aboutsummaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2020-05-29 21:34:52 +0200
committerGitHub <noreply@github.com>2020-05-29 21:34:52 +0200
commitc31b2d6ce15a71b681eabadcc4fce6d0f98f5cb2 (patch)
treebad9290390d58e8fcc5f94148cd8ee51f271c175 /apps
parentbb107a1f6fa02fd81e2aee31332f6e65c678bfb0 (diff)
parentb5ffa2ea3d3d38dcf68b1ba3cd65998621256512 (diff)
downloadnextcloud-server-c31b2d6ce15a71b681eabadcc4fce6d0f98f5cb2.tar.gz
nextcloud-server-c31b2d6ce15a71b681eabadcc4fce6d0f98f5cb2.zip
Merge pull request #21152 from nextcloud/backport/21143/stable18
[stable18] Fix password changes in link and mail shares
Diffstat (limited to 'apps')
-rw-r--r--apps/sharebymail/lib/ShareByMailProvider.php10
-rw-r--r--apps/sharebymail/tests/ShareByMailProviderTest.php123
2 files changed, 127 insertions, 6 deletions
diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php
index 50338c48830..c3636f379d8 100644
--- a/apps/sharebymail/lib/ShareByMailProvider.php
+++ b/apps/sharebymail/lib/ShareByMailProvider.php
@@ -186,12 +186,16 @@ class ShareByMailProvider implements IShareProvider {
// if the admin enforces a password for all mail shares we create a
// random password and send it to the recipient
- $password = '';
+ $password = $share->getPassword() ?: '';
$passwordEnforced = $this->settingsManager->enforcePasswordProtection();
- if ($passwordEnforced) {
+ if ($passwordEnforced && empty($password)) {
$password = $this->autoGeneratePassword($share);
}
+ if (!empty($password)) {
+ $share->setPassword($this->hasher->hash($password));
+ }
+
$shareId = $this->createMailShare($share);
$send = $this->sendPassword($share, $password);
if ($passwordEnforced && $send === false) {
@@ -233,8 +237,6 @@ class ShareByMailProvider implements IShareProvider {
$password = $this->secureRandom->generate($passwordLength, $passwordCharset);
- $share->setPassword($this->hasher->hash($password));
-
return $password;
}
diff --git a/apps/sharebymail/tests/ShareByMailProviderTest.php b/apps/sharebymail/tests/ShareByMailProviderTest.php
index 07bba57a19c..66e9f7437b6 100644
--- a/apps/sharebymail/tests/ShareByMailProviderTest.php
+++ b/apps/sharebymail/tests/ShareByMailProviderTest.php
@@ -242,6 +242,51 @@ class ShareByMailProviderTest extends TestCase {
);
}
+ public function testCreateSendPasswordByMailWithPasswordAndWithoutEnforcedPasswordProtection() {
+ $share = $this->getMockBuilder(IShare::class)->getMock();
+ $share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com');
+ $share->expects($this->any())->method('getSendPasswordByTalk')->willReturn(false);
+ $share->expects($this->any())->method('getSharedBy')->willReturn('owner');
+
+ $node = $this->getMockBuilder(File::class)->getMock();
+ $node->expects($this->any())->method('getName')->willReturn('filename');
+
+ $instance = $this->getInstance(['getSharedWith', 'createMailShare', 'getRawShare', 'createShareObject', 'createShareActivity', 'autoGeneratePassword', 'createPasswordSendActivity']);
+
+ $instance->expects($this->once())->method('getSharedWith')->willReturn([]);
+ $instance->expects($this->once())->method('createMailShare')->with($share)->willReturn(42);
+ $instance->expects($this->once())->method('createShareActivity')->with($share);
+ $instance->expects($this->once())->method('getRawShare')->with(42)->willReturn('rawShare');
+ $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject');
+ $share->expects($this->any())->method('getNode')->willReturn($node);
+
+ $share->expects($this->once())->method('getPassword')->willReturn('password');
+ $this->hasher->expects($this->once())->method('hash')->with('password')->willReturn('passwordHashed');
+ $share->expects($this->once())->method('setPassword')->with('passwordHashed');
+
+ // The given password (but not the autogenerated password) should be
+ // mailed to the receiver of the share.
+ $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(false);
+ $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true);
+ $instance->expects($this->never())->method('autoGeneratePassword');
+
+ $message = $this->createMock(IMessage::class);
+ $message->expects($this->once())->method('setTo')->with(['receiver@example.com']);
+ $this->mailer->expects($this->once())->method('createMessage')->willReturn($message);
+ $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [
+ 'filename' => 'filename',
+ 'password' => 'password',
+ 'initiator' => 'owner',
+ 'initiatorEmail' => null,
+ 'shareWith' => 'receiver@example.com',
+ ]);
+ $this->mailer->expects($this->once())->method('send');
+
+ $this->assertSame('shareObject',
+ $instance->create($share)
+ );
+ }
+
public function testCreateSendPasswordByMailWithEnforcedPasswordProtection() {
$share = $this->getMockBuilder(IShare::class)->getMock();
$share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com');
@@ -260,14 +305,70 @@ class ShareByMailProviderTest extends TestCase {
$instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject');
$share->expects($this->any())->method('getNode')->willReturn($node);
+ $share->expects($this->once())->method('getPassword')->willReturn(null);
+ $this->hasher->expects($this->once())->method('hash')->with('autogeneratedPassword')->willReturn('autogeneratedPasswordHashed');
+ $share->expects($this->once())->method('setPassword')->with('autogeneratedPasswordHashed');
+
// The autogenerated password should be mailed to the receiver of the share.
$this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true);
$this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true);
- $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('password');
+ $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('autogeneratedPassword');
$message = $this->createMock(IMessage::class);
$message->expects($this->once())->method('setTo')->with(['receiver@example.com']);
$this->mailer->expects($this->once())->method('createMessage')->willReturn($message);
+ $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [
+ 'filename' => 'filename',
+ 'password' => 'autogeneratedPassword',
+ 'initiator' => 'owner',
+ 'initiatorEmail' => null,
+ 'shareWith' => 'receiver@example.com',
+ ]);
+ $this->mailer->expects($this->once())->method('send');
+
+ $this->assertSame('shareObject',
+ $instance->create($share)
+ );
+ }
+
+ public function testCreateSendPasswordByMailWithPasswordAndWithEnforcedPasswordProtection() {
+ $share = $this->getMockBuilder(IShare::class)->getMock();
+ $share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com');
+ $share->expects($this->any())->method('getSendPasswordByTalk')->willReturn(false);
+ $share->expects($this->any())->method('getSharedBy')->willReturn('owner');
+
+ $node = $this->getMockBuilder(File::class)->getMock();
+ $node->expects($this->any())->method('getName')->willReturn('filename');
+
+ $instance = $this->getInstance(['getSharedWith', 'createMailShare', 'getRawShare', 'createShareObject', 'createShareActivity', 'autoGeneratePassword', 'createPasswordSendActivity']);
+
+ $instance->expects($this->once())->method('getSharedWith')->willReturn([]);
+ $instance->expects($this->once())->method('createMailShare')->with($share)->willReturn(42);
+ $instance->expects($this->once())->method('createShareActivity')->with($share);
+ $instance->expects($this->once())->method('getRawShare')->with(42)->willReturn('rawShare');
+ $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject');
+ $share->expects($this->any())->method('getNode')->willReturn($node);
+
+ $share->expects($this->once())->method('getPassword')->willReturn('password');
+ $this->hasher->expects($this->once())->method('hash')->with('password')->willReturn('passwordHashed');
+ $share->expects($this->once())->method('setPassword')->with('passwordHashed');
+
+ // The given password (but not the autogenerated password) should be
+ // mailed to the receiver of the share.
+ $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true);
+ $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true);
+ $instance->expects($this->never())->method('autoGeneratePassword');
+
+ $message = $this->createMock(IMessage::class);
+ $message->expects($this->once())->method('setTo')->with(['receiver@example.com']);
+ $this->mailer->expects($this->once())->method('createMessage')->willReturn($message);
+ $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [
+ 'filename' => 'filename',
+ 'password' => 'password',
+ 'initiator' => 'owner',
+ 'initiatorEmail' => null,
+ 'shareWith' => 'receiver@example.com',
+ ]);
$this->mailer->expects($this->once())->method('send');
$this->assertSame('shareObject',
@@ -293,14 +394,25 @@ class ShareByMailProviderTest extends TestCase {
$instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject');
$share->expects($this->any())->method('getNode')->willReturn($node);
+ $share->expects($this->once())->method('getPassword')->willReturn(null);
+ $this->hasher->expects($this->once())->method('hash')->with('autogeneratedPassword')->willReturn('autogeneratedPasswordHashed');
+ $share->expects($this->once())->method('setPassword')->with('autogeneratedPasswordHashed');
+
// The autogenerated password should be mailed to the owner of the share.
$this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true);
$this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true);
- $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('password');
+ $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('autogeneratedPassword');
$message = $this->createMock(IMessage::class);
$message->expects($this->once())->method('setTo')->with(['owner@example.com' => 'Owner display name']);
$this->mailer->expects($this->once())->method('createMessage')->willReturn($message);
+ $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.OwnerPasswordNotification', [
+ 'filename' => 'filename',
+ 'password' => 'autogeneratedPassword',
+ 'initiator' => 'Owner display name',
+ 'initiatorEmail' => 'owner@example.com',
+ 'shareWith' => 'receiver@example.com',
+ ]);
$this->mailer->expects($this->once())->method('send');
$user = $this->createMock(IUser::class);
@@ -533,6 +645,13 @@ class ShareByMailProviderTest extends TestCase {
$share->expects($this->any())->method('getSendPasswordByTalk')->willReturn($newSendPasswordByTalk);
if ($sendMail) {
+ $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [
+ 'filename' => 'filename',
+ 'password' => $plainTextPassword,
+ 'initiator' => null,
+ 'initiatorEmail' => null,
+ 'shareWith' => 'receiver@example.com',
+ ]);
$this->mailer->expects($this->once())->method('send');
} else {
$this->mailer->expects($this->never())->method('send');