diff options
author | Olivier Paroz <github@oparoz.com> | 2015-08-23 06:26:27 +0300 |
---|---|---|
committer | Olivier Paroz <github@oparoz.com> | 2015-08-23 06:26:27 +0300 |
commit | ca759fcf189fbf1fbd6c8378deb573564d4922f5 (patch) | |
tree | 6ab1189cf94b046eda9082db3fb5a09ff186e44e /tests/api | |
parent | 1f29ab0986c760cb67e238fcf6fae41738a5969d (diff) |
Test that forbidden folders don't get listed
Diffstat (limited to 'tests/api')
-rw-r--r-- | tests/api/GetFilesCest.php | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/tests/api/GetFilesCest.php b/tests/api/GetFilesCest.php index 0355b51d..378d8689 100644 --- a/tests/api/GetFilesCest.php +++ b/tests/api/GetFilesCest.php @@ -126,4 +126,20 @@ class GetFilesCest { $I->seeResponseContainsJson(['locationhaschanged' => true]); } + public function getListOfForbiddenPath(\Step\Api\User $I) { + $params = $this->params; + // This folder contains a .nomedia file + $params['location'] = 'folder4'; + + $I->am('an app'); + $I->wantTo('get the list of files of a folder which contains the .nomedia file' + ); + + $I->getUserCredentialsAndUseHttpAuthentication(); + $I->sendGET($this->apiUrl, $params); + $I->seeResponseCodeIs(403); + $I->seeResponseIsJson(); + $I->seeResponseContainsJson(['message' => 'Album is private or unavailable']); + } + } |