summaryrefslogtreecommitdiffstats
path: root/tests/Core
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2017-04-14 13:42:40 +0200
committerLukas Reschke <lukas@statuscode.ch>2017-04-14 13:42:40 +0200
commit727688ebd9c7cdeea4495e93f11b7f7bef9af109 (patch)
tree9f04e334eee326ccd0397f73d5e757aeb603de40 /tests/Core
parentf40b9fa9bd03b9c9590976eefa21aba7085f32f2 (diff)
downloadnextcloud-server-727688ebd9c7cdeea4495e93f11b7f7bef9af109.tar.gz
nextcloud-server-727688ebd9c7cdeea4495e93f11b7f7bef9af109.zip
Adjust existing bruteforce protection code
- Moves code to annotation - Adds the `throttle()` call on the responses on existing annotations Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'tests/Core')
-rw-r--r--tests/Core/Controller/LostControllerTest.php37
-rw-r--r--tests/Core/Controller/OCSControllerTest.php41
2 files changed, 23 insertions, 55 deletions
diff --git a/tests/Core/Controller/LostControllerTest.php b/tests/Core/Controller/LostControllerTest.php
index 539fe016c8b..ab3f022c971 100644
--- a/tests/Core/Controller/LostControllerTest.php
+++ b/tests/Core/Controller/LostControllerTest.php
@@ -23,6 +23,7 @@ namespace Tests\Core\Controller;
use OC\Core\Controller\LostController;
use OC\Mail\Message;
+use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Defaults;
@@ -245,7 +246,7 @@ class LostControllerTest extends \Test\TestCase {
$this->assertEquals($expectedResponse, $response);
}
- public function testEmailUnsucessful() {
+ public function testEmailUnsuccessful() {
$existingUser = 'ExistingUser';
$nonExistingUser = 'NonExistingUser';
$this->userManager
@@ -258,11 +259,12 @@ class LostControllerTest extends \Test\TestCase {
// With a non existing user
$response = $this->lostController->email($nonExistingUser);
- $expectedResponse = [
+ $expectedResponse = new JSONResponse([
'status' => 'error',
'msg' => 'Couldn\'t send reset email. Please make sure your username is correct.'
- ];
- $this->assertSame($expectedResponse, $response);
+ ]);
+ $expectedResponse->throttle();
+ $this->assertEquals($expectedResponse, $response);
// With no mail address
$this->config
@@ -271,11 +273,12 @@ class LostControllerTest extends \Test\TestCase {
->with($existingUser, 'settings', 'email')
->will($this->returnValue(null));
$response = $this->lostController->email($existingUser);
- $expectedResponse = [
+ $expectedResponse = new JSONResponse([
'status' => 'error',
'msg' => 'Couldn\'t send reset email. Please make sure your username is correct.'
- ];
- $this->assertSame($expectedResponse, $response);
+ ]);
+ $expectedResponse->throttle();
+ $this->assertEquals($expectedResponse, $response);
}
public function testEmailSuccessful() {
@@ -355,8 +358,9 @@ class LostControllerTest extends \Test\TestCase {
)->willReturn('encryptedToken');
$response = $this->lostController->email('ExistingUser');
- $expectedResponse = array('status' => 'success');
- $this->assertSame($expectedResponse, $response);
+ $expectedResponse = new JSONResponse(['status' => 'success']);
+ $expectedResponse->throttle();
+ $this->assertEquals($expectedResponse, $response);
}
public function testEmailWithMailSuccessful() {
@@ -441,8 +445,9 @@ class LostControllerTest extends \Test\TestCase {
)->willReturn('encryptedToken');
$response = $this->lostController->email('test@example.com');
- $expectedResponse = array('status' => 'success');
- $this->assertSame($expectedResponse, $response);
+ $expectedResponse = new JSONResponse(['status' => 'success']);
+ $expectedResponse->throttle();
+ $this->assertEquals($expectedResponse, $response);
}
public function testEmailCantSendException() {
@@ -522,8 +527,9 @@ class LostControllerTest extends \Test\TestCase {
)->willReturn('encryptedToken');
$response = $this->lostController->email('ExistingUser');
- $expectedResponse = ['status' => 'error', 'msg' => 'Couldn\'t send reset email. Please contact your administrator.'];
- $this->assertSame($expectedResponse, $response);
+ $expectedResponse = new JSONResponse(['status' => 'error', 'msg' => 'Couldn\'t send reset email. Please contact your administrator.']);
+ $expectedResponse->throttle();
+ $this->assertEquals($expectedResponse, $response);
}
public function testSetPasswordUnsuccessful() {
@@ -692,8 +698,9 @@ class LostControllerTest extends \Test\TestCase {
->willReturn($user);
$response = $this->lostController->email('ExistingUser');
- $expectedResponse = ['status' => 'error', 'msg' => 'Could not send reset email because there is no email address for this username. Please contact your administrator.'];
- $this->assertSame($expectedResponse, $response);
+ $expectedResponse = new JSONResponse(['status' => 'error', 'msg' => 'Could not send reset email because there is no email address for this username. Please contact your administrator.']);
+ $expectedResponse->throttle();
+ $this->assertEquals($expectedResponse, $response);
}
public function testSetPasswordEncryptionDontProceed() {
diff --git a/tests/Core/Controller/OCSControllerTest.php b/tests/Core/Controller/OCSControllerTest.php
index 7241df9317c..e6066a80142 100644
--- a/tests/Core/Controller/OCSControllerTest.php
+++ b/tests/Core/Controller/OCSControllerTest.php
@@ -42,8 +42,6 @@ class OCSControllerTest extends TestCase {
private $userSession;
/** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */
private $userManager;
- /** @var Throttler|\PHPUnit_Framework_MockObject_MockObject */
- private $throttler;
/** @var Manager|\PHPUnit_Framework_MockObject_MockObject */
private $keyManager;
/** @var OCSController */
@@ -56,7 +54,6 @@ class OCSControllerTest extends TestCase {
$this->capabilitiesManager = $this->createMock(CapabilitiesManager::class);
$this->userSession = $this->createMock(IUserSession::class);
$this->userManager = $this->createMock(IUserManager::class);
- $this->throttler = $this->createMock(Throttler::class);
$this->keyManager = $this->createMock(Manager::class);
$this->controller = new OCSController(
@@ -65,7 +62,6 @@ class OCSControllerTest extends TestCase {
$this->capabilitiesManager,
$this->userSession,
$this->userManager,
- $this->throttler,
$this->keyManager
);
}
@@ -117,16 +113,6 @@ class OCSControllerTest extends TestCase {
}
public function testPersonCheckValid() {
- $this->request->method('getRemoteAddress')
- ->willReturn('1.2.3.4');
-
- $this->throttler->expects($this->once())
- ->method('sleepDelay')
- ->with('1.2.3.4');
-
- $this->throttler->expects($this->never())
- ->method('registerAttempt');
-
$this->userManager->method('checkPassword')
->with(
$this->equalTo('user'),
@@ -138,25 +124,10 @@ class OCSControllerTest extends TestCase {
'personid' => 'user'
]
]);
-
$this->assertEquals($expected, $this->controller->personCheck('user', 'pass'));
}
public function testPersonInvalid() {
- $this->request->method('getRemoteAddress')
- ->willReturn('1.2.3.4');
-
- $this->throttler->expects($this->once())
- ->method('sleepDelay')
- ->with('1.2.3.4');
-
- $this->throttler->expects($this->once())
- ->method('registerAttempt')
- ->with(
- $this->equalTo('login'),
- $this->equalTo('1.2.3.4')
- );
-
$this->userManager->method('checkPassword')
->with(
$this->equalTo('user'),
@@ -164,20 +135,11 @@ class OCSControllerTest extends TestCase {
)->willReturn(false);
$expected = new DataResponse(null, 102);
-
+ $expected->throttle();
$this->assertEquals($expected, $this->controller->personCheck('user', 'wrongpass'));
}
public function testPersonNoLogin() {
- $this->request->method('getRemoteAddress')
- ->willReturn('1.2.3.4');
-
- $this->throttler->expects($this->never())
- ->method('sleepDelay');
-
- $this->throttler->expects($this->never())
- ->method('registerAttempt');
-
$this->userManager->method('checkPassword')
->with(
$this->equalTo('user'),
@@ -185,7 +147,6 @@ class OCSControllerTest extends TestCase {
)->willReturn(false);
$expected = new DataResponse(null, 101);
-
$this->assertEquals($expected, $this->controller->personCheck('', ''));
}