@@ -26,6 +26,7 @@ namespace OCA\Federation\Middleware; | |||
use OC\HintException; | |||
use OCA\Federation\Controller\SettingsController; | |||
use OCP\AppFramework\Controller; | |||
use OCP\AppFramework\Http; | |||
use OCP\AppFramework\Http\JSONResponse; | |||
use OCP\AppFramework\Middleware; | |||
@@ -52,12 +53,13 @@ class AddServerMiddleware extends Middleware { | |||
/** | |||
* Log error message and return a response which can be displayed to the user | |||
* | |||
* @param \OCP\AppFramework\Controller $controller | |||
* @param Controller $controller | |||
* @param string $methodName | |||
* @param \Exception $exception | |||
* @return JSONResponse | |||
* @throws \Exception | |||
*/ | |||
public function afterException($controller, $methodName, \Exception $exception) { | |||
public function afterException(Controller $controller, $methodName, \Exception $exception) { | |||
if (($controller instanceof SettingsController) === false) { | |||
throw $exception; | |||
} |
@@ -24,6 +24,7 @@ namespace Test\Core\Middleware; | |||
use OC\Core\Middleware\TwoFactorMiddleware; | |||
use OC\AppFramework\Http\Request; | |||
use OCP\AppFramework\Controller; | |||
use OCP\AppFramework\Utility\IControllerMethodReflector; | |||
use OCP\IConfig; | |||
use OCP\ISession; | |||
@@ -44,6 +45,9 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
/** @var TwoFactorMiddleware */ | |||
private $middleware; | |||
/** @var Controller */ | |||
private $controller; | |||
protected function setUp() { | |||
parent::setUp(); | |||
@@ -67,6 +71,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
); | |||
$this->middleware = new TwoFactorMiddleware($this->twoFactorManager, $this->userSession, $this->session, $this->urlGenerator, $this->reflector, $this->request); | |||
$this->controller = $this->createMock(Controller::class); | |||
} | |||
public function testBeforeControllerNotLoggedIn() { | |||
@@ -81,7 +86,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
$this->userSession->expects($this->never()) | |||
->method('getUser'); | |||
$this->middleware->beforeController(null, 'index'); | |||
$this->middleware->beforeController($this->controller, 'index'); | |||
} | |||
public function testBeforeControllerPublicPage() { | |||
@@ -92,7 +97,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
$this->userSession->expects($this->never()) | |||
->method('isLoggedIn'); | |||
$this->middleware->beforeController(null, 'create'); | |||
$this->middleware->beforeController($this->controller, 'create'); | |||
} | |||
public function testBeforeControllerNoTwoFactorCheckNeeded() { | |||
@@ -113,7 +118,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
->with($user) | |||
->will($this->returnValue(false)); | |||
$this->middleware->beforeController(null, 'index'); | |||
$this->middleware->beforeController($this->controller, 'index'); | |||
} | |||
/** | |||
@@ -141,7 +146,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
->with($user) | |||
->will($this->returnValue(true)); | |||
$this->middleware->beforeController(null, 'index'); | |||
$this->middleware->beforeController($this->controller, 'index'); | |||
} | |||
/** | |||
@@ -184,7 +189,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
->will($this->returnValue('test/url')); | |||
$expected = new \OCP\AppFramework\Http\RedirectResponse('test/url'); | |||
$this->assertEquals($expected, $this->middleware->afterException(null, 'index', $ex)); | |||
$this->assertEquals($expected, $this->middleware->afterException($this->controller, 'index', $ex)); | |||
} | |||
public function testAfterException() { | |||
@@ -196,7 +201,7 @@ class TwoFactorMiddlewareTest extends TestCase { | |||
->will($this->returnValue('redirect/url')); | |||
$expected = new \OCP\AppFramework\Http\RedirectResponse('redirect/url'); | |||
$this->assertEquals($expected, $this->middleware->afterException(null, 'index', $ex)); | |||
$this->assertEquals($expected, $this->middleware->afterException($this->controller, 'index', $ex)); | |||
} | |||
} |
@@ -17,26 +17,30 @@ use OC\AppFramework\Middleware\Security\CORSMiddleware; | |||
use OC\AppFramework\Utility\ControllerMethodReflector; | |||
use OC\AppFramework\Middleware\Security\Exceptions\SecurityException; | |||
use OC\Security\Bruteforce\Throttler; | |||
use OC\User\Session; | |||
use OCP\AppFramework\Controller; | |||
use OCP\AppFramework\Http\JSONResponse; | |||
use OCP\AppFramework\Http\Response; | |||
use OCP\IConfig; | |||
use OCP\Security\ISecureRandom; | |||
class CORSMiddlewareTest extends \Test\TestCase { | |||
/** @var ControllerMethodReflector */ | |||
private $reflector; | |||
/** @var Session|\PHPUnit_Framework_MockObject_MockObject */ | |||
private $session; | |||
/** @var Throttler */ | |||
private $throttler; | |||
/** @var Controller */ | |||
private $controller; | |||
protected function setUp() { | |||
parent::setUp(); | |||
$this->reflector = new ControllerMethodReflector(); | |||
$this->session = $this->getMockBuilder('\OC\User\Session') | |||
->disableOriginalConstructor() | |||
->getMock(); | |||
$this->throttler = $this->getMockBuilder('\OC\Security\Bruteforce\Throttler') | |||
->disableOriginalConstructor() | |||
->getMock(); | |||
$this->session = $this->createMock(Session::class); | |||
$this->throttler = $this->createMock(Throttler::class); | |||
$this->controller = $this->createMock(Controller::class); | |||
} | |||
/** | |||
@@ -49,13 +53,13 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'HTTP_ORIGIN' => 'test' | |||
] | |||
], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$response = $middleware->afterController($this, __FUNCTION__, new Response()); | |||
$response = $middleware->afterController($this->controller, __FUNCTION__, new Response()); | |||
$headers = $response->getHeaders(); | |||
$this->assertEquals('test', $headers['Access-Control-Allow-Origin']); | |||
} | |||
@@ -68,12 +72,12 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'HTTP_ORIGIN' => 'test' | |||
] | |||
], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$response = $middleware->afterController($this, __FUNCTION__, new Response()); | |||
$response = $middleware->afterController($this->controller, __FUNCTION__, new Response()); | |||
$headers = $response->getHeaders(); | |||
$this->assertFalse(array_key_exists('Access-Control-Allow-Origin', $headers)); | |||
} | |||
@@ -85,13 +89,13 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
public function testNoOriginHeaderNoCORSHEADER() { | |||
$request = new Request( | |||
[], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$response = $middleware->afterController($this, __FUNCTION__, new Response()); | |||
$response = $middleware->afterController($this->controller, __FUNCTION__, new Response()); | |||
$headers = $response->getHeaders(); | |||
$this->assertFalse(array_key_exists('Access-Control-Allow-Origin', $headers)); | |||
} | |||
@@ -108,15 +112,15 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'HTTP_ORIGIN' => 'test' | |||
] | |||
], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$response = new Response(); | |||
$response->addHeader('AcCess-control-Allow-Credentials ', 'TRUE'); | |||
$middleware->afterController($this, __FUNCTION__, $response); | |||
$middleware->afterController($this->controller, __FUNCTION__, $response); | |||
} | |||
/** | |||
@@ -126,8 +130,8 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
public function testNoCORSShouldAllowCookieAuth() { | |||
$request = new Request( | |||
[], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
@@ -139,7 +143,7 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
->will($this->returnValue(true)); | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware->beforeController($this, __FUNCTION__, new Response()); | |||
$middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -151,8 +155,8 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'PHP_AUTH_USER' => 'user', | |||
'PHP_AUTH_PW' => 'pass' | |||
]], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->session->expects($this->once()) | |||
->method('logout'); | |||
@@ -163,7 +167,7 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$middleware->beforeController($this, __FUNCTION__, new Response()); | |||
$middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -176,8 +180,8 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'PHP_AUTH_USER' => 'user', | |||
'PHP_AUTH_PW' => 'pass' | |||
]], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->session->expects($this->once()) | |||
->method('logout'); | |||
@@ -188,7 +192,7 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$middleware->beforeController($this, __FUNCTION__, new Response()); | |||
$middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -201,8 +205,8 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'PHP_AUTH_USER' => 'user', | |||
'PHP_AUTH_PW' => 'pass' | |||
]], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$this->session->expects($this->once()) | |||
->method('logout'); | |||
@@ -213,7 +217,7 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$middleware->beforeController($this, __FUNCTION__, new Response()); | |||
$middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
public function testAfterExceptionWithSecurityExceptionNoStatus() { | |||
@@ -222,11 +226,11 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'PHP_AUTH_USER' => 'user', | |||
'PHP_AUTH_PW' => 'pass' | |||
]], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$response = $middleware->afterException($this, __FUNCTION__, new SecurityException('A security exception')); | |||
$response = $middleware->afterException($this->controller, __FUNCTION__, new SecurityException('A security exception')); | |||
$expected = new JSONResponse(['message' => 'A security exception'], 500); | |||
$this->assertEquals($expected, $response); | |||
@@ -238,11 +242,11 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'PHP_AUTH_USER' => 'user', | |||
'PHP_AUTH_PW' => 'pass' | |||
]], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$response = $middleware->afterException($this, __FUNCTION__, new SecurityException('A security exception', 501)); | |||
$response = $middleware->afterException($this->controller, __FUNCTION__, new SecurityException('A security exception', 501)); | |||
$expected = new JSONResponse(['message' => 'A security exception'], 501); | |||
$this->assertEquals($expected, $response); | |||
@@ -258,11 +262,11 @@ class CORSMiddlewareTest extends \Test\TestCase { | |||
'PHP_AUTH_USER' => 'user', | |||
'PHP_AUTH_PW' => 'pass' | |||
]], | |||
$this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(), | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
$this->createMock(ISecureRandom::class), | |||
$this->createMock(IConfig::class) | |||
); | |||
$middleware = new CORSMiddleware($request, $this->reflector, $this->session, $this->throttler); | |||
$middleware->afterException($this, __FUNCTION__, new \Exception('A regular exception')); | |||
$middleware->afterException($this->controller, __FUNCTION__, new \Exception('A regular exception')); | |||
} | |||
} |
@@ -131,7 +131,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->with($this->equalTo('files')); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
@@ -152,7 +152,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
try { | |||
$this->reader->reflect(__CLASS__, $method); | |||
$sec->beforeController(__CLASS__, $method); | |||
$sec->beforeController($this->controller, $method); | |||
} catch (SecurityException $ex){ | |||
$this->assertEquals($status, $ex->getCode()); | |||
} | |||
@@ -234,7 +234,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
$sec = $this->getMiddleware(false, false); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$sec->beforeController(__CLASS__, __FUNCTION__); | |||
$sec->beforeController($this->controller, __FUNCTION__); | |||
} | |||
@@ -261,7 +261,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
} | |||
$this->reader->reflect(__CLASS__, $method); | |||
$sec->beforeController(__CLASS__, $method); | |||
$sec->beforeController($this->controller, $method); | |||
} | |||
@@ -277,7 +277,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->method('passesStrictCookieCheck') | |||
->will($this->returnValue(true)); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
@@ -291,7 +291,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->will($this->returnValue(false)); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -306,7 +306,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->will($this->returnValue(true)); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -322,7 +322,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->will($this->returnValue(true)); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -338,7 +338,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->will($this->returnValue(false)); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
@@ -352,7 +352,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->will($this->returnValue(false)); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -367,7 +367,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
->willReturn(true); | |||
$this->reader->reflect(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController(__CLASS__, __FUNCTION__); | |||
$this->middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
public function dataCsrfOcsController() { |
@@ -15,21 +15,21 @@ namespace Test\AppFramework\Middleware; | |||
use OC\AppFramework\Http\Request; | |||
use OC\AppFramework\Middleware\SessionMiddleware; | |||
use OC\AppFramework\Utility\ControllerMethodReflector; | |||
use OCP\AppFramework\Controller; | |||
use OCP\AppFramework\Http\Response; | |||
class SessionMiddlewareTest extends \Test\TestCase { | |||
/** | |||
* @var ControllerMethodReflector | |||
*/ | |||
/** @var ControllerMethodReflector */ | |||
private $reflector; | |||
/** | |||
* @var Request | |||
*/ | |||
/** @var Request */ | |||
private $request; | |||
/** @var Controller */ | |||
private $controller; | |||
protected function setUp() { | |||
parent::setUp(); | |||
@@ -39,6 +39,7 @@ class SessionMiddlewareTest extends \Test\TestCase { | |||
$this->getMockBuilder('\OCP\IConfig')->getMock() | |||
); | |||
$this->reflector = new ControllerMethodReflector(); | |||
$this->controller = $this->createMock(Controller::class); | |||
} | |||
/** | |||
@@ -49,7 +50,7 @@ class SessionMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new SessionMiddleware($this->request, $this->reflector, $session); | |||
$middleware->beforeController($this, __FUNCTION__); | |||
$middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
/** | |||
@@ -60,7 +61,7 @@ class SessionMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new SessionMiddleware($this->request, $this->reflector, $session); | |||
$middleware->afterController($this, __FUNCTION__, new Response()); | |||
$middleware->afterController($this->controller, __FUNCTION__, new Response()); | |||
} | |||
public function testSessionClosedOnBeforeController() { | |||
@@ -68,7 +69,7 @@ class SessionMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new SessionMiddleware($this->request, $this->reflector, $session); | |||
$middleware->beforeController($this, __FUNCTION__); | |||
$middleware->beforeController($this->controller, __FUNCTION__); | |||
} | |||
public function testSessionNotClosedOnAfterController() { | |||
@@ -76,7 +77,7 @@ class SessionMiddlewareTest extends \Test\TestCase { | |||
$this->reflector->reflect($this, __FUNCTION__); | |||
$middleware = new SessionMiddleware($this->request, $this->reflector, $session); | |||
$middleware->afterController($this, __FUNCTION__, new Response()); | |||
$middleware->afterController($this->controller, __FUNCTION__, new Response()); | |||
} | |||
/** |