summaryrefslogtreecommitdiffstats
path: root/apps/encryption
diff options
context:
space:
mode:
authorVincent Petry <vincent@nextcloud.com>2021-06-29 20:44:07 +0200
committerbackportbot[bot] <backportbot[bot]@users.noreply.github.com>2021-06-30 12:23:32 +0000
commit19d2dbf80b0a48ed0652cab808adf3260240ff4f (patch)
tree0bebf05902ecd8ffa381895b3f6bf655c63fa852 /apps/encryption
parentb3052e49326dc1f70abd0e67d9d830b65b2aec07 (diff)
downloadnextcloud-server-19d2dbf80b0a48ed0652cab808adf3260240ff4f.tar.gz
nextcloud-server-19d2dbf80b0a48ed0652cab808adf3260240ff4f.zip
Prevent running FixEncryptedVersion without master key
Return an error when running occ encryption:fix-encrypted-version when master key encryption is not enabled. Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Diffstat (limited to 'apps/encryption')
-rw-r--r--apps/encryption/lib/Command/FixEncryptedVersion.php19
-rw-r--r--apps/encryption/tests/Command/FixEncryptedVersionTest.php46
2 files changed, 64 insertions, 1 deletions
diff --git a/apps/encryption/lib/Command/FixEncryptedVersion.php b/apps/encryption/lib/Command/FixEncryptedVersion.php
index e2181f9a229..a85a96258fc 100644
--- a/apps/encryption/lib/Command/FixEncryptedVersion.php
+++ b/apps/encryption/lib/Command/FixEncryptedVersion.php
@@ -24,6 +24,7 @@ namespace OCA\Encryption\Command;
use OC\Files\View;
use OC\HintException;
+use OCA\Encryption\Util;
use OCP\Files\IRootFolder;
use OCP\IConfig;
use OCP\ILogger;
@@ -46,14 +47,25 @@ class FixEncryptedVersion extends Command {
/** @var IUserManager */
private $userManager;
+ /** @var Util */
+ private $util;
+
/** @var View */
private $view;
- public function __construct(IConfig $config, ILogger $logger, IRootFolder $rootFolder, IUserManager $userManager, View $view) {
+ public function __construct(
+ IConfig $config,
+ ILogger $logger,
+ IRootFolder $rootFolder,
+ IUserManager $userManager,
+ Util $util,
+ View $view
+ ) {
$this->config = $config;
$this->logger = $logger;
$this->rootFolder = $rootFolder;
$this->userManager = $userManager;
+ $this->util = $util;
$this->view = $view;
parent::__construct();
}
@@ -89,6 +101,11 @@ class FixEncryptedVersion extends Command {
return 1;
}
+ if (!$this->util->isMasterKeyEnabled()) {
+ $output->writeln("<error>Repairing only works with master key encryption.</error>\n");
+ return 1;
+ }
+
$user = (string)$input->getArgument('user');
$pathToWalk = "/$user/files";
diff --git a/apps/encryption/tests/Command/FixEncryptedVersionTest.php b/apps/encryption/tests/Command/FixEncryptedVersionTest.php
index a530275784a..22ae239aec2 100644
--- a/apps/encryption/tests/Command/FixEncryptedVersionTest.php
+++ b/apps/encryption/tests/Command/FixEncryptedVersionTest.php
@@ -23,6 +23,7 @@ namespace OCA\Encryption\Tests\Command;
use OC\Files\View;
use OCA\Encryption\Command\FixEncryptedVersion;
+use OCA\Encryption\Util;
use Symfony\Component\Console\Tester\CommandTester;
use Test\TestCase;
use Test\Traits\EncryptionTrait;
@@ -48,11 +49,17 @@ class FixEncryptedVersionTest extends TestCase {
/** @var CommandTester */
private $commandTester;
+ /** @var Util|\PHPUnit\Framework\MockObject\MockObject */
+ protected $util;
+
public function setUp(): void {
parent::setUp();
\OC::$server->getConfig()->setAppValue('encryption', 'useMasterKey', '1');
+ $this->util = $this->getMockBuilder(Util::class)
+ ->disableOriginalConstructor()->getMock();
+
$this->userId = $this->getUniqueId('user_');
$this->createUser($this->userId, 'foo12345678');
@@ -66,6 +73,7 @@ class FixEncryptedVersionTest extends TestCase {
\OC::$server->getLogger(),
\OC::$server->getRootFolder(),
\OC::$server->getUserManager(),
+ $this->util,
new View('/')
);
$this->commandTester = new CommandTester($this->fixEncryptedVersion);
@@ -80,6 +88,9 @@ class FixEncryptedVersionTest extends TestCase {
* but greater than zero
*/
public function testEncryptedVersionLessThanOriginalValue() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$view = new View("/" . $this->userId . "/files");
$view->touch('hello.txt');
@@ -145,6 +156,9 @@ Fixed the file: \"/$this->userId/files/world.txt\" with version 4", $output);
* but greater than zero
*/
public function testEncryptedVersionGreaterThanOriginalValue() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$view = new View("/" . $this->userId . "/files");
$view->touch('hello.txt');
@@ -201,6 +215,9 @@ Fixed the file: \"/$this->userId/files/world.txt\" with version 4", $output);
}
public function testVersionIsRestoredToOriginalIfNoFixIsFound() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$view = new View("/" . $this->userId . "/files");
$view->touch('bar.txt');
@@ -231,6 +248,9 @@ Fixed the file: \"/$this->userId/files/world.txt\" with version 4", $output);
* Test commands with a file path
*/
public function testExecuteWithFilePathOption() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$view = new View("/" . $this->userId . "/files");
$view->touch('hello.txt');
@@ -252,6 +272,9 @@ The file \"/$this->userId/files/hello.txt\" is: OK", $output);
* Test commands with a directory path
*/
public function testExecuteWithDirectoryPathOption() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$view = new View("/" . $this->userId . "/files");
$view->mkdir('sub');
@@ -274,6 +297,9 @@ The file \"/$this->userId/files/sub/hello.txt\" is: OK", $output);
* Test commands with a directory path
*/
public function testExecuteWithNoUser() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$this->commandTester->execute([
'user' => null,
'--path' => "/"
@@ -288,6 +314,9 @@ The file \"/$this->userId/files/sub/hello.txt\" is: OK", $output);
* Test commands with a directory path
*/
public function testExecuteWithNonExistentPath() {
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(true);
+
$this->commandTester->execute([
'user' => $this->userId,
'--path' => '/non-exist'
@@ -297,4 +326,21 @@ The file \"/$this->userId/files/sub/hello.txt\" is: OK", $output);
$this->assertStringContainsString('Please provide a valid path.', $output);
}
+
+ /**
+ * Test commands without master key
+ */
+ public function testExecuteWithNoMasterKey() {
+ \OC::$server->getConfig()->setAppValue('encryption', 'useMasterKey', '0');
+ $this->util->expects($this->once())->method('isMasterKeyEnabled')
+ ->willReturn(false);
+
+ $this->commandTester->execute([
+ 'user' => $this->userId,
+ ]);
+
+ $output = $this->commandTester->getDisplay();
+
+ $this->assertStringContainsString('only works with master key', $output);
+ }
}