diff options
| author | Joas Schilling <coding@schilljs.com> | 2022-04-27 18:05:07 +0300 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2022-04-27 22:03:14 +0300 |
| commit | 7c1268acbce3884cb07a7447dba067d0ddbccfec (patch) | |
| tree | 684ffcb4c1fdbc4f4165b4ff962f0bf3df649e03 | |
| parent | 8d9f4be98fceaf1c3ef30d6241242f6ef6d12062 (diff) | |
Introduce a chat permission on the API
Signed-off-by: Joas Schilling <coding@schilljs.com>
| -rw-r--r-- | docs/constants.md | 1 | ||||
| -rw-r--r-- | lib/Controller/ChatController.php | 4 | ||||
| -rw-r--r-- | lib/Controller/ReactionController.php | 2 | ||||
| -rw-r--r-- | lib/Exceptions/PermissionsException.php | 28 | ||||
| -rw-r--r-- | lib/Middleware/InjectionMiddleware.php | 27 | ||||
| -rw-r--r-- | lib/Model/Attendee.php | 2 | ||||
| -rw-r--r-- | tests/integration/features/bootstrap/FeatureContext.php | 1 | ||||
| -rw-r--r-- | tests/integration/features/chat/delete.feature | 16 | ||||
| -rw-r--r-- | tests/integration/features/chat/group.feature | 12 | ||||
| -rw-r--r-- | tests/integration/features/chat/public.feature | 13 | ||||
| -rw-r--r-- | tests/integration/features/chat/rich-object-share.feature | 25 | ||||
| -rw-r--r-- | tests/integration/features/conversation-2/set-participant-permissions.feature | 214 | ||||
| -rw-r--r-- | tests/integration/features/conversation-2/set-permissions.feature | 48 | ||||
| -rw-r--r-- | tests/integration/features/reaction/react.feature | 24 |
14 files changed, 285 insertions, 132 deletions
diff --git a/docs/constants.md b/docs/constants.md index 108bfb668..f170118c8 100644 --- a/docs/constants.md +++ b/docs/constants.md @@ -70,6 +70,7 @@ title: Constants * `16` Can publish audio stream * `32` Can publish video stream * `64` Can publish screen sharing stream +* `128` Can post chat message, share items and do reactions ### Attendee permission modifications * `set` - Setting this permission set. diff --git a/lib/Controller/ChatController.php b/lib/Controller/ChatController.php index 39db47d83..8e508d0b0 100644 --- a/lib/Controller/ChatController.php +++ b/lib/Controller/ChatController.php @@ -180,6 +180,7 @@ class ChatController extends AEnvironmentAwareController { * @PublicPage * @RequireParticipant * @RequireReadWriteConversation + * @RequirePermissions(permissions=chat) * @RequireModeratorOrNoLobby * * Sends a new chat message to the given room. @@ -235,6 +236,7 @@ class ChatController extends AEnvironmentAwareController { * @PublicPage * @RequireParticipant * @RequireReadWriteConversation + * @RequirePermissions(permissions=chat) * @RequireModeratorOrNoLobby * * Sends a rich-object to the given room. @@ -575,6 +577,7 @@ class ChatController extends AEnvironmentAwareController { * @NoAdminRequired * @RequireParticipant * @RequireReadWriteConversation + * @RequirePermissions(permissions=chat) * @RequireModeratorOrNoLobby * * @param int $messageId @@ -825,6 +828,7 @@ class ChatController extends AEnvironmentAwareController { * @PublicPage * @RequireParticipant * @RequireReadWriteConversation + * @RequirePermissions(permissions=chat) * @RequireModeratorOrNoLobby * * @param string $search diff --git a/lib/Controller/ReactionController.php b/lib/Controller/ReactionController.php index a5b6fa89e..d99553914 100644 --- a/lib/Controller/ReactionController.php +++ b/lib/Controller/ReactionController.php @@ -48,6 +48,7 @@ class ReactionController extends AEnvironmentAwareController { * @PublicPage * @RequireParticipant * @RequireReadWriteConversation + * @RequirePermissions(permissions=chat) * @RequireModeratorOrNoLobby * * @param int $messageId for reaction @@ -78,6 +79,7 @@ class ReactionController extends AEnvironmentAwareController { * @PublicPage * @RequireParticipant * @RequireReadWriteConversation + * @RequirePermissions(permissions=chat) * @RequireModeratorOrNoLobby * * @param int $messageId for reaction diff --git a/lib/Exceptions/PermissionsException.php b/lib/Exceptions/PermissionsException.php new file mode 100644 index 000000000..3677eb0d0 --- /dev/null +++ b/lib/Exceptions/PermissionsException.php @@ -0,0 +1,28 @@ +<?php + +declare(strict_types=1); +/** + * @copyright Copyright (c) 2020 Julien Veyssier <eneiluj@posteo.net> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + + +namespace OCA\Talk\Exceptions; + +class PermissionsException extends \Exception { +} diff --git a/lib/Middleware/InjectionMiddleware.php b/lib/Middleware/InjectionMiddleware.php index 18d98b1ac..0671aac8c 100644 --- a/lib/Middleware/InjectionMiddleware.php +++ b/lib/Middleware/InjectionMiddleware.php @@ -25,6 +25,7 @@ namespace OCA\Talk\Middleware; use OCA\Talk\Controller\AEnvironmentAwareController; use OCA\Talk\Exceptions\ParticipantNotFoundException; +use OCA\Talk\Exceptions\PermissionsException; use OCA\Talk\Exceptions\RoomNotFoundException; use OCA\Talk\Manager; use OCA\Talk\Middleware\Exceptions\LobbyException; @@ -108,6 +109,11 @@ class InjectionMiddleware extends Middleware { if ($this->reflector->hasAnnotation('RequireModeratorOrNoLobby')) { $this->checkLobbyState($controller); } + + $requiredPermissions = $this->reflector->getAnnotationParameter('RequirePermissions', 'permissions'); + if ($requiredPermissions) { + $this->checkPermissions($controller, $requiredPermissions); + } } /** @@ -190,6 +196,24 @@ class InjectionMiddleware extends Middleware { /** * @param AEnvironmentAwareController $controller + * @throws PermissionsException + */ + protected function checkPermissions(AEnvironmentAwareController $controller, string $permissions): void { + $textPermissions = explode(',', $permissions); + $participant = $controller->getParticipant(); + if (!$participant instanceof Participant) { + throw new PermissionsException(); + } + + foreach ($textPermissions as $textPermission) { + if ($textPermission === 'chat' && !($participant->getPermissions() & Attendee::PERMISSIONS_CHAT)) { + throw new PermissionsException(); + } + } + } + + /** + * @param AEnvironmentAwareController $controller * @throws LobbyException */ protected function checkLobbyState(AEnvironmentAwareController $controller): void { @@ -238,7 +262,8 @@ class InjectionMiddleware extends Middleware { } if ($exception instanceof NotAModeratorException || - $exception instanceof ReadOnlyException) { + $exception instanceof ReadOnlyException || + $exception instanceof PermissionsException) { if ($controller instanceof OCSController) { throw new OCSException('', Http::STATUS_FORBIDDEN); } diff --git a/lib/Model/Attendee.php b/lib/Model/Attendee.php index 32c03f666..cabda580f 100644 --- a/lib/Model/Attendee.php +++ b/lib/Model/Attendee.php @@ -78,6 +78,7 @@ class Attendee extends Entity { public const PERMISSIONS_PUBLISH_AUDIO = 16; public const PERMISSIONS_PUBLISH_VIDEO = 32; public const PERMISSIONS_PUBLISH_SCREEN = 64; + public const PERMISSIONS_CHAT = 128; public const PERMISSIONS_MAX_DEFAULT = // Max int (when all permissions are granted as default) self::PERMISSIONS_CALL_START | self::PERMISSIONS_CALL_JOIN @@ -85,6 +86,7 @@ class Attendee extends Entity { | self::PERMISSIONS_PUBLISH_AUDIO | self::PERMISSIONS_PUBLISH_VIDEO | self::PERMISSIONS_PUBLISH_SCREEN + | self::PERMISSIONS_CHAT ; public const PERMISSIONS_MAX_CUSTOM = self::PERMISSIONS_MAX_DEFAULT | self::PERMISSIONS_CUSTOM; // Max int (when all permissions are granted as custom) diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php index 23a22880b..992fa9ddd 100644 --- a/tests/integration/features/bootstrap/FeatureContext.php +++ b/tests/integration/features/bootstrap/FeatureContext.php @@ -63,6 +63,7 @@ class FeatureContext implements Context, SnippetAcceptingContext { 'A' => 16, // PERMISSIONS_PUBLISH_AUDIO 'V' => 32, // PERMISSIONS_PUBLISH_VIDEO 'P' => 64, // PERMISSIONS_PUBLISH_SCREEN + 'M' => 128, // PERMISSIONS_CHAT ]; /** @var string */ diff --git a/tests/integration/features/chat/delete.feature b/tests/integration/features/chat/delete.feature index 518c0f173..288429771 100644 --- a/tests/integration/features/chat/delete.feature +++ b/tests/integration/features/chat/delete.feature @@ -47,6 +47,22 @@ Feature: chat/reply Then user "participant1" received a system messages in room "group room" to delete "Message 1" Then user "participant2" received a system messages in room "group room" to delete "Message 1" + Scenario: user cannot delete without chat permission + Given user "participant1" creates room "group room" (v4) + | roomType | 2 | + | roomName | room | + And user "participant1" adds user "participant2" to room "group room" with 200 (v4) + And user "participant2" sends message "Message 1" to room "group room" with 201 + Then user "participant1" sees the following messages in room "group room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | parentMessage | + | group room | users | participant2 | participant2-displayname | Message 1 | [] | | + # Removing chat permission only + Then user "participant1" sets permissions for "participant2" in room "group room" to "CSJLAVP" with 200 (v4) + And user "participant2" deletes message "Message 1" from room "group room" with 403 + Then user "participant1" sees the following messages in room "group room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | parentMessage | + | group room | users | participant2 | participant2-displayname | Message 1 | [] | | + Scenario: moderator deletes other user message Given user "participant1" creates room "group room" (v4) | roomType | 2 | diff --git a/tests/integration/features/chat/group.feature b/tests/integration/features/chat/group.feature index 255258450..9021ce8c9 100644 --- a/tests/integration/features/chat/group.feature +++ b/tests/integration/features/chat/group.feature @@ -24,6 +24,18 @@ Feature: chat/group | room | actorType | actorId | actorDisplayName | message | messageParameters | | group room | users | participant2 | participant2-displayname | Message 1 | [] | + Scenario: invited user can not send without chat permissions + Given user "participant1" creates room "group room" (v4) + | roomType | 2 | + | invite | attendees1 | + # Removing chat permission only + Then user "participant1" sets permissions for "participant2" in room "group room" to "CSJLAVP" with 200 (v4) + When user "participant2" sends message "Message 1" to room "group room" with 403 + When user "participant1" sends message "Message 2" to room "group room" with 201 + Then user "participant2" sees the following messages in room "group room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | + | group room | users | participant1 | participant1-displayname | Message 2 | [] | + Scenario: not invited user can not send nor receive chat messages to nor from group room Given user "participant1" creates room "group room" (v4) | roomType | 2 | diff --git a/tests/integration/features/chat/public.feature b/tests/integration/features/chat/public.feature index d0617b456..7f3391ec9 100644 --- a/tests/integration/features/chat/public.feature +++ b/tests/integration/features/chat/public.feature @@ -23,6 +23,19 @@ Feature: chat/public | room | actorType | actorId | actorDisplayName | message | messageParameters | | public room | users | participant2 | participant2-displayname | Message 1 | [] | + Scenario: invited user can not send without chat permissions + Given user "participant1" creates room "public room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" adds user "participant2" to room "public room" with 200 (v4) + # Removing chat permission only + Then user "participant1" sets permissions for "participant2" in room "public room" to "CSJLAVP" with 200 (v4) + When user "participant2" sends message "Message 1" to room "public room" with 403 + When user "participant1" sends message "Message 2" to room "public room" with 201 + Then user "participant2" sees the following messages in room "public room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | + | public room | users | participant1 | participant1-displayname | Message 2 | [] | + Scenario: not invited but joined user can send and receive chat messages to and from public room Given user "participant1" creates room "public room" (v4) | roomType | 3 | diff --git a/tests/integration/features/chat/rich-object-share.feature b/tests/integration/features/chat/rich-object-share.feature index 467a72501..7cc083b3a 100644 --- a/tests/integration/features/chat/rich-object-share.feature +++ b/tests/integration/features/chat/rich-object-share.feature @@ -1,6 +1,7 @@ Feature: chat/public Background: Given user "participant1" exists + Given user "participant2" exists Scenario: Share a rich object to a chat Given user "participant1" creates room "public room" (v4) @@ -11,6 +12,17 @@ Feature: chat/public | room | actorType | actorId | actorDisplayName | message | messageParameters | | public room | users | participant1 | participant1-displayname | {object} | {"actor":{"type":"user","id":"participant1","name":"participant1-displayname"},"object":{"name":"Another room","call-type":"group","type":"call","id":"R4nd0mT0k3n"}} | + Scenario: Can not share without chat permission + Given user "participant1" creates room "public room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" adds user "participant2" to room "public room" with 200 (v4) + # Removing chat permission only + Then user "participant1" sets permissions for "participant2" in room "public room" to "CSJLAVP" with 200 (v4) + When user "participant2" shares rich-object "call" "R4nd0mT0k3n" '{"name":"Another room","call-type":"group"}' to room "public room" with 403 (v1) + Then user "participant1" sees the following messages in room "public room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | + Scenario: Delete a rich object from a chat Given user "participant1" creates room "public room" (v4) | roomType | 3 | @@ -21,6 +33,19 @@ Feature: chat/public | room | actorType | actorId | actorDisplayName | message | messageParameters | parentMessage | | public room | users | participant1 | participant1-displayname | Message deleted by you | {"actor":{"type":"user","id":"participant1","name":"participant1-displayname"}} | | + Scenario: Can not delete without chat permission + Given user "participant1" creates room "public room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" adds user "participant2" to room "public room" with 200 (v4) + When user "participant2" shares rich-object "call" "R4nd0mT0k3n" '{"name":"Another room","call-type":"group"}' to room "public room" with 201 (v1) + # Removing chat permission only + Then user "participant1" sets permissions for "participant2" in room "public room" to "CSJLAVP" with 200 (v4) + And user "participant2" deletes message "shared::call::R4nd0mT0k3n" from room "public room" with 403 + Then user "participant1" sees the following messages in room "public room" with 200 + | room | actorType | actorId | actorDisplayName | message | messageParameters | + | public room | users | participant2 | participant2-displayname | {object} | {"actor":{"type":"user","id":"participant2","name":"participant2-displayname"},"object":{"name":"Another room","call-type":"group","type":"call","id":"R4nd0mT0k3n"}} | + Scenario: Share an invalid rich object to a chat Given user "participant1" creates room "public room" (v4) | roomType | 3 | diff --git a/tests/integration/features/conversation-2/set-participant-permissions.feature b/tests/integration/features/conversation-2/set-participant-permissions.feature index 7f0beb3cd..8126acbb1 100644 --- a/tests/integration/features/conversation-2/set-participant-permissions.feature +++ b/tests/integration/features/conversation-2/set-participant-permissions.feature @@ -16,12 +16,12 @@ Feature: set-publishing-permissions And user "moderator" sets permissions for "moderator" in room "one-to-one room" to "S" with 400 (v4) Then user "owner" sees the following attendees in room "one-to-one room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | And user "moderator" sees the following attendees in room "one-to-one room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | Scenario: owner can set permissions in group room Given user "owner" creates room "group room" (v4) @@ -36,18 +36,18 @@ Feature: set-publishing-permissions And user "owner" sets permissions for "invited user" in room "group room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | And user "moderator" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | And user "invited user" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | Scenario: moderator can set permissions in group room @@ -63,18 +63,18 @@ Feature: set-publishing-permissions And user "owner" sets permissions for "invited user" in room "group room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | And user "moderator" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | And user "invited user" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | Scenario: others can not set permissions in group room @@ -98,19 +98,19 @@ Feature: set-publishing-permissions And user "guest not joined" sets permissions for "invited user" in room "group room" to "S" with 404 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | And user "moderator" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | And user "invited user" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | Scenario: owner can set permissions in public room Given user "owner" creates room "public room" (v4) @@ -132,43 +132,43 @@ Feature: set-publishing-permissions And user "owner" sets permissions for "guest" in room "public room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "invited user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "not invited but joined user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "guest moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | Scenario: moderator can set permissions in public room @@ -191,43 +191,43 @@ Feature: set-publishing-permissions And user "moderator" sets permissions for "guest" in room "public room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "invited user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "not invited but joined user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "guest moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | # Guests can not fetch the participant list @@ -252,43 +252,43 @@ Feature: set-publishing-permissions And user "guest moderator" sets permissions for "guest" in room "public room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "invited user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "not invited but joined user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | And user "guest moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | | users | not invited but joined user | CS | - | guests | "guest moderator" | SJLAVP | + | guests | "guest moderator" | SJLAVPM | | guests | "guest" | CS | # Guests can not fetch the participant list @@ -338,44 +338,44 @@ Feature: set-publishing-permissions And user "guest not joined" sets permissions for "guest" in room "public room" to "S" with 404 (v4) Then user "owner" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | - | users | not invited but joined user | SJAVP | - | guests | "guest moderator" | SJLAVP | - | guests | "guest" | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | + | users | not invited but joined user | SJAVPM | + | guests | "guest moderator" | SJLAVPM | + | guests | "guest" | SJAVPM | And user "moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | - | users | not invited but joined user | SJAVP | - | guests | "guest moderator" | SJLAVP | - | guests | "guest" | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | + | users | not invited but joined user | SJAVPM | + | guests | "guest moderator" | SJLAVPM | + | guests | "guest" | SJAVPM | And user "invited user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | - | users | not invited but joined user | SJAVP | - | guests | "guest moderator" | SJLAVP | - | guests | "guest" | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | + | users | not invited but joined user | SJAVPM | + | guests | "guest moderator" | SJLAVPM | + | guests | "guest" | SJAVPM | And user "not invited but joined user" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | - | users | not invited but joined user | SJAVP | - | guests | "guest moderator" | SJLAVP | - | guests | "guest" | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | + | users | not invited but joined user | SJAVPM | + | guests | "guest moderator" | SJLAVPM | + | guests | "guest" | SJAVPM | And user "guest moderator" sees the following attendees in room "public room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | - | users | not invited but joined user | SJAVP | - | guests | "guest moderator" | SJLAVP | - | guests | "guest" | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | + | users | not invited but joined user | SJAVPM | + | guests | "guest moderator" | SJLAVPM | + | guests | "guest" | SJAVPM | # Guests can not fetch the participant list Scenario: participants can not set permissions in room for a share @@ -402,14 +402,14 @@ Feature: set-publishing-permissions And user "guest" sets permissions for "guest" in room "file last share room" to "S" with 403 (v4) Then user "owner of file" sees the following attendees in room "file last share room" with 200 (v4) | actorType | actorId | permissions | - | users | owner of file | SJAVP | - | users | user with access to file | SJAVP | - | guests | "guest" | SJAVP | + | users | owner of file | SJAVPM | + | users | user with access to file | SJAVPM | + | guests | "guest" | SJAVPM | And user "user with access to file" sees the following attendees in room "file last share room" with 200 (v4) | actorType | actorId | permissions | - | users | owner of file | SJAVP | - | users | user with access to file | SJAVP | - | guests | "guest" | SJAVP | + | users | owner of file | SJAVPM | + | users | user with access to file | SJAVPM | + | guests | "guest" | SJAVPM | # This does not make much sense, but there is no real need to block it either. Scenario: owner can set permissions in a password request room @@ -427,5 +427,5 @@ Feature: set-publishing-permissions And user "owner of file" sets permissions for "guest" in room "password request for last share room" to "S" with 200 (v4) Then user "owner of file" sees the following attendees in room "password request for last share room" with 200 (v4) | actorType | actorId | permissions | - | users | owner of file | SJLAVP | + | users | owner of file | SJLAVPM | | guests | "guest" | CS | diff --git a/tests/integration/features/conversation-2/set-permissions.feature b/tests/integration/features/conversation-2/set-permissions.feature index c04b4f021..6cf6c4919 100644 --- a/tests/integration/features/conversation-2/set-permissions.feature +++ b/tests/integration/features/conversation-2/set-permissions.feature @@ -13,26 +13,26 @@ Feature: set-publishing-permissions And user "owner" adds user "invited user" to room "group room" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | - | users | invited user | SJAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | + | users | invited user | SJAVPM | When user "owner" sets default permissions for room "group room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CS | When user "moderator" sets default permissions for room "group room" to "AV" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CAV | When user "invited user" sets default permissions for room "group room" to "D" with 403 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CAV | Scenario: Owner and moderators can set call permissions users can not @@ -47,8 +47,8 @@ Feature: set-publishing-permissions When user "invited user" sets call permissions for room "group room" to "D" with 403 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | moderator | SJLAVP | + | users | owner | SJLAVPM | + | users | moderator | SJLAVPM | | users | invited user | CAV | Scenario: User setting over call setting over conversation setting over default @@ -59,33 +59,33 @@ Feature: set-publishing-permissions When user "owner" sets default permissions for room "group room" to "S" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | + | users | owner | SJLAVPM | | users | invited user | CS | When user "owner" sets call permissions for room "group room" to "A" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | + | users | owner | SJLAVPM | | users | invited user | CA | And user "owner" sets permissions for "invited user" in room "group room" to "V" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | + | users | owner | SJLAVPM | | users | invited user | CV | And user "owner" sets permissions for "invited user" in room "group room" to "D" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | + | users | owner | SJLAVPM | | users | invited user | CA | When user "owner" sets call permissions for room "group room" to "D" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | + | users | owner | SJLAVPM | | users | invited user | CS | When user "owner" sets default permissions for room "group room" to "D" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | - | users | owner | SJLAVP | - | users | invited user | SJAVP | + | users | owner | SJLAVPM | + | users | invited user | SJAVPM | @@ -97,12 +97,12 @@ Feature: set-publishing-permissions And user "owner" sets permissions for "invited user" in room "group room" to "V" with 200 (v4) And user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | attendeePermissions | - | users | owner | SJLAVP | D | + | users | owner | SJLAVPM | D | | users | invited user | CV | CV | When user "owner" sets call permissions for room "group room" to "A" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | attendeePermissions | - | users | owner | SJLAVP | D | + | users | owner | SJLAVPM | D | | users | invited user | CA | D | Scenario: setting default permissions resets participant permissions @@ -113,12 +113,12 @@ Feature: set-publishing-permissions And user "owner" sets permissions for "invited user" in room "group room" to "V" with 200 (v4) And user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | attendeePermissions | - | users | owner | SJLAVP | D | + | users | owner | SJLAVPM | D | | users | invited user | CV | CV | When user "owner" sets default permissions for room "group room" to "A" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | attendeePermissions | - | users | owner | SJLAVP | D | + | users | owner | SJLAVPM | D | | users | invited user | CA | D | Scenario: setting default permissions does not reset call permissions @@ -129,10 +129,10 @@ Feature: set-publishing-permissions And user "owner" sets call permissions for room "group room" to "V" with 200 (v4) And user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | attendeePermissions | - | users | owner | SJLAVP | D | + | users | owner | SJLAVPM | D | | users | invited user | CV | D | When user "owner" sets default permissions for room "group room" to "A" with 200 (v4) Then user "owner" sees the following attendees in room "group room" with 200 (v4) | actorType | actorId | permissions | attendeePermissions | - | users | owner | SJLAVP | D | + | users | owner | SJLAVPM | D | | users | invited user | CV | D | diff --git a/tests/integration/features/reaction/react.feature b/tests/integration/features/reaction/react.feature index d53b044e0..2bedf4ac1 100644 --- a/tests/integration/features/reaction/react.feature +++ b/tests/integration/features/reaction/react.feature @@ -39,6 +39,30 @@ Feature: reaction/react | room | users | participant1 | participant1-displayname | user_added | | room | users | participant1 | participant1-displayname | conversation_created | + Scenario: React to message fails without chat permission + Given user "participant1" creates room "room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" adds user "participant2" to room "room" with 200 (v4) + And user "participant1" sends message "Message 1" to room "room" with 201 + And user "participant2" react with "👍" on message "Message 1" to room "room" with 201 + | actorType | actorId | actorDisplayName | reaction | + | users | participant2 | participant2-displayname | 👍 | + Then user "participant1" sees the following system messages in room "room" with 200 + | room | actorType | actorId | actorDisplayName | systemMessage | + | room | users | participant2 | participant2-displayname | reaction | + | room | users | participant1 | participant1-displayname | user_added | + | room | users | participant1 | participant1-displayname | conversation_created | + # Removing chat permission only + Then user "participant1" sets permissions for "participant2" in room "room" to "CSJLAVP" with 200 (v4) + When user "participant2" delete react with "👍" on message "Message 1" to room "room" with 403 + And user "participant2" react with "💙" on message "Message 1" to room "room" with 403 + And user "participant1" sees the following system messages in room "room" with 200 + | room | actorType | actorId | actorDisplayName | systemMessage | + | room | users | participant2 | participant2-displayname | reaction | + | room | users | participant1 | participant1-displayname | user_added | + | room | users | participant1 | participant1-displayname | conversation_created | + Scenario: React two times to same message with the same reaction Given user "participant1" creates room "room" (v4) | roomType | 3 | |