summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/settings/lib/Controller/AuthSettingsController.php8
-rw-r--r--apps/settings/tests/Controller/AuthSettingsControllerTest.php33
-rw-r--r--lib/private/Authentication/Token/RemoteWipe.php10
-rw-r--r--tests/lib/Authentication/Token/RemoteWipeTest.php16
4 files changed, 44 insertions, 23 deletions
diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php
index 7248127fd6b..7f6d74e5fc7 100644
--- a/apps/settings/lib/Controller/AuthSettingsController.php
+++ b/apps/settings/lib/Controller/AuthSettingsController.php
@@ -289,7 +289,13 @@ class AuthSettingsController extends Controller {
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
*/
public function wipe(int $id): JSONResponse {
- if (!$this->remoteWipe->markTokenForWipe($id)) {
+ try {
+ $token = $this->findTokenByIdAndUser($id);
+ } catch (InvalidTokenException $e) {
+ return new JSONResponse([], Http::STATUS_NOT_FOUND);
+ }
+
+ if (!$this->remoteWipe->markTokenForWipe($token)) {
return new JSONResponse([], Http::STATUS_BAD_REQUEST);
}
diff --git a/apps/settings/tests/Controller/AuthSettingsControllerTest.php b/apps/settings/tests/Controller/AuthSettingsControllerTest.php
index 923a63d706c..1d24a90794f 100644
--- a/apps/settings/tests/Controller/AuthSettingsControllerTest.php
+++ b/apps/settings/tests/Controller/AuthSettingsControllerTest.php
@@ -36,6 +36,7 @@ use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\DefaultToken;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
+use OC\Authentication\Token\IWipeableToken;
use OC\Authentication\Token\RemoteWipe;
use OCA\Settings\Controller\AuthSettingsController;
use OCP\Activity\IEvent;
@@ -428,9 +429,15 @@ class AuthSettingsControllerTest extends TestCase {
}
public function testRemoteWipeNotSuccessful(): void {
+ $token = $this->createMock(IToken::class);
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn($this->uid);
+ $this->mockGetTokenById(123, $token);
+
$this->remoteWipe->expects($this->once())
->method('markTokenForWipe')
- ->with(123)
+ ->with($token)
->willReturn(false);
$response = $this->controller->wipe(123);
@@ -439,10 +446,32 @@ class AuthSettingsControllerTest extends TestCase {
$this->assertEquals($expected, $response);
}
+ public function testRemoteWipeWrongUser(): void {
+ $token = $this->createMock(IToken::class);
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn('definetly-not-' . $this->uid);
+ $this->mockGetTokenById(123, $token);
+
+ $this->remoteWipe->expects($this->never())
+ ->method('markTokenForWipe');
+
+ $response = $this->controller->wipe(123);
+
+ $expected = new JSONResponse([], Http::STATUS_NOT_FOUND);
+ $this->assertEquals($expected, $response);
+ }
+
public function testRemoteWipeSuccessful(): void {
+ $token = $this->createMock(IWipeableToken::class);
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn($this->uid);
+ $this->mockGetTokenById(123, $token);
+
$this->remoteWipe->expects($this->once())
->method('markTokenForWipe')
- ->with(123)
+ ->with($token)
->willReturn(true);
$response = $this->controller->wipe(123);
diff --git a/lib/private/Authentication/Token/RemoteWipe.php b/lib/private/Authentication/Token/RemoteWipe.php
index 2285ccd2cd8..e0fbf0734f5 100644
--- a/lib/private/Authentication/Token/RemoteWipe.php
+++ b/lib/private/Authentication/Token/RemoteWipe.php
@@ -57,18 +57,14 @@ class RemoteWipe {
}
/**
- * @param int $id
- *
+ * @param IToken $token
* @return bool
*
* @throws InvalidTokenException
* @throws WipeTokenException
- * @throws ExpiredTokenException
*/
- public function markTokenForWipe(int $id): bool {
- $token = $this->tokenProvider->getTokenById($id);
-
- if (!($token instanceof IWipeableToken)) {
+ public function markTokenForWipe(IToken $token): bool {
+ if (!$token instanceof IWipeableToken) {
return false;
}
diff --git a/tests/lib/Authentication/Token/RemoteWipeTest.php b/tests/lib/Authentication/Token/RemoteWipeTest.php
index 2ca49d36159..2d887a0a870 100644
--- a/tests/lib/Authentication/Token/RemoteWipeTest.php
+++ b/tests/lib/Authentication/Token/RemoteWipeTest.php
@@ -67,30 +67,20 @@ class RemoteWipeTest extends TestCase {
public function testMarkNonWipableTokenForWipe(): void {
$token = $this->createMock(IToken::class);
- $this->tokenProvider->expects($this->once())
- ->method('getTokenById')
- ->with(123)
- ->willReturn($token);
-
- $result = $this->remoteWipe->markTokenForWipe(123);
-
+ $result = $this->remoteWipe->markTokenForWipe($token);
$this->assertFalse($result);
}
public function testMarkTokenForWipe(): void {
$token = $this->createMock(IWipeableToken::class);
- $this->tokenProvider->expects($this->once())
- ->method('getTokenById')
- ->with(123)
- ->willReturn($token);
$token->expects($this->once())
->method('wipe');
+
$this->tokenProvider->expects($this->once())
->method('updateToken')
->with($token);
- $result = $this->remoteWipe->markTokenForWipe(123);
-
+ $result = $this->remoteWipe->markTokenForWipe($token);
$this->assertTrue($result);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 18:07:45 +0000