summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--settings/Activity/Provider.php30
-rw-r--r--settings/Controller/AuthSettingsController.php22
-rw-r--r--tests/Settings/Controller/AuthSettingsControllerTest.php98
3 files changed, 131 insertions, 19 deletions
diff --git a/settings/Activity/Provider.php b/settings/Activity/Provider.php
index 7113157a8e3..3b62950ecba 100644
--- a/settings/Activity/Provider.php
+++ b/settings/Activity/Provider.php
@@ -42,8 +42,10 @@ class Provider implements IProvider {
public const EMAIL_CHANGED_SELF = 'email_changed_self';
public const EMAIL_CHANGED = 'email_changed';
public const APP_TOKEN_CREATED = 'app_token_created';
- public const APP_TOKEN_UPDATED = 'app_token_updated';
public const APP_TOKEN_DELETED = 'app_token_deleted';
+ public const APP_TOKEN_RENAMED = 'app_token_renamed';
+ public const APP_TOKEN_FILESYSTEM_GRANTED = 'app_token_filesystem_granted';
+ public const APP_TOKEN_FILESYSTEM_REVOKED = 'app_token_filesystem_revoked';
/** @var IFactory */
protected $languageFactory;
@@ -110,10 +112,14 @@ class Provider implements IProvider {
} else if ($event->getSubject() === self::APP_TOKEN_CREATED) {
$subject = $this->l->t('You created app password "{token}"');
- } else if ($event->getSubject() === self::APP_TOKEN_UPDATED) {
- $subject = $this->l->t('You updated app password "{token}"');
} else if ($event->getSubject() === self::APP_TOKEN_DELETED) {
$subject = $this->l->t('You deleted app password "{token}"');
+ } else if ($event->getSubject() === self::APP_TOKEN_RENAMED) {
+ $subject = $this->l->t('You renamed app password "{token}" to "{newToken}"');
+ } else if ($event->getSubject() === self::APP_TOKEN_FILESYSTEM_GRANTED) {
+ $subject = $this->l->t('You granted filesystem access to app password "{token}"');
+ } else if ($event->getSubject() === self::APP_TOKEN_FILESYSTEM_REVOKED) {
+ $subject = $this->l->t('You revoked filesystem access from app password "{token}"');
} else {
throw new \InvalidArgumentException('Unknown subject');
@@ -146,13 +152,27 @@ class Provider implements IProvider {
'actor' => $this->generateUserParameter($parameters[0]),
];
case self::APP_TOKEN_CREATED:
- case self::APP_TOKEN_UPDATED:
case self::APP_TOKEN_DELETED:
+ case self::APP_TOKEN_FILESYSTEM_GRANTED:
+ case self::APP_TOKEN_FILESYSTEM_REVOKED:
return [
'token' => [
'type' => 'highlight',
'id' => $event->getObjectId(),
- 'name' => $parameters[0],
+ 'name' => $parameters['name'],
+ ]
+ ];
+ case self::APP_TOKEN_RENAMED:
+ return [
+ 'token' => [
+ 'type' => 'highlight',
+ 'id' => $event->getObjectId(),
+ 'name' => $parameters['name'],
+ ],
+ 'newToken' => [
+ 'type' => 'highlight',
+ 'id' => $event->getObjectId(),
+ 'name' => $parameters['newName'],
]
];
}
diff --git a/settings/Controller/AuthSettingsController.php b/settings/Controller/AuthSettingsController.php
index 5b2788bb0c1..71bd3bf53d8 100644
--- a/settings/Controller/AuthSettingsController.php
+++ b/settings/Controller/AuthSettingsController.php
@@ -158,7 +158,7 @@ class AuthSettingsController extends Controller {
$tokenData['canDelete'] = true;
$tokenData['canRename'] = true;
- $this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), $deviceToken->getName());
+ $this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), ['name' => $deviceToken->getName()]);
return new JSONResponse([
'token' => $token,
@@ -206,7 +206,7 @@ class AuthSettingsController extends Controller {
}
$this->tokenProvider->invalidateTokenById($this->uid, $token->getId());
- $this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), $token->getName());
+ $this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), ['name' => $token->getName()]);
return [];
}
@@ -226,32 +226,34 @@ class AuthSettingsController extends Controller {
return new JSONResponse([], Http::STATUS_NOT_FOUND);
}
- $token->setScope([
- 'filesystem' => $scope['filesystem']
- ]);
+ $currentName = $token->getName();
+ if ($scope !== $token->getScopeAsArray()) {
+ $token->setScope(['filesystem' => $scope['filesystem']]);
+ $this->publishActivity($scope['filesystem'] ? Provider::APP_TOKEN_FILESYSTEM_GRANTED : Provider::APP_TOKEN_FILESYSTEM_REVOKED, $token->getId(), ['name' => $currentName]);
+ }
- if ($token instanceof INamedToken) {
+ if ($token instanceof INamedToken && $name !== $currentName) {
$token->setName($name);
+ $this->publishActivity(Provider::APP_TOKEN_RENAMED, $token->getId(), ['name' => $currentName, 'newName' => $name]);
}
$this->tokenProvider->updateToken($token);
- $this->publishActivity(Provider::APP_TOKEN_UPDATED, $token->getId(), $token->getName());
return [];
}
/**
* @param string $subject
* @param int $id
- * @param string|null $tokenName
+ * @param array $parameters
*/
- private function publishActivity(string $subject, int $id, ?string $tokenName = null): void {
+ private function publishActivity(string $subject, int $id, array $parameters = []): void {
$event = $this->activityManager->generateEvent();
$event->setApp('settings')
->setType('security')
->setAffectedUser($this->uid)
->setAuthor($this->uid)
- ->setSubject($subject, [$tokenName])
+ ->setSubject($subject, $parameters)
->setObject('app_token', $id, 'App Password');
try {
diff --git a/tests/Settings/Controller/AuthSettingsControllerTest.php b/tests/Settings/Controller/AuthSettingsControllerTest.php
index d0ed40f25b7..6b2df70251f 100644
--- a/tests/Settings/Controller/AuthSettingsControllerTest.php
+++ b/tests/Settings/Controller/AuthSettingsControllerTest.php
@@ -239,8 +239,19 @@ class AuthSettingsControllerTest extends TestCase {
$this->assertSame(\OCP\AppFramework\Http::STATUS_NOT_FOUND, $response->getStatus());
}
+ public function dataRenameToken(): array {
+ return [
+ 'App password => Other token name' => ['App password', 'Other token name'],
+ 'Other token name => App password' => ['Other token name', 'App password'],
+ ];
+ }
- public function testUpdateToken() {
+ /**
+ * @dataProvider dataRenameToken
+ * @param string $name
+ * @param string $newName
+ */
+ public function testUpdateRename(string $name, string $newName): void {
$tokenId = 42;
$token = $this->createMock(DefaultToken::class);
@@ -252,10 +263,89 @@ class AuthSettingsControllerTest extends TestCase {
->willReturn('jane');
$token->expects($this->once())
+ ->method('getName')
+ ->willReturn($name);
+
+ $token->expects($this->once())
+ ->method('getScopeAsArray')
+ ->willReturn(['filesystem' => true]);
+
+ $token->expects($this->once())
+ ->method('setName')
+ ->with($this->equalTo($newName));
+
+ $this->tokenProvider->expects($this->once())
+ ->method('updateToken')
+ ->with($this->equalTo($token));
+
+ $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], $newName));
+ }
+
+ public function dataUpdateFilesystemScope(): array {
+ return [
+ 'Grant filesystem access' => [false, true],
+ 'Revoke filesystem access' => [true, false],
+ ];
+ }
+
+ /**
+ * @dataProvider dataUpdateFilesystemScope
+ * @param bool $filesystem
+ * @param bool $newFilesystem
+ */
+ public function testUpdateFilesystemScope(bool $filesystem, bool $newFilesystem): void {
+ $tokenId = 42;
+ $token = $this->createMock(DefaultToken::class);
+
+ $this->mockGetTokenById($tokenId, $token);
+ $this->mockActivityManager();
+
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn('jane');
+
+ $token->expects($this->once())
+ ->method('getName')
+ ->willReturn('App password');
+
+ $token->expects($this->once())
+ ->method('getScopeAsArray')
+ ->willReturn(['filesystem' => $filesystem]);
+
+ $token->expects($this->once())
->method('setScope')
- ->with($this->equalTo([
- 'filesystem' => true
- ]));
+ ->with($this->equalTo(['filesystem' => $newFilesystem]));
+
+ $this->tokenProvider->expects($this->once())
+ ->method('updateToken')
+ ->with($this->equalTo($token));
+
+ $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => $newFilesystem], 'App password'));
+ }
+
+ public function testUpdateNoChange(): void {
+ $tokenId = 42;
+ $token = $this->createMock(DefaultToken::class);
+
+ $this->mockGetTokenById($tokenId, $token);
+
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn('jane');
+
+ $token->expects($this->once())
+ ->method('getName')
+ ->willReturn('App password');
+
+ $token->expects($this->once())
+ ->method('getScopeAsArray')
+ ->willReturn(['filesystem' => true]);
+
+ $token->expects($this->never())
+ ->method('setName');
+
+ $token->expects($this->never())
+ ->method('setScope');
$this->tokenProvider->expects($this->once())
->method('updateToken')