}
}
}
}
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"invitation": {
"type": "object",
"required": ["invitedBy"],
"properties": {
"invitedBy": {
"type": "object",
"required": ["user"],
"properties": {
"user": {
"type": "object",
"required": ["@libre.graph.userType", "displayName", "id"],
"properties": {
"@libre.graph.userType": {
"const": "Member"
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"displayName": {
"const": "Alice Hansen"
}
}
}
}
}
}
},
"roles": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "string",
"pattern": "^%role_id_pattern%$"
}
}
}
}
]
}
}
}
}
"""
@issue-9745 @env-config
Scenario: user lists allowed file permissions for federated user
Given using server "LOCAL"
And the administrator has enabled the permissions role "Secure Viewer"
And user "Alice" has uploaded file with content "ocm test" to "/textfile.txt"
When user "Alice" gets the allowed roles for federated user of file "textfile.txt" from the space "Personal" using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"@libre.graph.permissions.roles.allowedValues"
],
"properties": {
"@libre.graph.permissions.roles.allowedValues": {
"type": "array",
"minItems": 2,
"maxItems": 2,
"uniqueItems": true,
"items": {
"oneOf":[
{
"type": "object",
"required": [
"@libre.graph.weight",
"description",
"displayName",
"id"
],
"properties": {
"@libre.graph.weight": {
"const": 10
},
"description": {
"const": "View and download."
},
"displayName": {
"const": "Can view"
},
"id": {
"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
}
}
},
{
"type": "object",
"required": [
"@libre.graph.weight",
"description",
"displayName",
"id"
],
"properties": {
"@libre.graph.weight": {
"const": 100
},
"description": {
"const": "View, download and edit."
},
"displayName": {
"const": "Can edit"
},
"id": {
"const": "2d00ce52-1fc2-4dbc-8b95-a73b73395f5a"
}
}
}
]
}
}
}
}
"""
@issue-9745
Scenario: user lists allowed folder permissions for federated user
Given using server "LOCAL"
And the administrator has enabled the permissions role "Secure Viewer"
And user "Alice" has created folder "folderToShare"
When user "Alice" gets the allowed roles for federated user of folder "folderToShare" from the space "Personal" using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"@libre.graph.permissions.roles.allowedValues"
],
"properties": {
"@libre.graph.permissions.roles.allowedValues": {
"type": "array",
"minItems": 2,
"maxItems": 2,
"uniqueItems": true,
"items": {
"oneOf":[
{
"type": "object",
"required": [
"@libre.graph.weight",
"description",
"displayName",
"id"
],
"properties": {
"@libre.graph.weight": {
"const": 10
},
"description": {
"const": "View and download."
},
"displayName": {
"const": "Can view"
},
"id": {
"const": "b1e2218d-eef8-4d4c-b82d-0f1a1b48f3b5"
}
}
},
{
"type": "object",
"required": [
"@libre.graph.weight",
"description",
"displayName",
"id"
],
"properties": {
"@libre.graph.weight": {
"const": 60
},
"description": {
"const": "View, download, upload, edit, add and delete."
},
"displayName": {
"const": "Can edit"
},
"id": {
"const": "fb6c3e19-e378-47e5-b277-9732f9de6e21"
}
}
}
]
}
}
}
}
"""
@@ -0,0 +1,98 @@
@ocm
Feature: ocm well-known URI
As a user
I want to verify the response of well-known URI
So that I can ensure the configuration works correctly
Scenario: check the ocm well-known endpoint response
Given using server "LOCAL"
When a user requests "/.well-known/ocm" with "GET" and no authentication
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"enabled",
"apiVersion",
"endPoint",
"provider",
"resourceTypes",
"capabilities"
],
"properties": {
"enabled": {
"const": true
},
"apiVersion": {
"const": "1.2.0"
},
"endPoint": {
"pattern": "^%base_url%/ocm"
},
"provider": {
"const": "КуСфера"
},
"resourceTypes": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"name",
"shareTypes",
"protocols"
],
"properties": {
"name": {
"const": "file"
},
"sharesTypes": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"const": "user"
}
},
"protocols": {
"type": "object",
"required": [
"webdav"
],
"properties": {
"webdav": {
"const": "/dav/ocm"
}
}
}
}
}
},
"capabilities": {
"type": "array",
"minItems": 4,
"maxItems": 4,
"uniqueItems": true,
"items": {
"oneOf": [
{
"const": "invites"
},
{
"const": "webdav-uri"
},
{
"const": "protocol-object"
},
{
"const": "invite-wayf"
}
]
}
}
}
}
"""
@@ -0,0 +1,713 @@
@ocm
Feature: search federation users
As a user
I can find federation users after accepting an invitation to share resources
Background:
Given these users have been created with default attributes:
| username |
| Alice |
| Carol |
And using server "REMOTE"
And user "Brian" has been created with default attributes
@issue-9813
Scenario: users search for federation users by display name
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When user "Brian" searches for federated user "ali" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Alice Hansen"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%local_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
}
}
}
}
}
}
}
"""
And using server "LOCAL"
When user "Alice" searches for federated user "bri" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Brian Murphy"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%remote_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
}
}
}
}
}
}
}
"""
@issue-9813
Scenario: user search for federation users by email
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When user "Brian" searches for federated user "%22alice@example.org%22" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Alice Hansen"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%local_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
}
}
}
}
}
}
}
"""
And using server "LOCAL"
When user "Alice" searches for federated user "%22brian@example.org%22" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Brian Murphy"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"userType": {
"type": "string",
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%remote_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
}
}
}
}
}
}
}
"""
Scenario: users search for federation users without federated connection
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When user "Brian" searches for federated user "%22carol@example.org%22" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 0,
"maxItems": 0
}
}
}
"""
And using server "LOCAL"
When user "Carol" searches for federated user "bria" using Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 0,
"maxItems": 0
}
}
}
"""
Scenario: users search all federation users
Given using server "REMOTE"
And "Brian" has created the federation share invitation
And using server "LOCAL"
And "Alice" has accepted invitation
And "Carol" has accepted invitation
When "Alice" searches for accepted users
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"display_name",
"idp",
"user_id",
"mail"
],
"properties": {
"display_name": {
"type": "string",
"const": "Brian Murphy"
},
"idp": {
"type": "string",
"const": "%remote_host_port%"
},
"mail": {
"type": "string",
"pattern": "brian@example.org"
},
"user_id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
}
}
"""
When using server "REMOTE"
And "Brian" searches for accepted users
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "array",
"minItems": 2,
"maxItems": 2,
"uniqueItems": true,
"items": {
"oneOf": [
{
"type": "object",
"required": [
"display_name",
"idp",
"user_id",
"mail"
],
"properties": {
"display_name": {
"const": "Alice Hansen"
},
"idp": {
"const": "%local_host_port%"
},
"mail": {
"pattern": "alice@example.org"
},
"user_id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
},
{
"type": "object",
"required": [
"display_name",
"idp",
"user_id",
"mail"
],
"properties": {
"display_name": {
"const": "Carol King"
},
"idp": {
"const": "%local_host_port%"
},
"mail": {
"pattern": "carol@example.org"
},
"user_id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
}
}
}
]
}
}
"""
@issue-9829
Scenario: admin gets federated users
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
When the administrator gets federated users using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"mail",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Alice Hansen"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"mail": {
"const": "alice@example.org"
},
"userType": {
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%local_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%uuidv4_pattern%$"
}
}
}
}
}
}
}
}
}
"""
And using server "LOCAL"
When the administrator gets federated users using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"displayName",
"id",
"mail",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Brian Murphy"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"mail": {
"const": "brian@example.org"
},
"userType": {
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%remote_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%uuidv4_pattern%$"
}
}
}
}
}
}
}
}
}
"""
Scenario: user without admin permissions cannot get federated users
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
When user "Carol" tries to get federated users using the Graph API
Then the HTTP status code should be "403"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"error"
],
"properties": {
"error": {
"type": "object",
"required": [
"code",
"message"
],
"properties": {
"code": {
"const": "accessDenied"
},
"message": {
"const": "search term too short"
}
}
}
}
}
"""
@issue-9829
Scenario: admin gets federated and local users
Given using server "LOCAL"
And "Alice" has created the federation share invitation
And using server "REMOTE"
And "Brian" has accepted invitation
And using server "LOCAL"
When the administrator gets federated and local users using the Graph API
Then the HTTP status code should be "200"
And the JSON data of the response should match
"""
{
"type": "object",
"required": [
"value"
],
"properties": {
"value": {
"type": "array",
"maxItems": 2,
"minItems": 2,
"uniqueItems": true,
"items": {
"oneOf": [
{
"type": "object",
"required": [
"accountEnabled",
"displayName",
"id",
"mail",
"onPremisesSamAccountName",
"surname",
"userType"
],
"properties": {
"accountEnabled": {
"const": true
},
"displayName": {
"const": "Carol King"
},
"id": {
"type": "string",
"pattern": "^%user_id_pattern%$"
},
"mail": {
"const": "carol@example.org"
},
"onPremisesSamAccountName": {
"const": "Carol"
},
"surname": {
"const": "Carol"
},
"userType": {
"const": "Member"
}
}
},
{
"type": "object",
"required": [
"displayName",
"id",
"mail",
"userType",
"identities"
],
"properties": {
"displayName": {
"const": "Brian Murphy"
},
"id": {
"type": "string",
"pattern": "^%federated_user_id_pattern%$"
},
"mail": {
"const": "brian@example.org"
},
"userType": {
"const": "Federated"
},
"identities": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "object",
"required": [
"issuer",
"issuerAssignedId"
],
"properties": {
"issuer": {
"const": "%remote_host_port%"
},
"issuerAssignedId": {
"type": "string",
"pattern": "^%uuidv4_pattern%$"
}
}
}
}
}
}
]
}
}
}
}
"""
# TODO try to find federation users after deleting federated conection
File diff suppressed because it is too large Load Diff