Browse Source
also block certificate management in the back-end if external storages are disabled for the user
tags/v8.2beta1
Bjoern Schiessle
9 years ago
3 changed files with 53 additions and 9 deletions
+ 2
- 1
settings/application.php
View File
| @@ -107,7 +107,8 @@ class Application extends App { | |||
| $c->query('AppName'), | |||
| $c->query('Request'), | |||
| $c->query('CertificateManager'), | |||
| $c->query('L10N') | |||
| $c->query('L10N'), | |||
| $c->query('IAppManager') | |||
| ); | |||
| }); | |||
| $container->registerService('GroupsController', function(IContainer $c) { | |||
+ 33
- 1
settings/controller/certificatecontroller.php
View File
| @@ -21,6 +21,7 @@ | |||
| namespace OC\Settings\Controller; | |||
| use OCP\App\IAppManager; | |||
| use OCP\AppFramework\Controller; | |||
| use OCP\AppFramework\Http; | |||
| use OCP\AppFramework\Http\DataResponse; | |||
| @@ -36,20 +37,25 @@ class CertificateController extends Controller { | |||
| private $certificateManager; | |||
| /** @var IL10N */ | |||
| private $l10n; | |||
| /** @var IAppManager */ | |||
| private $appManager; | |||
| /** | |||
| * @param string $appName | |||
| * @param IRequest $request | |||
| * @param ICertificateManager $certificateManager | |||
| * @param IL10N $l10n | |||
| * @param IAppManager $appManager | |||
| */ | |||
| public function __construct($appName, | |||
| IRequest $request, | |||
| ICertificateManager $certificateManager, | |||
| IL10N $l10n) { | |||
| IL10N $l10n, | |||
| IAppManager $appManager) { | |||
| parent::__construct($appName, $request); | |||
| $this->certificateManager = $certificateManager; | |||
| $this->l10n = $l10n; | |||
| $this->appManager = $appManager; | |||
| } | |||
| /** | |||
| @@ -60,6 +66,11 @@ class CertificateController extends Controller { | |||
| * @return array | |||
| */ | |||
| public function addPersonalRootCertificate() { | |||
| if ($this->isCertificateImportAllowed() === false) { | |||
| return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN); | |||
| } | |||
| $file = $this->request->getUploadedFile('rootcert_import'); | |||
| if(empty($file)) { | |||
| return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY); | |||
| @@ -92,8 +103,29 @@ class CertificateController extends Controller { | |||
| * @return DataResponse | |||
| */ | |||
| public function removePersonalRootCertificate($certificateIdentifier) { | |||
| if ($this->isCertificateImportAllowed() === false) { | |||
| return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN); | |||
| } | |||
| $this->certificateManager->removeCertificate($certificateIdentifier); | |||
| return new DataResponse(); | |||
| } | |||
| /** | |||
| * check if certificate import is allowed | |||
| * | |||
| * @return bool | |||
| */ | |||
| protected function isCertificateImportAllowed() { | |||
| $externalStorageEnabled = $this->appManager->isEnabledForUser('files_external'); | |||
| if ($externalStorageEnabled) { | |||
| $backends = \OC_Mount_Config::getPersonalBackends(); | |||
| if (!empty($backends)) { | |||
| return true; | |||
| } | |||
| } | |||
| return false; | |||
| } | |||
| } | |||
+ 18
- 7
tests/settings/controller/CertificateControllerTest.php
View File
| @@ -21,6 +21,7 @@ | |||
| namespace OC\Settings\Controller; | |||
| use OCP\App\IAppManager; | |||
| use OCP\AppFramework\Http; | |||
| use OCP\AppFramework\Http\DataResponse; | |||
| use OCP\IRequest; | |||
| @@ -41,6 +42,8 @@ class CertificateControllerTest extends \Test\TestCase { | |||
| private $certificateManager; | |||
| /** @var IL10N */ | |||
| private $l10n; | |||
| /** @var IAppManager */ | |||
| private $appManager; | |||
| public function setUp() { | |||
| parent::setUp(); | |||
| @@ -48,13 +51,21 @@ class CertificateControllerTest extends \Test\TestCase { | |||
| $this->request = $this->getMock('\OCP\IRequest'); | |||
| $this->certificateManager = $this->getMock('\OCP\ICertificateManager'); | |||
| $this->l10n = $this->getMock('\OCP\IL10N'); | |||
| $this->certificateController = new CertificateController( | |||
| 'settings', | |||
| $this->request, | |||
| $this->certificateManager, | |||
| $this->l10n | |||
| ); | |||
| $this->appManager = $this->getMock('OCP\App\IAppManager'); | |||
| $this->certificateController = $this->getMockBuilder('OC\Settings\Controller\CertificateController') | |||
| ->setConstructorArgs( | |||
| [ | |||
| 'settings', | |||
| $this->request, | |||
| $this->certificateManager, | |||
| $this->l10n, | |||
| $this->appManager | |||
| ] | |||
| )->setMethods(['isCertificateImportAllowed'])->getMock(); | |||
| $this->certificateController->expects($this->any()) | |||
| ->method('isCertificateImportAllowed')->willReturn(true); | |||
| } | |||
| public function testAddPersonalRootCertificateWithEmptyFile() { | |||
Loading…