aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBjoern Schiessle <bjoern@schiessle.org>2017-05-04 11:20:20 +0200
committerBjoern Schiessle <bjoern@schiessle.org>2017-05-04 11:20:20 +0200
commitc053a275d77e1bafb37b528135f46022b4706d3c (patch)
tree5eac9a450b5d02b84e8bb974af37a71d6218d8a1
parentb04102aab364a62c7a7c3f5cbae9fd0d672842f5 (diff)
downloadnextcloud-server-c053a275d77e1bafb37b528135f46022b4706d3c.tar.gz
nextcloud-server-c053a275d77e1bafb37b528135f46022b4706d3c.zip
check password for mail shares as well
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
-rw-r--r--apps/dav/lib/Connector/PublicAuth.php2
-rw-r--r--apps/dav/tests/unit/Connector/PublicAuthTest.php52
2 files changed, 52 insertions, 2 deletions
diff --git a/apps/dav/lib/Connector/PublicAuth.php b/apps/dav/lib/Connector/PublicAuth.php
index 94fa370a873..5fca8d5c020 100644
--- a/apps/dav/lib/Connector/PublicAuth.php
+++ b/apps/dav/lib/Connector/PublicAuth.php
@@ -96,7 +96,7 @@ class PublicAuth extends AbstractBasic {
// check if the share is password protected
if ($share->getPassword() !== null) {
- if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
+ if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK || $share->getShareType() === \OCP\Share::SHARE_TYPE_EMAIL) {
if ($this->shareManager->checkPassword($share, $password)) {
return true;
} else if ($this->session->exists('public_link_authenticated')
diff --git a/apps/dav/tests/unit/Connector/PublicAuthTest.php b/apps/dav/tests/unit/Connector/PublicAuthTest.php
index 47e1a5be7b8..41cfc0f8ceb 100644
--- a/apps/dav/tests/unit/Connector/PublicAuthTest.php
+++ b/apps/dav/tests/unit/Connector/PublicAuthTest.php
@@ -33,7 +33,7 @@ use OCP\Share\IManager;
* Class PublicAuthTest
*
* @group DB
- *
+ *
* @package OCA\DAV\Tests\unit\Connector
*/
class PublicAuthTest extends \Test\TestCase {
@@ -163,6 +163,28 @@ class PublicAuthTest extends \Test\TestCase {
$this->assertTrue($result);
}
+ public function testSharePasswordMailValidPassword() {
+ $share = $this->getMockBuilder('OCP\Share\IShare')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $share->method('getPassword')->willReturn('password');
+ $share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_EMAIL);
+
+ $this->shareManager->expects($this->once())
+ ->method('getShareByToken')
+ ->willReturn($share);
+
+ $this->shareManager->expects($this->once())
+ ->method('checkPassword')->with(
+ $this->equalTo($share),
+ $this->equalTo('password')
+ )->willReturn(true);
+
+ $result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']);
+
+ $this->assertTrue($result);
+ }
+
public function testSharePasswordLinkValidSession() {
$share = $this->getMockBuilder('OCP\Share\IShare')
->disableOriginalConstructor()
@@ -214,4 +236,32 @@ class PublicAuthTest extends \Test\TestCase {
$this->assertFalse($result);
}
+
+
+ public function testSharePasswordMailInvalidSession() {
+ $share = $this->getMockBuilder('OCP\Share\IShare')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $share->method('getPassword')->willReturn('password');
+ $share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_EMAIL);
+ $share->method('getId')->willReturn('42');
+
+ $this->shareManager->expects($this->once())
+ ->method('getShareByToken')
+ ->willReturn($share);
+
+ $this->shareManager->method('checkPassword')
+ ->with(
+ $this->equalTo($share),
+ $this->equalTo('password')
+ )->willReturn(false);
+
+ $this->session->method('exists')->with('public_link_authenticated')->willReturn(true);
+ $this->session->method('get')->with('public_link_authenticated')->willReturn('43');
+
+ $result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']);
+
+ $this->assertFalse($result);
+ }
+
}