summaryrefslogtreecommitdiffstats
path: root/tests/lib
diff options
context:
space:
mode:
authorLukas Reschke <lukas@owncloud.com>2014-09-03 11:04:49 +0200
committerLukas Reschke <lukas@owncloud.com>2014-09-03 11:04:49 +0200
commit77c0adb520adcb100d2ef4fd0562330b209ee9ea (patch)
tree9bae923fa05f312c033722ad2c711cec01758ab0 /tests/lib
parent50b430ee7cadd6be1520d63acdac27bc06581e09 (diff)
parentfe74b397a53b8a568c15d1ccf779bc8b0425b3c5 (diff)
downloadnextcloud-server-77c0adb520adcb100d2ef4fd0562330b209ee9ea.tar.gz
nextcloud-server-77c0adb520adcb100d2ef4fd0562330b209ee9ea.zip
Merge branch 'securityutils' of https://github.com/owncloud/core into securityutils
Diffstat (limited to 'tests/lib')
-rw-r--r--tests/lib/appframework/db/EntityTest.php10
-rw-r--r--tests/lib/appframework/db/mappertest.php4
-rw-r--r--tests/lib/ocs/privatedata.php2
-rw-r--r--tests/lib/request.php38
-rw-r--r--tests/lib/share/share.php30
5 files changed, 70 insertions, 14 deletions
diff --git a/tests/lib/appframework/db/EntityTest.php b/tests/lib/appframework/db/EntityTest.php
index 9de44b9b3ba..d98cb549422 100644
--- a/tests/lib/appframework/db/EntityTest.php
+++ b/tests/lib/appframework/db/EntityTest.php
@@ -37,10 +37,10 @@ namespace OCP\AppFramework\Db;
* @method void setPreName(string $preName)
*/
class TestEntity extends Entity {
- public $name;
- public $email;
- public $testId;
- public $preName;
+ protected $name;
+ protected $email;
+ protected $testId;
+ protected $preName;
public function __construct($name=null){
$this->addType('testId', 'integer');
@@ -220,4 +220,4 @@ class EntityTest extends \PHPUnit_Framework_TestCase {
}
-} \ No newline at end of file
+}
diff --git a/tests/lib/appframework/db/mappertest.php b/tests/lib/appframework/db/mappertest.php
index 42aa1ade810..fd1acd0367e 100644
--- a/tests/lib/appframework/db/mappertest.php
+++ b/tests/lib/appframework/db/mappertest.php
@@ -36,8 +36,8 @@ use Test\AppFramework\Db\MapperTestUtility;
* @method void setPreName(string $preName)
*/
class Example extends Entity {
- public $preName;
- public $email;
+ protected $preName;
+ protected $email;
};
diff --git a/tests/lib/ocs/privatedata.php b/tests/lib/ocs/privatedata.php
index 530750fabea..534fc21b07a 100644
--- a/tests/lib/ocs/privatedata.php
+++ b/tests/lib/ocs/privatedata.php
@@ -26,7 +26,7 @@ class Test_OC_OCS_Privatedata extends PHPUnit_Framework_TestCase
private $appKey;
public function setUp() {
- \OC::$session->set('user_id', 'user1');
+ \OC::$server->getSession()->set('user_id', 'user1');
$this->appKey = uniqid('app');
}
diff --git a/tests/lib/request.php b/tests/lib/request.php
index bff84e1b03f..b89bf92ece7 100644
--- a/tests/lib/request.php
+++ b/tests/lib/request.php
@@ -9,21 +9,53 @@
class Test_Request extends PHPUnit_Framework_TestCase {
public function setUp() {
- OC_Config::setValue('overwritewebroot', '/domain.tld/ownCloud');
+ OC::$server->getConfig()->setSystemValue('overwritewebroot', '/domain.tld/ownCloud');
+
+ OC::$server->getConfig()->setSystemValue('trusted_proxies', array());
+ OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array());
}
public function tearDown() {
- OC_Config::setValue('overwritewebroot', '');
+ OC::$server->getConfig()->setSystemValue('overwritewebroot', '');
+ OC::$server->getConfig()->setSystemValue('trusted_proxies', array());
+ OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array());
}
public function testScriptNameOverWrite() {
$_SERVER['REMOTE_ADDR'] = '10.0.0.1';
- $_SERVER["SCRIPT_FILENAME"] = __FILE__;
+ $_SERVER['SCRIPT_FILENAME'] = __FILE__;
$scriptName = OC_Request::scriptName();
$this->assertEquals('/domain.tld/ownCloud/tests/lib/request.php', $scriptName);
}
+ public function testGetRemoteAddress() {
+ $_SERVER['REMOTE_ADDR'] = '10.0.0.2';
+ $_SERVER['HTTP_X_FORWARDED'] = '10.4.0.5, 10.4.0.4';
+ $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.233';
+
+ // Without having specified a trusted remote address
+ $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress());
+
+ // With specifying a trusted remote address but no trusted header
+ OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2'));
+ $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress());
+
+ // With specifying a trusted remote address and trusted headers
+ OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2'));
+ OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED'));
+ $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress());
+ OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED'));
+ $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress());
+
+ // With specifying multiple trusted remote addresses and trusted headers
+ OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.3.4.2', '10.0.0.2', '127.0.3.3'));
+ OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED'));
+ $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress());
+ OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED'));
+ $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress());
+ }
+
/**
* @dataProvider rawPathInfoProvider
* @param $expected
diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php
index bb827eece73..0a8d7856915 100644
--- a/tests/lib/share/share.php
+++ b/tests/lib/share/share.php
@@ -314,6 +314,25 @@ class Test_Share extends PHPUnit_Framework_TestCase {
$this->assertTrue(in_array('test.txt', $to_test));
$this->assertTrue(in_array('test1.txt', $to_test));
+ // Unshare from self
+ $this->assertTrue(OCP\Share::unshareFromSelf('test', 'test.txt'));
+ $this->assertEquals(array('test1.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET));
+
+ // Unshare from self via source
+ $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true));
+ $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET));
+
+ OC_User::setUserId($this->user1);
+ $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, OCP\PERMISSION_READ));
+ OC_User::setUserId($this->user3);
+ $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, OCP\PERMISSION_READ));
+
+ OC_User::setUserId($this->user2);
+ $to_test = OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET);
+ $this->assertEquals(2, count($to_test));
+ $this->assertTrue(in_array('test.txt', $to_test));
+ $this->assertTrue(in_array('test1.txt', $to_test));
+
// Remove user
OC_User::setUserId($this->user1);
OC_User::deleteUser($this->user1);
@@ -568,6 +587,11 @@ class Test_Share extends PHPUnit_Framework_TestCase {
OC_User::setUserId($this->user2);
$this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET));
+ // Unshare from self via source
+ OC_User::setUserId($this->user1);
+ $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true));
+ $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET));
+
// Remove group
OC_Group::deleteGroup($this->group1);
OC_User::setUserId($this->user4);
@@ -716,7 +740,7 @@ class Test_Share extends PHPUnit_Framework_TestCase {
* @param $item
*/
public function testCheckPasswordProtectedShare($expected, $item) {
- \OC::$session->set('public_link_authenticated', 100);
+ \OC::$server->getSession()->set('public_link_authenticated', 100);
$result = \OCP\Share::checkPasswordProtectedShare($item);
$this->assertEquals($expected, $result);
}
@@ -743,8 +767,8 @@ class Test_Share extends PHPUnit_Framework_TestCase {
return true;
}
- if ( \OC::$session->exists('public_link_authenticated')
- && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) {
+ if ( \OC::$server->getSession()->exists('public_link_authenticated')
+ && \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id'] ) {
return true;
}
* */