-
Notifications
You must be signed in to change notification settings - Fork 186
/
Copy pathdeleteUser.feature
168 lines (142 loc) · 7.63 KB
/
deleteUser.feature
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
Feature: delete user
As an admin
I want to be able to delete users
So that I can remove unnecessary users
Note - this feature is run in CI with ACCOUNTS_HASH_DIFFICULTY set to the default for production
See https://github.com/owncloud/ocis/issues/1542 and https://github.com/owncloud/ocis/pull/839
Background:
Given user "Alice" has been created with default attributes and without skeleton files
Scenario Outline: admin user deletes a user
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And the user "Alice" has created a new user with the following attributes:
| userName | <user-name> |
| displayName | <display-name> |
| email | <email> |
| password | <password> |
When the user "Alice" deletes a user "<user-name>" using the Graph API
Then the HTTP status code should be "204"
And user "<user-name>" should not exist
Examples:
| user-name | display-name | email | password |
| SameDisplayName | Alice Hansen | [email protected] | containsCharacters(*:!;_+-&) |
| withoutPassSameEmail | without pass | [email protected] | |
| name | pass with space | [email protected] | my pass |
Scenario: delete a user and specify the user name in different case
Given user "brand-new-user" has been created with default attributes and without skeleton files
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
When the user "Alice" deletes a user "Brand-New-User" using the Graph API
Then the HTTP status code should be "204"
And user "brand-new-user" should not exist
Scenario Outline: admin user deletes another user with different role
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And the administrator has assigned the role "<user-role>" to user "Brian" using the Graph API
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "204"
And user "Brian" should not exist
Examples:
| user-role |
| Admin |
| Space Admin |
| User |
| User Light |
Scenario: admin user tries to delete his/her own account
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
When the user "Alice" deletes a user "Alice" using the Graph API
Then the HTTP status code should be "403"
And user "Alice" should exist
Scenario Outline: non-admin user tries to delete his/her own account
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When the user "Alice" deletes a user "Alice" using the Graph API
Then the HTTP status code should be "403"
And user "Alice" should exist
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
Scenario: admin user tries to delete a nonexistent user
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
When the user "Alice" tries to delete a nonexistent user using the Graph API
Then the HTTP status code should be "404"
Scenario Outline: non-admin user tries to delete a nonexistent user
Given the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When the user "Alice" tries to delete a nonexistent user using the Graph API
Then the HTTP status code should be "403"
Examples:
| user-role |
| Space Admin |
| User |
| User Light |
Scenario Outline: non-admin user tries to delete another user with different role
Given user "Brian" has been created with default attributes and without skeleton files
And the administrator has assigned the role "<user-role-2>" to user "Brian" using the Graph API
And the administrator has assigned the role "<user-role>" to user "Alice" using the Graph API
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "403"
And user "Brian" should exist
Examples:
| user-role | user-role-2 |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | User Light |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | User Light |
| User | Admin |
| User Light | Space Admin |
| User Light | User |
| User Light | User Light |
| User Light | Admin |
Scenario: admin user deletes a disabled user
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And user "Brian" has been created with default attributes and without skeleton files
And the user "Alice" has disabled user "Brian"
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "204"
And user "Brian" should not exist
Scenario Outline: normal user tries to delete a disabled user
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And user "Brian" has been created with default attributes and without skeleton files
And user "Carol" has been created with default attributes and without skeleton files
And the administrator has assigned the role "<user-role-2>" to user "Brian" using the Graph API
And the administrator has assigned the role "<user-role>" to user "Carol" using the Graph API
And the user "Alice" has disabled user "Brian"
When the user "Carol" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "403"
And user "Brian" should exist
Examples:
| user-role | user-role-2 |
| Space Admin | Space Admin |
| Space Admin | User |
| Space Admin | User Light |
| Space Admin | Admin |
| User | Space Admin |
| User | User |
| User | User Light |
| User | Admin |
| User Light | Space Admin |
| User Light | User |
| User Light | User Light |
| User Light | Admin |
Scenario: personal space is deleted automatically when the user is deleted
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And user "Brian" has been created with default attributes and without skeleton files
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "204"
When user "Alice" lists all spaces via the Graph API with query "$filter=driveType eq 'personal'"
Then the json responded should not contain a space with name "Brian Murphy"
Scenario: accepted share is deleted automatically when the user is deleted
Given the administrator has assigned the role "Admin" to user "Alice" using the Graph API
And user "Brian" has been created with default attributes and without skeleton files
And user "Brian" has created folder "new"
And user "Brian" has sent the following resource share invitation:
| resource | new |
| space | Personal |
| sharee | Alice |
| shareType | user |
| permissionsRole | Viewer |
When the user "Alice" deletes a user "Brian" using the Graph API
Then the HTTP status code should be "204"
And as "Alice" folder "Shares/new" should not exist