diff options
author | Lukas Reschke <lukas@owncloud.com> | 2014-09-03 11:04:49 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2014-09-03 11:04:49 +0200 |
commit | 77c0adb520adcb100d2ef4fd0562330b209ee9ea (patch) | |
tree | 9bae923fa05f312c033722ad2c711cec01758ab0 /tests | |
parent | 50b430ee7cadd6be1520d63acdac27bc06581e09 (diff) | |
parent | fe74b397a53b8a568c15d1ccf779bc8b0425b3c5 (diff) | |
download | nextcloud-server-77c0adb520adcb100d2ef4fd0562330b209ee9ea.tar.gz nextcloud-server-77c0adb520adcb100d2ef4fd0562330b209ee9ea.zip |
Merge branch 'securityutils' of https://github.com/owncloud/core into securityutils
Diffstat (limited to 'tests')
-rw-r--r-- | tests/lib/appframework/db/EntityTest.php | 10 | ||||
-rw-r--r-- | tests/lib/appframework/db/mappertest.php | 4 | ||||
-rw-r--r-- | tests/lib/ocs/privatedata.php | 2 | ||||
-rw-r--r-- | tests/lib/request.php | 38 | ||||
-rw-r--r-- | tests/lib/share/share.php | 30 | ||||
-rw-r--r-- | tests/startsessionlistener.php | 4 |
6 files changed, 72 insertions, 16 deletions
diff --git a/tests/lib/appframework/db/EntityTest.php b/tests/lib/appframework/db/EntityTest.php index 9de44b9b3ba..d98cb549422 100644 --- a/tests/lib/appframework/db/EntityTest.php +++ b/tests/lib/appframework/db/EntityTest.php @@ -37,10 +37,10 @@ namespace OCP\AppFramework\Db; * @method void setPreName(string $preName) */ class TestEntity extends Entity { - public $name; - public $email; - public $testId; - public $preName; + protected $name; + protected $email; + protected $testId; + protected $preName; public function __construct($name=null){ $this->addType('testId', 'integer'); @@ -220,4 +220,4 @@ class EntityTest extends \PHPUnit_Framework_TestCase { } -}
\ No newline at end of file +} diff --git a/tests/lib/appframework/db/mappertest.php b/tests/lib/appframework/db/mappertest.php index 42aa1ade810..fd1acd0367e 100644 --- a/tests/lib/appframework/db/mappertest.php +++ b/tests/lib/appframework/db/mappertest.php @@ -36,8 +36,8 @@ use Test\AppFramework\Db\MapperTestUtility; * @method void setPreName(string $preName) */ class Example extends Entity { - public $preName; - public $email; + protected $preName; + protected $email; }; diff --git a/tests/lib/ocs/privatedata.php b/tests/lib/ocs/privatedata.php index 530750fabea..534fc21b07a 100644 --- a/tests/lib/ocs/privatedata.php +++ b/tests/lib/ocs/privatedata.php @@ -26,7 +26,7 @@ class Test_OC_OCS_Privatedata extends PHPUnit_Framework_TestCase private $appKey; public function setUp() { - \OC::$session->set('user_id', 'user1'); + \OC::$server->getSession()->set('user_id', 'user1'); $this->appKey = uniqid('app'); } diff --git a/tests/lib/request.php b/tests/lib/request.php index bff84e1b03f..b89bf92ece7 100644 --- a/tests/lib/request.php +++ b/tests/lib/request.php @@ -9,21 +9,53 @@ class Test_Request extends PHPUnit_Framework_TestCase { public function setUp() { - OC_Config::setValue('overwritewebroot', '/domain.tld/ownCloud'); + OC::$server->getConfig()->setSystemValue('overwritewebroot', '/domain.tld/ownCloud'); + + OC::$server->getConfig()->setSystemValue('trusted_proxies', array()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array()); } public function tearDown() { - OC_Config::setValue('overwritewebroot', ''); + OC::$server->getConfig()->setSystemValue('overwritewebroot', ''); + OC::$server->getConfig()->setSystemValue('trusted_proxies', array()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array()); } public function testScriptNameOverWrite() { $_SERVER['REMOTE_ADDR'] = '10.0.0.1'; - $_SERVER["SCRIPT_FILENAME"] = __FILE__; + $_SERVER['SCRIPT_FILENAME'] = __FILE__; $scriptName = OC_Request::scriptName(); $this->assertEquals('/domain.tld/ownCloud/tests/lib/request.php', $scriptName); } + public function testGetRemoteAddress() { + $_SERVER['REMOTE_ADDR'] = '10.0.0.2'; + $_SERVER['HTTP_X_FORWARDED'] = '10.4.0.5, 10.4.0.4'; + $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.233'; + + // Without having specified a trusted remote address + $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress()); + + // With specifying a trusted remote address but no trusted header + OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2')); + $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress()); + + // With specifying a trusted remote address and trusted headers + OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2')); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED')); + $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED')); + $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress()); + + // With specifying multiple trusted remote addresses and trusted headers + OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.3.4.2', '10.0.0.2', '127.0.3.3')); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED')); + $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED')); + $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress()); + } + /** * @dataProvider rawPathInfoProvider * @param $expected diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index bb827eece73..0a8d7856915 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -314,6 +314,25 @@ class Test_Share extends PHPUnit_Framework_TestCase { $this->assertTrue(in_array('test.txt', $to_test)); $this->assertTrue(in_array('test1.txt', $to_test)); + // Unshare from self + $this->assertTrue(OCP\Share::unshareFromSelf('test', 'test.txt')); + $this->assertEquals(array('test1.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + + // Unshare from self via source + $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true)); + $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + + OC_User::setUserId($this->user1); + $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, OCP\PERMISSION_READ)); + OC_User::setUserId($this->user3); + $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, OCP\PERMISSION_READ)); + + OC_User::setUserId($this->user2); + $to_test = OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET); + $this->assertEquals(2, count($to_test)); + $this->assertTrue(in_array('test.txt', $to_test)); + $this->assertTrue(in_array('test1.txt', $to_test)); + // Remove user OC_User::setUserId($this->user1); OC_User::deleteUser($this->user1); @@ -568,6 +587,11 @@ class Test_Share extends PHPUnit_Framework_TestCase { OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + // Unshare from self via source + OC_User::setUserId($this->user1); + $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true)); + $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + // Remove group OC_Group::deleteGroup($this->group1); OC_User::setUserId($this->user4); @@ -716,7 +740,7 @@ class Test_Share extends PHPUnit_Framework_TestCase { * @param $item */ public function testCheckPasswordProtectedShare($expected, $item) { - \OC::$session->set('public_link_authenticated', 100); + \OC::$server->getSession()->set('public_link_authenticated', 100); $result = \OCP\Share::checkPasswordProtectedShare($item); $this->assertEquals($expected, $result); } @@ -743,8 +767,8 @@ class Test_Share extends PHPUnit_Framework_TestCase { return true; } - if ( \OC::$session->exists('public_link_authenticated') - && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) { + if ( \OC::$server->getSession()->exists('public_link_authenticated') + && \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id'] ) { return true; } * */ diff --git a/tests/startsessionlistener.php b/tests/startsessionlistener.php index ba049559c6e..1f3573555ca 100644 --- a/tests/startsessionlistener.php +++ b/tests/startsessionlistener.php @@ -31,9 +31,9 @@ class StartSessionListener implements PHPUnit_Framework_TestListener { public function endTest(PHPUnit_Framework_Test $test, $time) { // reopen the session - only allowed for memory session - if (\OC::$session instanceof \OC\Session\Memory) { + if (\OC::$server->getSession() instanceof \OC\Session\Memory) { /** @var $session \OC\Session\Memory */ - $session = \OC::$session; + $session = \OC::$server->getSession(); $session->reopen(); } } |