diff --git a/docs/testing/smoke_testing.md b/docs/testing/smoke_testing.md index f62ee2ab2..841f239f0 100644 --- a/docs/testing/smoke_testing.md +++ b/docs/testing/smoke_testing.md @@ -2,6 +2,7 @@ - SPDX-FileCopyrightText: 2024 Jankari Tech Pvt. Ltd. - SPDX-License-Identifier: AGPL-3.0-or-later --> + # Smoke Testing Docs for `integration_openproject` This file consists of some smoke testing to be done before the release (major and minor) of `integration_application` application. @@ -11,16 +12,19 @@ The need for this smoke testing (manual) is that we do not have e2e test setup t - [Section A: Two-Way OAuth 2.0 Authorization Code Flow](#section-a-two-way-oauth-20-authorization-code-flow) - [Section B: Single-Sign-On through OpenID Connect Identity Provider](#section-b-single-sign-on-through-openid-connect-identity-provider) + - [B.1: Nextcloud Hub as IDP](#B1-nextcloud-hub-as-idp) - [B.2: External Provider](#B2-External-Provider) - [Common Smoke Test Steps](#common-smoke-test-steps) - - [1. Link/Unlink a work package for a file/folder in Nextcloud](#1-linkunlink-a-work-package-for-a-filefolder-in-nextcloud) - - [2. Link/Unlink a work package for a file/folder from OpenProject](#2-linkunlink-a-work-package-for-a-filefolder-from-openproject) - - [3. Direct upload file/folder from OpenProject to Nextcloud](#3-direct-upload-filefolder-from-openproject-to-nextcloud) - - [4. Create a WorkPackage from Nextcloud](#4-create-a-workpackage-from-nextcloud) - - [5. Check notification in `OpenProject` widget in Nextcloud](#5-check-notification-in-openproject-widget-in-nextcloud) - - [6. Check New folder with automatically managed permissions in OpenProject](#6-check-new-folder-with-automatically-managed-permissions-in-openproject) + + - [1. Link/Unlink a work package for a file/folder in Nextcloud](#1-linkunlink-a-work-package-for-a-filefolder-in-nextcloud) + - [2. Link/Unlink a work package for a file/folder from OpenProject](#2-linkunlink-a-work-package-for-a-filefolder-from-openproject) + - [3. Direct upload file/folder from OpenProject to Nextcloud](#3-direct-upload-filefolder-from-openproject-to-nextcloud) + - [4. Create a WorkPackage from Nextcloud](#4-create-a-workpackage-from-nextcloud) + - [5. Check notification in `OpenProject` widget in Nextcloud](#5-check-notification-in-openproject-widget-in-nextcloud) + - [6. Setup and check project folder in Nextcloud (with project folder setup)](#6-setup-and-check-project-folder-in-nextcloud-with-project-folder-setup) + - [7. Setup and Check New folder with automatically managed permissions in OpenProject](#7-setup-and-check-new-folder-with-automatically-managed-permissions-in-openproject) - [App Upgrade Testing](#app-upgrade-testing) - [Upgrade Steps](#upgrade-steps) @@ -29,229 +33,274 @@ The need for this smoke testing (manual) is that we do not have e2e test setup t - [Nextcloud Hub as IDP](#nextcloud-hub-as-idp) - [External Provider (Keycloak)](#external-provider-keycloak) - [Token Exchange Disabled](#token-exchange-disabled) - - [Token Exchange Enabled](#token-exchange-enabled) + - [Token Exchange Enabled](#token-exchange-enabled) ## Section A: Two-Way OAuth 2.0 Authorization Code Flow -### A1. Oauth configuration -- [ ] In `OpenProject`, navigate to `Administration > Files`. -- [ ] Create a file storage type `Nextcloud` and name it as `Nextcloud` in `OpenProject`. -- [ ] In admin setting of `Nextcloud`, navigate to `Administration Settings > OpenProject`. -- [ ] Copy `OpenProject` Oauth Credential (client_id and client_secret) and save them in `Nextcloud`. -- [ ] Copy `Nextcloud` Oauth Credential (client_id and client_secret) and save them in `OpenProject`. -- [ ] Disable project folder (automatically managed folder). +### A1. OAuth configuration + +- [ ] Keep two browser tabs open: one for `OpenProject` and one for `Nextcloud`. +- [ ] In `OpenProject`, as a user `admin`, navigate to `Administration > Files` and add a new `Nextcloud` storage: + - Add name to `Nextcloud` and host to ``. + - Select `Two-way OAuth 2.0 authorization code flow` as the authentication method. + - Click `Save and Continue` — note the generated `OpenProject OAuth Client ID` and `Client Secret`. +- [ ] In `Nextcloud`, as a user `admin`, navigate to `Administration Settings > OpenProject`: + - Set `OpenProject server` to ``. + - Select `Two-way OAuth 2.0 authorization code flow` as the authentication method. + - Enter the `OpenProject OAuth Client ID` and `Client Secret` copied from the previous step. + - Click `Save` — note the generated `Nextcloud OAuth Client ID` and `Client Secret`. +- [ ] Back in `OpenProject`: + - Enter the `Nextcloud OAuth Client ID` and `Client Secret`, then click `Save and Continue`. + - Uncheck the `Automatically managed folders` and click on `Finish setup`. +- [ ] Back in `Nextcloud`, click `Yes, I have copied these values`. +- [ ] Disable `Automatically managed project folders` and click `Complete without Project Folders`. ### A2. Connect Nextcloud with OpenProject - [ ] Complete step [Test No A1](#a1-oauth-configuration). -- [ ] In `Nextcloud`, navigate to `Personal Settings > Openproject` and click on `Connect to OpenProject` button. +- [ ] In `Nextcloud`, navigate to `Personal Settings > OpenProject` and click on `Connect to OpenProject` button. - [ ] `Nextcloud` admin should be connected as an `OpenProject` admin. - [ ] Also, create a user in both `Nextcloud` as well as `OpenProject`. - [ ] From the personal section of the created user in `Nextcloud`, connect to `OpenProject`. - [ ] `Nextcloud` user should be connected as an `OpenProject` user. ### A3. Add File storage (Nextcloud) to an OpenProject project + - [ ] Complete step [Test No A1](#a1-oauth-configuration). -- [ ] Select an `OpenProject` Project (for example, `Demo Project`) in `OpenProject`. +- [ ] In `Openproject`, as a user `admin`, select any `OpenProject` Project (for example, `Demo Project`) in `OpenProject`. - [ ] Navigate to `Project settings > Files` of `Demo Project`. - [ ] Add a file storage name `Nextcloud`( choose `No specific Folder` option ) for `Demo Project`. ### A4. Connect OpenProject with Nextcloud + - [ ] Complete step [Test No A1](#a1-oauth-configuration). -- [ ] Complete step [Test No A3](#A3-Add-File-storage-Nextcloud-to-an-OpenProject-project). -- [ ] Navigate to `Demo Project > Work Packages` and double click any one of the work packages available. +- [ ] Complete step [Test No A3](#a3-add-file-storage-nextcloud-to-an-openproject-project). +- [ ] In `Openproject`, as a user `admin`, navigate to `Demo Project > Work Packages` and open any work package by clicking its ID. - [ ] Navigate to `Files` tab, and login to `Nextcloud`. - [ ] `OpenProject` admin is connected to `Nextcloud` as a `Nextcloud` admin. -- [ ] Also, create a user in both `Nextcloud` as well as `OpenProject`. - [ ] Add the created `OpenProject` user as the member of `Demo Project` project (admin can add members to a project). +- [ ] Login as created user in both `OpenProject` and `Nextcloud`. - [ ] Try to connect the created `OpenProject` user as created `Nextcloud` user. - [ ] `OpenProject` user should be connected as a `Nextcloud` user. -### A5. Setup and check project folder in Nextcloud (with project folder setup) -- [ ] Complete step [Test No A1](#a1-oauth-configuration). -- [ ] Enable `groupfolders` application in `Nextcloud`. -- [ ] Enable `Automatically managed folders` switch in admin setting and set project folder. -- [ ] Application password should be generated. -- [ ] Verify that `OpenProject` user and group are created with user `OpenProject` as sub-admin of the group. -- [ ] Verify that `OpenProjectNoAutomaticProjectFolders` group is also created with user `OpenProject` as sub-admin. -- [ ] Try deleting `OpenProject` user and group, those should not be deleted. -- [ ] Try deleting `OpenProjectNoAutomaticProjectFolders` group, it should not be possible to delete. -- [ ] Test group management (as user `OpenProject`): - - Login as `OpenProject` user - - Add a test user `user1` to the `OpenProject` group - - Remove `user1` from the `OpenProject` group - - Verify that `user1` is automatically moved to the `OpenProjectNoAutomaticProjectFolders` group +### A5. Complete the common smoke tests -### A6. Complete the common smoke tests -- [ ] Complete [smoke tests 1-6](#common-smoke-test-steps). +- [ ] Complete [smoke tests 1-7](#common-smoke-test-steps). -### A7. Check the integration script for oauth set up +### A6. Check the integration script for oauth set up -> Before Running the script make sure that your `Nextcloud` and `OpenProject` instance is up and running +> Before running the script, make sure that your `Nextcloud` and `OpenProject` instances are up and running. - [ ] Run the `integration_setup.sh` script to set up integration without project folder with the following command: + ```bash -SETUP_PROJECT_FOLDER=true \ +SETUP_PROJECT_FOLDER=false \ NEXTCLOUD_HOST= \ OPENPROJECT_HOST= \ OP_ADMIN_USERNAME=admin \ -OP_ADMIN_PASSWORD=admin \ -NC_ADMIN_USERNAME=admin \ -NC_ADMIN_PASSWORD=admin \ -OPENPROJECT_STORAGE_NAME=Nextcloud \ +OP_ADMIN_PASSWORD=admin \ +NC_ADMIN_USERNAME=admin \ +NC_ADMIN_PASSWORD=admin \ +OPENPROJECT_STORAGE_NAME=Nextcloud \ bash integration_setup.sh ``` -- [ ] Upon success, try step [Test No A2](#A2-Connect-Nextcloud-with-OpenProject) (Skip first check). + +- [ ] Upon success, try step [Test No A2](#a2-connect-nextcloud-with-openproject) (Skip first check). - [ ] Upon success, try step [Test No A4](#a4-connect-openproject-with-nextcloud) (Skip first check). - [ ] Also, to set up the integration configuration with project folder setup, just set environment `SETUP_PROJECT_FOLDER=true` and run the script. - [ ] Re-run the script again after it is already setup (Should not give any error). ## Section B: Single-Sign-On through OpenID Connect Identity Provider +> **Note**: `OpenProject` must be an Enterprise edition to use SSO setup. + ### B.1: Nextcloud Hub as IDP #### B.1.1. Configure Nextcloud -- [ ] In Nextcloud, install and enable `oidc` and `user_oidc` apps. -- [ ] Create a new user( with username, display name, password, and email) -- [ ] Run following command: - - `php occ config:system:set user_oidc --type boolean --value="true" oidc_provider_bearer_validation` -- [ ] Go to `Administration > OpenID Connect` and enable `store login tokens` option. -- [ ] Go to `Administation > Security` -- [ ] Add OIDC client ("OpenID Connect clients" section): - - Add a client name (not an identifier) - - Add a redirect URL : `/auth/oidc-/callback` - - After adding, choose `Access Token Type` as `JWT Access Token (RFC9068)`. - - Set `Refresh Token Expire Time` to `Never` - - Save - - Copy the Client ID and Client secret (you will need these later in OpenProject and integration_openproject) - -#### B.1.2. Add Nextcloud IDP in OpenProject -- [ ] In OpenProject, go to `Administration > Authentication > OpenID providers` + +- [ ] In `Nextcloud`, log in as a user `admin`. +- [ ] Install and enable `OIDC Identity Provider`(`oidc`) and `OpenID Connect user backend`(`user_oidc`) apps. +- [ ] Create a new user ( with username, display name, password, and email). +- [ ] Check whether `oidc_provider_bearer_validation` exists and is set to `true` by running `php occ config:list`. + > **Note:** This requires the OIDC Identity Provider app >= v1.4.0. Access tokens and JWT tokens can be validated. + - [ ] If the setting does not exist or is set to `false`, run: + - `php occ config:system:set user_oidc --type boolean --value="true" oidc_provider_bearer_validation` +- [ ] Go to `Administration > OpenID Connect` and enable `store login tokens` option. +- [ ] Go to `Administration > OpenID Connect Provider`. + - Click the button `+ Add client`. + - Add a client name (not an identifier) such as `openproject`. + - Add a redirect URL: `/auth/oidc-/callback`. Use the same value as the OpenProject `Display name` from `B.1.2` (for example, `nextcloud`). + - Choose Signing Algorithm option as `RS256`. + - Choose Client Type as `Confidential` and click on `Add` button. + - After clicking `add` button, click on the recently created client. + - Choose `Access Token Type` as `JWT Access Token (RFC9068)` and click on `save` button. + - Go to `settings` section. + - Set `Refresh Token Expire Time` to `Never`. + - Save. + - Copy the Client ID and Client secret (you will need these later in OpenProject and integration_openproject). + +#### B.1.2. Add Nextcloud IDP in OpenProject (Without project folder setup) + +- [ ] In `OpenProject`, log in as a user `admin`. +- [ ] Go to `Administration > Authentication > OpenID providers`. - [ ] Add a new custom OpenID provider: - - Display name: `nextcloud` (use this name as redirect URL in Nextcloud: ) + - Display name: `nextcloud` (use this name as redirect URL in Nextcloud: ) - Discovery URL: `/index.php/.well-known/openid-configuration` - Client ID: Client ID copied earlier from Nextcloud - Client secret: Client secret copied earlier from Nextcloud -- [ ] Go to `Administration > Files` -- [ ] Select the file storage type called Nextcloud (created earlier in previous test) -- [ ] Under `OAuth configuration`, select `Use access token obtained during user log in` + - Keep all other options as default and click on `save`. +- [ ] Then, go to `Administration > Files`. +- [ ] Create a file storage type `Nextcloud` by clicking the button `+ Storage` and choosing `Nextcloud`. +- [ ] Set the name to `Nextcloud`. +- [ ] Set Host to ``. +- [ ] Set authentication Method to `Single-Sign-On through OpenID Connect Identity Provider`. +- [ ] Then, select the option `Use access token obtained during user log in`. +- [ ] Uncheck project folder (automatically managed folder). +- [ ] Click on button `Finish setup`. #### B.1.3. Setup integration (Without project folder setup) -- [ ] Complete step [Test No B.1.1](#B11-Configure-Nextcloud). -- [ ] Complete step [Test No B.1.2](#B12-Add-Nextcloud-Idp-in-OpenProject). -- [ ] In nextcloud, go to `Administration > OpenProject`. + +- [ ] Complete step [Test No B.1.1](#b11-configure-nextcloud). +- [ ] Complete step [Test No B.1.2](#b12-add-nextcloud-idp-in-openproject-without-project-folder-setup). +- [ ] In `Nextcloud`, as a user `admin`, go to `Administration > OpenProject`. +- [ ] Add openproject host. - [ ] Under `Authentication Method`, select `Single-Sign-On through OpenID Connect Identity Provider`. - [ ] In `Authentication settings`, select `provider Type` as `Nextcloud Hub`. -- [ ] Set Openproject `client ID` by Client ID copied earlier in **Test No B1**. +- [ ] Set OpenProject `client ID` by Client ID copied earlier in **Test No B1**. +- [ ] Uncheck `project folder (automatically managed folder)`. #### B.1.4. Login to OpenProject using Nextcloud user -- [ ] Complete step [Test No B.1.1](#B11-Configure-Nextcloud) -- [ ] Complete step [Test No B.1.2](#B12-Add-Nextcloud-Idp-in-OpenProject). -- [ ] Complete step [Test No B.1.3](#b13-Setup-integration-Without-project-folder-setup). + +- [ ] Complete step [Test No B.1.1](#B11-Configure-Nextcloud). +- [ ] Complete step [Test No B.1.2](#b12-add-nextcloud-idp-in-openproject-without-project-folder-setup). +- [ ] Complete step [Test No B.1.3](#b13-setup-integration-without-project-folder-setup). - [ ] In `nextcloud`, login as nextcloud-created user. - [ ] In `openproject`, use the SSO button on the login page to sign in as the nextcloud-created user. - [ ] Login should be successful in `openproject`. -- [ ] Login should be successful in `openproject` with username having created-nextcloud user's display name. -- [ ] The OpenProject username must match the Nextcloud-created user’s name. +- [ ] The OpenProject username should match the Nextcloud-created user’s name. #### B.1.5. Verify Connection of Nextcloud user with OpenProject + - [ ] Complete step [Test No B.1.1](#B11-Configure-Nextcloud). -- [ ] Complete step [Test No B.1.2](#B12-Add-Nextcloud-Idp-in-OpenProject). -- [ ] Complete step [Test No B.1.3](#b13-Setup-integration-Without-project-folder-setup). -- [ ] Complete step [Test No B.1.4](#b14-Login-to-OpenProject-using-Nextcloud-user). +- [ ] Complete step [Test No B.1.2](#b12-add-nextcloud-idp-in-openproject-without-project-folder-setup). +- [ ] Complete step [Test No B.1.3](#b13-setup-integration-without-project-folder-setup). +- [ ] Complete step [Test No B.1.4](#b14-login-to-openProject-using-nextcloud-user). - [ ] In nextcloud, login as nextcloud-created user. -- [ ] Navigate to `Settings > Openproject` +- [ ] Navigate to `Settings > OpenProject`. - [ ] Should show user is connected as an OpenProject user. #### B.1.6. Complete the common smoke tests -- [ ] Complete [smoke tests 1-6](#common-smoke-test-steps). + +- [ ] Complete [smoke tests 1-7](#common-smoke-test-steps). ### B.2: External Provider + > Here, keycloak is an External Provider #### B.2.1. Configure Keycloak -- [ ] Set up Keycloak using this guide: [Keycloak Setup](https://www.openproject-edge.com/docs/system-admin-guide/integrations/nextcloud/oidc-sso/#keycloak) + +- [ ] Set up Keycloak using this guide: [Keycloak Setup](https://www.openproject-edge.com/docs/system-admin-guide/integrations/nextcloud/oidc-sso/#keycloak). #### B.2.2. Configure Nextcloud -- [ ] In **nextcloud**, go to `Administration > OpenID Connect`. + +- [ ] In **nextcloud**, as an admin go to `Administration > OpenID Connect`. - [ ] Enable `store login tokens` options. -- [ ] Register a new providers with following data: +- [ ] Register a new providers with the following data: - Identifier: `keycloak` - Client ID: nextcloud client id from keycloak - Client Secret: nextcloud client secret from keycloak - - Discovery endpoint: `/realms//.well-known/openid-configuration` - - Scope: `openid email profile api_v3` + - Discovery endpoint: `/realms//.well-known/openid-configuration` (for example realm name can be `opnc`) + - Scope: `openid profile email api_v3` - submit +- [ ] If you are using [Docker setup](../../dev/), default `Keycloak` users already exist (`alice` and `brian`, password: `1234`), so you can skip the user-creation steps below and go directly to step [B.2.3](#b23-add-keycloak-idp-in-openproject). +- [ ] In Keycloak, go to the user management section. For example, if your realm name is `opnc`, navigate to: `opnc > Users`. +- [ ] Then create a user. - [ ] Login as keycloak-created user in `Nextcloud`. -- [ ] Login Should be successful -- [ ] Logout +- [ ] Login should be successful. +- [ ] Logout. #### B.2.3. Add Keycloak IDP in OpenProject -- [ ] In **OpenProject**, go to `Administration > Authentication > OpenID providers` +- [ ] In `OpenProject`, as a user `admin`, go to `Administration > Authentication > OpenID providers`. - [ ] Add a new custom OpenID provider: - Display name: `keycloak` - Discovery URL: `/realms//.well-known/openid-configuration` - - Client ID: Client ID of openproject from keycloak + - Client ID: Client ID of openproject provided by keycloak in the realm. - Client secret: Client secret of openproject from keycloak -- [ ] Login as keycloak-created user in `Openproject`. -- [ ] Log out, then Login as admin in `Openproject`. -- [ ] As an `OpenProject` admin, add keycloak-created user as a member in one of the project. - -#### B.2.4. Setup integration (token exchange disabled) -- [ ] In nextcloud, go to `Administration > OpenProject`. + > Note: To find `Client ID` and `Client secret` in Keycloak, open `Clients` in your `` realm and select `openproject`. Copy `Client ID` from the `Settings` tab and `Client secret` from the `Credentials` tab. +- [ ] Go to Administration > Files. + - [ ] Create a file storage type `Nextcloud` by clicking the button `+ Storage` and choosing Nextcloud + - [ ] Add name as `Nextcloud`. + - [ ] Add Host as `` + - [ ] Set authentication method to `Single-Sign-On through OpenID Connect Identity Provider`. + - [ ] Then, select the option `Use access token obtained during user log in`. + - [ ] Uncheck project folder (automatically managed folder). + - [ ] Click on button `Finish setup`. +- [ ] Navigate to `Project settings > Files` of a project (for example, `Demo Project`) and add `Nextcloud` as a file storage. +- [ ] In `OpenProject`, login as keycloak-created user. +- [ ] In `OpenProject`, log out, then log in as a user `admin`. +- [ ] As an `OpenProject` admin, add keycloak-created user as a member in one of the project (for example, `Demo Project`). + +#### B.2.4. Setup integration (token exchange disabled) in Nextcloud + +- [ ] As a user `admin`, go to `Administration > OpenProject`. +- [ ] Add OpenProject host as ``. - [ ] Under `Authentication Method`, select `Single-Sign-On through OpenID Connect Identity Provider`. - [ ] In `Authentication settings`, select `provider Type` as `Keycloak`. -- [ ] Disable `token exchange` +- [ ] Disable `token exchange` as well as `Automatically managed folders`. #### B.2.5. Verify Connection in nextcloud -- [ ] Complete step [Test No B.2.1](#b21-Configure-Keycloak). -- [ ] Complete step [Test No B.2.2](#b22-Configure-Nextcloud). -- [ ] Complete step [Test No B.2.3](#b23-Add-Keycloak-IDP-in-OpenProject). -- [ ] Complete step [Test No B.2.4](#b24-Setup-integration-token-exchange-disabled). + +- [ ] First, complete steps **B.2.1** to **B.2.4**. - [ ] In nextcloud, login as keycloak-created user. -- [ ] Navigate to `Settings > Openproject` +- [ ] Navigate to `Settings > OpenProject`. - [ ] Should show user is connected as an OpenProject user. #### B.2.6. Complete the common smoke tests -- [ ] Complete [smoke tests 1-6](#common-smoke-test-steps). - -#### B.2.7.Setup integration (token exchange enabled) -- [ ] Complete step [Test No B.2.1](#b21-Configure-Keycloak). -- [ ] Complete step [Test No B.2.2](#b22-Configure-Nextcloud). -- [ ] Complete step [Test No B.2.3](#b23-Add-Keycloak-IDP-in-OpenProject). -- [ ] Go to `Administration > OpenProject` in nextcloud -- [ ] Under `Authentication Method`, select `Single-Sign-On through OpenID Connect Identity Provider` -- [ ] In `Authentication settings`, select `provider Type` as `Keycloak` -- [ ] Enable `token exchange` -- [ ] Set `OpenProject client ID *` as `Openproject` + +- [ ] Complete [smoke tests 1-7](#common-smoke-test-steps). + +#### B.2.7. Setup integration (token exchange enabled) + +- [ ] Complete step [Test No B.2.1](#b21-configure-keycloak). +- [ ] Complete step [Test No B.2.2](#b22-configure-nextcloud). +- [ ] Complete step [Test No B.2.3](#b23-Add-Keycloak-idp-in-openoroject). +- [ ] As a user `admin` go to `Administration > OpenProject` in nextcloud. +- [ ] Under `Authentication Method`, select `Single-Sign-On through OpenID Connect Identity Provider`. +- [ ] In `Authentication settings`, select `provider Type` as `Keycloak`. +- [ ] Enable `token exchange`. +- [ ] Set `OpenProject client ID *` as `openproject`. #### B.2.8. Verify Connection in nextcloud -- [ ] Complete step [Test No B.2.1](#b21-Configure-Keycloak). -- [ ] Complete step [Test No B.2.2](#b22-Configure-Nextcloud). -- [ ] Complete step [Test No B.2.3](#b23-Add-Keycloak-IDP-in-OpenProject). -- [ ] Complete step [Test No B.2.5](#b25-Verify-Connection-in-nextcloud). + +- [ ] Complete step [Test No B.2.1](#b21-configure-keycloak). +- [ ] Complete step [Test No B.2.2](#b22-configure-nextcloud). +- [ ] Complete step [Test No B.2.3](#b23-add-keycloak-idp-in-openproject). +- [ ] Complete step [Test No B.2.5](#b25-verify-connection-in-nextcloud). - [ ] In nextcloud, login as keycloak-created user. -- [ ] Navigate to `settings > Openproject` +- [ ] Navigate to `Settings > OpenProject`. - [ ] Should show user is connected as an OpenProject user. #### B.2.9. Complete the common smoke tests -- [ ] Complete [smoke tests 1-6](#common-smoke-test-steps). + +- [ ] Complete [smoke tests 1-7](#common-smoke-test-steps). ### Check the integration script for sso setup (Nextcloud Hub) -> Before Running the script make sure that your `Nextcloud` and `OpenProject` instance is up and running +> Before running the script, make sure that your `Nextcloud` and `OpenProject` instances are up and running. > If you're using Nextcloud as the Identity Provider (OIDC), make sure the following apps are installed and enabled in Nextcloud: -> - oidc -> - integration_openproject +> +> - oidc +> - integration_openproject > > If you are using a custom Identity Provider, ensure that: -> - user_oidc app is installed and enabled in Nextcloud. -> - The custom IdP is properly configured and accessible. +> +> - user_oidc app is installed and enabled in Nextcloud. +> - The custom IdP is properly configured and accessible. > > To add the Nextcloud storage, delete the 'nextcloud' file storage from OpenProject, reset the Nextcloud config, and run the script again. -- [ ] Complete step [Test No B.1.1](#B11-Configure-Nextcloud) (only the first , second and thrid steps are required). -- [ ] Complete step [Test No B.1.2](#B12-Add-Nextcloud-Idp-in-OpenProject) (only the first and second steps are required). +- [ ] Complete step [Test No B.1.1](#b11-configure-nextcloud) (only the first , second and third steps are required). +- [ ] Complete step [Test No B.1.2](#b12-add-nextcloud-idp-in-openProject-without-project-folder-setup) (only the first and second steps are required). - [ ] Run the `integration_oidc_setup.sh` script to set up integration without project folder with the following command: ```bash @@ -269,20 +318,21 @@ OP_USE_LOGIN_TOKEN=true \ bash integration_oidc_setup.sh ``` -- [ ] Upon success, try step [Test No B.1.4](#b14-Login-to-OpenProject-using-Nextcloud-user). -- [ ] Upon success, try step [Test No B.1.5](#b15-Verify-Connection-of-Nextcloud-user-with-OpenProject). +- [ ] Upon success, try step [Test No B.1.4](#b14-login-to-openproject-using-nextcloud-user). +- [ ] Upon success, try step [Test No B.1.5](#b15-verify-connection-of-nextcloud-user-with-openproject). - [ ] Also, to set up the integration configuration with project folder setup, at first delete 'nextcloud' file storage from OpenProject. - [ ] In nextcloud, delete the `OpenProject` user, group and team folder from the nextcloud (if they exist). - [ ] Then, reset the Nextcloud config. -- [ ] set environment `SETUP_PROJECT_FOLDER=true` and run the script. +- [ ] Set environment `SETUP_PROJECT_FOLDER=true` and run the script. - [ ] Run the script again after it is already setup (Should not give any error). -### Check the integration script for sso setup (External provider without token exchange) +### Check the integration script for sso setup (External provider without token exchange) + > Before running the script make sure that you delete the 'nextcloud' file storage from OpenProject and reset the integration settings in Nextcloud. -- [ ] Complete step [Test No B.2.1](#b21-Configure-Keycloak). -- [ ] Complete step [Test No B.2.2](#b22-Configure-Nextcloud). -- [ ] Complete step [Test No B.2.3](#b23-Add-Keycloak-IDP-in-OpenProject). +- [ ] Complete step [Test No B.2.1](#b21-configure-keycloak). +- [ ] Complete step [Test No B.2.2](#b22-configure-nextcloud). +- [ ] Complete step [Test No B.2.3](#b23-add-keycloak-idp-in-openproject). - [ ] Run the `integration_oidc_setup.sh` script to set up integration without project folder with the following command: ```bash @@ -304,20 +354,20 @@ bash integration_oidc_setup.sh ``` -- [ ] Upon success, try step [Test No B.2.5](#B25-Verify-Connection-in-nextcloud). +- [ ] Upon success, try step [Test No B.2.5](#b25-verify-connection-in-nextcloud). - [ ] Also, to set up the integration configuration with project folder setup, at first delete 'nextcloud' file storage from OpenProject. - [ ] In nextcloud, delete the `OpenProject` user, group and team folder from the nextcloud (if they exist). - [ ] Then, reset the Nextcloud config. -- [ ] set environment `SETUP_PROJECT_FOLDER=true` and run the script. +- [ ] Set environment `SETUP_PROJECT_FOLDER=true` and run the script. - [ ] Run the script again after it is already setup (Should not give any error). +### Check the integration script for sso setup (External provider with token exchange) -### Check the integration script for sso setup (External provider with token exchange) -> Before Running the below script make sure that you delete the 'nextcloud' file storage from OpenProject and reset the Nextcloud config. +> Before running the script below, make sure that you delete the 'nextcloud' file storage from OpenProject and reset the Nextcloud config. -- [ ] Complete step [Test No B.2.1](#b21-Configure-Keycloak). -- [ ] Complete step [Test No B.2.2](#b22-Configure-Nextcloud). -- [ ] Complete step [Test No B.2.3](#b23-Add-Keycloak-IDP-in-OpenProject). +- [ ] Complete step [Test No B.2.1](#b21-configure-keycloak). +- [ ] Complete step [Test No B.2.2](#b22-configure-nextcloud). +- [ ] Complete step [Test No B.2.3](#b23-add-keycloak-idp-in-openproject). - [ ] Run the `integration_oidc_setup.sh` script to set up integration without project folder with the following command: ```bash @@ -338,17 +388,18 @@ OP_STORAGE_AUDIENCE=nextcloud \ bash integration_oidc_setup.sh ``` -- [ ] Upon success, try step [Test No B.2.8](#B28-Verify-Connection-in-nextcloud). +- [ ] Upon success, try step [Test No B.2.8](#b28-verify-connection-in-nextcloud). - [ ] Also, to set up the integration configuration with project folder setup, at first delete 'nextcloud' file storage from OpenProject. - [ ] In nextcloud, delete the `OpenProject` user, group and team folder from the nextcloud (if they exist). - [ ] Then, reset the Nextcloud config. -- [ ] set environment `SETUP_PROJECT_FOLDER=true` and run the script. +- [ ] Set environment `SETUP_PROJECT_FOLDER=true` and run the script. - [ ] Run the script again after it is already setup (Should not give any error). ## Common Smoke Test Steps +> **Note**: For SSO setup, run smoke tests 1-5 and the portions of smoke test 6 that involve user interaction should be performed as a connected user. -### 1. Link/Unlink a work package for a file/folder in Nextcloud -- [ ] In openproject, Select a file, navigate to sidebar `OpenProject` tab. +### 1. Link/Unlink a work package for a file/folder in nextcloud +- [ ] Select a file, navigate to sidebar `OpenProject` tab. - [ ] Search for any of the work packages in the `Demo Project`. - [ ] Work packages are listed. - [ ] Link to any one of the work packages appeared in the search lists. @@ -358,43 +409,70 @@ bash integration_oidc_setup.sh - [ ] Unlink a work package and it should be deleted from the `OpenProject` Tab with a successful message. ### 2. Link/Unlink a work package for a file/folder from OpenProject -- [ ] Navigate to `Demo Project > Work Packages` and double click any one of the work packages available. +- [ ] In `OpenProject`, navigate to `Demo Project > Work Packages` and double click any one of the work packages available. - [ ] Navigate to `Files` tab, click `link existing files`, select available files (for example, welcome.txt) from Nextcloud and link it to the work package. -- [ ] Selected file is linked to the work package in `OpenProject` +- [ ] Selected file is linked to the work package in `OpenProject`. - [ ] Also Navigate to nextcloud and see in the `OpenProject` tab for file (welcome.txt), the work package should be linked. ### 3. Direct upload file/folder from OpenProject to Nextcloud -- [ ] Navigate to `Demo Project > Work Packages` and double click any one of the work packages available. + +- [ ] In `OpenProject`, navigate to `Demo Project > Work Packages` and double click any one of the work packages available. - [ ] Navigate to `Files` tab, click `Upload files`, select available files from your local system (for example, local.txt) and upload choosing the upload location. -- [ ] Uploaded file is linked to the work package in `OpenProject` +- [ ] Uploaded file is linked to the work package in `OpenProject`. - [ ] Also Navigate to `Nextcloud` and see in the `OpenProject` tab for file (local.txt), the work package should be linked. ### 4. Create a WorkPackage from Nextcloud -- [ ] Open the form to create work package from Nextcloud in the `OpenProject` tab for a file/folder. + +- [ ] In `Nextcloud`, select a file and open the sidebar `OpenProject` tab. +- [ ] Click `Create and link new work package`. - [ ] Select `Demo Project`, fill up the modal form and create. - [ ] Work package should be created and linked to the selected file. ### 5. Check notification in `OpenProject` widget in Nextcloud + > Make sure your `OpenProject` is running along with `worker` instance -- [ ] Create a separate user in both `Nextcloud` as well as `OpenProject`. -- [ ] Connect `Nextcloud` user to `OpenProject` user and vice-versa (`OpenProject` user to `Nextcloud` user). + +- [ ] In `Nextcloud` dashboard, open `Customize` and enable `integration_openproject` to view notifications. - [ ] Now as an `OpenProject` admin, assign any of the `Demo Project` work packages to the created `OpenProject` user. - [ ] The `Nextcloud` user should receive a notification regarding the assignment. -### 6. Check New folder with automatically managed permissions in OpenProject +### 6. Setup and check project folder in Nextcloud (with project folder setup) + +- [ ] As a user `admin` enable the Nextcloud `groupfolders` app (`Team folders`) in `Nextcloud`. +- [ ] Enable `Automatically managed folders` switch in admin setting and set project folder. +- [ ] Application password should be generated (copy this password as this will be needed in the next step). +- [ ] Verify that `OpenProject` user and `OpenProject` group are created with user `OpenProject` as sub-admin of the group. +- [ ] Verify that `OpenProjectNoAutomaticProjectFolders` group is also created with user `OpenProject` as sub-admin. +- [ ] Navigate to `Administration settings > Team folders`. +- [ ] Verify that a folder named `OpenProject` is created, assigned to the `OpenProject` group, and has advanced permissions for the `OpenProject` user. +- [ ] Try deleting `OpenProject` user and `OpenProject` group, those should not be deleted. +- [ ] Try deleting `OpenProjectNoAutomaticProjectFolders` group, it should not be possible to delete. +- [ ] Test group management (as a user `OpenProject`): + - Login as `OpenProject` user + - Add a test user `user1` to the `OpenProject` group + - Remove `user1` from the `OpenProject` group + - Verify that `user1` is automatically moved to the `OpenProjectNoAutomaticProjectFolders` group + +### 7. Setup and Check New folder with automatically managed permissions in OpenProject + +- [ ] In `OpenProject`, as a user `admin` navigate to `Administration > Files > Nextcloud`. +- [ ] On `Automatically managed folders` section, click on Edit. +- [ ] Enable the `Automatically managed folders` option. +- [ ] Enter the application password generated from `Nextcloud` and click on `Finish setup`. +- [ ] Navigate to `Demo Project > Project settings > Files`. +- [ ] Edit the `Nextcloud` storage, choose `New folder with automatically managed permissions`, and click `Save`. - [ ] Navigate to `Demo Project > Work Packages` and double click any one of the work packages available. - [ ] Navigate to `Files` tab, click `link existing files`. - [ ] In a modal, `Nextcloud > OpenProject > Demo project(1)` should be visible. - [ ] Also Navigate to `Nextcloud` and in Files `OpenProject > Demo project(1)` folder is created. -- [ ] Try to delete `OpenProject` or `OpenProject > Demo project(1)`. They should not be deleted. ## App Upgrade Testing ### Upgrade Steps -- [ ] **Check update is available**: `php occ app:update --showonly integration_openproject` -- [ ] **Run upgrade**: `php occ app:update --allow-unstable integration_openproject` -- [ ] **Verify upgrade**: Confirm no errors and version updated +- [ ] **Check update is available**: `php occ app:update --showonly integration_openproject`. +- [ ] **Run upgrade**: `php occ app:update --allow-unstable integration_openproject`. +- [ ] **Verify upgrade**: Confirm no errors and version updated. > **Important**: When upgrading from old versions, the upgrade might fail with "Undefined constant" error due to a known cache issue in Nextcloud. To fix this, please run the following commands: > @@ -404,30 +482,31 @@ bash integration_oidc_setup.sh > ``` ### Upgrade Test Cases + #### Existing OAuth 2.0 Setup -- [ ] **Before upgrade**: Perform complete setup with OAuth2 method (Project folder enabled) -- [ ] Perform [Upgrade steps](#upgrade-steps) -- [ ] **After upgrade**: Check that the integration setup and other changes are preserved +- [ ] **Before upgrade**: Perform complete setup with OAuth2 method (Project folder enabled). +- [ ] Perform [Upgrade steps](#upgrade-steps). +- [ ] **After upgrade**: Check that the integration setup and other changes are preserved. #### Existing SSO Setup ##### Nextcloud Hub as IDP -- [ ] **Before upgrade**: Perform complete setup with sso method (Nextcloud Hub as IDP, Project folder enabled) -- [ ] Perform [Upgrade steps](#upgrade-steps) -- [ ] **After upgrade**: Check that the integration setup and other changes are preserved +- [ ] **Before upgrade**: Perform complete setup with sso method (Nextcloud Hub as IDP, Project folder enabled). +- [ ] Perform [Upgrade steps](#upgrade-steps). +- [ ] **After upgrade**: Check that the integration setup and other changes are preserved. #### External Provider (Keycloak) ##### Token Exchange Disabled -- [ ] **Before upgrade**: Perform complete setup with sso method (Keycloak as IDP, Token exchange disable, Project folder enabled) -- [ ] Perform [Upgrade steps](#upgrade-steps) -- [ ] **After upgrade**: Check that the integration setup and other changes are preserved +- [ ] **Before upgrade**: Perform complete setup with sso method (Keycloak as IDP, Token exchange disable, Project folder enabled). +- [ ] Perform [Upgrade steps](#upgrade-steps). +- [ ] **After upgrade**: Check that the integration setup and other changes are preserved. ##### Token Exchange Enabled -- [ ] **Before upgrade**: Perform complete setup with sso method (Keycloak as IDP, Token exchange enable, Project folder enabled) -- [ ] Perform [Upgrade steps](#upgrade-steps) -- [ ] **After upgrade**: Check that the integration setup and other changes are preserved +- [ ] **Before upgrade**: Perform complete setup with sso method (Keycloak as IDP, Token exchange enable, Project folder enabled). +- [ ] Perform [Upgrade steps](#upgrade-steps). +- [ ] **After upgrade**: Check that the integration setup and other changes are preserved.