nextcloud/build/integration/features/carddav.feature

Feature: carddav
  Scenario: Accessing a not existing addressbook of another user
    Given user "user0" exists
    When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"
    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"

  Scenario: Accessing a not shared addressbook of another user
    Given user "user0" exists
    Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"
    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"

  Scenario: Accessing a not existing addressbook of another user via legacy endpoint
    Given user "user0" exists
    When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/"
    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"

  Scenario: Accessing a not shared addressbook of another user via legacy endpoint
    Given user "user0" exists
    Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/"
    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"

  Scenario: Accessing a not existing addressbook of myself
    Given user "user0" exists
    When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"
    And The CardDAV exception is "Sabre\DAV\Exception\NotFound"
    And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"

  Scenario: Creating a new addressbook
    When "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
    Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "207" on the endpoint "/remote.php/dav/addressbooks/users/"

  Scenario: Accessing ones own contact
    Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
    Given "admin" uploads the contact "bjoern.vcf" to the addressbook "MyAddressbook"
    When Downloading the contact "bjoern.vcf" from addressbook "MyAddressbook" as user "admin"
    Then The following HTTP headers should be set
        |Content-Disposition|attachment; filename*=UTF-8''bjoern.vcf; filename="bjoern.vcf"|
        |Content-Type|text/vcard; charset=utf-8|
        |Content-Security-Policy|default-src 'none';|
        |X-Content-Type-Options |nosniff|
        |X-Download-Options|noopen|
        |X-Frame-Options|SAMEORIGIN|
        |X-Permitted-Cross-Domain-Policies|none|
        |X-Robots-Tag|none|
        |X-XSS-Protection|1; mode=block|

  Scenario: Exporting the picture of ones own contact
    Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"
    Given "admin" uploads the contact "bjoern.vcf" to the addressbook "MyAddressbook"
    When Exporting the picture of contact "bjoern.vcf" from addressbook "MyAddressbook" as user "admin"
    Then The following HTTP headers should be set
      |Content-Disposition|attachment|
      |Content-Type|image/jpeg|
      |Content-Security-Policy|default-src 'none';|
      |X-Content-Type-Options |nosniff|
      |X-Download-Options|noopen|
      |X-Frame-Options|SAMEORIGIN|
      |X-Permitted-Cross-Domain-Policies|none|
      |X-Robots-Tag|none|
      |X-XSS-Protection|1; mode=block|
Hides nodes from listing that the user has no access to 2016-02-29 19:30:02 +03:00			`Feature: carddav`
			`Scenario: Accessing a not existing addressbook of another user`
			`Given user "user0" exists`
Add integration tests for legacy DAV endpoints Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2017-02-10 16:01:26 +03:00			`When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"`
Hides nodes from listing that the user has no access to 2016-02-29 19:30:02 +03:00			`And The CardDAV exception is "Sabre\DAV\Exception\NotFound"`
			`And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"`

			`Scenario: Accessing a not shared addressbook of another user`
			`Given user "user0" exists`
			`Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"`
Add integration tests for legacy DAV endpoints Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2017-02-10 16:01:26 +03:00			`When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"`
			`And The CardDAV exception is "Sabre\DAV\Exception\NotFound"`
			`And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"`

			`Scenario: Accessing a not existing addressbook of another user via legacy endpoint`
			`Given user "user0" exists`
			`When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/"`
			`And The CardDAV exception is "Sabre\DAV\Exception\NotFound"`
			`And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"`

			`Scenario: Accessing a not shared addressbook of another user via legacy endpoint`
			`Given user "user0" exists`
			`Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"`
			`When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/"`
Hides nodes from listing that the user has no access to 2016-02-29 19:30:02 +03:00			`And The CardDAV exception is "Sabre\DAV\Exception\NotFound"`
			`And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"`

			`Scenario: Accessing a not existing addressbook of myself`
			`Given user "user0" exists`
Add integration tests for legacy DAV endpoints Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2017-02-10 16:01:26 +03:00			`When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/"`
Hides nodes from listing that the user has no access to 2016-02-29 19:30:02 +03:00			`And The CardDAV exception is "Sabre\DAV\Exception\NotFound"`
			`And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found"`

			`Scenario: Creating a new addressbook`
			`When "admin" creates an addressbook named "MyAddressbook" with statuscode "201"`
Add integration tests for legacy DAV endpoints Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2017-02-10 16:01:26 +03:00			`Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "207" on the endpoint "/remote.php/dav/addressbooks/users/"`
Don't set Content-Disposition header if one already exists If a Content-Disposition header is already set by another plugin we don't need to set another one as this breaks clients. Fixes https://github.com/nextcloud/server/issues/1992 Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-12-14 19:35:27 +03:00
			`Scenario: Accessing ones own contact`
			`Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"`
			`Given "admin" uploads the contact "bjoern.vcf" to the addressbook "MyAddressbook"`
			`When Downloading the contact "bjoern.vcf" from addressbook "MyAddressbook" as user "admin"`
			`Then The following HTTP headers should be set`
			`\|Content-Disposition\|attachment; filename*=UTF-8''bjoern.vcf; filename="bjoern.vcf"\|`
			`\|Content-Type\|text/vcard; charset=utf-8\|`
			`\|Content-Security-Policy\|default-src 'none';\|`
			`\|X-Content-Type-Options \|nosniff\|`
			`\|X-Download-Options\|noopen\|`
Fix casing of same origin frame option Signed-off-by: Joas Schilling <coding@schilljs.com> 2017-04-12 13:37:32 +03:00			`\|X-Frame-Options\|SAMEORIGIN\|`
Don't set Content-Disposition header if one already exists If a Content-Disposition header is already set by another plugin we don't need to set another one as this breaks clients. Fixes https://github.com/nextcloud/server/issues/1992 Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-12-14 19:35:27 +03:00			`\|X-Permitted-Cross-Domain-Policies\|none\|`
			`\|X-Robots-Tag\|none\|`
			`\|X-XSS-Protection\|1; mode=block\|`

			`Scenario: Exporting the picture of ones own contact`
			`Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201"`
			`Given "admin" uploads the contact "bjoern.vcf" to the addressbook "MyAddressbook"`
			`When Exporting the picture of contact "bjoern.vcf" from addressbook "MyAddressbook" as user "admin"`
			`Then The following HTTP headers should be set`
			`\|Content-Disposition\|attachment\|`
			`\|Content-Type\|image/jpeg\|`
			`\|Content-Security-Policy\|default-src 'none';\|`
			`\|X-Content-Type-Options \|nosniff\|`
			`\|X-Download-Options\|noopen\|`
Fix casing of same origin frame option Signed-off-by: Joas Schilling <coding@schilljs.com> 2017-04-12 13:37:32 +03:00			`\|X-Frame-Options\|SAMEORIGIN\|`
Don't set Content-Disposition header if one already exists If a Content-Disposition header is already set by another plugin we don't need to set another one as this breaks clients. Fixes https://github.com/nextcloud/server/issues/1992 Signed-off-by: Lukas Reschke <lukas@statuscode.ch> 2016-12-14 19:35:27 +03:00			`\|X-Permitted-Cross-Domain-Policies\|none\|`
			`\|X-Robots-Tag\|none\|`
			`\|X-XSS-Protection\|1; mode=block\|`