diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2017-04-14 13:42:40 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2017-04-14 13:42:40 +0200 |
commit | 727688ebd9c7cdeea4495e93f11b7f7bef9af109 (patch) | |
tree | 9f04e334eee326ccd0397f73d5e757aeb603de40 /tests/Core | |
parent | f40b9fa9bd03b9c9590976eefa21aba7085f32f2 (diff) | |
download | nextcloud-server-727688ebd9c7cdeea4495e93f11b7f7bef9af109.tar.gz nextcloud-server-727688ebd9c7cdeea4495e93f11b7f7bef9af109.zip |
Adjust existing bruteforce protection code
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'tests/Core')
-rw-r--r-- | tests/Core/Controller/LostControllerTest.php | 37 | ||||
-rw-r--r-- | tests/Core/Controller/OCSControllerTest.php | 41 |
2 files changed, 23 insertions, 55 deletions
diff --git a/tests/Core/Controller/LostControllerTest.php b/tests/Core/Controller/LostControllerTest.php index 539fe016c8b..ab3f022c971 100644 --- a/tests/Core/Controller/LostControllerTest.php +++ b/tests/Core/Controller/LostControllerTest.php @@ -23,6 +23,7 @@ namespace Tests\Core\Controller; use OC\Core\Controller\LostController; use OC\Mail\Message; +use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Utility\ITimeFactory; use OCP\Defaults; @@ -245,7 +246,7 @@ class LostControllerTest extends \Test\TestCase { $this->assertEquals($expectedResponse, $response); } - public function testEmailUnsucessful() { + public function testEmailUnsuccessful() { $existingUser = 'ExistingUser'; $nonExistingUser = 'NonExistingUser'; $this->userManager @@ -258,11 +259,12 @@ class LostControllerTest extends \Test\TestCase { // With a non existing user $response = $this->lostController->email($nonExistingUser); - $expectedResponse = [ + $expectedResponse = new JSONResponse([ 'status' => 'error', 'msg' => 'Couldn\'t send reset email. Please make sure your username is correct.' - ]; - $this->assertSame($expectedResponse, $response); + ]); + $expectedResponse->throttle(); + $this->assertEquals($expectedResponse, $response); // With no mail address $this->config @@ -271,11 +273,12 @@ class LostControllerTest extends \Test\TestCase { ->with($existingUser, 'settings', 'email') ->will($this->returnValue(null)); $response = $this->lostController->email($existingUser); - $expectedResponse = [ + $expectedResponse = new JSONResponse([ 'status' => 'error', 'msg' => 'Couldn\'t send reset email. Please make sure your username is correct.' - ]; - $this->assertSame($expectedResponse, $response); + ]); + $expectedResponse->throttle(); + $this->assertEquals($expectedResponse, $response); } public function testEmailSuccessful() { @@ -355,8 +358,9 @@ class LostControllerTest extends \Test\TestCase { )->willReturn('encryptedToken'); $response = $this->lostController->email('ExistingUser'); - $expectedResponse = array('status' => 'success'); - $this->assertSame($expectedResponse, $response); + $expectedResponse = new JSONResponse(['status' => 'success']); + $expectedResponse->throttle(); + $this->assertEquals($expectedResponse, $response); } public function testEmailWithMailSuccessful() { @@ -441,8 +445,9 @@ class LostControllerTest extends \Test\TestCase { )->willReturn('encryptedToken'); $response = $this->lostController->email('test@example.com'); - $expectedResponse = array('status' => 'success'); - $this->assertSame($expectedResponse, $response); + $expectedResponse = new JSONResponse(['status' => 'success']); + $expectedResponse->throttle(); + $this->assertEquals($expectedResponse, $response); } public function testEmailCantSendException() { @@ -522,8 +527,9 @@ class LostControllerTest extends \Test\TestCase { )->willReturn('encryptedToken'); $response = $this->lostController->email('ExistingUser'); - $expectedResponse = ['status' => 'error', 'msg' => 'Couldn\'t send reset email. Please contact your administrator.']; - $this->assertSame($expectedResponse, $response); + $expectedResponse = new JSONResponse(['status' => 'error', 'msg' => 'Couldn\'t send reset email. Please contact your administrator.']); + $expectedResponse->throttle(); + $this->assertEquals($expectedResponse, $response); } public function testSetPasswordUnsuccessful() { @@ -692,8 +698,9 @@ class LostControllerTest extends \Test\TestCase { ->willReturn($user); $response = $this->lostController->email('ExistingUser'); - $expectedResponse = ['status' => 'error', 'msg' => 'Could not send reset email because there is no email address for this username. Please contact your administrator.']; - $this->assertSame($expectedResponse, $response); + $expectedResponse = new JSONResponse(['status' => 'error', 'msg' => 'Could not send reset email because there is no email address for this username. Please contact your administrator.']); + $expectedResponse->throttle(); + $this->assertEquals($expectedResponse, $response); } public function testSetPasswordEncryptionDontProceed() { diff --git a/tests/Core/Controller/OCSControllerTest.php b/tests/Core/Controller/OCSControllerTest.php index 7241df9317c..e6066a80142 100644 --- a/tests/Core/Controller/OCSControllerTest.php +++ b/tests/Core/Controller/OCSControllerTest.php @@ -42,8 +42,6 @@ class OCSControllerTest extends TestCase { private $userSession; /** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */ private $userManager; - /** @var Throttler|\PHPUnit_Framework_MockObject_MockObject */ - private $throttler; /** @var Manager|\PHPUnit_Framework_MockObject_MockObject */ private $keyManager; /** @var OCSController */ @@ -56,7 +54,6 @@ class OCSControllerTest extends TestCase { $this->capabilitiesManager = $this->createMock(CapabilitiesManager::class); $this->userSession = $this->createMock(IUserSession::class); $this->userManager = $this->createMock(IUserManager::class); - $this->throttler = $this->createMock(Throttler::class); $this->keyManager = $this->createMock(Manager::class); $this->controller = new OCSController( @@ -65,7 +62,6 @@ class OCSControllerTest extends TestCase { $this->capabilitiesManager, $this->userSession, $this->userManager, - $this->throttler, $this->keyManager ); } @@ -117,16 +113,6 @@ class OCSControllerTest extends TestCase { } public function testPersonCheckValid() { - $this->request->method('getRemoteAddress') - ->willReturn('1.2.3.4'); - - $this->throttler->expects($this->once()) - ->method('sleepDelay') - ->with('1.2.3.4'); - - $this->throttler->expects($this->never()) - ->method('registerAttempt'); - $this->userManager->method('checkPassword') ->with( $this->equalTo('user'), @@ -138,25 +124,10 @@ class OCSControllerTest extends TestCase { 'personid' => 'user' ] ]); - $this->assertEquals($expected, $this->controller->personCheck('user', 'pass')); } public function testPersonInvalid() { - $this->request->method('getRemoteAddress') - ->willReturn('1.2.3.4'); - - $this->throttler->expects($this->once()) - ->method('sleepDelay') - ->with('1.2.3.4'); - - $this->throttler->expects($this->once()) - ->method('registerAttempt') - ->with( - $this->equalTo('login'), - $this->equalTo('1.2.3.4') - ); - $this->userManager->method('checkPassword') ->with( $this->equalTo('user'), @@ -164,20 +135,11 @@ class OCSControllerTest extends TestCase { )->willReturn(false); $expected = new DataResponse(null, 102); - + $expected->throttle(); $this->assertEquals($expected, $this->controller->personCheck('user', 'wrongpass')); } public function testPersonNoLogin() { - $this->request->method('getRemoteAddress') - ->willReturn('1.2.3.4'); - - $this->throttler->expects($this->never()) - ->method('sleepDelay'); - - $this->throttler->expects($this->never()) - ->method('registerAttempt'); - $this->userManager->method('checkPassword') ->with( $this->equalTo('user'), @@ -185,7 +147,6 @@ class OCSControllerTest extends TestCase { )->willReturn(false); $expected = new DataResponse(null, 101); - $this->assertEquals($expected, $this->controller->personCheck('', '')); } |