Signed-off-by: Joas Schilling <coding@schilljs.com>tags/v17.0.0beta1
@@ -106,7 +106,7 @@ class AppConfigController extends OCSController { | |||
public function setValue(string $app, string $key, string $value): DataResponse { | |||
try { | |||
$this->verifyAppId($app); | |||
$this->verifyConfigKey($app, $key); | |||
$this->verifyConfigKey($app, $key, $value); | |||
} catch (\InvalidArgumentException $e) { | |||
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN); | |||
} | |||
@@ -124,7 +124,7 @@ class AppConfigController extends OCSController { | |||
public function deleteKey(string $app, string $key): DataResponse { | |||
try { | |||
$this->verifyAppId($app); | |||
$this->verifyConfigKey($app, $key); | |||
$this->verifyConfigKey($app, $key, ''); | |||
} catch (\InvalidArgumentException $e) { | |||
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN); | |||
} | |||
@@ -146,14 +146,19 @@ class AppConfigController extends OCSController { | |||
/** | |||
* @param string $app | |||
* @param string $key | |||
* @param string $value | |||
* @throws \InvalidArgumentException | |||
*/ | |||
protected function verifyConfigKey(string $app, string $key) { | |||
protected function verifyConfigKey(string $app, string $key, string $value) { | |||
if (in_array($key, ['installed_version', 'enabled', 'types'])) { | |||
throw new \InvalidArgumentException('The given key can not be set'); | |||
} | |||
if ($app === 'core' && ($key === 'encryption_enabled' || strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) { | |||
if ($app === 'core' && $key === 'encryption_enabled' && $value !== 'yes') { | |||
throw new \InvalidArgumentException('The given key can not be set'); | |||
} | |||
if ($app === 'core' && (strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) { | |||
throw new \InvalidArgumentException('The given key can not be set'); | |||
} | |||
} |
@@ -342,9 +342,10 @@ class AppConfigControllerTest extends TestCase { | |||
public function dataVerifyConfigKey() { | |||
return [ | |||
['activity', 'abc'], | |||
['dav', 'public_route'], | |||
['files', 'remote_route'], | |||
['activity', 'abc', ''], | |||
['dav', 'public_route', ''], | |||
['files', 'remote_route', ''], | |||
['core', 'encryption_enabled', 'yes'], | |||
]; | |||
} | |||
@@ -352,22 +353,25 @@ class AppConfigControllerTest extends TestCase { | |||
* @dataProvider dataVerifyConfigKey | |||
* @param string $app | |||
* @param string $key | |||
* @param string $value | |||
*/ | |||
public function testVerifyConfigKey($app, $key) { | |||
public function testVerifyConfigKey($app, $key, $value) { | |||
$api = $this->getInstance(); | |||
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key]); | |||
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]); | |||
$this->addToAssertionCount(1); | |||
} | |||
public function dataVerifyConfigKeyThrows() { | |||
return [ | |||
['activity', 'installed_version'], | |||
['calendar', 'enabled'], | |||
['contacts', 'types'], | |||
['core', 'public_files'], | |||
['core', 'public_dav'], | |||
['core', 'remote_files'], | |||
['core', 'remote_dav'], | |||
['activity', 'installed_version', ''], | |||
['calendar', 'enabled', ''], | |||
['contacts', 'types', ''], | |||
['core', 'encryption_enabled', 'no'], | |||
['core', 'encryption_enabled', ''], | |||
['core', 'public_files', ''], | |||
['core', 'public_dav', ''], | |||
['core', 'remote_files', ''], | |||
['core', 'remote_dav', ''], | |||
]; | |||
} | |||
@@ -376,9 +380,10 @@ class AppConfigControllerTest extends TestCase { | |||
* @expectedException \InvalidArgumentException | |||
* @param string $app | |||
* @param string $key | |||
* @param string $value | |||
*/ | |||
public function testVerifyConfigKeyThrows($app, $key) { | |||
public function testVerifyConfigKeyThrows($app, $key, $value) { | |||
$api = $this->getInstance(); | |||
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key]); | |||
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]); | |||
} | |||
} |