diff options
author | Joas Schilling <coding@schilljs.com> | 2019-07-16 14:24:47 +0200 |
---|---|---|
committer | Joas Schilling <coding@schilljs.com> | 2019-07-16 14:24:47 +0200 |
commit | f8592e5e798b9ef07b759c8ece3b1f847239a9ad (patch) | |
tree | 06e9892f7f3bc04ac806c90d90898bd6caf06232 /apps/provisioning_api | |
parent | f877176fed9fdac40fa51fde994640f963ec9fb3 (diff) | |
download | nextcloud-server-f8592e5e798b9ef07b759c8ece3b1f847239a9ad.tar.gz nextcloud-server-f8592e5e798b9ef07b759c8ece3b1f847239a9ad.zip |
Only prevent disabling encrytion via the API
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/provisioning_api')
-rw-r--r-- | apps/provisioning_api/lib/Controller/AppConfigController.php | 13 | ||||
-rw-r--r-- | apps/provisioning_api/tests/Controller/AppConfigControllerTest.php | 33 |
2 files changed, 28 insertions, 18 deletions
diff --git a/apps/provisioning_api/lib/Controller/AppConfigController.php b/apps/provisioning_api/lib/Controller/AppConfigController.php index 6e61e10a2f2..eda46ee8e2c 100644 --- a/apps/provisioning_api/lib/Controller/AppConfigController.php +++ b/apps/provisioning_api/lib/Controller/AppConfigController.php @@ -106,7 +106,7 @@ class AppConfigController extends OCSController { public function setValue(string $app, string $key, string $value): DataResponse { try { $this->verifyAppId($app); - $this->verifyConfigKey($app, $key); + $this->verifyConfigKey($app, $key, $value); } catch (\InvalidArgumentException $e) { return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN); } @@ -124,7 +124,7 @@ class AppConfigController extends OCSController { public function deleteKey(string $app, string $key): DataResponse { try { $this->verifyAppId($app); - $this->verifyConfigKey($app, $key); + $this->verifyConfigKey($app, $key, ''); } catch (\InvalidArgumentException $e) { return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN); } @@ -146,14 +146,19 @@ class AppConfigController extends OCSController { /** * @param string $app * @param string $key + * @param string $value * @throws \InvalidArgumentException */ - protected function verifyConfigKey(string $app, string $key) { + protected function verifyConfigKey(string $app, string $key, string $value) { if (in_array($key, ['installed_version', 'enabled', 'types'])) { throw new \InvalidArgumentException('The given key can not be set'); } - if ($app === 'core' && ($key === 'encryption_enabled' || strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) { + if ($app === 'core' && $key === 'encryption_enabled' && $value !== 'yes') { + throw new \InvalidArgumentException('The given key can not be set'); + } + + if ($app === 'core' && (strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) { throw new \InvalidArgumentException('The given key can not be set'); } } diff --git a/apps/provisioning_api/tests/Controller/AppConfigControllerTest.php b/apps/provisioning_api/tests/Controller/AppConfigControllerTest.php index 2f299b58586..c9b762d1fb4 100644 --- a/apps/provisioning_api/tests/Controller/AppConfigControllerTest.php +++ b/apps/provisioning_api/tests/Controller/AppConfigControllerTest.php @@ -342,9 +342,10 @@ class AppConfigControllerTest extends TestCase { public function dataVerifyConfigKey() { return [ - ['activity', 'abc'], - ['dav', 'public_route'], - ['files', 'remote_route'], + ['activity', 'abc', ''], + ['dav', 'public_route', ''], + ['files', 'remote_route', ''], + ['core', 'encryption_enabled', 'yes'], ]; } @@ -352,22 +353,25 @@ class AppConfigControllerTest extends TestCase { * @dataProvider dataVerifyConfigKey * @param string $app * @param string $key + * @param string $value */ - public function testVerifyConfigKey($app, $key) { + public function testVerifyConfigKey($app, $key, $value) { $api = $this->getInstance(); - $this->invokePrivate($api, 'verifyConfigKey', [$app, $key]); + $this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]); $this->addToAssertionCount(1); } public function dataVerifyConfigKeyThrows() { return [ - ['activity', 'installed_version'], - ['calendar', 'enabled'], - ['contacts', 'types'], - ['core', 'public_files'], - ['core', 'public_dav'], - ['core', 'remote_files'], - ['core', 'remote_dav'], + ['activity', 'installed_version', ''], + ['calendar', 'enabled', ''], + ['contacts', 'types', ''], + ['core', 'encryption_enabled', 'no'], + ['core', 'encryption_enabled', ''], + ['core', 'public_files', ''], + ['core', 'public_dav', ''], + ['core', 'remote_files', ''], + ['core', 'remote_dav', ''], ]; } @@ -376,9 +380,10 @@ class AppConfigControllerTest extends TestCase { * @expectedException \InvalidArgumentException * @param string $app * @param string $key + * @param string $value */ - public function testVerifyConfigKeyThrows($app, $key) { + public function testVerifyConfigKeyThrows($app, $key, $value) { $api = $this->getInstance(); - $this->invokePrivate($api, 'verifyConfigKey', [$app, $key]); + $this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]); } } |