summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJulius Härtl <jus@bitgrid.net>2020-02-20 20:00:38 +0100
committerJulius Härtl <jus@bitgrid.net>2020-03-20 10:43:56 +0100
commit78beb9e6d4d1bf3b6049f924faeb35b9d8416ba9 (patch)
treeafde634c32212955b5d7022c08d760601d50e410
parent0fa897fcfcfc404c3b8bb3d25a61328cb43949f2 (diff)
downloadnextcloud-server-78beb9e6d4d1bf3b6049f924faeb35b9d8416ba9.tar.gz
nextcloud-server-78beb9e6d4d1bf3b6049f924faeb35b9d8416ba9.zip
Add tests for user group enumeration limit
Signed-off-by: Julius Härtl <jus@bitgrid.net>
-rw-r--r--tests/lib/Collaboration/Collaborators/UserPluginTest.php144
1 files changed, 128 insertions, 16 deletions
diff --git a/tests/lib/Collaboration/Collaborators/UserPluginTest.php b/tests/lib/Collaboration/Collaborators/UserPluginTest.php
index 3aeeaa3eecb..ff916d63b38 100644
--- a/tests/lib/Collaboration/Collaborators/UserPluginTest.php
+++ b/tests/lib/Collaboration/Collaborators/UserPluginTest.php
@@ -89,7 +89,27 @@ class UserPluginTest extends TestCase {
);
}
- public function getUserMock($uid, $displayName, $enabled = true) {
+ public function mockConfig($shareWithGroupOnly, $shareeEnumeration, $shareeEnumerationLimitToGroup) {
+ $this->config->expects($this->any())
+ ->method('getAppValue')
+ ->willReturnCallback(
+ function($appName, $key, $default)
+ use ($shareWithGroupOnly, $shareeEnumeration, $shareeEnumerationLimitToGroup)
+ {
+ if ($appName === 'core' && $key === 'shareapi_only_share_with_group_members') {
+ return $shareWithGroupOnly ? 'yes' : 'no';
+ } else if ($appName === 'core' && $key === 'shareapi_allow_share_dialog_user_enumeration') {
+ return $shareeEnumeration ? 'yes' : 'no';
+ } else if ($appName === 'core' && $key === 'shareapi_restrict_user_enumeration_to_group') {
+ return $shareeEnumerationLimitToGroup ? 'yes' : 'no';
+ }
+ return $default;
+ }
+ );
+
+ }
+
+ public function getUserMock($uid, $displayName, $enabled = true, $groups = []) {
$user = $this->createMock(IUser::class);
$user->expects($this->any())
@@ -383,21 +403,7 @@ class UserPluginTest extends TestCase {
$reachedEnd,
$singleUser
) {
- $this->config->expects($this->any())
- ->method('getAppValue')
- ->willReturnCallback(
- function($appName, $key, $default)
- use ($shareWithGroupOnly, $shareeEnumeration)
- {
- if ($appName === 'core' && $key === 'shareapi_only_share_with_group_members') {
- return $shareWithGroupOnly ? 'yes' : 'no';
- } else if ($appName === 'core' && $key === 'shareapi_allow_share_dialog_user_enumeration') {
- return $shareeEnumeration ? 'yes' : 'no';
- }
- return $default;
- }
- );
-
+ $this->mockConfig($shareWithGroupOnly, $shareeEnumeration, false);
$this->instantiatePlugin();
$this->session->expects($this->any())
@@ -493,4 +499,110 @@ class UserPluginTest extends TestCase {
$this->plugin->takeOutCurrentUser($users);
$this->assertSame($expectedUIDs, array_keys($users));
}
+
+ public function dataSearchEnumeration() {
+ return [
+ [
+ 'test',
+ ['groupA'],
+ [
+ [ 'uid' => 'test1', 'groups' => ['groupA'] ],
+ [ 'uid' => 'test2', 'groups' => ['groupB'] ]
+ ],
+ ['test1']
+ ],
+ [
+ 'test',
+ ['groupA'],
+ [
+ [ 'uid' => 'test1', 'groups' => ['groupA'] ],
+ [ 'uid' => 'test2', 'groups' => ['groupB', 'groupA'] ]
+ ],
+ ['test1', 'test2']
+ ],
+ [
+ 'test',
+ ['groupA'],
+ [
+ [ 'uid' => 'test1', 'groups' => ['groupA', 'groupC'] ],
+ [ 'uid' => 'test2', 'groups' => ['groupB', 'groupA'] ]
+ ],
+ ['test1', 'test2']
+ ],
+ [
+ 'test',
+ ['groupC', 'groupB'],
+ [
+ [ 'uid' => 'test1', 'groups' => ['groupA', 'groupC'] ],
+ [ 'uid' => 'test2', 'groups' => ['groupB', 'groupA'] ]
+ ],
+ ['test1', 'test2']
+ ],
+ [
+ 'test',
+ [],
+ [
+ [ 'uid' => 'test1', 'groups' => ['groupA'] ],
+ [ 'uid' => 'test2', 'groups' => ['groupB', 'groupA'] ]
+ ],
+ []
+ ],
+ [
+ 'test',
+ ['groupC', 'groupB'],
+ [
+ [ 'uid' => 'test1', 'groups' => [] ],
+ [ 'uid' => 'test2', 'groups' => [] ]
+ ],
+ []
+ ],
+ ];
+ }
+
+ /**
+ * @dataProvider dataSearchEnumeration
+ */
+ public function testSearchEnumerationLimit($search, $userGroups, $matchingUsers, $result) {
+ $this->mockConfig(false, true, true);
+
+ $userResults = array_map(function ($user) {
+ return $this->getUserMock($user['uid'], $user['uid']);
+ }, $matchingUsers);
+
+ $mappedResult = array_map(function ($user) {
+ return ['label' => $user, 'value' => [ 'shareType' => 0, 'shareWith' => $user ]];
+ }, $result);
+
+ $this->userManager->expects($this->once())
+ ->method('searchDisplayName')
+ ->willReturn($userResults);
+ $this->session->expects($this->any())
+ ->method('getUser')
+ ->willReturn($this->getUserMock('test', 'foo'));
+ // current user
+ $this->groupManager->expects($this->at(0))
+ ->method('getUserGroupIds')
+ ->willReturn($userGroups);
+ $this->groupManager->expects($this->any())
+ ->method('getUserGroupIds')
+ ->willReturnCallback(function ($user) use ($matchingUsers) {
+ $neededObject = array_filter(
+ $matchingUsers,
+ function ($e) use ($user) {
+ return $user->getUID() === $e['uid'];
+ }
+ );
+ if (count($neededObject) > 0) {
+ return array_shift($neededObject)['groups'];
+ }
+ return [];
+ });
+
+ $this->instantiatePlugin();
+ $this->plugin->search($search, $this->limit, $this->offset, $this->searchResult);
+ $result = $this->searchResult->asArray();
+
+ $this->assertEquals([], $result['exact']['users']);
+ $this->assertEquals($mappedResult, $result['users']);
+ }
}