mirrors
/
nextcloud
зеркало из https://github.com/nextcloud/server.git
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Релизы 994 Вики Активность
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
21700 коммитов
371 ветка
Дерево: 0d4f0ab871
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из '0d4f0ab871'
${ noResults }
nextcloud/apps/files_encryption/tests/util.php

util.php 22KB
Исходник Blame История

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634 
  1. <?php

  2. /**

  3.  * Copyright (c) 2012 Sam Tuke <samtuke@owncloud.com>

  4.  * This file is licensed under the Affero General Public License version 3 or

  5.  * later.

  6.  * See the COPYING-README file.

  7.  */

  8. 

  9. use OCA\Encryption;

  10. 

  11. /**

  12.  * Class Test_Encryption_Util

  13.  */

  14. class Test_Encryption_Util extends \OCA\Files_Encryption\Tests\TestCase {

  15. 

  16. 	const TEST_ENCRYPTION_UTIL_USER1 = "test-util-user1";

  17. 	const TEST_ENCRYPTION_UTIL_USER2 = "test-util-user2";

  18. 	const TEST_ENCRYPTION_UTIL_GROUP1 = "test-util-group1";

  19. 	const TEST_ENCRYPTION_UTIL_GROUP2 = "test-util-group2";

  20. 	const TEST_ENCRYPTION_UTIL_LEGACY_USER = "test-legacy-user";

  21. 

  22. 	public $userId;

  23. 	public $encryptionDir;

  24. 	public $publicKeyDir;

  25. 	public $pass;

  26. 	/**

  27. 	 * @var OC\Files\View

  28. 	 */

  29. 	public $view;

  30. 	public $keyfilesPath;

  31. 	public $publicKeyPath;

  32. 	public $privateKeyPath;

  33. 	/**

  34. 	 * @var \OCA\Encryption\Util

  35. 	 */

  36. 	public $util;

  37. 	public $dataShort;

  38. 	public $legacyEncryptedData;

  39. 	public $legacyEncryptedDataKey;

  40. 	public $legacyKey;

  41. 	public $stateFilesTrashbin;

  42. 

  43. 	public static function setUpBeforeClass() {

  44. 		parent::setUpBeforeClass();

  45. 

  46. 		// create test user

  47. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1, true);

  48. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER2, true);

  49. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_LEGACY_USER, true);

  50. 

  51. 		// create groups

  52. 		\OC_Group::createGroup(self::TEST_ENCRYPTION_UTIL_GROUP1);

  53. 		\OC_Group::createGroup(self::TEST_ENCRYPTION_UTIL_GROUP2);

  54. 

  55. 		// add user 1 to group1

  56. 		\OC_Group::addToGroup(self::TEST_ENCRYPTION_UTIL_USER1, self::TEST_ENCRYPTION_UTIL_GROUP1);

  57. 	}

  58. 

  59. 	protected function setUp() {

  60. 		parent::setUp();

  61. 

  62. 		// login user

  63. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);

  64. 		\OC_User::setUserId(self::TEST_ENCRYPTION_UTIL_USER1);

  65. 		$this->userId = self::TEST_ENCRYPTION_UTIL_USER1;

  66. 		$this->pass = self::TEST_ENCRYPTION_UTIL_USER1;

  67. 

  68. 		// set content for encrypting / decrypting in tests

  69. 		$this->dataUrl = __DIR__ . '/../lib/crypt.php';

  70. 		$this->dataShort = 'hats';

  71. 		$this->dataLong = file_get_contents(__DIR__ . '/../lib/crypt.php');

  72. 		$this->legacyData = __DIR__ . '/legacy-text.txt';

  73. 		$this->legacyEncryptedData = __DIR__ . '/legacy-encrypted-text.txt';

  74. 		$this->legacyEncryptedDataKey = __DIR__ . '/encryption.key';

  75. 		$this->legacyKey = "30943623843030686906\0\0\0\0";

  76. 

  77. 		$keypair = Encryption\Crypt::createKeypair();

  78. 

  79. 		$this->genPublicKey = $keypair['publicKey'];

  80. 		$this->genPrivateKey = $keypair['privateKey'];

  81. 

  82. 		$this->publicKeyDir = \OCA\Encryption\Keymanager::getPublicKeyPath();

  83. 		$this->encryptionDir = '/' . $this->userId . '/' . 'files_encryption';

  84. 		$this->keysPath = $this->encryptionDir . '/' . 'keys';

  85. 		$this->publicKeyPath =

  86. 			$this->publicKeyDir . '/' . $this->userId . '.publicKey'; // e.g. data/public-keys/admin.publicKey

  87. 		$this->privateKeyPath =

  88. 			$this->encryptionDir . '/' . $this->userId . '.privateKey'; // e.g. data/admin/admin.privateKey

  89. 

  90. 		$this->view = new \OC\Files\View('/');

  91. 

  92. 		$this->util = new Encryption\Util($this->view, $this->userId);

  93. 

  94. 		// remember files_trashbin state

  95. 		$this->stateFilesTrashbin = OC_App::isEnabled('files_trashbin');

  96. 

  97. 		// we don't want to tests with app files_trashbin enabled

  98. 		\OC_App::disable('files_trashbin');

  99. 	}

  100. 

  101. 	protected function tearDown() {

  102. 		// reset app files_trashbin

  103. 		if ($this->stateFilesTrashbin) {

  104. 			OC_App::enable('files_trashbin');

  105. 		}

  106. 		else {

  107. 			OC_App::disable('files_trashbin');

  108. 		}

  109. 

  110. 		parent::tearDown();

  111. 	}

  112. 

  113. 	public static function tearDownAfterClass() {

  114. 		// cleanup test user

  115. 		\OC_User::deleteUser(self::TEST_ENCRYPTION_UTIL_USER1);

  116. 		\OC_User::deleteUser(self::TEST_ENCRYPTION_UTIL_USER2);

  117. 		\OC_User::deleteUser(self::TEST_ENCRYPTION_UTIL_LEGACY_USER);

  118. 

  119. 		//cleanup groups

  120. 		\OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP1);

  121. 		\OC_Group::deleteGroup(self::TEST_ENCRYPTION_UTIL_GROUP2);

  122. 

  123. 		parent::tearDownAfterClass();

  124. 	}

  125. 

  126. 	/**

  127. 	 * @medium

  128. 	 * test that paths set during User construction are correct

  129. 	 */

  130. 	function testKeyPaths() {

  131. 		$util = new Encryption\Util($this->view, $this->userId);

  132. 

  133. 		$this->assertEquals($this->publicKeyDir, $util->getPath('publicKeyDir'));

  134. 		$this->assertEquals($this->encryptionDir, $util->getPath('encryptionDir'));

  135. 		$this->assertEquals($this->keysPath, $util->getPath('keysPath'));

  136. 		$this->assertEquals($this->publicKeyPath, $util->getPath('publicKeyPath'));

  137. 		$this->assertEquals($this->privateKeyPath, $util->getPath('privateKeyPath'));

  138. 

  139. 	}

  140. 

  141. 	/**

  142. 	 * @medium

  143. 	 * test detection of encrypted files

  144. 	 */

  145. 	function testIsEncryptedPath() {

  146. 

  147. 		$util = new Encryption\Util($this->view, $this->userId);

  148. 

  149. 		self::loginHelper($this->userId);

  150. 

  151. 		$unencryptedFile = '/tmpUnencrypted-' . $this->getUniqueID() . '.txt';

  152. 		$encryptedFile =  '/tmpEncrypted-' . $this->getUniqueID() . '.txt';

  153. 

  154. 		// Disable encryption proxy to write a unencrypted file

  155. 		$proxyStatus = \OC_FileProxy::$enabled;

  156. 		\OC_FileProxy::$enabled = false;

  157. 

  158. 		$this->view->file_put_contents($this->userId . '/files/' . $unencryptedFile, $this->dataShort);

  159. 

  160. 		// Re-enable proxy - our work is done

  161. 		\OC_FileProxy::$enabled = $proxyStatus;

  162. 

  163. 		// write a encrypted file

  164. 		$this->view->file_put_contents($this->userId . '/files/' . $encryptedFile, $this->dataShort);

  165. 

  166. 		// test if both files are detected correctly

  167. 		$this->assertFalse($util->isEncryptedPath($this->userId . '/files/' . $unencryptedFile));

  168. 		$this->assertTrue($util->isEncryptedPath($this->userId . '/files/' . $encryptedFile));

  169. 

  170. 		// cleanup

  171. 		$this->view->unlink($this->userId . '/files/' . $unencryptedFile);

  172. 		$this->view->unlink($this->userId . '/files/' . $encryptedFile);

  173. 

  174. 	}

  175. 

  176. 	/**

  177. 	 * @medium

  178. 	 * test setup of encryption directories

  179. 	 */

  180. 	function testSetupServerSide() {

  181. 		$this->assertEquals(true, $this->util->setupServerSide($this->pass));

  182. 	}

  183. 

  184. 	/**

  185. 	 * @medium

  186. 	 * test checking whether account is ready for encryption,

  187. 	 */

  188. 	function testUserIsReady() {

  189. 		$this->assertEquals(true, $this->util->ready());

  190. 	}

  191. 

  192. 	/**

  193. 	 * test checking whether account is not ready for encryption,

  194. 	 */

  195. //	function testUserIsNotReady() {

  196. //		$this->view->unlink($this->publicKeyDir);

  197. //

  198. //		$params['uid'] = $this->userId;

  199. //		$params['password'] = $this->pass;

  200. //		$this->assertFalse(OCA\Encryption\Hooks::login($params));

  201. //

  202. //		$this->view->unlink($this->privateKeyPath);

  203. //	}

  204. 

  205. 	/**

  206. 	 * @medium

  207. 	 */

  208. 	function testRecoveryEnabledForUser() {

  209. 

  210. 		$util = new Encryption\Util($this->view, $this->userId);

  211. 

  212. 		// Record the value so we can return it to it's original state later

  213. 		$enabled = $util->recoveryEnabledForUser();

  214. 

  215. 		$this->assertTrue($util->setRecoveryForUser(!$enabled));

  216. 

  217. 		$this->assertEquals(!$enabled, $util->recoveryEnabledForUser());

  218. 

  219. 		$this->assertTrue($util->setRecoveryForUser($enabled));

  220. 

  221. 		$this->assertEquals($enabled, $util->recoveryEnabledForUser());

  222. 

  223. 

  224. 	}

  225. 

  226. 	/**

  227. 	 * @medium

  228. 	 */

  229. 	function testGetUidAndFilename() {

  230. 

  231. 		\OC_User::setUserId(self::TEST_ENCRYPTION_UTIL_USER1);

  232. 

  233. 		$filename = '/tmp-' . $this->getUniqueID() . '.test';

  234. 

  235. 		// Disable encryption proxy to prevent recursive calls

  236. 		$proxyStatus = \OC_FileProxy::$enabled;

  237. 		\OC_FileProxy::$enabled = false;

  238. 

  239. 		$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);

  240. 

  241. 		// Re-enable proxy - our work is done

  242. 		\OC_FileProxy::$enabled = $proxyStatus;

  243. 

  244. 		$util = new Encryption\Util($this->view, $this->userId);

  245. 

  246. 		list($fileOwnerUid, $file) = $util->getUidAndFilename($filename);

  247. 

  248. 		$this->assertEquals(self::TEST_ENCRYPTION_UTIL_USER1, $fileOwnerUid);

  249. 

  250. 		$this->assertEquals($file, $filename);

  251. 

  252. 		$this->view->unlink($this->userId . '/files/' . $filename);

  253. 	}

  254. 

  255. 	/**

  256. 	 * Test that data that is read by the crypto stream wrapper

  257. 	 */

  258. 	function testGetFileSize() {

  259. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);

  260. 

  261. 		$filename = 'tmp-' . $this->getUniqueID();

  262. 		$externalFilename = '/' . $this->userId . '/files/' . $filename;

  263. 

  264. 		// Test for 0 byte files

  265. 		$problematicFileSizeData = "";

  266. 		$cryptedFile = $this->view->file_put_contents($externalFilename, $problematicFileSizeData);

  267. 		$this->assertTrue(is_int($cryptedFile));

  268. 		$this->assertEquals($this->util->getFileSize($externalFilename), 0);

  269. 		$decrypt = $this->view->file_get_contents($externalFilename);

  270. 		$this->assertEquals($problematicFileSizeData, $decrypt);

  271. 		$this->view->unlink($this->userId . '/files/' . $filename);

  272. 

  273. 		// Test a file with 18377 bytes as in https://github.com/owncloud/mirall/issues/1009

  274. 		$problematicFileSizeData = str_pad("", 18377, "abc");

  275. 		$cryptedFile = $this->view->file_put_contents($externalFilename, $problematicFileSizeData);

  276. 		$this->assertTrue(is_int($cryptedFile));

  277. 		$this->assertEquals($this->util->getFileSize($externalFilename), 18377);

  278. 		$decrypt = $this->view->file_get_contents($externalFilename);

  279. 		$this->assertEquals($problematicFileSizeData, $decrypt);

  280. 		$this->view->unlink($this->userId . '/files/' . $filename);

  281. 	}

  282. 

  283. 	function testEncryptAll() {

  284. 

  285. 		$filename = "/encryptAll" . $this->getUniqueID() . ".txt";

  286. 		$util = new Encryption\Util($this->view, $this->userId);

  287. 

  288. 		// disable encryption to upload a unencrypted file

  289. 		\OC_App::disable('files_encryption');

  290. 

  291. 		$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);

  292. 

  293. 		$fileInfoUnencrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);

  294. 

  295. 		$this->assertTrue($fileInfoUnencrypted instanceof \OC\Files\FileInfo);

  296. 

  297. 		// enable file encryption again

  298. 		\OC_App::enable('files_encryption');

  299. 

  300. 		// encrypt all unencrypted files

  301. 		$util->encryptAll('/' . $this->userId . '/' . 'files');

  302. 

  303. 		$fileInfoEncrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);

  304. 

  305. 		$this->assertTrue($fileInfoEncrypted instanceof \OC\Files\FileInfo);

  306. 

  307. 		// check if mtime and etags unchanged

  308. 		$this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']);

  309. 		$this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);

  310. 

  311. 		$this->view->unlink($this->userId . '/files/' . $filename);

  312. 	}

  313. 

  314. 	function testDecryptAll() {

  315. 

  316. 		$filename = "/decryptAll" . $this->getUniqueID() . ".txt";

  317. 		$datadir = \OC_Config::getValue('datadirectory', \OC::$SERVERROOT . '/data/');

  318. 		$userdir = $datadir . '/' . $this->userId . '/files/';

  319. 

  320. 		$this->view->file_put_contents($this->userId . '/files/' . $filename, $this->dataShort);

  321. 

  322. 		$fileInfoEncrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);

  323. 

  324. 		$this->assertTrue($fileInfoEncrypted instanceof \OC\Files\FileInfo);

  325. 		$this->assertEquals($fileInfoEncrypted['encrypted'], 1);

  326. 

  327. 		$encContent = file_get_contents($userdir . $filename);

  328. 

  329. 		\OC_App::disable('files_encryption');

  330. 

  331. 		$user = \OCP\User::getUser();

  332. 		$this->logoutHelper();

  333. 		$this->loginHelper($user, false, false, false);

  334. 

  335. 		$content = file_get_contents($userdir . $filename);

  336. 

  337. 		//content should be encrypted

  338. 		$this->assertSame($encContent, $content);

  339. 

  340. 		// now we load the encryption app again

  341. 		OC_App::loadApp('files_encryption');

  342. 

  343. 		// init encryption app

  344. 		$params = array('uid' => \OCP\User::getUser(),

  345. 			'password' => \OCP\User::getUser());

  346. 

  347. 		$view = new OC\Files\View('/');

  348. 		$util = new \OCA\Encryption\Util($view, \OCP\User::getUser());

  349. 

  350. 		$result = $util->initEncryption($params);

  351. 

  352. 		$this->assertTrue($result instanceof \OCA\Encryption\Session);

  353. 

  354. 		$successful = $util->decryptAll();

  355. 

  356. 		$this->assertTrue($successful);

  357. 

  358. 		$this->logoutHelper();

  359. 		$this->loginHelper($user, false, false, false);

  360. 

  361. 		// file should be unencrypted and fileInfo should contain the correct values

  362. 		$content = file_get_contents($userdir . $filename);

  363. 

  364. 		// now we should get the plain data

  365. 		$this->assertSame($this->dataShort, $content);

  366. 

  367. 		$fileInfoUnencrypted = $this->view->getFileInfo($this->userId . '/files/' . $filename);

  368. 		$this->assertTrue($fileInfoUnencrypted instanceof \OC\Files\FileInfo);

  369. 

  370. 		// check if mtime and etags unchanged

  371. 		$this->assertEquals($fileInfoEncrypted['mtime'], $fileInfoUnencrypted['mtime']);

  372. 		$this->assertSame($fileInfoEncrypted['etag'], $fileInfoUnencrypted['etag']);

  373. 		// file should no longer be encrypted

  374. 		$this->assertEquals(0, $fileInfoUnencrypted['encrypted']);

  375. 

  376. 		$backupPath = $this->getBackupPath('decryptAll');

  377. 

  378. 		// check if the keys where moved to the backup location

  379. 		$this->assertTrue($this->view->is_dir($backupPath . '/keys'));

  380. 		$this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/fileKey'));

  381. 		$this->assertTrue($this->view->file_exists($backupPath . '/keys/' . $filename . '/' . $user . '.shareKey'));

  382. 		$this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.privateKey'));

  383. 		$this->assertTrue($this->view->file_exists($backupPath . '/' . $user . '.publicKey'));

  384. 

  385. 		// cleanup

  386. 		$this->view->unlink($this->userId . '/files/' . $filename);

  387. 		$this->view->deleteAll($backupPath);

  388. 		OC_App::enable('files_encryption');

  389. 

  390. 	}

  391. 

  392. 	/**

  393. 	 * test if all keys get moved to the backup folder correctly

  394. 	 */

  395. 	function testBackupAllKeys() {

  396. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);

  397. 

  398. 		// create some dummy key files

  399. 		$encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption';

  400. 		$this->view->mkdir($encPath . '/keys/foo');

  401. 		$this->view->file_put_contents($encPath . '/keys/foo/fileKey', 'key');

  402. 		$this->view->file_put_contents($encPath . '/keys/foo/user1.shareKey', 'share key');

  403. 

  404. 		$util = new \OCA\Encryption\Util($this->view, self::TEST_ENCRYPTION_UTIL_USER1);

  405. 

  406. 		$util->backupAllKeys('testBackupAllKeys');

  407. 

  408. 		$backupPath = $this->getBackupPath('testBackupAllKeys');

  409. 

  410. 		// check backupDir Content

  411. 		$this->assertTrue($this->view->is_dir($backupPath . '/keys'));

  412. 		$this->assertTrue($this->view->is_dir($backupPath . '/keys/foo'));

  413. 		$this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/fileKey'));

  414. 		$this->assertTrue($this->view->file_exists($backupPath . '/keys/foo/user1.shareKey'));

  415. 		$this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.privateKey'));

  416. 		$this->assertTrue($this->view->file_exists($backupPath . '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '.publicKey'));

  417. 

  418. 		//cleanup

  419. 		$this->view->deleteAll($backupPath);

  420. 		$this->view->unlink($encPath . '/keys/foo/fileKey');

  421. 		$this->view->unlink($encPath . '/keys/foo/user1.shareKey');

  422. 	}

  423. 

  424. 

  425. 	function testDescryptAllWithBrokenFiles() {

  426. 

  427. 		$file1 = "/decryptAll1" . $this->getUniqueID() . ".txt";

  428. 		$file2 = "/decryptAll2" . $this->getUniqueID() . ".txt";

  429. 

  430. 		$util = new Encryption\Util($this->view, $this->userId);

  431. 

  432. 		$this->view->file_put_contents($this->userId . '/files/' . $file1, $this->dataShort);

  433. 		$this->view->file_put_contents($this->userId . '/files/' . $file2, $this->dataShort);

  434. 

  435. 		$fileInfoEncrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);

  436. 		$fileInfoEncrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);

  437. 

  438. 		$this->assertTrue($fileInfoEncrypted1 instanceof \OC\Files\FileInfo);

  439. 		$this->assertTrue($fileInfoEncrypted2 instanceof \OC\Files\FileInfo);

  440. 		$this->assertEquals($fileInfoEncrypted1['encrypted'], 1);

  441. 		$this->assertEquals($fileInfoEncrypted2['encrypted'], 1);

  442. 

  443. 		// rename keyfile for file1 so that the decryption for file1 fails

  444. 		// Expected behaviour: decryptAll() returns false, file2 gets decrypted anyway

  445. 		$this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey',

  446. 				$this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved');

  447. 

  448. 		// decrypt all encrypted files

  449. 		$result = $util->decryptAll();

  450. 

  451. 		$this->assertFalse($result);

  452. 

  453. 		$fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);

  454. 		$fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);

  455. 

  456. 		$this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo);

  457. 		$this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo);

  458. 

  459. 		// file1 should be still encrypted; file2 should be decrypted

  460. 		$this->assertEquals(1, $fileInfoUnencrypted1['encrypted']);

  461. 		$this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);

  462. 

  463. 		// keyfiles and share keys should still exist

  464. 		$this->assertTrue($this->view->is_dir($this->userId . '/files_encryption/keys/'));

  465. 		$this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved'));

  466. 		$this->assertTrue($this->view->file_exists($this->userId . '/files_encryption/keys/' . $file1 . '/' . $this->userId . '.shareKey'));

  467. 

  468. 		// rename the keyfile for file1 back

  469. 		$this->view->rename($this->userId . '/files_encryption/keys/' . $file1 . '/fileKey.moved',

  470. 				$this->userId . '/files_encryption/keys/' . $file1 . '/fileKey');

  471. 

  472. 		// try again to decrypt all encrypted files

  473. 		$result = $util->decryptAll();

  474. 

  475. 		$this->assertTrue($result);

  476. 

  477. 		$fileInfoUnencrypted1 = $this->view->getFileInfo($this->userId . '/files/' . $file1);

  478. 		$fileInfoUnencrypted2 = $this->view->getFileInfo($this->userId . '/files/' . $file2);

  479. 

  480. 		$this->assertTrue($fileInfoUnencrypted1 instanceof \OC\Files\FileInfo);

  481. 		$this->assertTrue($fileInfoUnencrypted2 instanceof \OC\Files\FileInfo);

  482. 

  483. 		// now both files should be decrypted

  484. 		$this->assertEquals(0, $fileInfoUnencrypted1['encrypted']);

  485. 		$this->assertEquals(0, $fileInfoUnencrypted2['encrypted']);

  486. 

  487. 		// keyfiles and share keys should be deleted

  488. 		$this->assertFalse($this->view->is_dir($this->userId . '/files_encryption/keys/'));

  489. 

  490. 		//cleanup

  491. 		$backupPath = $this->getBackupPath('decryptAll');

  492. 		$this->view->unlink($this->userId . '/files/' . $file1);

  493. 		$this->view->unlink($this->userId . '/files/' . $file2);

  494. 		$this->view->deleteAll($backupPath);

  495. 

  496. 	}

  497. 

  498. 	function getBackupPath($extension) {

  499. 		$encPath = '/' . self::TEST_ENCRYPTION_UTIL_USER1 . '/files_encryption';

  500. 		$encFolderContent = $this->view->getDirectoryContent($encPath);

  501. 

  502. 		$backupPath = '';

  503. 		foreach ($encFolderContent as $c) {

  504. 			$name = $c['name'];

  505. 			if (substr($name, 0, strlen('backup.' . $extension))  === 'backup.' . $extension) {

  506. 				$backupPath = $encPath . '/'. $c['name'];

  507. 				break;

  508. 			}

  509. 		}

  510. 

  511. 		return $backupPath;

  512. 	}

  513. 

  514. 	/**

  515. 	 * @dataProvider dataProviderFortestIsMountPointApplicableToUser

  516. 	 */

  517. 	function testIsMountPointApplicableToUser($mount, $expectedResult) {

  518. 		self::loginHelper(self::TEST_ENCRYPTION_UTIL_USER1);

  519. 		$dummyClass = new DummyUtilClass($this->view, self::TEST_ENCRYPTION_UTIL_USER1);

  520. 		$result = $dummyClass->testIsMountPointApplicableToUser($mount);

  521. 

  522. 		$this->assertSame($expectedResult, $result);

  523. 	}

  524. 

  525. 	function dataProviderFortestIsMountPointApplicableToUser() {

  526. 		return array(

  527. 			array(array('applicable' => array('groups' => array(), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER1))), true),

  528. 			array(array('applicable' => array('groups' => array(), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2))), false),

  529. 			array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP1), 'users' => array())), true),

  530. 			array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP1), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2))), true),

  531. 			array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP2), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2))), false),

  532. 			array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP2), 'users' => array(self::TEST_ENCRYPTION_UTIL_USER2, 'all'))), true),

  533. 			array(array('applicable' => array('groups' => array(self::TEST_ENCRYPTION_UTIL_GROUP2), 'users' => array('all'))), true),

  534. 		);

  535. 	}

  536. 

  537. 	/**

  538. 	 * Tests that filterShareReadyUsers() returns the correct list of

  539. 	 * users that are ready or not ready for encryption

  540. 	 */

  541. 	public function testFilterShareReadyUsers() {

  542. 		$appConfig = \OC::$server->getAppConfig();

  543. 

  544. 		$publicShareKeyId = $appConfig->getValue('files_encryption', 'publicShareKeyId');

  545. 		$recoveryKeyId = $appConfig->getValue('files_encryption', 'recoveryKeyId');

  546. 

  547. 		$usersToTest = array(

  548. 			'readyUser',

  549. 			'notReadyUser',

  550. 			'nonExistingUser',

  551. 			$publicShareKeyId,

  552. 			$recoveryKeyId,

  553. 		);

  554. 		\Test_Encryption_Util::loginHelper('readyUser', true);

  555. 		\Test_Encryption_Util::loginHelper('notReadyUser', true);

  556. 		// delete encryption dir to make it not ready

  557. 		$this->view->unlink('notReadyUser/files_encryption/');

  558. 

  559. 		// login as user1

  560. 		\Test_Encryption_Util::loginHelper(\Test_Encryption_Util::TEST_ENCRYPTION_UTIL_USER1);

  561. 

  562. 		$result = $this->util->filterShareReadyUsers($usersToTest);

  563. 		$this->assertEquals(

  564. 			array('readyUser', $publicShareKeyId, $recoveryKeyId),

  565. 			$result['ready']

  566. 		);

  567. 		$this->assertEquals(

  568. 			array('notReadyUser', 'nonExistingUser'),

  569. 			$result['unready']

  570. 		);

  571. 		\OC_User::deleteUser('readyUser');

  572. 	}

  573. 

  574. 	/**

  575. 	 * @param string $user

  576. 	 * @param bool $create

  577. 	 * @param bool $password

  578. 	 */

  579. 	public static function loginHelper($user, $create = false, $password = false, $loadEncryption = true) {

  580. 		if ($create) {

  581. 			try {

  582. 				\OC_User::createUser($user, $user);

  583. 			} catch(\Exception $e) { // catch username is already being used from previous aborted runs

  584. 

  585. 			}

  586. 		}

  587. 

  588. 		if ($password === false) {

  589. 			$password = $user;

  590. 		}

  591. 

  592. 		\OC_Util::tearDownFS();

  593. 		\OC_User::setUserId('');

  594. 		\OC\Files\Filesystem::tearDown();

  595. 		\OC_User::setUserId($user);

  596. 		\OC_Util::setupFS($user);

  597. 

  598. 		if ($loadEncryption) {

  599. 			$params['uid'] = $user;

  600. 			$params['password'] = $password;

  601. 			OCA\Encryption\Hooks::login($params);

  602. 		}

  603. 	}

  604. 

  605. 	public static function logoutHelper() {

  606. 		\OC_Util::tearDownFS();

  607. 		\OC_User::setUserId(false);

  608. 		\OC\Files\Filesystem::tearDown();

  609. 	}

  610. 

  611. 	/**

  612. 	 * helper function to set migration status to the right value

  613. 	 * to be able to test the migration path

  614. 	 *

  615. 	 * @param integer $status needed migration status for test

  616. 	 * @param string $user for which user the status should be set

  617. 	 * @return boolean

  618. 	 */

  619. 	private function setMigrationStatus($status, $user) {

  620. 		\OC::$server->getConfig()->setUserValue($user, 'files_encryption', 'migration_status', (string)$status);

  621. 		// the update will definitely be executed -> return value is always true

  622. 		return true;

  623. 	}

  624. 

  625. }

  626. 

  627. /**

  628.  * dummy class extends  \OCA\Encryption\Util to access protected methods for testing

  629.  */

  630. class DummyUtilClass extends \OCA\Encryption\Util {

  631. 	public function testIsMountPointApplicableToUser($mount) {

  632. 		return $this->isMountPointApplicableToUser($mount);

  633. 	}

  634. }