diff options
| author | Joas Schilling <coding@schilljs.com> | 2024-03-06 22:42:20 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2024-03-06 22:58:59 +0100 |
| commit | 3a67080a96e59337acd614738aa123f6a49b02b9 (patch) | |
| tree | 0cb39dcd4b6cf54436c815bfdc78540b83e49386 | |
| parent | 24607a37d8cede93dccf4ba84df594426468bdc9 (diff) | |
| download | nextcloud-server-3a67080a96e59337acd614738aa123f6a49b02b9.tar.gz nextcloud-server-3a67080a96e59337acd614738aa123f6a49b02b9.zip | |
fix(appconfig): Make sure sensitive values stay sensitive
Signed-off-by: Joas Schilling <coding@schilljs.com>
| -rw-r--r-- | lib/private/AppConfig.php | 9 | ||||
| -rw-r--r-- | tests/lib/AppConfigTest.php | 9 |
2 files changed, 13 insertions, 5 deletions
diff --git a/lib/private/AppConfig.php b/lib/private/AppConfig.php index cb05fc6d70c..debd928f952 100644 --- a/lib/private/AppConfig.php +++ b/lib/private/AppConfig.php @@ -754,14 +754,13 @@ class AppConfig implements IAppConfig { * no update if key is already known with set lazy status, or value is * different, or sensitivity switched from false to true. */ - if (!$sensitive - && $this->hasKey($app, $key, $lazy) + if ($this->hasKey($app, $key, $lazy) && $value === $this->getTypedValue($app, $key, $value, $lazy, $type) - && !$this->isSensitive($app, $key, $lazy)) { + && (!$sensitive || $this->isSensitive($app, $key, $lazy))) { return false; } - if ($sensitive) { + if ($sensitive || ($this->hasKey($app, $key, $lazy) && $this->isSensitive($app, $key, $lazy))) { $value = self::ENCRYPTION_PREFIX . $this->crypto->encrypt($value); } @@ -812,7 +811,7 @@ class AppConfig implements IAppConfig { // we fix $type if the stored value, or the new value as it might be changed, is set as sensitive if ($sensitive || $this->isTyped(self::VALUE_SENSITIVE, $currType)) { - $type = $type | self::VALUE_SENSITIVE; + $type |= self::VALUE_SENSITIVE; } if ($lazy !== $this->isLazy($app, $key)) { diff --git a/tests/lib/AppConfigTest.php b/tests/lib/AppConfigTest.php index 9d49f05e7eb..86bd339bc7e 100644 --- a/tests/lib/AppConfigTest.php +++ b/tests/lib/AppConfigTest.php @@ -877,6 +877,9 @@ class AppConfigTest extends TestCase { $config->setValueString('feed', 'string', 'value-1', sensitive: false); $config->setValueString('feed', 'string', 'value-1', sensitive: true); $this->assertSame(true, $config->isSensitive('feed', 'string')); + + $this->assertConfigValueNotEquals('feed', 'string', 'value-1'); + $this->assertConfigValueNotEquals('feed', 'string', 'value-2'); } public function testSetSensitiveValueStringAsNonSensitiveStaysSensitive(): void { @@ -884,6 +887,9 @@ class AppConfigTest extends TestCase { $config->setValueString('feed', 'string', 'value-1', sensitive: true); $config->setValueString('feed', 'string', 'value-2', sensitive: false); $this->assertSame(true, $config->isSensitive('feed', 'string')); + + $this->assertConfigValueNotEquals('feed', 'string', 'value-1'); + $this->assertConfigValueNotEquals('feed', 'string', 'value-2'); } public function testSetSensitiveValueStringAsNonSensitiveAreStillUpdated(): void { @@ -891,6 +897,9 @@ class AppConfigTest extends TestCase { $config->setValueString('feed', 'string', 'value-1', sensitive: true); $config->setValueString('feed', 'string', 'value-2', sensitive: false); $this->assertSame('value-2', $config->getValueString('feed', 'string', '')); + + $this->assertConfigValueNotEquals('feed', 'string', 'value-1'); + $this->assertConfigValueNotEquals('feed', 'string', 'value-2'); } public function testSetLazyValueInt(): void { |