let user set avatar in nextcloud von LDAP provides invalid image data

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

2 files changed, 133 insertions, 0 deletions

diff --git a/apps/user_ldap/tests/User/UserTest.php b/apps/user_ldap/tests/User/UserTest.php
index 3f3b33fbead..aa6498be082 100644
--- a/apps/user_ldap/tests/User/UserTest.php
+++ b/apps/user_ldap/tests/User/UserTest.php
@@ -507,6 +507,9 @@ class UserTest extends \Test\TestCase {
 			->will($this->returnValue(['this is a photo']));
 
 		$this->image->expects($this->once())
+			->method('loadFromBase64')
+			->willReturn('imageResource');
+		$this->image->expects($this->once())
 			->method('valid')
 			->will($this->returnValue(true));
 		$this->image->expects($this->once())
@@ -553,6 +556,9 @@ class UserTest extends \Test\TestCase {
 			});
 
 		$this->image->expects($this->once())
+			->method('loadFromBase64')
+			->willReturn('imageResource');
+		$this->image->expects($this->once())
 			->method('valid')
 			->will($this->returnValue(true));
 		$this->image->expects($this->once())
@@ -582,6 +588,97 @@ class UserTest extends \Test\TestCase {
 		$this->user->updateAvatar();
 	}
 
+	public function testUpdateAvatarCorruptPhotoProvided() {
+		$this->access->expects($this->any())
+			->method('readAttribute')
+			->willReturnCallback(function($dn, $attr) {
+				if($dn === $this->dn
+					&& $attr === 'jpegPhoto')
+				{
+					return false;
+				} elseif($dn === $this->dn
+					&& $attr === 'thumbnailPhoto')
+				{
+					return ['this is a photo'];
+				}
+				return null;
+			});
+
+		$this->image->expects($this->once())
+			->method('loadFromBase64')
+			->willReturn(false);
+		$this->image->expects($this->never())
+			->method('valid');
+		$this->image->expects($this->never())
+			->method('width');
+		$this->image->expects($this->never())
+			->method('height');
+		$this->image->expects($this->never())
+			->method('centerCrop');
+
+		$this->filesystemhelper->expects($this->never())
+			->method('isLoaded');
+
+		$avatar = $this->createMock(IAvatar::class);
+		$avatar->expects($this->never())
+			->method('set');
+
+		$this->avatarManager->expects($this->never())
+			->method('getAvatar');
+
+		$this->user->updateAvatar();
+	}
+
+	public function testUpdateAvatarUnsupportedThumbnailPhotoProvided() {
+		$this->access->expects($this->any())
+			->method('readAttribute')
+			->willReturnCallback(function($dn, $attr) {
+				if($dn === $this->dn
+					&& $attr === 'jpegPhoto')
+				{
+					return false;
+				} elseif($dn === $this->dn
+					&& $attr === 'thumbnailPhoto')
+				{
+					return ['this is a photo'];
+				}
+				return null;
+			});
+
+		$this->image->expects($this->once())
+			->method('loadFromBase64')
+			->willReturn('imageResource');
+		$this->image->expects($this->once())
+			->method('valid')
+			->will($this->returnValue(true));
+		$this->image->expects($this->once())
+			->method('width')
+			->will($this->returnValue(128));
+		$this->image->expects($this->once())
+			->method('height')
+			->will($this->returnValue(128));
+		$this->image->expects($this->once())
+			->method('centerCrop')
+			->will($this->returnValue(true));
+
+		$this->filesystemhelper->expects($this->once())
+			->method('isLoaded')
+			->will($this->returnValue(true));
+
+		$avatar = $this->createMock(IAvatar::class);
+		$avatar->expects($this->once())
+			->method('set')
+			->with($this->isInstanceOf($this->image))
+			->willThrowException(new \Exception());
+
+		$this->avatarManager->expects($this->once())
+			->method('getAvatar')
+			->with($this->equalTo($this->uid))
+			->will($this->returnValue($avatar));
+
+		$this->assertFalse($this->user->updateAvatar());
+	}
+
 	public function testUpdateAvatarNotProvided() {
 		$this->access->expects($this->any())
 			->method('readAttribute')
@@ -715,6 +812,14 @@ class UserTest extends \Test\TestCase {
 		$this->user->getAvatarImage();
 	}
 
+	public function imageDataProvider() {
+		return [
+			[ false, false ],
+			[ 'corruptData', false ],
+			[ 'validData', true ],
+		];
+	}
+
 	public function testProcessAttributes() {
 		$requiredMethods = array(
 			'markRefreshTime',
diff --git a/apps/user_ldap/tests/User_LDAPTest.php b/apps/user_ldap/tests/User_LDAPTest.php
index 8def34045ec..927a7550f60 100644
--- a/apps/user_ldap/tests/User_LDAPTest.php
+++ b/apps/user_ldap/tests/User_LDAPTest.php
@@ -1312,6 +1312,34 @@ class User_LDAPTest extends TestCase {
 		$this->assertEquals($this->backend->setPassword('uid', 'password'),'result');
 	}
 
+	public function avatarDataProvider() {
+		return [
+			[ 'validImageData', false ],
+			[ 'corruptImageData', true ],
+			[ false, true]
+		];
+	}
+
+	/** @dataProvider avatarDataProvider */
+	public function testCanChangeAvatar($imageData, $expected) {
+		$isValidImage  = strpos((string)$imageData, 'valid') === 0;
+
+		$user = $this->createMock(User::class);
+		$user->expects($this->once())
+			->method('getAvatarImage')
+			->willReturn($imageData);
+		$user->expects($this->atMost(1))
+			->method('updateAvatar')
+			->willReturn($isValidImage);
+
+		$this->userManager->expects($this->atLeastOnce())
+			->method('get')
+			->willReturn($user);
+
+		/** @noinspection PhpUnhandledExceptionInspection */
+		$this->assertSame($expected, $this->backend->canChangeAvatar('uid'));
+	}
+
 	public function testCanChangeAvatarWithPlugin() {
 		$this->pluginManager->expects($this->once())
 			->method('implementsActions')