mirror of
https://github.com/nextcloud/server.git
synced 2024-08-18 02:10:32 +02:00
also block certificate management in the back-end if external storages are disabled for the user
This commit is contained in:
Bjoern Schiessle
parent
573177d176
commit
dc5e89e624
@ -107,7 +107,8 @@ class Application extends App {
|
||||
$c->query('AppName'),
|
||||
$c->query('Request'),
|
||||
$c->query('CertificateManager'),
|
||||
$c->query('L10N')
|
||||
$c->query('L10N'),
|
||||
$c->query('IAppManager')
|
||||
);
|
||||
});
|
||||
$container->registerService('GroupsController', function(IContainer $c) {
|
||||
|
||||
@ -21,6 +21,7 @@
|
||||
|
||||
namespace OC\Settings\Controller;
|
||||
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
@ -36,20 +37,25 @@ class CertificateController extends Controller {
|
||||
private $certificateManager;
|
||||
/** @var IL10N */
|
||||
private $l10n;
|
||||
/** @var IAppManager */
|
||||
private $appManager;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param ICertificateManager $certificateManager
|
||||
* @param IL10N $l10n
|
||||
* @param IAppManager $appManager
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
ICertificateManager $certificateManager,
|
||||
IL10N $l10n) {
|
||||
IL10N $l10n,
|
||||
IAppManager $appManager) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->certificateManager = $certificateManager;
|
||||
$this->l10n = $l10n;
|
||||
$this->appManager = $appManager;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -60,6 +66,11 @@ class CertificateController extends Controller {
|
||||
* @return array
|
||||
*/
|
||||
public function addPersonalRootCertificate() {
|
||||
|
||||
if ($this->isCertificateImportAllowed() === false) {
|
||||
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
||||
}
|
||||
|
||||
$file = $this->request->getUploadedFile('rootcert_import');
|
||||
if(empty($file)) {
|
||||
return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY);
|
||||
@ -92,8 +103,29 @@ class CertificateController extends Controller {
|
||||
* @return DataResponse
|
||||
*/
|
||||
public function removePersonalRootCertificate($certificateIdentifier) {
|
||||
|
||||
if ($this->isCertificateImportAllowed() === false) {
|
||||
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
||||
}
|
||||
|
||||
$this->certificateManager->removeCertificate($certificateIdentifier);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* check if certificate import is allowed
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
protected function isCertificateImportAllowed() {
|
||||
$externalStorageEnabled = $this->appManager->isEnabledForUser('files_external');
|
||||
if ($externalStorageEnabled) {
|
||||
$backends = \OC_Mount_Config::getPersonalBackends();
|
||||
if (!empty($backends)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -21,6 +21,7 @@
|
||||
|
||||
namespace OC\Settings\Controller;
|
||||
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\IRequest;
|
||||
@ -41,6 +42,8 @@ class CertificateControllerTest extends \Test\TestCase {
|
||||
private $certificateManager;
|
||||
/** @var IL10N */
|
||||
private $l10n;
|
||||
/** @var IAppManager */
|
||||
private $appManager;
|
||||
|
||||
public function setUp() {
|
||||
parent::setUp();
|
||||
@ -48,13 +51,21 @@ class CertificateControllerTest extends \Test\TestCase {
|
||||
$this->request = $this->getMock('\OCP\IRequest');
|
||||
$this->certificateManager = $this->getMock('\OCP\ICertificateManager');
|
||||
$this->l10n = $this->getMock('\OCP\IL10N');
|
||||
$this->appManager = $this->getMock('OCP\App\IAppManager');
|
||||
|
||||
$this->certificateController = new CertificateController(
|
||||
'settings',
|
||||
$this->request,
|
||||
$this->certificateManager,
|
||||
$this->l10n
|
||||
);
|
||||
$this->certificateController = $this->getMockBuilder('OC\Settings\Controller\CertificateController')
|
||||
->setConstructorArgs(
|
||||
[
|
||||
'settings',
|
||||
$this->request,
|
||||
$this->certificateManager,
|
||||
$this->l10n,
|
||||
$this->appManager
|
||||
]
|
||||
)->setMethods(['isCertificateImportAllowed'])->getMock();
|
||||
|
||||
$this->certificateController->expects($this->any())
|
||||
->method('isCertificateImportAllowed')->willReturn(true);
|
||||
}
|
||||
|
||||
public function testAddPersonalRootCertificateWithEmptyFile() {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user