diff options
| -rw-r--r-- | apps/encryption/lib/KeyManager.php | 7 | ||||
| -rw-r--r-- | apps/files_external/tests/Storage/Amazons3Test.php (renamed from apps/files_external/tests/Storage/AmazonS3Test.php) | 4 | ||||
| -rw-r--r-- | apps/files_external/tests/Storage/FtpTest.php (renamed from apps/files_external/tests/Storage/FTPTest.php) | 4 | ||||
| -rw-r--r-- | apps/files_external/tests/Storage/OwncloudTest.php (renamed from apps/files_external/tests/Storage/OwnCloudTest.php) | 2 | ||||
| -rw-r--r-- | apps/files_external/tests/Storage/SftpTest.php (renamed from apps/files_external/tests/Storage/SFTPTest.php) | 4 | ||||
| -rw-r--r-- | apps/files_external/tests/Storage/SmbTest.php (renamed from apps/files_external/tests/Storage/SMBTest.php) | 4 | ||||
| -rw-r--r-- | apps/files_external/tests/Storage/WebdavTest.php (renamed from apps/files_external/tests/Storage/WebDAVTest.php) | 4 | ||||
| -rw-r--r-- | apps/updatenotification/tests/Controller/AdminControllerTest.php | 18 | ||||
| -rwxr-xr-x | autotest-external.sh | 6 | ||||
| -rw-r--r-- | config/config.sample.php | 8 | ||||
| -rw-r--r-- | core/Controller/LostController.php | 50 | ||||
| -rw-r--r-- | lib/private/legacy/filechunking.php | 10 | ||||
| -rw-r--r-- | tests/Core/Controller/LostControllerTest.php | 107 |
13 files changed, 190 insertions, 38 deletions
diff --git a/apps/encryption/lib/KeyManager.php b/apps/encryption/lib/KeyManager.php index 4f22c3def63..a9ba8d9dbaa 100644 --- a/apps/encryption/lib/KeyManager.php +++ b/apps/encryption/lib/KeyManager.php @@ -360,6 +360,13 @@ class KeyManager { return false; } catch (DecryptionFailedException $e) { return false; + } catch (\Exception $e) { + $this->log->warning( + 'Could not decrypt the private key from user "' . $uid . '"" during login. ' . + 'Assume password change on the user back-end. Error message: ' + . $e->getMessage() + ); + return false; } if ($privateKey) { diff --git a/apps/files_external/tests/Storage/AmazonS3Test.php b/apps/files_external/tests/Storage/Amazons3Test.php index eb0e410764c..2776f929a4e 100644 --- a/apps/files_external/tests/Storage/AmazonS3Test.php +++ b/apps/files_external/tests/Storage/Amazons3Test.php @@ -29,13 +29,13 @@ namespace OCA\Files_External\Tests\Storage; use \OCA\Files_External\Lib\Storage\AmazonS3; /** - * Class AmazonS3Test + * Class Amazons3Test * * @group DB * * @package OCA\Files_External\Tests\Storage */ -class AmazonS3Test extends \Test\Files\Storage\Storage { +class Amazons3Test extends \Test\Files\Storage\Storage { private $config; diff --git a/apps/files_external/tests/Storage/FTPTest.php b/apps/files_external/tests/Storage/FtpTest.php index 9af9ccff012..941457fc662 100644 --- a/apps/files_external/tests/Storage/FTPTest.php +++ b/apps/files_external/tests/Storage/FtpTest.php @@ -29,13 +29,13 @@ namespace OCA\Files_External\Tests\Storage; use \OCA\Files_External\Lib\Storage\FTP; /** - * Class FTPTest + * Class FtpTest * * @group DB * * @package OCA\Files_External\Tests\Storage */ -class FTPTest extends \Test\Files\Storage\Storage { +class FtpTest extends \Test\Files\Storage\Storage { private $config; protected function setUp() { diff --git a/apps/files_external/tests/Storage/OwnCloudTest.php b/apps/files_external/tests/Storage/OwncloudTest.php index cbc25e46fa0..e48c1ea7a51 100644 --- a/apps/files_external/tests/Storage/OwnCloudTest.php +++ b/apps/files_external/tests/Storage/OwncloudTest.php @@ -33,7 +33,7 @@ use \OCA\Files_External\Lib\Storage\OwnCloud; * * @package OCA\Files_External\Tests\Storage */ -class OwnCloudTest extends \Test\Files\Storage\Storage { +class OwncloudTest extends \Test\Files\Storage\Storage { private $config; diff --git a/apps/files_external/tests/Storage/SFTPTest.php b/apps/files_external/tests/Storage/SftpTest.php index 329e93819fc..1d55366840a 100644 --- a/apps/files_external/tests/Storage/SFTPTest.php +++ b/apps/files_external/tests/Storage/SftpTest.php @@ -29,13 +29,13 @@ namespace OCA\Files_External\Tests\Storage; use \OCA\Files_External\Lib\Storage\SFTP; /** - * Class SFTPTest + * Class SftpTest * * @group DB * * @package OCA\Files_External\Tests\Storage */ -class SFTPTest extends \Test\Files\Storage\Storage { +class SftpTest extends \Test\Files\Storage\Storage { /** * @var SFTP instance */ diff --git a/apps/files_external/tests/Storage/SMBTest.php b/apps/files_external/tests/Storage/SmbTest.php index fc2795702c6..3d217a5575a 100644 --- a/apps/files_external/tests/Storage/SMBTest.php +++ b/apps/files_external/tests/Storage/SmbTest.php @@ -28,13 +28,13 @@ namespace OCA\Files_External\Tests\Storage; use \OCA\Files_External\Lib\Storage\SMB; /** - * Class SMBTest + * Class SmbTest * * @group DB * * @package OCA\Files_External\Tests\Storage */ -class SMBTest extends \Test\Files\Storage\Storage { +class SmbTest extends \Test\Files\Storage\Storage { protected function setUp() { parent::setUp(); diff --git a/apps/files_external/tests/Storage/WebDAVTest.php b/apps/files_external/tests/Storage/WebdavTest.php index f8c5b19e04f..fbb4e8ae5f6 100644 --- a/apps/files_external/tests/Storage/WebDAVTest.php +++ b/apps/files_external/tests/Storage/WebdavTest.php @@ -28,13 +28,13 @@ namespace OCA\Files_External\Tests\Storage; use \OC\Files\Storage\DAV; /** - * Class WebDAVTest + * Class WebdavTest * * @group DB * * @package OCA\Files_External\Tests\Storage */ -class WebDAVTest extends \Test\Files\Storage\Storage { +class WebdavTest extends \Test\Files\Storage\Storage { protected function setUp() { parent::setUp(); diff --git a/apps/updatenotification/tests/Controller/AdminControllerTest.php b/apps/updatenotification/tests/Controller/AdminControllerTest.php index d8fc2dd335c..71364de4802 100644 --- a/apps/updatenotification/tests/Controller/AdminControllerTest.php +++ b/apps/updatenotification/tests/Controller/AdminControllerTest.php @@ -95,10 +95,12 @@ class AdminControllerTest extends TestCase { } $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getAppValue') - ->with('core', 'lastupdatedat') - ->willReturn('12345'); + ->willReturnMap([ + ['core', 'lastupdatedat', '', '12345'], + ['updatenotification', 'notify_groups', '["admin"]', '["admin"]'], + ]); $this->dateTimeFormatter ->expects($this->once()) ->method('formatDateTime') @@ -115,6 +117,7 @@ class AdminControllerTest extends TestCase { 'currentChannel' => \OCP\Util::getChannel(), 'channels' => $channels, 'newVersionString' => '8.1.2', + 'notify_groups' => 'admin', ]; $expected = new TemplateResponse('updatenotification', 'admin', $params, ''); @@ -136,10 +139,12 @@ class AdminControllerTest extends TestCase { } $this->config - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('getAppValue') - ->with('core', 'lastupdatedat') - ->willReturn('12345'); + ->willReturnMap([ + ['core', 'lastupdatedat', '', '12345'], + ['updatenotification', 'notify_groups', '["admin"]', '["admin"]'], + ]); $this->dateTimeFormatter ->expects($this->once()) ->method('formatDateTime') @@ -156,6 +161,7 @@ class AdminControllerTest extends TestCase { 'currentChannel' => \OCP\Util::getChannel(), 'channels' => $channels, 'newVersionString' => '', + 'notify_groups' => 'admin', ]; $expected = new TemplateResponse('updatenotification', 'admin', $params, ''); diff --git a/autotest-external.sh b/autotest-external.sh index 9705980aa2b..9d9d42cee35 100755 --- a/autotest-external.sh +++ b/autotest-external.sh @@ -178,7 +178,7 @@ EOF return; fi - FILES_EXTERNAL_BACKEND_PATH=../apps/files_external/tests/storage + FILES_EXTERNAL_BACKEND_PATH=../apps/files_external/tests/Storage FILES_EXTERNAL_BACKEND_ENV_PATH=../apps/files_external/tests/env for startFile in `ls -1 $FILES_EXTERNAL_BACKEND_ENV_PATH | grep start`; do @@ -198,7 +198,9 @@ EOF # getting backend to test from filename # it's the part between the dots startSomething.TestToRun.sh testToRun=`echo $startFile | cut -d '-' -f 2` - testToRun="${testToRun}test.php" + # capitalize first letter + testToRun="${testToRun^}" + testToRun="${testToRun}Test.php" # run the specific test if [ -z "$NOCOVERAGE" ]; then diff --git a/config/config.sample.php b/config/config.sample.php index ffdce5cc2d5..c5f2f14e031 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -977,6 +977,14 @@ $CONFIG = array( 'cache_path' => '', /** + * TTL of chunks located in the cache folder before they're removed by + * garbage collection (in seconds). Increase this value if users have + * issues uploading very large files via the ownCloud Client as upload isn't + * completed within one day. + */ +'cache_chunk_gc_ttl' => 86400, // 60*60*24 = 1 day + +/** * Using Object Store with ownCloud */ diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index 0e0932b288b..61e29495608 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -121,6 +121,17 @@ class LostController extends Controller { * @return TemplateResponse */ public function resetform($token, $userId) { + try { + $this->checkPasswordResetToken($token, $userId); + } catch (\Exception $e) { + return new TemplateResponse( + 'core', 'error', [ + "errors" => array(array("error" => $e->getMessage())) + ], + 'guest' + ); + } + return new TemplateResponse( 'core', 'lostpassword/resetpassword', @@ -132,6 +143,29 @@ class LostController extends Controller { } /** + * @param string $userId + * @param string $userId + * @throws \Exception + */ + private function checkPasswordResetToken($token, $userId) { + $user = $this->userManager->get($userId); + + $splittedToken = explode(':', $this->config->getUserValue($userId, 'owncloud', 'lostpassword', null)); + if(count($splittedToken) !== 2) { + throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid')); + } + + if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) || + $user->getLastLogin() > $splittedToken[0]) { + throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired')); + } + + if (!StringUtils::equals($splittedToken[1], $token)) { + throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid')); + } + } + + /** * @param $message * @param array $additional * @return array @@ -178,22 +212,9 @@ class LostController extends Controller { } try { + $this->checkPasswordResetToken($token, $userId); $user = $this->userManager->get($userId); - $splittedToken = explode(':', $this->config->getUserValue($userId, 'owncloud', 'lostpassword', null)); - if(count($splittedToken) !== 2) { - throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid')); - } - - if ($splittedToken[0] < ($this->timeFactory->getTime() - 60*60*12) || - $user->getLastLogin() > $splittedToken[0]) { - throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired')); - } - - if (!StringUtils::equals($splittedToken[1], $token)) { - throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid')); - } - if (!$user->setPassword($password)) { throw new \Exception(); } @@ -202,7 +223,6 @@ class LostController extends Controller { $this->config->deleteUserValue($userId, 'owncloud', 'lostpassword'); @\OC_User::unsetMagicInCookie(); - } catch (\Exception $e){ return $this->error($e->getMessage()); } diff --git a/lib/private/legacy/filechunking.php b/lib/private/legacy/filechunking.php index f2cef275458..9b8a5a6f766 100644 --- a/lib/private/legacy/filechunking.php +++ b/lib/private/legacy/filechunking.php @@ -31,6 +31,13 @@ class OC_FileChunking { protected $info; protected $cache; + /** + * TTL of chunks + * + * @var int + */ + protected $ttl; + static public function decodeName($name) { preg_match('/(?P<name>.*)-chunking-(?P<transferid>\d+)-(?P<chunkcount>\d+)-(?P<index>\d+)/', $name, $matches); return $matches; @@ -41,6 +48,7 @@ class OC_FileChunking { */ public function __construct($info) { $this->info = $info; + $this->ttl = \OC::$server->getConfig()->getSystemValue('cache_chunk_gc_ttl', 86400); } public function getPrefix() { @@ -67,7 +75,7 @@ class OC_FileChunking { public function store($index, $data) { $cache = $this->getCache(); $name = $this->getPrefix().$index; - $cache->set($name, $data); + $cache->set($name, $data, $this->ttl); return $cache->size($name); } diff --git a/tests/Core/Controller/LostControllerTest.php b/tests/Core/Controller/LostControllerTest.php index ca63c3404eb..492a04bcfde 100644 --- a/tests/Core/Controller/LostControllerTest.php +++ b/tests/Core/Controller/LostControllerTest.php @@ -114,14 +114,115 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase { ); } - public function testResetFormUnsuccessful() { + public function testResetFormInvalidToken() { $userId = 'admin'; $token = 'MySecretToken'; + $response = $this->lostController->resetform($token, $userId); + $expectedResponse = new TemplateResponse('core', + 'error', + [ + 'errors' => [ + ['error' => 'Couldn\'t reset password because the token is invalid'], + ] + ], + 'guest'); + $this->assertEquals($expectedResponse, $response); + } + + public function testResetFormInvalidTokenMatch() { + $this->config + ->expects($this->once()) + ->method('getUserValue') + ->with('ValidTokenUser', 'owncloud', 'lostpassword', null) + ->will($this->returnValue('12345:TheOnlyAndOnlyOneTokenToResetThePassword')); + $user = $this->getMockBuilder('\OCP\IUser') + ->disableOriginalConstructor()->getMock(); + $user + ->expects($this->once()) + ->method('getLastLogin') + ->will($this->returnValue(12344)); + $this->userManager + ->expects($this->once()) + ->method('get') + ->with('ValidTokenUser') + ->will($this->returnValue($user)); + $userId = 'ValidTokenUser'; + $token = '12345:MySecretToken'; + $response = $this->lostController->resetform($token, $userId); + $expectedResponse = new TemplateResponse('core', + 'error', + [ + 'errors' => [ + ['error' => 'Couldn\'t reset password because the token is invalid'], + ] + ], + 'guest'); + $this->assertEquals($expectedResponse, $response); + } + + + public function testResetFormExpiredToken() { + $userId = 'ValidTokenUser'; + $token = '12345:TheOnlyAndOnlyOneTokenToResetThePassword'; + $user = $this->getMockBuilder('\OCP\IUser') + ->disableOriginalConstructor()->getMock(); + $this->userManager + ->expects($this->once()) + ->method('get') + ->with('ValidTokenUser') + ->will($this->returnValue($user)); + $this->timeFactory + ->expects($this->once()) + ->method('getTime') + ->will($this->returnValue(12345*60*60*12)); + $userId = 'ValidTokenUser'; + $token = 'TheOnlyAndOnlyOneTokenToResetThePassword'; + $this->config + ->expects($this->once()) + ->method('getUserValue') + ->with('ValidTokenUser', 'owncloud', 'lostpassword', null) + ->will($this->returnValue('12345:TheOnlyAndOnlyOneTokenToResetThePassword')); + $response = $this->lostController->resetform($token, $userId); + $expectedResponse = new TemplateResponse('core', + 'error', + [ + 'errors' => [ + ['error' => 'Couldn\'t reset password because the token is expired'], + ] + ], + 'guest'); + $this->assertEquals($expectedResponse, $response); + } + public function testResetFormValidToken() { + $userId = 'ValidTokenUser'; + $token = '12345:TheOnlyAndOnlyOneTokenToResetThePassword'; + $user = $this->getMockBuilder('\OCP\IUser') + ->disableOriginalConstructor()->getMock(); + $user + ->expects($this->once()) + ->method('getLastLogin') + ->will($this->returnValue(12344)); + $this->userManager + ->expects($this->once()) + ->method('get') + ->with('ValidTokenUser') + ->will($this->returnValue($user)); + $this->timeFactory + ->expects($this->once()) + ->method('getTime') + ->will($this->returnValue(12348)); + $userId = 'ValidTokenUser'; + $token = 'TheOnlyAndOnlyOneTokenToResetThePassword'; + $this->config + ->expects($this->once()) + ->method('getUserValue') + ->with('ValidTokenUser', 'owncloud', 'lostpassword', null) + ->will($this->returnValue('12345:TheOnlyAndOnlyOneTokenToResetThePassword')); $this->urlGenerator ->expects($this->once()) ->method('linkToRouteAbsolute') - ->with('core.lost.setPassword', array('userId' => 'admin', 'token' => 'MySecretToken')) + ->with('core.lost.setPassword', array('userId' => 'ValidTokenUser', 'token' => 'TheOnlyAndOnlyOneTokenToResetThePassword')) ->will($this->returnValue('https://ownCloud.com/index.php/lostpassword/')); $response = $this->lostController->resetform($token, $userId); @@ -329,7 +430,7 @@ class LostControllerTest extends \PHPUnit_Framework_TestCase { ->with('NewPassword') ->will($this->returnValue(true)); $this->userManager - ->expects($this->once()) + ->expects($this->exactly(2)) ->method('get') ->with('ValidTokenUser') ->will($this->returnValue($user)); |