upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-15 22:11:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

Merge pull request #59603 from nextcloud/backport/59599/stable32

Browse source 
[stable32] test: Add integration test to confirm a user can not add themselves t…
This commit is contained in:
Joas Schilling 2026-04-13 15:52:04 +02:00 committed by GitHub
commit 32462cdccc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
build/integration/features/provisioning-v1.feature
View file

@ -484,11 +484,26 @@ Feature: provisioning
Given As an "admin"
And user "brand-new-user" exists
And group "new-group" exists
And group "other-group" exists
When sending "POST" to "/cloud/users/brand-new-user/subadmins" with
| groupid | new-group |
Then the OCS status code should be "100"
And the HTTP status code should be "200"
# Ensure self promotion is not possible
Given As an "brand-new-user"
When sending "POST" to "/cloud/users/brand-new-user/groups" with
| groupid | admin |
Then the OCS status code should be "104"
And the HTTP status code should be "200"
# Ensure self adding to other groups is not possible
Given As an "brand-new-user"
When sending "POST" to "/cloud/users/brand-new-user/groups" with
| groupid | other-group |
Then the OCS status code should be "104"
And the HTTP status code should be "200"
Scenario: get users using a subadmin
Given As an "admin"
And user "brand-new-user" exists
@ -790,7 +805,7 @@ Feature: provisioning
Then the HTTP status code should be "200"
And user "subadmin" is disabled
Scenario: Admin user cannot disable himself
Scenario: Admin user cannot disable themself
Given As an "admin"
And user "another-admin" exists
And user "another-admin" belongs to group "admin"
@ -801,7 +816,7 @@ Feature: provisioning
And As an "admin"
And user "another-admin" is enabled
Scenario:Admin user cannot enable himself
Scenario: Admin user cannot enable themself
Given As an "admin"
And user "another-admin" exists
And user "another-admin" belongs to group "admin"
@ -834,7 +849,7 @@ Feature: provisioning
And As an "admin"
And user "user2" is disabled
Scenario: Subadmin should not be able to disable himself
Scenario: Subadmin should not be able to disable themself
Given As an "admin"
And user "subadmin" exists
And group "new-group" exists
@ -847,7 +862,7 @@ Feature: provisioning
And As an "admin"
And user "subadmin" is enabled
Scenario: Subadmin should not be able to enable himself
Scenario: Subadmin should not be able to enable themself
Given As an "admin"
And user "subadmin" exists
And group "new-group" exists