dav-v2.feature 3.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283
  1. Feature: dav-v2
  2. Background:
  3. Given using api version "1"
  4. Scenario: moving a file new endpoint way
  5. Given using new dav path
  6. And As an "admin"
  7. And user "user0" exists
  8. When User "user0" moves file "/textfile0.txt" to "/FOLDER/textfile0.txt"
  9. Then the HTTP status code should be "201"
  10. Scenario: download a file with range using new endpoint
  11. Given using new dav path
  12. And As an "admin"
  13. And user "user0" exists
  14. And As an "user0"
  15. When Downloading file "/welcome.txt" with range "bytes=52-78"
  16. Then Downloaded content should be "example file for developers"
  17. Scenario: Downloading a file on the new endpoint should serve security headers
  18. Given using new dav path
  19. And As an "admin"
  20. When Downloading file "/welcome.txt"
  21. Then The following headers should be set
  22. |Content-Disposition|attachment; filename*=UTF-8''welcome.txt; filename="welcome.txt"|
  23. |Content-Security-Policy|default-src 'none';|
  24. |X-Content-Type-Options |nosniff|
  25. |X-Download-Options|noopen|
  26. |X-Frame-Options|SAMEORIGIN|
  27. |X-Permitted-Cross-Domain-Policies|none|
  28. |X-Robots-Tag|none|
  29. |X-XSS-Protection|1; mode=block|
  30. And Downloaded content should start with "Welcome to your Nextcloud account!"
  31. Scenario: Doing a GET with a web login should work without CSRF token on the new backend
  32. Given Logging in using web as "admin"
  33. When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken
  34. Then Downloaded content should start with "Welcome to your Nextcloud account!"
  35. Then the HTTP status code should be "200"
  36. Scenario: Doing a GET with a web login should work with CSRF token on the new backend
  37. Given Logging in using web as "admin"
  38. When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken
  39. Then Downloaded content should start with "Welcome to your Nextcloud account!"
  40. Then the HTTP status code should be "200"
  41. Scenario: Doing a PROPFIND with a web login should not work without CSRF token on the new backend
  42. Given Logging in using web as "admin"
  43. When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken
  44. Then the HTTP status code should be "401"
  45. Scenario: Doing a PROPFIND with a web login should work with CSRF token on the new backend
  46. Given Logging in using web as "admin"
  47. When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken
  48. Then the HTTP status code should be "207"
  49. Scenario: Uploading a file having 0B as quota
  50. Given using new dav path
  51. And As an "admin"
  52. And user "user0" exists
  53. And user "user0" has a quota of "0 B"
  54. And As an "user0"
  55. When User "user0" uploads file "data/textfile.txt" to "/asdf.txt"
  56. Then the HTTP status code should be "507"
  57. Scenario: Uploading a file as recipient using webdav new endpoint having quota
  58. Given using new dav path
  59. And As an "admin"
  60. And user "user0" exists
  61. And user "user1" exists
  62. And user "user0" has a quota of "10 MB"
  63. And user "user1" has a quota of "10 MB"
  64. And As an "user1"
  65. And user "user1" created a folder "/testquota"
  66. And as "user1" creating a share with
  67. | path | testquota |
  68. | shareType | 0 |
  69. | permissions | 31 |
  70. | shareWith | user0 |
  71. And As an "user0"
  72. When User "user0" uploads file "data/textfile.txt" to "/testquota/asdf.txt"
  73. Then the HTTP status code should be "201"