namespace OC\Settings\Controller;
use OC\AppFramework\Http;
-use OC\User\Manager;
use OC\User\User;
-use \OCP\AppFramework\Controller;
+use OCP\App\IAppManager;
+use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IConfig;
private $fromMailAddress;
/** @var IURLGenerator */
private $urlGenerator;
+ /** @var bool contains the state of the encryption app */
+ private $isEncryptionAppEnabled;
+ /** @var bool contains the state of the admin recovery setting */
+ private $isRestoreEnabled = false;
/**
* @param string $appName
* @param \OC_Defaults $defaults
* @param \OC_Mail $mail
* @param string $fromMailAddress
+ * @param IAppManager $appManager
*/
public function __construct($appName,
IRequest $request,
\OC_Defaults $defaults,
\OC_Mail $mail,
$fromMailAddress,
- IURLGenerator $urlGenerator) {
+ IURLGenerator $urlGenerator,
+ IAppManager $appManager) {
parent::__construct($appName, $request);
$this->userManager = $userManager;
$this->groupManager = $groupManager;
$this->mail = $mail;
$this->fromMailAddress = $fromMailAddress;
$this->urlGenerator = $urlGenerator;
+
+ // check for encryption state - TODO see formatUserForIndex
+ $this->isEncryptionAppEnabled = $appManager->isEnabledForUser('files_encryption');
+ if($this->isEncryptionAppEnabled) {
+ // putting this directly in empty is possible in PHP 5.5+
+ $result = $config->getAppValue('files_encryption', 'recoveryAdminEnabled', 0);
+ $this->isRestoreEnabled = !empty($result);
+ }
}
/**
* @return array
*/
private function formatUserForIndex(IUser $user, array $userGroups = null) {
- return array(
+
+ // TODO: eliminate this encryption specific code below and somehow
+ // hook in additional user info from other apps
+
+ // recovery isn't possible if admin or user has it disabled and encryption
+ // is enabled - so we eliminate the else paths in the conditional tree
+ // below
+ $restorePossible = false;
+
+ if ($this->isEncryptionAppEnabled) {
+ if ($this->isRestoreEnabled) {
+ // check for the users recovery setting
+ $recoveryMode = $this->config->getUserValue($user->getUID(), 'files_encryption', 'recovery_enabled', '0');
+ // method call inside empty is possible with PHP 5.5+
+ $recoveryModeEnabled = !empty($recoveryMode);
+ if ($recoveryModeEnabled) {
+ // user also has recovery mode enabled
+ $restorePossible = true;
+ }
+ }
+ } else {
+ // recovery is possible if encryption is disabled (plain files are
+ // available)
+ $restorePossible = true;
+ }
+
+ return [
'name' => $user->getUID(),
'displayname' => $user->getDisplayName(),
'groups' => (empty($userGroups)) ? $this->groupManager->getUserGroupIds($user) : $userGroups,
'storageLocation' => $user->getHome(),
'lastLogin' => $user->getLastLogin(),
'backend' => $user->getBackendClassName(),
- 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', '')
- );
+ 'email' => $this->config->getUserValue($user->getUID(), 'settings', 'email', ''),
+ 'isRestoreDisabled' => !$restorePossible,
+ ];
}
/**
/** @var \OCP\AppFramework\IAppContainer */
private $container;
- /** @var UsersController */
- private $usersController;
-
protected function setUp() {
$app = new Application();
$this->container = $app->getContainer();
->disableOriginalConstructor()->getMock();
$this->container['URLGenerator'] = $this->getMockBuilder('\OCP\IURLGenerator')
->disableOriginalConstructor()->getMock();
-
- $this->usersController = $this->container['UsersController'];
-
+ $this->container['OCP\\App\\IAppManager'] = $this->getMockBuilder('OCP\\App\\IAppManager')
+ ->disableOriginalConstructor()->getMock();
}
/**
'storageLocation' => '/home/foo',
'lastLogin' => 500,
'backend' => 'OC_User_Database',
- 'email' => 'foo@bar.com'
+ 'email' => 'foo@bar.com',
+ 'isRestoreDisabled' => false,
),
1 => array(
'name' => 'admin',
'storageLocation' => '/home/admin',
'lastLogin' => 12,
'backend' => 'OC_User_Dummy',
- 'email' => 'admin@bar.com'
+ 'email' => 'admin@bar.com',
+ 'isRestoreDisabled' => false,
),
2 => array(
'name' => 'bar',
'storageLocation' => '/home/bar',
'lastLogin' => 3999,
'backend' => 'OC_User_Dummy',
- 'email' => 'bar@dummy.com'
+ 'email' => 'bar@dummy.com',
+ 'isRestoreDisabled' => false,
),
)
);
- $response = $this->usersController->index(0, 10, 'gid', 'pattern');
+ $response = $this->container['UsersController']->index(0, 10, 'gid', 'pattern');
$this->assertEquals($expectedResponse, $response);
}
'storageLocation' => '/home/foo',
'lastLogin' => 500,
'backend' => 'OC_User_Database',
- 'email' => 'foo@bar.com'
+ 'email' => 'foo@bar.com',
+ 'isRestoreDisabled' => false,
),
1 => array(
'name' => 'admin',
'storageLocation' => '/home/admin',
'lastLogin' => 12,
'backend' => 'OC_User_Dummy',
- 'email' => 'admin@bar.com'
+ 'email' => 'admin@bar.com',
+ 'isRestoreDisabled' => false,
),
2 => array(
'name' => 'bar',
'storageLocation' => '/home/bar',
'lastLogin' => 3999,
'backend' => 'OC_User_Dummy',
- 'email' => 'bar@dummy.com'
+ 'email' => 'bar@dummy.com',
+ 'isRestoreDisabled' => false,
),
)
);
- $response = $this->usersController->index(0, 10, '', 'pattern');
+ $response = $this->container['UsersController']->index(0, 10, '', 'pattern');
$this->assertEquals($expectedResponse, $response);
}
'storageLocation' => '/home/foo',
'lastLogin' => 500,
'backend' => 'OC_User_Database',
- 'email' => null
+ 'email' => null,
+ 'isRestoreDisabled' => false,
)
)
);
- $response = $this->usersController->index(0, 10, '','', 'OC_User_Dummy');
+ $response = $this->container['UsersController']->index(0, 10, '','', 'OC_User_Dummy');
$this->assertEquals($expectedResponse, $response);
}
->will($this->returnValue([]));
$expectedResponse = new DataResponse([]);
- $response = $this->usersController->index(0, 10, '','', 'OC_User_Dummy');
+ $response = $this->container['UsersController']->index(0, 10, '','', 'OC_User_Dummy');
$this->assertEquals($expectedResponse, $response);
}
'displayname' => null,
'quota' => null,
'subadmin' => array(),
- 'email' => null
+ 'email' => null,
+ 'isRestoreDisabled' => false,
),
Http::STATUS_CREATED
);
- $response = $this->usersController->create('foo', 'password', array());
+ $response = $this->container['UsersController']->create('foo', 'password', array());
$this->assertEquals($expectedResponse, $response);
}
'displayname' => null,
'quota' => null,
'subadmin' => array(),
- 'email' => null
+ 'email' => null,
+ 'isRestoreDisabled' => false,
),
Http::STATUS_CREATED
);
- $response = $this->usersController->create('foo', 'password', array('NewGroup', 'ExistingGroup'));
+ $response = $this->container['UsersController']->create('foo', 'password', array('NewGroup', 'ExistingGroup'));
$this->assertEquals($expectedResponse, $response);
}
),
Http::STATUS_FORBIDDEN
);
- $response = $this->usersController->create('foo', 'password', array());
+ $response = $this->container['UsersController']->create('foo', 'password', array());
$this->assertEquals($expectedResponse, $response);
}
),
Http::STATUS_FORBIDDEN
);
- $response = $this->usersController->destroy('myself');
+ $response = $this->container['UsersController']->destroy('myself');
$this->assertEquals($expectedResponse, $response);
}
),
Http::STATUS_NO_CONTENT
);
- $response = $this->usersController->destroy('UserToDelete');
+ $response = $this->container['UsersController']->destroy('UserToDelete');
$this->assertEquals($expectedResponse, $response);
}
/**
),
Http::STATUS_FORBIDDEN
);
- $response = $this->usersController->destroy('UserToDelete');
+ $response = $this->container['UsersController']->destroy('UserToDelete');
$this->assertEquals($expectedResponse, $response);
}
),
Http::STATUS_UNPROCESSABLE_ENTITY
);
- $response = $this->usersController->create('foo', 'password', array(), 'invalidMailAdress');
+ $response = $this->container['UsersController']->create('foo', 'password', array(), 'invalidMailAdress');
$this->assertEquals($expectedResponse, $response);
}
->expects($this->never())
->method('error');
- $response = $this->usersController->create('foo', 'password', array(), 'validMail@Adre.ss');
+ $response = $this->container['UsersController']->create('foo', 'password', array(), 'validMail@Adre.ss');
$this->assertEquals(Http::STATUS_CREATED, $response->getStatus());
}
+ private function mockUser($userId = 'foo', $displayName = 'M. Foo',
+ $lastLogin = 500, $home = '/home/foo', $backend = 'OC_User_Database') {
+ $user = $this->getMockBuilder('\OC\User\User')
+ ->disableOriginalConstructor()->getMock();
+ $user
+ ->expects($this->any())
+ ->method('getUID')
+ ->will($this->returnValue($userId));
+ $user
+ ->expects($this->once())
+ ->method('getDisplayName')
+ ->will($this->returnValue($displayName));
+ $user
+ ->method('getLastLogin')
+ ->will($this->returnValue($lastLogin));
+ $user
+ ->method('getHome')
+ ->will($this->returnValue($home));
+ $user
+ ->expects($this->once())
+ ->method('getBackendClassName')
+ ->will($this->returnValue($backend));
+
+ $result = [
+ 'name' => $userId,
+ 'displayname' => $displayName,
+ 'groups' => null,
+ 'subadmin' => array(),
+ 'quota' => null,
+ 'storageLocation' => $home,
+ 'lastLogin' => $lastLogin,
+ 'backend' => $backend,
+ 'email' => null,
+ 'isRestoreDisabled' => false,
+ ];
+
+ return [$user, $result];
+ }
+
+ public function testRestorePossibleWithoutEncryption() {
+ list($user, $expectedResult) = $this->mockUser();
+
+ $result = \Test_Helper::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
+ $this->assertEquals($expectedResult, $result);
+ }
+
+ public function testRestorePossibleWithAdminAndUserRestore() {
+ list($user, $expectedResult) = $this->mockUser();
+
+ $this->container['OCP\\App\\IAppManager']
+ ->expects($this->once())
+ ->method('isEnabledForUser')
+ ->with(
+ $this->equalTo('files_encryption')
+ )
+ ->will($this->returnValue(true));
+ $this->container['Config']
+ ->expects($this->once())
+ ->method('getAppValue')
+ ->with(
+ $this->equalTo('files_encryption'),
+ $this->equalTo('recoveryAdminEnabled'),
+ $this->anything()
+ )
+ ->will($this->returnValue('1'));
+
+ $this->container['Config']
+ ->expects($this->at(1))
+ ->method('getUserValue')
+ ->with(
+ $this->anything(),
+ $this->equalTo('files_encryption'),
+ $this->equalTo('recovery_enabled'),
+ $this->anything()
+ )
+ ->will($this->returnValue('1'));
+
+ $result = \Test_Helper::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
+ $this->assertEquals($expectedResult, $result);
+ }
+
+ public function testRestoreNotPossibleWithoutAdminRestore() {
+ list($user, $expectedResult) = $this->mockUser();
+
+ $this->container['OCP\\App\\IAppManager']
+ ->method('isEnabledForUser')
+ ->with(
+ $this->equalTo('files_encryption')
+ )
+ ->will($this->returnValue(true));
+
+ $expectedResult['isRestoreDisabled'] = true;
+
+ $result = \Test_Helper::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
+ $this->assertEquals($expectedResult, $result);
+ }
+
+ public function testRestoreNotPossibleWithoutUserRestore() {
+ list($user, $expectedResult) = $this->mockUser();
+
+ $this->container['OCP\\App\\IAppManager']
+ ->expects($this->once())
+ ->method('isEnabledForUser')
+ ->with(
+ $this->equalTo('files_encryption')
+ )
+ ->will($this->returnValue(true));
+ $this->container['Config']
+ ->expects($this->once())
+ ->method('getAppValue')
+ ->with(
+ $this->equalTo('files_encryption'),
+ $this->equalTo('recoveryAdminEnabled'),
+ $this->anything()
+ )
+ ->will($this->returnValue('1'));
+
+ $this->container['Config']
+ ->expects($this->at(1))
+ ->method('getUserValue')
+ ->with(
+ $this->anything(),
+ $this->equalTo('files_encryption'),
+ $this->equalTo('recovery_enabled'),
+ $this->anything()
+ )
+ ->will($this->returnValue('0'));
+
+ $expectedResult['isRestoreDisabled'] = true;
+
+ $result = \Test_Helper::invokePrivate($this->container['UsersController'], 'formatUserForIndex', [$user]);
+ $this->assertEquals($expectedResult, $result);
+ }
+
}
projects / nextcloud-server.git / commitdiff