From d559b7bff0f6e7f9566886af5dbd425739beb3cc Mon Sep 17 00:00:00 2001
From: Hamza <hamzamahjoubi221@gmail.com>
Date: Fri, 17 Apr 2026 14:16:06 +0200
Subject: [PATCH] test(integration): write integration tests for calendar
 delegation

Signed-off-by: Hamza <hamzamahjoubi221@gmail.com>
---
 .../features/bootstrap/CalDavContext.php      | 98 ++++++++-----------
 .../features/caldav-delegation.feature        |  9 +-
 2 files changed, 47 insertions(+), 60 deletions(-)

diff --git a/build/integration/features/bootstrap/CalDavContext.php b/build/integration/features/bootstrap/CalDavContext.php
index 7b1d61c5cf2..50709ed35b7 100644
--- a/build/integration/features/bootstrap/CalDavContext.php
+++ b/build/integration/features/bootstrap/CalDavContext.php
@@ -123,34 +123,6 @@ class CalDavContext implements \Behat\Behat\Context\Context {
 		}
 	}
 
-	/**
-	 * @When :user requests principal :principal on the endpoint :endpoint
-	 */
-	public function requestsPrincipal(string $user, string $principal, string $endpoint): void {
-		$davUrl = $this->baseUrl . $endpoint . $principal;
-
-		$password = ($user === 'admin') ? 'admin' : '123456';
-		try {
-			$this->response = $this->client->request(
-				'PROPFIND',
-				$davUrl,
-				[
-					'headers' => [
-						'Content-Type' => 'application/xml; charset=UTF-8',
-						'Depth' => 0,
-					],
-					'body' => '<x0:propfind xmlns:x0="DAV:"><x0:prop><x0:displayname/><x1:calendar-user-type xmlns:x1="urn:ietf:params:xml:ns:caldav"/><x1:calendar-user-address-set xmlns:x1="urn:ietf:params:xml:ns:caldav"/><x0:principal-URL/><x0:alternate-URI-set/><x2:email-address xmlns:x2="http://sabredav.org/ns"/><x3:language xmlns:x3="http://nextcloud.com/ns"/><x1:calendar-home-set xmlns:x1="urn:ietf:params:xml:ns:caldav"/><x1:schedule-inbox-URL xmlns:x1="urn:ietf:params:xml:ns:caldav"/><x1:schedule-outbox-URL xmlns:x1="urn:ietf:params:xml:ns:caldav"/><x1:schedule-default-calendar-URL xmlns:x1="urn:ietf:params:xml:ns:caldav"/><x3:resource-type xmlns:x3="http://nextcloud.com/ns"/><x3:resource-vehicle-type xmlns:x3="http://nextcloud.com/ns"/><x3:resource-vehicle-make xmlns:x3="http://nextcloud.com/ns"/><x3:resource-vehicle-model xmlns:x3="http://nextcloud.com/ns"/><x3:resource-vehicle-is-electric xmlns:x3="http://nextcloud.com/ns"/><x3:resource-vehicle-range xmlns:x3="http://nextcloud.com/ns"/><x3:resource-vehicle-seating-capacity xmlns:x3="http://nextcloud.com/ns"/><x3:resource-contact-person xmlns:x3="http://nextcloud.com/ns"/><x3:resource-contact-person-vcard xmlns:x3="http://nextcloud.com/ns"/><x3:room-type xmlns:x3="http://nextcloud.com/ns"/><x3:room-seating-capacity xmlns:x3="http://nextcloud.com/ns"/><x3:room-building-address xmlns:x3="http://nextcloud.com/ns"/><x3:room-building-story xmlns:x3="http://nextcloud.com/ns"/><x3:room-building-room-number xmlns:x3="http://nextcloud.com/ns"/><x3:room-features xmlns:x3="http://nextcloud.com/ns"/><x0:principal-collection-set/><x0:supported-report-set/></x0:prop></x0:propfind>',
-					'auth' => [
-						$user,
-						$password,
-					],
-				]
-			);
-		} catch (\GuzzleHttp\Exception\ClientException $e) {
-			$this->response = $e->getResponse();
-		}
-	}
-
 	/**
 	 * @Then The CalDAV response should contain a property :key
 	 * @throws \Exception
@@ -180,37 +152,6 @@ class CalDavContext implements \Behat\Behat\Context\Context {
 		}
 	}
 
-	/**
-	 * @Then The CalDAV response should contain a property :key with a href value :value
-	 * @throws \Exception
-	 */
-	public function theCaldavResponseShouldContainAPropertyWithHrefValue(
-		string $key,
-		string $value,
-	): void {
-		/** @var \Sabre\DAV\Xml\Response\MultiStatus $multiStatus */
-		$multiStatus = $this->responseXml['value'];
-		$responses = $multiStatus->getResponses()[0]->getResponseProperties();
-		if (!isset($responses[200])) {
-			throw new \Exception(
-				sprintf(
-					'Expected code 200 got [%s]',
-					implode(',', array_keys($responses)),
-				)
-			);
-		}
-
-		$props = $responses[200];
-		if (!array_key_exists($key, $props)) {
-			throw new \Exception("Cannot find property \"$key\"");
-		}
-
-		$actualValue = $props[$key]->getHref();
-		if ($actualValue !== $value) {
-			throw new \Exception("Property \"$key\" found with value \"$actualValue\", expected \"$value\"");
-		}
-	}
-
 	/**
 	 * @Then The CalDAV response should contain an href :href
 	 * @throws \Exception
@@ -409,4 +350,43 @@ class CalDavContext implements \Behat\Behat\Context\Context {
 			$this->response = $e->getResponse();
 		}
 	}
+
+	/**
+	 * @Given :user updates property :key to href :value of principal :principal on the endpoint :endpoint
+	 */
+	public function updatesHrefPropertyOfPrincipal(
+		string $user,
+		string $key,
+		string $value,
+		string $principal,
+		string $endpoint,
+	): void {
+		$davUrl = $this->baseUrl . $endpoint . $principal;
+		$password = ($user === 'admin') ? 'admin' : '123456';
+
+		$propPatch = new \Sabre\DAV\Xml\Request\PropPatch();
+		$propPatch->properties = [$key => new \Sabre\DAV\Xml\Property\Href($value)];
+
+		$xml = new \Sabre\Xml\Service();
+		$body = $xml->write('{DAV:}propertyupdate', $propPatch, '/');
+
+		try {
+			$this->response = $this->client->request(
+				'PROPPATCH',
+				$davUrl,
+				[
+					'headers' => [
+						'Content-Type' => 'application/xml; charset=UTF-8',
+					],
+					'body' => $body,
+					'auth' => [
+						$user,
+						$password,
+					],
+				]
+			);
+		} catch (\GuzzleHttp\Exception\ClientException $e) {
+			$this->response = $e->getResponse();
+		}
+	}
 }
diff --git a/build/integration/features/caldav-delegation.feature b/build/integration/features/caldav-delegation.feature
index d4cc781f320..33cd928db7f 100644
--- a/build/integration/features/caldav-delegation.feature
+++ b/build/integration/features/caldav-delegation.feature
@@ -20,4 +20,11 @@ Feature: calendar delegation
     When "admin" updates property "{DAV:}group-member-set" to href "/remote.php/dav/principals/users/user0" of principal "users/admin/calendar-proxy-write" on the endpoint "/remote.php/dav/principals/"
     Then The CalDAV response should be multi status
     And The CalDAV response should contain an href "/remote.php/dav/principals/users/admin/calendar-proxy-write"
-    And The CalDAV response should contain a property "{DAV:}group-member-set"
\ No newline at end of file
+    And The CalDAV response should contain a property "{DAV:}group-member-set"
+  
+  Scenario: Admin cannot grant User1 access to User0's calendar account
+    Given user "admin" exists
+    And user "user0" exists
+    And user "user1" exists
+    When "admin" updates property "{DAV:}group-member-set" to href "/remote.php/dav/principals/users/user1" of principal "users/user0/calendar-proxy-write" on the endpoint "/remote.php/dav/principals/"
+    Then The CalDAV HTTP status code should be "404"
\ No newline at end of file