diff options
author | Vincent Petry <vincent@nextcloud.com> | 2021-06-29 20:44:07 +0200 |
---|---|---|
committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2021-06-30 12:23:32 +0000 |
commit | 19d2dbf80b0a48ed0652cab808adf3260240ff4f (patch) | |
tree | 0bebf05902ecd8ffa381895b3f6bf655c63fa852 /apps/encryption | |
parent | b3052e49326dc1f70abd0e67d9d830b65b2aec07 (diff) | |
download | nextcloud-server-19d2dbf80b0a48ed0652cab808adf3260240ff4f.tar.gz nextcloud-server-19d2dbf80b0a48ed0652cab808adf3260240ff4f.zip |
Prevent running FixEncryptedVersion without master key
Return an error when running occ encryption:fix-encrypted-version
when master key encryption is not enabled.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Diffstat (limited to 'apps/encryption')
-rw-r--r-- | apps/encryption/lib/Command/FixEncryptedVersion.php | 19 | ||||
-rw-r--r-- | apps/encryption/tests/Command/FixEncryptedVersionTest.php | 46 |
2 files changed, 64 insertions, 1 deletions
diff --git a/apps/encryption/lib/Command/FixEncryptedVersion.php b/apps/encryption/lib/Command/FixEncryptedVersion.php index e2181f9a229..a85a96258fc 100644 --- a/apps/encryption/lib/Command/FixEncryptedVersion.php +++ b/apps/encryption/lib/Command/FixEncryptedVersion.php @@ -24,6 +24,7 @@ namespace OCA\Encryption\Command; use OC\Files\View; use OC\HintException; +use OCA\Encryption\Util; use OCP\Files\IRootFolder; use OCP\IConfig; use OCP\ILogger; @@ -46,14 +47,25 @@ class FixEncryptedVersion extends Command { /** @var IUserManager */ private $userManager; + /** @var Util */ + private $util; + /** @var View */ private $view; - public function __construct(IConfig $config, ILogger $logger, IRootFolder $rootFolder, IUserManager $userManager, View $view) { + public function __construct( + IConfig $config, + ILogger $logger, + IRootFolder $rootFolder, + IUserManager $userManager, + Util $util, + View $view + ) { $this->config = $config; $this->logger = $logger; $this->rootFolder = $rootFolder; $this->userManager = $userManager; + $this->util = $util; $this->view = $view; parent::__construct(); } @@ -89,6 +101,11 @@ class FixEncryptedVersion extends Command { return 1; } + if (!$this->util->isMasterKeyEnabled()) { + $output->writeln("<error>Repairing only works with master key encryption.</error>\n"); + return 1; + } + $user = (string)$input->getArgument('user'); $pathToWalk = "/$user/files"; diff --git a/apps/encryption/tests/Command/FixEncryptedVersionTest.php b/apps/encryption/tests/Command/FixEncryptedVersionTest.php index a530275784a..22ae239aec2 100644 --- a/apps/encryption/tests/Command/FixEncryptedVersionTest.php +++ b/apps/encryption/tests/Command/FixEncryptedVersionTest.php @@ -23,6 +23,7 @@ namespace OCA\Encryption\Tests\Command; use OC\Files\View; use OCA\Encryption\Command\FixEncryptedVersion; +use OCA\Encryption\Util; use Symfony\Component\Console\Tester\CommandTester; use Test\TestCase; use Test\Traits\EncryptionTrait; @@ -48,11 +49,17 @@ class FixEncryptedVersionTest extends TestCase { /** @var CommandTester */ private $commandTester; + /** @var Util|\PHPUnit\Framework\MockObject\MockObject */ + protected $util; + public function setUp(): void { parent::setUp(); \OC::$server->getConfig()->setAppValue('encryption', 'useMasterKey', '1'); + $this->util = $this->getMockBuilder(Util::class) + ->disableOriginalConstructor()->getMock(); + $this->userId = $this->getUniqueId('user_'); $this->createUser($this->userId, 'foo12345678'); @@ -66,6 +73,7 @@ class FixEncryptedVersionTest extends TestCase { \OC::$server->getLogger(), \OC::$server->getRootFolder(), \OC::$server->getUserManager(), + $this->util, new View('/') ); $this->commandTester = new CommandTester($this->fixEncryptedVersion); @@ -80,6 +88,9 @@ class FixEncryptedVersionTest extends TestCase { * but greater than zero */ public function testEncryptedVersionLessThanOriginalValue() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('hello.txt'); @@ -145,6 +156,9 @@ Fixed the file: \"/$this->userId/files/world.txt\" with version 4", $output); * but greater than zero */ public function testEncryptedVersionGreaterThanOriginalValue() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('hello.txt'); @@ -201,6 +215,9 @@ Fixed the file: \"/$this->userId/files/world.txt\" with version 4", $output); } public function testVersionIsRestoredToOriginalIfNoFixIsFound() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('bar.txt'); @@ -231,6 +248,9 @@ Fixed the file: \"/$this->userId/files/world.txt\" with version 4", $output); * Test commands with a file path */ public function testExecuteWithFilePathOption() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('hello.txt'); @@ -252,6 +272,9 @@ The file \"/$this->userId/files/hello.txt\" is: OK", $output); * Test commands with a directory path */ public function testExecuteWithDirectoryPathOption() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->mkdir('sub'); @@ -274,6 +297,9 @@ The file \"/$this->userId/files/sub/hello.txt\" is: OK", $output); * Test commands with a directory path */ public function testExecuteWithNoUser() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $this->commandTester->execute([ 'user' => null, '--path' => "/" @@ -288,6 +314,9 @@ The file \"/$this->userId/files/sub/hello.txt\" is: OK", $output); * Test commands with a directory path */ public function testExecuteWithNonExistentPath() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $this->commandTester->execute([ 'user' => $this->userId, '--path' => '/non-exist' @@ -297,4 +326,21 @@ The file \"/$this->userId/files/sub/hello.txt\" is: OK", $output); $this->assertStringContainsString('Please provide a valid path.', $output); } + + /** + * Test commands without master key + */ + public function testExecuteWithNoMasterKey() { + \OC::$server->getConfig()->setAppValue('encryption', 'useMasterKey', '0'); + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(false); + + $this->commandTester->execute([ + 'user' => $this->userId, + ]); + + $output = $this->commandTester->getDisplay(); + + $this->assertStringContainsString('only works with master key', $output); + } } |