diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2014-11-15 13:38:18 +0100 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2014-11-15 13:38:18 +0100 |
| commit | c44e3b056b108266734d87d5fc27d3baafd248e6 (patch) | |
| tree | 2b0452f9b11b6e22d6803107f1f1cb255f791fbd | |
| parent | 580d27eed25ab92ef276cfedaef1ffebc4bd4225 (diff) | |
| parent | cd5925036a6cfb1f3f4e27a5d1893cbf7a10be47 (diff) | |
| download | nextcloud-server-c44e3b056b108266734d87d5fc27d3baafd248e6.tar.gz nextcloud-server-c44e3b056b108266734d87d5fc27d3baafd248e6.zip | |
Merge pull request #12189 from owncloud/checkIfAppIsEnabled
Check if app is enabled for user
| -rw-r--r-- | lib/private/appframework/middleware/security/securitymiddleware.php | 11 | ||||
| -rw-r--r-- | tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php | 4 |
2 files changed, 13 insertions, 2 deletions
diff --git a/lib/private/appframework/middleware/security/securitymiddleware.php b/lib/private/appframework/middleware/security/securitymiddleware.php index 948a43ce0f4..0a694318634 100644 --- a/lib/private/appframework/middleware/security/securitymiddleware.php +++ b/lib/private/appframework/middleware/security/securitymiddleware.php @@ -34,6 +34,7 @@ use OCP\INavigationManager; use OCP\IURLGenerator; use OCP\IRequest; use OCP\ILogger; +use OCP\AppFramework\Controller; /** @@ -116,6 +117,16 @@ class SecurityMiddleware extends Middleware { } } + /** + * FIXME: Use DI once available + * Checks if app is enabled (also inclues a check whether user is allowed to access the resource) + * The getAppPath() check is here since components such as settings also use the AppFramework and + * therefore won't pass this check. + */ + if(\OC_App::getAppPath($this->appName) !== false && !\OC_App::isEnabled($this->appName)) { + throw new SecurityException('App is not enabled', Http::STATUS_PRECONDITION_FAILED); + } + } diff --git a/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php b/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php index 74fc7907fb5..cc7704f4d1a 100644 --- a/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php +++ b/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php @@ -77,7 +77,7 @@ class SecurityMiddlewareTest extends \PHPUnit_Framework_TestCase { $this->navigationManager, $this->urlGenerator, $this->logger, - 'test', + 'files', $isLoggedIn, $isAdminUser ); @@ -91,7 +91,7 @@ class SecurityMiddlewareTest extends \PHPUnit_Framework_TestCase { public function testSetNavigationEntry(){ $this->navigationManager->expects($this->once()) ->method('setActiveEntry') - ->with($this->equalTo('test')); + ->with($this->equalTo('files')); $this->reader->reflect(__CLASS__, __FUNCTION__); $this->middleware->beforeController(__CLASS__, __FUNCTION__); |