diff options
| author | Vincent Petry <vincent@nextcloud.com> | 2021-04-19 15:25:26 +0200 |
|---|---|---|
| committer | Vincent Petry <vincent@nextcloud.com> | 2021-04-19 15:44:26 +0200 |
| commit | fe0f1c792c3d3470265c20174e3b67ace04004a1 (patch) | |
| tree | 15b88060d949daf12aca898d82d0a86d1528d388 | |
| parent | f1d7e56cab95e6accc5b876e17f8889ce0d697ab (diff) | |
| download | nextcloud-server-fe0f1c792c3d3470265c20174e3b67ace04004a1.tar.gz nextcloud-server-fe0f1c792c3d3470265c20174e3b67ace04004a1.zip | |
Fix empty password check for mail shares
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
| -rw-r--r-- | build/psalm-baseline.xml | 1 | ||||
| -rw-r--r-- | lib/private/Share20/Manager.php | 9 | ||||
| -rw-r--r-- | tests/lib/Share20/ManagerTest.php | 4 |
3 files changed, 10 insertions, 4 deletions
diff --git a/build/psalm-baseline.xml b/build/psalm-baseline.xml index 65a317495b3..868e84409ac 100644 --- a/build/psalm-baseline.xml +++ b/build/psalm-baseline.xml @@ -4851,6 +4851,7 @@ </UndefinedInterfaceMethod> </file> <file src="lib/private/Share20/Manager.php"> + <NullArgument occurrences="1"/> <InvalidArgument occurrences="7"> <code>$data</code> <code>'OCP\Share::postAcceptShare'</code> diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 9df544bb628..1fb3bcdc36c 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -1008,7 +1008,8 @@ class Manager implements IManager { // The new password is not set again if it is the same as the old // one. $plainTextPassword = $share->getPassword(); - if (!empty($plainTextPassword) && !$this->updateSharePasswordIfNeeded($share, $originalShare)) { + $updatedPassword = $this->updateSharePasswordIfNeeded($share, $originalShare); + if (!empty($plainTextPassword) && !$updatedPassword) { $plainTextPassword = null; } if (empty($plainTextPassword) && !$originalShare->getSendPasswordByTalk() && $share->getSendPasswordByTalk()) { @@ -1116,10 +1117,14 @@ class Manager implements IManager { $this->verifyPassword($share->getPassword()); // If a password is set. Hash it! - if ($share->getPassword() !== null) { + if (!empty($share->getPassword())) { $share->setPassword($this->hasher->hash($share->getPassword())); return true; + } else { + // Empty string and null are seen as NOT password protected + $share->setPassword(null); + return true; } } else { // Reset the password to the original one, as it is either the same diff --git a/tests/lib/Share20/ManagerTest.php b/tests/lib/Share20/ManagerTest.php index c70887ec87d..33d960efb01 100644 --- a/tests/lib/Share20/ManagerTest.php +++ b/tests/lib/Share20/ManagerTest.php @@ -3515,7 +3515,7 @@ class ManagerTest extends \Test\TestCase { $manager->expects($this->once())->method('canShare')->willReturn(true); $manager->expects($this->once())->method('getShareById')->with('foo:42')->willReturn($originalShare); $manager->expects($this->once())->method('generalCreateChecks')->with($share); - $manager->expects($this->never())->method('verifyPassword'); + $manager->expects($this->once())->method('verifyPassword'); $manager->expects($this->never())->method('pathCreateChecks'); $manager->expects($this->never())->method('linkCreateChecks'); $manager->expects($this->never())->method('validateExpirationDateLink'); @@ -3587,7 +3587,7 @@ class ManagerTest extends \Test\TestCase { $manager->expects($this->once())->method('canShare')->willReturn(true); $manager->expects($this->once())->method('getShareById')->with('foo:42')->willReturn($originalShare); $manager->expects($this->once())->method('generalCreateChecks')->with($share); - $manager->expects($this->never())->method('verifyPassword'); + $manager->expects($this->once())->method('verifyPassword'); $manager->expects($this->never())->method('pathCreateChecks'); $manager->expects($this->never())->method('linkCreateChecks'); $manager->expects($this->never())->method('validateExpirationDateLink'); |