Assertion fix and refactor done in webDAVPUTAuth feature

tests/acceptance/features/apiAuthOcs/ocsPOSTAuth.feature

@@ -31,15 +31,15 @@ Feature: auth
       | /ocs/v2.php/privatedata/deleteattribute/testing/test            |
       | /ocs/v1.php/privatedata/setattribute/testing/test               |
       | /ocs/v2.php/privatedata/setattribute/testing/test               |
-    Then the HTTP status code of responses on all endpoints should be "997"
-    Then the OCS status code of responses on all endpoints should be "401"
+    Then the HTTP status code of responses on all endpoints should be "401"
+    Then the OCS status code of responses on all endpoints should be "997"
 
   Scenario: send POST requests to OCS endpoints as normal user with wrong password
     When user "Alice" requests these endpoints with "POST" including body "doesnotmatter" using password "invalid" about user "Alice"
       | endpoint                 |
       | /ocs/v1.php/person/check |
-    Then the HTTP status code of responses on all endpoints should be "101"
-    Then the OCS status code of responses on all endpoints should be "200"
+    Then the HTTP status code of responses on all endpoints should be "200"
+    Then the OCS status code of responses on all endpoints should be "101"
 
   Scenario: send POST requests to OCS endpoints as normal user with wrong password
     When user "Alice" requests these endpoints with "POST" including body "doesnotmatter" using password "invalid" about user "Alice"

tests/acceptance/features/apiAuthOcs/ocsPUTAuth.feature

@@ -10,29 +10,32 @@ Feature: auth
   @smokeTest
   @skipOnBruteForceProtection @issue-brute_force_protection-112
   Scenario: send PUT request to OCS endpoints as admin with wrong password
-    When user "another-admin" requests these endpoints with "PUT" including body using password "invalid" then the status codes about user "Alice" should be as listed
-      | endpoint                                         | ocs-code | http-code | body          |
-      | /ocs/v1.php/cloud/users/%username%               | 997      | 401       | doesnotmatter |
-      | /ocs/v2.php/cloud/users/%username%               | 997      | 401       | doesnotmatter |
-      | /ocs/v1.php/cloud/users/%username%/disable       | 997      | 401       | doesnotmatter |
-      | /ocs/v2.php/cloud/users/%username%/disable       | 997      | 401       | doesnotmatter |
-      | /ocs/v1.php/cloud/users/%username%/enable        | 997      | 401       | doesnotmatter |
-      | /ocs/v2.php/cloud/users/%username%/enable        | 997      | 401       | doesnotmatter |
-      | /ocs/v1.php/apps/files_sharing/api/v1/shares/123 | 997      | 401       | doesnotmatter |
-      | /ocs/v2.php/apps/files_sharing/api/v1/shares/123 | 997      | 401       | doesnotmatter |
+    When user "another-admin" requests these endpoints with "PUT" including body "doesnotmatter" using password "invalid" about user "Alice"
+      | endpoint                                         |
+      | /ocs/v1.php/cloud/users/%username%               |
+      | /ocs/v2.php/cloud/users/%username%               |
+      | /ocs/v1.php/cloud/users/%username%/disable       |
+      | /ocs/v2.php/cloud/users/%username%/disable       |
+      | /ocs/v1.php/cloud/users/%username%/enable        |
+      | /ocs/v2.php/cloud/users/%username%/enable        |
+      | /ocs/v1.php/apps/files_sharing/api/v1/shares/123 |
+      | /ocs/v2.php/apps/files_sharing/api/v1/shares/123 |
+    Then the HTTP status code of responses on all endpoints should be "401"
+    Then the OCS status code of responses on all endpoints should be "997"
 
   @skipOnOcV10
   @issue-ocis-reva-30
   @smokeTest
   #after fixing all issues delete this Scenario and use the one above
   Scenario: send PUT request to OCS endpoints as admin with wrong password
-    When user "another-admin" requests these endpoints with "PUT" including body using password "invalid" then the status codes about user "Alice" should be as listed
-      | endpoint                                         | http-code | body          |
-      | /ocs/v1.php/cloud/users/%username%               | 401       | doesnotmatter |
-      | /ocs/v2.php/cloud/users/%username%               | 401       | doesnotmatter |
-      | /ocs/v1.php/cloud/users/%username%/disable       | 401       | doesnotmatter |
-      | /ocs/v2.php/cloud/users/%username%/disable       | 401       | doesnotmatter |
-      | /ocs/v1.php/cloud/users/%username%/enable        | 401       | doesnotmatter |
-      | /ocs/v2.php/cloud/users/%username%/enable        | 401       | doesnotmatter |
-      | /ocs/v1.php/apps/files_sharing/api/v1/shares/123 | 401       | doesnotmatter |
-      | /ocs/v2.php/apps/files_sharing/api/v1/shares/123 | 401       | doesnotmatter |
+    When user "another-admin" requests these endpoints with "PUT" including body "doesnotmatter" using password "invalid" about user "Alice"
+      | endpoint                                         |
+      | /ocs/v1.php/cloud/users/%username%               |
+      | /ocs/v2.php/cloud/users/%username%               |
+      | /ocs/v1.php/cloud/users/%username%/disable       |
+      | /ocs/v2.php/cloud/users/%username%/disable       |
+      | /ocs/v1.php/cloud/users/%username%/enable        |
+      | /ocs/v2.php/cloud/users/%username%/enable        |
+      | /ocs/v1.php/apps/files_sharing/api/v1/shares/123 |
+      | /ocs/v2.php/apps/files_sharing/api/v1/shares/123 |
+    Then the HTTP status code of responses on all endpoints should be "401"

tests/acceptance/features/apiAuthWebDav/webDavDELETEAuth.feature

@@ -93,7 +93,7 @@ Feature: delete file/folder
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "DELETE" with body "doesnotmatter" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "DELETE" with body "doesnotmatter" using basic auth and generated app password about user "Alice"
       | endpoint                                           |
       | /remote.php/webdav/textfile0.txt                   |
       | /remote.php/dav/files/%username%/textfile1.txt     |

tests/acceptance/features/apiAuthWebDav/webDavLOCKAuth.feature

@@ -104,7 +104,7 @@ Feature: LOCK file/folder
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "LOCK" to get property "d:shared" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "LOCK" to get property "d:shared" using basic auth and generated app password about user "Alice"
       | endpoint                                           |
       | /remote.php/webdav/textfile0.txt                   |
       | /remote.php/dav/files/%username%/textfile1.txt     |

tests/acceptance/features/apiAuthWebDav/webDavMKCOLAuth.feature

@@ -42,6 +42,10 @@ Feature: create folder using MKCOL
       | /remote.php/dav/files/%username%/PARENT/parent.txt |
       | /remote.php/dav/files/%username%/does-not-exist    |
     Then the HTTP status code of responses on all endpoints should be "403"
+    When user "Brian" requests these endpoints with "MKCOL" including body "" about user "Alice"
+      | endpoint                                           |
+      | /remote.php/dav/files/%username%/does-not-exist    |
+    Then the HTTP status code of responses on all endpoints should be "409"
 
   Scenario: send MKCOL requests to webDav endpoints using invalid username but correct password
     When user "usero" requests these endpoints with "MKCOL" including body "doesnotmatter" using the password of user "Alice"
@@ -94,7 +98,7 @@ Feature: create folder using MKCOL
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "MKCOL" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "MKCOL" using basic auth and generated app password about user "Alice"
       | endpoint                                       |
       | /remote.php/webdav/newCol                      |
       | /remote.php/dav/files/%username%/newCol1       |

tests/acceptance/features/apiAuthWebDav/webDavMOVEAuth.feature

@@ -103,7 +103,7 @@ Feature: MOVE file/folder
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "MOVE" with body "doesnotmatter" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "MOVE" with body "doesnotmatter" using basic auth and generated app password about user "Alice"
       | endpoint                                           |
       # The token was valid and accepted but the body is invalid so it gives 403
       | /remote.php/webdav/textfile0.txt                   |

tests/acceptance/features/apiAuthWebDav/webDavPOSTAuth.feature

@@ -94,11 +94,12 @@ Feature: get file info using POST
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "POST" with body "doesnotmatter" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "POST" with body "doesnotmatter" using basic auth and generated app password about user "Alice"
       | endpoint                                           |
       # this method is not available so gives 501
       | /remote.php/webdav/textfile0.txt                   |
       | /remote.php/dav/files/%username%/textfile1.txt     |
       | /remote.php/dav/files/%username%/PARENT/parent.txt |
       | /remote.php/webdav/PARENT                          |
       | /remote.php/dav/files/%username%/FOLDER            |
+    Then the HTTP status code of responses on all endpoints should be "501"

tests/acceptance/features/apiAuthWebDav/webDavPROPFINDAuth.feature

@@ -103,7 +103,7 @@ Feature: get file info using PROPFIND
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "PROPFIND" to get property "d:getetag" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "PROPFIND" to get property "d:getetag" using basic auth and generated app password about user "Alice"
       | endpoint                                           |
       | /remote.php/dav/files/%username%/textfile0.txt     |
       | /remote.php/dav/files/%username%/PARENT            |

tests/acceptance/features/apiAuthWebDav/webDavPROPPATCHAuth.feature

@@ -94,7 +94,7 @@ Feature: PROPPATCH file/folder
     Given token auth has been enforced
     And a new browser session for "Alice" has been started
     And the user has generated a new app password named "my-client"
-    When the user "Alice" requests these endpoints with "PROPPATCH" to set property "favorite" using the basic auth and generated app password about user "Alice"
+    When the user "Alice" requests these endpoints with "PROPPATCH" to set property "favorite" using basic auth and generated app password about user "Alice"
       | endpoint                                           |
       | /remote.php/webdav/textfile0.txt                   |
       | /remote.php/dav/files/%username%/textfile1.txt     |

tests/acceptance/features/apiAuthWebDav/webDavPUTAuth.feature

@@ -42,6 +42,10 @@ Feature: get file info using PUT
       | /remote.php/dav/files/%username%/PARENTS            |
       | /remote.php/dav/files/%username%/PARENTS/parent.txt |
     Then the HTTP status code of responses on all endpoints should be "403"
+    When user "Brian" requests these endpoints with "PUT" including body "doesnotmatter" about user "Alice"
+      | endpoint                                            |
+      | /remote.php/dav/files/%username%/PARENTS/parent.txt |
+    Then the HTTP status code of responses on all endpoints should be "404"
 
   Scenario: send PUT requests to webDav endpoints using invalid username but correct password
     When user "usero" requests these endpoints with "PUT" including body "doesnotmatter" using the password of user "Alice"
@@ -99,8 +103,13 @@ Feature: get file info using PUT
       | /remote.php/webdav/textfile0.txt                   |
       | /remote.php/dav/files/%username%/textfile1.txt     |
       | /remote.php/dav/files/%username%/PARENT/parent.txt |
+    Then the HTTP status code of responses on all endpoints should be "204"
+    When the user "Alice" requests these endpoints with "PUT" with body "doesnotmatter" using the basic auth and generated app password about user "Alice"
+      # this folder is created, so gives 201 - CREATED
       | /remote.php/webdav/PARENS                          |
       | /remote.php/dav/files/%username%/FOLDERS           |
+    Then the HTTP status code of responses on all endpoints should be "201"
+    When the user "Alice" requests these endpoints with "PUT" with body "doesnotmatter" using basic auth and generated app password about user "Alice"
       # this folder already exists so gives 409 - CONFLICT
       | /remote.php/dav/files/%username%/FOLDER            |
-    Then the HTTP status code of responses on all endpoints should be "204,201,409"
+    Then the HTTP status code of responses on all endpoints should be "409"

tests/acceptance/features/bootstrap/AuthContext.php

@@ -229,7 +229,7 @@ public function userRequestsEndpointsWithBasicAuth($user, $method, TableNode $ta
 	}
 
 	/**
-	 * @When the user :user requests these endpoints with :method using the basic auth and generated app password about user :ofUser
+	 * @When the user :user requests these endpoints with :method using basic auth and generated app password about user :ofUser
 	 *
 	 * @param string $user
 	 * @param string $method
@@ -244,7 +244,7 @@ public function userRequestsEndpointsWithBasicAuthAndGeneratedPassword($user, $m
 	}
 
 	/**
-	 * @When the user :user requests these endpoints with :method to (get|set) property :property using the basic auth and generated app password about user :ofUser
+	 * @When the user :user requests these endpoints with :method to (get|set) property :property using basic auth and generated app password about user :ofUser
 	 *
 	 * @param string $user
 	 * @param string $method
@@ -264,7 +264,7 @@ public function userRequestsEndpointsWithBasicAuthAndGeneratedPasswordWithProper
 	}
 
 	/**
-	 * @When the user :user requests these endpoints with :method with body :body using the basic auth and generated app password about user :ofUser
+	 * @When the user :user requests these endpoints with :method with body :body using basic auth and generated app password about user :ofUser
 	 *
 	 * @param string $user
 	 * @param string $method

tests/acceptance/features/bootstrap/WebDav.php

@@ -1783,7 +1783,7 @@ public function theHTTPStatusCodeOfResponsesOnAllEndpointsShouldBe($statusCode)
 		if (\count($duplicateRemovedStatusCodes) === 1) {
 			Assert::assertSame(
 				\intval($statusCode),
-				$duplicateRemovedStatusCodes[0],
+				\intval($duplicateRemovedStatusCodes[0]),
 				'Responses did not return expected http status code'
 			);
 		} else {
@@ -1804,7 +1804,7 @@ public function theOCSStatusCodeOfResponsesOnAllEndpointsShouldBe($statusCode) {
 		if (\count($duplicateRemovedStatusCodes) === 1) {
 			Assert::assertSame(
 				\intval($statusCode),
-				$duplicateRemovedStatusCodes[0],
+				\intval($duplicateRemovedStatusCodes[0]),
 				'Responses did not return expected ocs status code'
 			);
 		} else {