Add int test for view-only download

Asserts that downloading a view-only document returns 403.

Signed-off-by: Vincent Petry <[email protected]>

build/integration/features/bootstrap/Sharing.php

@@ -275,7 +275,8 @@ public function createShare($user,
 								$shareWith = null,
 								$publicUpload = null,
 								$password = null,
-								$permissions = null) {
+								$permissions = null,
+								$viewOnly = false) {
 		$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares";
 		$client = new Client();
 		$options = [
@@ -309,6 +310,10 @@ public function createShare($user,
 			$body['permissions'] = $permissions;
 		}
 
+		if ($viewOnly === true) {
+			$body['attributes'] = json_encode([['scope' => 'permissions', 'key' => 'download', 'enabled' => false]]);
+		}
+
 		$options['form_params'] = $body;
 
 		try {
@@ -402,13 +407,17 @@ public function isUserOrGroupInSharedData($userOrGroup, $permissions = null) {
 	}
 
 	/**
-	 * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?$/
+	 * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with user "([^"]*)"( with permissions ([\d]*))?( view-only)?$/
 	 *
 	 * @param string $filepath
 	 * @param string $user1
 	 * @param string $user2
 	 */
-	public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null) {
+	public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms = null, $permissions = null, $viewOnly = null) {
+		// when view-only is set, permissions is empty string instead of null...
+		if ($permissions === '') {
+			$permissions = null;
+		}
 		$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath";
 		$client = new Client();
 		$options = [];
@@ -424,20 +433,24 @@ public function assureFileIsShared($entry, $filepath, $user1, $user2, $withPerms
 		if ($this->isUserOrGroupInSharedData($user2, $permissions)) {
 			return;
 		} else {
-			$this->createShare($user1, $filepath, 0, $user2, null, null, $permissions);
+			$this->createShare($user1, $filepath, 0, $user2, null, null, $permissions, $viewOnly !== null);
 		}
 		$this->response = $client->get($fullUrl, $options);
 		Assert::assertEquals(true, $this->isUserOrGroupInSharedData($user2, $permissions));
 	}
 
 	/**
-	 * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))?$/
+	 * @Given /^(file|folder|entry) "([^"]*)" of user "([^"]*)" is shared with group "([^"]*)"( with permissions ([\d]*))( view-only)?$/
 	 *
 	 * @param string $filepath
 	 * @param string $user
 	 * @param string $group
 	 */
-	public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null) {
+	public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $withPerms = null, $permissions = null, $viewOnly = null) {
+		// when view-only is set, permissions is empty string instead of null...
+		if ($permissions === '') {
+			$permissions = null;
+		}
 		$fullUrl = $this->baseUrl . "v{$this->apiVersion}.php/apps/files_sharing/api/v{$this->sharingApiVersion}/shares" . "?path=$filepath";
 		$client = new Client();
 		$options = [];
@@ -453,7 +466,7 @@ public function assureFileIsSharedWithGroup($entry, $filepath, $user, $group, $w
 		if ($this->isUserOrGroupInSharedData($group, $permissions)) {
 			return;
 		} else {
-			$this->createShare($user, $filepath, 1, $group, null, null, $permissions);
+			$this->createShare($user, $filepath, 1, $group, null, null, $permissions, $viewOnly !== null);
 		}
 		$this->response = $client->get($fullUrl, $options);
 		Assert::assertEquals(true, $this->isUserOrGroupInSharedData($group, $permissions));

build/integration/sharing_features/sharing-v1-part2.feature

@@ -1167,4 +1167,24 @@ Feature: sharing
       |{http://open-collaboration-services.org/ns}share-permissions |
     Then the single response should contain a property "{http://open-collaboration-services.org/ns}share-permissions" with value "19"
 
+  Scenario: Cannot download a file when it's shared view-only
+    Given user "user0" exists
+    And user "user1" exists
+    And User "user0" moves file "/textfile0.txt" to "/document.odt"
+    And file "document.odt" of user "user0" is shared with user "user1" view-only
+    And user "user1" accepts last share
+    When As an "user1"
+    And Downloading file "/document.odt"
+    Then the HTTP status code should be "403"
+
+  Scenario: Cannot download a file when its parent is shared view-only
+    Given user "user0" exists
+    And user "user1" exists
+    And User "user0" created a folder "/sharedviewonly"
+    And User "user0" moves file "/textfile0.txt" to "/sharedviewonly/document.odt"
+    And folder "sharedviewonly" of user "user0" is shared with user "user1" view-only
+    And user "user1" accepts last share
+    When As an "user1"
+    And Downloading file "/sharedviewonly/document.odt"
+    Then the HTTP status code should be "403"
 # See sharing-v1-part3.feature