Главная Обзор contacts
Вход
dyokunev
/
nextcloud-mephi
Следить 1
В избранное 0
Ответвить 0
Файлы Обсуждения 0 Запросы на слияние 0 Вики
Дерево: 2b493e2f9d
Ветки Метки
nextcloud-me...
/
build
/
integration
/
features
/
dav-v2.feature

dav-v2.feature 2.5 KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. Feature: dav-v2
    2. 

  2. 	Background:
    3. 

  3. 		Given using api version "1"
    4. 

  4. 

  5. 	Scenario: moving a file new endpoint way
    6. 

  6. 		Given using dav path "remote.php/dav"
    7. 

  7. 		And As an "admin"
    8. 

  8. 		And user "user0" exists
    9. 

  9. 		When User "user0" moves file "/files/user0/textfile0.txt" to "/files/user0/FOLDER/textfile0.txt"
    10. 

  10. 		Then the HTTP status code should be "201"
    11. 

  11. 

  12. 	Scenario: download a file with range using new endpoint
    13. 

  13. 		Given using dav path "remote.php/dav"
    14. 

  14. 		And As an "admin"
    15. 

  15. 		And user "user0" exists
    16. 

  16. 		And As an "user0"
    17. 

  17. 		When Downloading file "/files/user0/welcome.txt" with range "bytes=51-77"
    18. 

  18. 		Then Downloaded content should be "example file for developers"
    19. 

  19. 

  20. 	Scenario: Downloading a file on the new endpoint should serve security headers
    21. 

  21. 		Given using dav path "remote.php/dav/files/admin/"
    22. 

  22. 		And As an "admin"
    23. 

  23. 		When Downloading file "welcome.txt"
    24. 

  24. 		Then The following headers should be set
    25. 

  25. 			|Content-Disposition|attachment; filename*=UTF-8''welcome.txt; filename="welcome.txt"|
    26. 

  26. 			|Content-Security-Policy|default-src 'none';|
    27. 

  27. 			|X-Content-Type-Options |nosniff|
    28. 

  28. 			|X-Download-Options|noopen|
    29. 

  29. 			|X-Frame-Options|Sameorigin|
    30. 

  30. 			|X-Permitted-Cross-Domain-Policies|none|
    31. 

  31. 			|X-Robots-Tag|none|
    32. 

  32. 			|X-XSS-Protection|1; mode=block|
    33. 

  33. 		And Downloaded content should start with "Welcome to your ownCloud account!"
    34. 

  34. 

  35. 	Scenario: Doing a GET with a web login should work without CSRF token on the new backend
    36. 

  36. 		Given Logging in using web as "admin"
    37. 

  37. 		When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken
    38. 

  38. 		Then Downloaded content should start with "Welcome to your ownCloud account!"
    39. 

  39. 		Then the HTTP status code should be "200"
    40. 

  40. 

  41. 	Scenario: Doing a GET with a web login should work with CSRF token on the new backend
    42. 

  42. 		Given Logging in using web as "admin"
    43. 

  43. 		When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken
    44. 

  44. 		Then Downloaded content should start with "Welcome to your ownCloud account!"
    45. 

  45. 		Then the HTTP status code should be "200"
    46. 

  46. 

  47. 	Scenario: Doing a PROPFIND with a web login should not work without CSRF token on the new backend
    48. 

  48. 		Given Logging in using web as "admin"
    49. 

  49. 		When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken
    50. 

  50. 		Then the HTTP status code should be "401"
    51. 

  51. 

  52. 	Scenario: Doing a PROPFIND with a web login should work with CSRF token on the new backend
    53. 

  53. 		Given Logging in using web as "admin"
    54. 

  54. 		When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken
    55. 

  55. 		Then the HTTP status code should be "207"
    56. 

  56.