diff options
| author | Björn Schießle <bjoern@schiessle.org> | 2017-05-04 12:19:36 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-05-04 12:19:36 +0200 |
| commit | 4965f02bf4c4c5454e9ab97d4336e4bc6fa7151c (patch) | |
| tree | 5eac9a450b5d02b84e8bb974af37a71d6218d8a1 | |
| parent | b04102aab364a62c7a7c3f5cbae9fd0d672842f5 (diff) | |
| parent | c053a275d77e1bafb37b528135f46022b4706d3c (diff) | |
| download | nextcloud-server-4965f02bf4c4c5454e9ab97d4336e4bc6fa7151c.tar.gz nextcloud-server-4965f02bf4c4c5454e9ab97d4336e4bc6fa7151c.zip | |
Merge pull request #4689 from nextcloud/fix-password-protected-mail-shares
check password for mail shares as well
| -rw-r--r-- | apps/dav/lib/Connector/PublicAuth.php | 2 | ||||
| -rw-r--r-- | apps/dav/tests/unit/Connector/PublicAuthTest.php | 52 |
2 files changed, 52 insertions, 2 deletions
diff --git a/apps/dav/lib/Connector/PublicAuth.php b/apps/dav/lib/Connector/PublicAuth.php index 94fa370a873..5fca8d5c020 100644 --- a/apps/dav/lib/Connector/PublicAuth.php +++ b/apps/dav/lib/Connector/PublicAuth.php @@ -96,7 +96,7 @@ class PublicAuth extends AbstractBasic { // check if the share is password protected if ($share->getPassword() !== null) { - if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) { + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK || $share->getShareType() === \OCP\Share::SHARE_TYPE_EMAIL) { if ($this->shareManager->checkPassword($share, $password)) { return true; } else if ($this->session->exists('public_link_authenticated') diff --git a/apps/dav/tests/unit/Connector/PublicAuthTest.php b/apps/dav/tests/unit/Connector/PublicAuthTest.php index 47e1a5be7b8..41cfc0f8ceb 100644 --- a/apps/dav/tests/unit/Connector/PublicAuthTest.php +++ b/apps/dav/tests/unit/Connector/PublicAuthTest.php @@ -33,7 +33,7 @@ use OCP\Share\IManager; * Class PublicAuthTest * * @group DB - * + * * @package OCA\DAV\Tests\unit\Connector */ class PublicAuthTest extends \Test\TestCase { @@ -163,6 +163,28 @@ class PublicAuthTest extends \Test\TestCase { $this->assertTrue($result); } + public function testSharePasswordMailValidPassword() { + $share = $this->getMockBuilder('OCP\Share\IShare') + ->disableOriginalConstructor() + ->getMock(); + $share->method('getPassword')->willReturn('password'); + $share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_EMAIL); + + $this->shareManager->expects($this->once()) + ->method('getShareByToken') + ->willReturn($share); + + $this->shareManager->expects($this->once()) + ->method('checkPassword')->with( + $this->equalTo($share), + $this->equalTo('password') + )->willReturn(true); + + $result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']); + + $this->assertTrue($result); + } + public function testSharePasswordLinkValidSession() { $share = $this->getMockBuilder('OCP\Share\IShare') ->disableOriginalConstructor() @@ -214,4 +236,32 @@ class PublicAuthTest extends \Test\TestCase { $this->assertFalse($result); } + + + public function testSharePasswordMailInvalidSession() { + $share = $this->getMockBuilder('OCP\Share\IShare') + ->disableOriginalConstructor() + ->getMock(); + $share->method('getPassword')->willReturn('password'); + $share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_EMAIL); + $share->method('getId')->willReturn('42'); + + $this->shareManager->expects($this->once()) + ->method('getShareByToken') + ->willReturn($share); + + $this->shareManager->method('checkPassword') + ->with( + $this->equalTo($share), + $this->equalTo('password') + )->willReturn(false); + + $this->session->method('exists')->with('public_link_authenticated')->willReturn(true); + $this->session->method('get')->with('public_link_authenticated')->willReturn('43'); + + $result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']); + + $this->assertFalse($result); + } + } |