summaryrefslogtreecommitdiffstats
path: root/apps/files_encryption/tests/share.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/files_encryption/tests/share.php')
-rwxr-xr-xapps/files_encryption/tests/share.php790
1 files changed, 790 insertions, 0 deletions
diff --git a/apps/files_encryption/tests/share.php b/apps/files_encryption/tests/share.php
new file mode 100755
index 00000000000..1d0cbfbc1de
--- /dev/null
+++ b/apps/files_encryption/tests/share.php
@@ -0,0 +1,790 @@
+<?php
+/**
+ * ownCloud
+ *
+ * @author Florin Peter
+ * @copyright 2013 Florin Peter <owncloud@florin-peter.de>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+require_once realpath(dirname(__FILE__) . '/../3rdparty/Crypt_Blowfish/Blowfish.php');
+require_once realpath(dirname(__FILE__) . '/../../../lib/base.php');
+require_once realpath(dirname(__FILE__) . '/../lib/crypt.php');
+require_once realpath(dirname(__FILE__) . '/../lib/keymanager.php');
+require_once realpath(dirname(__FILE__) . '/../lib/proxy.php');
+require_once realpath(dirname(__FILE__) . '/../lib/stream.php');
+require_once realpath(dirname(__FILE__) . '/../lib/util.php');
+require_once realpath(dirname(__FILE__) . '/../lib/helper.php');
+require_once realpath(dirname(__FILE__) . '/../appinfo/app.php');
+
+use OCA\Encryption;
+
+/**
+ * Class Test_Encryption_Share
+ */
+class Test_Encryption_Share extends \PHPUnit_Framework_TestCase
+{
+
+ public $stateFilesTrashbin;
+ public $filename;
+ public $dataShort;
+ /**
+ * @var OC_FilesystemView
+ */
+ public $view;
+ public $folder1;
+ public $subfolder;
+ public $subsubfolder;
+
+ function setUp()
+ {
+ // reset backend
+ \OC_User::clearBackends();
+ \OC_User::useBackend('database');
+
+ $this->dataShort = 'hats';
+ $this->view = new \OC_FilesystemView('/');
+
+ $userHome = \OC_User::getHome('admin');
+ $this->dataDir = str_replace('/admin', '', $userHome);
+
+ $this->folder1 = '/folder1';
+ $this->subfolder = '/subfolder1';
+ $this->subsubfolder = '/subsubfolder1';
+
+ $this->filename = 'share-tmp.test';
+
+ // enable resharing
+ \OC_Appconfig::setValue('core', 'shareapi_allow_resharing', 'yes');
+
+ // clear share hooks
+ \OC_Hook::clear('OCP\\Share');
+ \OC::registerShareHooks();
+ \OCP\Util::connectHook('OC_Filesystem', 'setup', '\OC\Files\Storage\Shared', 'setup');
+
+ // Sharing related hooks
+ \OCA\Encryption\Helper::registerShareHooks();
+
+ // Filesystem related hooks
+ \OCA\Encryption\Helper::registerFilesystemHooks();
+
+ \OC_FileProxy::register(new OCA\Encryption\Proxy());
+
+ // remember files_trashbin state
+ $this->stateFilesTrashbin = OC_App::isEnabled('files_trashbin');
+
+ // we don't want to tests with app files_trashbin enabled
+ \OC_App::disable('files_trashbin');
+
+ // create users
+ $this->loginHelper('user1', true);
+ $this->loginHelper('user2', true);
+ $this->loginHelper('user3', true);
+
+ // create group and assign users
+ \OC_Group::createGroup('group1');
+ \OC_Group::addToGroup('user2', 'group1');
+ \OC_Group::addToGroup('user3', 'group1');
+ }
+
+ function tearDown()
+ {
+ // reset app files_trashbin
+ if ($this->stateFilesTrashbin) {
+ OC_App::enable('files_trashbin');
+ } else {
+ OC_App::disable('files_trashbin');
+ }
+
+ // clean group
+ \OC_Group::deleteGroup('group1');
+
+ // cleanup users
+ \OC_User::deleteUser('user1');
+ \OC_User::deleteUser('user2');
+ \OC_User::deleteUser('user3');
+
+ \OC_FileProxy::clearProxies();
+ }
+
+ /**
+ * @param bool $withTeardown
+ */
+ function testShareFile($withTeardown = true)
+ {
+ // login as admin
+ $this->loginHelper('admin');
+
+ // save file with content
+ $cryptedFile = file_put_contents('crypt://' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile));
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // get the file info from previous created file
+ $fileInfo = $this->view->getFileInfo('/admin/files/' . $this->filename);
+
+ // check if we have a valid file info
+ $this->assertTrue(is_array($fileInfo));
+
+ // check if the unencrypted file size is stored
+ $this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // share the file
+ \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user1', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user1 exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user1.shareKey'));
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ // get file contents
+ $retrievedCryptedFile = $this->view->file_get_contents('/user1/files/Shared/' . $this->filename);
+
+ // check if data is the same as we previously written
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // cleanup
+ if ($withTeardown) {
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // unshare the file
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user1');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user1.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files/' . $this->filename);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.admin.shareKey'));
+ }
+ }
+
+ /**
+ * @param bool $withTeardown
+ */
+ function testReShareFile($withTeardown = true)
+ {
+ $this->testShareFile(false);
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ // get the file info
+ $fileInfo = $this->view->getFileInfo('/user1/files/Shared/' . $this->filename);
+
+ // share the file with user2
+ \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user2', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user2 exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey'));
+
+ // login as user2
+ $this->loginHelper('user2');
+
+ // get file contents
+ $retrievedCryptedFile = $this->view->file_get_contents('/user2/files/Shared/' . $this->filename);
+
+ // check if data is the same as previously written
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // cleanup
+ if ($withTeardown) {
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ // unshare the file with user2
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user2');
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey'));
+
+ // unshare the file with user1
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user1');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user1.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files/' . $this->filename);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.admin.shareKey'));
+ }
+ }
+
+ /**
+ * @param bool $withTeardown
+ * @return array
+ */
+ function testShareFolder($withTeardown = true)
+ {
+ // login as admin
+ $this->loginHelper('admin');
+
+ // create folder structure
+ $this->view->mkdir('/admin/files' . $this->folder1);
+ $this->view->mkdir('/admin/files' . $this->folder1 . $this->subfolder);
+ $this->view->mkdir('/admin/files' . $this->folder1 . $this->subfolder . $this->subsubfolder);
+
+ // save file with content
+ $cryptedFile = file_put_contents('crypt://' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile));
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // get the file info from previous created folder
+ $fileInfo = $this->view->getFileInfo('/admin/files' . $this->folder1);
+
+ // check if we have a valid file info
+ $this->assertTrue(is_array($fileInfo));
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // share the folder with user1
+ \OCP\Share::shareItem('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user1', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user1 exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user1.shareKey'));
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ // get file contents
+ $retrievedCryptedFile = $this->view->file_get_contents('/user1/files/Shared' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename);
+
+ // check if data is the same
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // cleanup
+ if ($withTeardown) {
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // unshare the folder with user1
+ \OCP\Share::unshare('folder', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user1');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user1.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files' . $this->folder1);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.admin.shareKey'));
+ }
+
+ return $fileInfo;
+ }
+
+ /**
+ * @param bool $withTeardown
+ */
+ function testReShareFolder($withTeardown = true)
+ {
+ $fileInfoFolder1 = $this->testShareFolder(false);
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // get the file info from previous created folder
+ $fileInfoSubFolder = $this->view->getFileInfo('/user1/files/Shared' . $this->folder1 . $this->subfolder);
+
+ // check if we have a valid file info
+ $this->assertTrue(is_array($fileInfoSubFolder));
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // share the file with user2
+ \OCP\Share::shareItem('folder', $fileInfoSubFolder['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user2', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user2 exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user2.shareKey'));
+
+ // login as user2
+ $this->loginHelper('user2');
+
+ // get file contents
+ $retrievedCryptedFile = $this->view->file_get_contents('/user2/files/Shared' . $this->subfolder . $this->subsubfolder . '/' . $this->filename);
+
+ // check if data is the same
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // get the file info
+ $fileInfo = $this->view->getFileInfo('/user2/files/Shared' . $this->subfolder . $this->subsubfolder . '/' . $this->filename);
+
+ // check if we have fileInfos
+ $this->assertTrue(is_array($fileInfo));
+
+ // share the file with user3
+ \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user3', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user3 exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user3.shareKey'));
+
+ // login as user3
+ $this->loginHelper('user3');
+
+ // get file contents
+ $retrievedCryptedFile = $this->view->file_get_contents('/user3/files/Shared/' . $this->filename);
+
+ // check if data is the same
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // cleanup
+ if ($withTeardown) {
+
+ // login as user2
+ $this->loginHelper('user2');
+
+ // unshare the file with user3
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user3');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user3.shareKey'));
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ // unshare the folder with user2
+ \OCP\Share::unshare('folder', $fileInfoSubFolder['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user2');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user2.shareKey'));
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // unshare the folder1 with user1
+ \OCP\Share::unshare('folder', $fileInfoFolder1['fileid'], \OCP\Share::SHARE_TYPE_USER, 'user1');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user1.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.admin.shareKey'));
+ }
+ }
+
+ function testPublicShareFile()
+ {
+ // login as admin
+ $this->loginHelper('admin');
+
+ // save file with content
+ $cryptedFile = file_put_contents('crypt://' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile));
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // get the file info from previous created file
+ $fileInfo = $this->view->getFileInfo('/admin/files/' . $this->filename);
+
+ // check if we have a valid file info
+ $this->assertTrue(is_array($fileInfo));
+
+ // check if the unencrypted file size is stored
+ $this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // share the file
+ \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, false, OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ $publicShareKeyId = \OC_Appconfig::getValue('files_encryption', 'publicShareKeyId');
+
+ // check if share key for public exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.' . $publicShareKeyId . '.shareKey'));
+
+ // some hacking to simulate public link
+ $GLOBALS['app'] = 'files_sharing';
+ $GLOBALS['fileOwner'] = 'admin';
+ \OC_User::setUserId('');
+
+ // get file contents
+ $retrievedCryptedFile = file_get_contents('crypt://' . $this->filename);
+
+ // check if data is the same as we previously written
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // tear down
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // unshare the file
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_LINK, null);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.' . $publicShareKeyId . '.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files/' . $this->filename);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.admin.shareKey'));
+ }
+
+ function testShareFileWithGroup()
+ {
+ // login as admin
+ $this->loginHelper('admin');
+
+ // save file with content
+ $cryptedFile = file_put_contents('crypt://' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile));
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // get the file info from previous created file
+ $fileInfo = $this->view->getFileInfo('/admin/files/' . $this->filename);
+
+ // check if we have a valid file info
+ $this->assertTrue(is_array($fileInfo));
+
+ // check if the unencrypted file size is stored
+ $this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // share the file
+ \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'group1', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user2 and user3 exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey'));
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user3.shareKey'));
+
+ // login as user1
+ $this->loginHelper('user2');
+
+ // get file contents
+ $retrievedCryptedFile = $this->view->file_get_contents('/user2/files/Shared/' . $this->filename);
+
+ // check if data is the same as we previously written
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // unshare the file
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'group1');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey'));
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user3.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files/' . $this->filename);
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.admin.shareKey'));
+
+ }
+
+ function testRecoveryFile()
+ {
+ \OCA\Encryption\Helper::adminEnableRecovery(null, 'test123');
+ $recoveryKeyId = OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
+
+ // check if control file created
+ $this->assertTrue($this->view->file_exists('/control-file/controlfile.enc'));
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ $util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), 'admin');
+
+ // check if recovery password match
+ $this->assertTrue($util->checkRecoveryPassword('test123'));
+
+ // enable recovery for admin
+ $this->assertTrue($util->setRecoveryForUser(1));
+
+ // create folder structure
+ $this->view->mkdir('/admin/files' . $this->folder1);
+ $this->view->mkdir('/admin/files' . $this->folder1 . $this->subfolder);
+ $this->view->mkdir('/admin/files' . $this->folder1 . $this->subfolder . $this->subsubfolder);
+
+ // save file with content
+ $cryptedFile1 = file_put_contents('crypt://' . $this->filename, $this->dataShort);
+ $cryptedFile2 = file_put_contents('crypt://' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile1));
+ $this->assertTrue(is_int($cryptedFile2));
+
+ // check if share key for admin and recovery exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.admin.shareKey'));
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.admin.shareKey'));
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+
+ // disable recovery for admin
+ $this->assertTrue($util->setRecoveryForUser(0));
+
+ // remove all recovery keys
+ $util->removeRecoveryKeys('/');
+
+ // check if share key for recovery not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+
+ // enable recovery for admin
+ $this->assertTrue($util->setRecoveryForUser(1));
+
+ // remove all recovery keys
+ $util->addRecoveryKeys('/');
+
+ // check if share key for admin and recovery exists
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+ $this->assertTrue($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files/' . $this->filename);
+ $this->view->unlink('/admin/files/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename);
+
+ // check if share key for recovery not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+
+ $this->assertTrue(\OCA\Encryption\Helper::adminEnableRecovery(null, 'test123'));
+ $this->assertTrue(\OCA\Encryption\Helper::adminDisableRecovery('test123'));
+ $this->assertEquals(0, \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled'));
+ }
+
+ function testRecoveryForUser()
+ {
+ // login as admin
+ $this->loginHelper('admin');
+
+ \OCA\Encryption\Helper::adminEnableRecovery(null, 'test123');
+ $recoveryKeyId = OC_Appconfig::getValue('files_encryption', 'recoveryKeyId');
+
+ // check if control file created
+ $this->assertTrue($this->view->file_exists('/control-file/controlfile.enc'));
+
+ // login as user1
+ $this->loginHelper('user1');
+
+ $util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), 'user1');
+
+ // enable recovery for admin
+ $this->assertTrue($util->setRecoveryForUser(1));
+
+ // create folder structure
+ $this->view->mkdir('/user1/files' . $this->folder1);
+ $this->view->mkdir('/user1/files' . $this->folder1 . $this->subfolder);
+ $this->view->mkdir('/user1/files' . $this->folder1 . $this->subfolder . $this->subsubfolder);
+
+ // save file with content
+ $cryptedFile1 = file_put_contents('crypt://' . $this->filename, $this->dataShort);
+ $cryptedFile2 = file_put_contents('crypt://' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile1));
+ $this->assertTrue(is_int($cryptedFile2));
+
+ // check if share key for user and recovery exists
+ $this->assertTrue($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->filename . '.user1.shareKey'));
+ $this->assertTrue($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+ $this->assertTrue($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user1.shareKey'));
+ $this->assertTrue($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // change password
+ \OC_User::setPassword('user1', 'test', 'test123');
+
+ // login as user1
+ $this->loginHelper('user1', false, 'test');
+
+ // get file contents
+ $retrievedCryptedFile1 = file_get_contents('crypt://' . $this->filename);
+ $retrievedCryptedFile2 = file_get_contents('crypt://' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename);
+
+ // check if data is the same as we previously written
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile1);
+ $this->assertEquals($this->dataShort, $retrievedCryptedFile2);
+
+ // cleanup
+ $this->view->unlink('/user1/files' . $this->folder1);
+ $this->view->unlink('/user1/files' . $this->filename);
+
+ // check if share key for user and recovery exists
+ $this->assertFalse($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->filename . '.user1.shareKey'));
+ $this->assertFalse($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+ $this->assertFalse($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.user1.shareKey'));
+ $this->assertFalse($this->view->file_exists('/user1/files_encryption/share-keys/' . $this->folder1 . $this->subfolder . $this->subsubfolder . '/' . $this->filename . '.' . $recoveryKeyId . '.shareKey'));
+
+ // enable recovery for admin
+ $this->assertTrue($util->setRecoveryForUser(0));
+
+ \OCA\Encryption\Helper::adminDisableRecovery('test123');
+ $this->assertEquals(0, \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled'));
+ }
+
+ function testFailShareFile()
+ {
+ // login as admin
+ $this->loginHelper('admin');
+
+ // save file with content
+ $cryptedFile = file_put_contents('crypt://' . $this->filename, $this->dataShort);
+
+ // test that data was successfully written
+ $this->assertTrue(is_int($cryptedFile));
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // get the file info from previous created file
+ $fileInfo = $this->view->getFileInfo('/admin/files/' . $this->filename);
+
+ // check if we have a valid file info
+ $this->assertTrue(is_array($fileInfo));
+
+ // check if the unencrypted file size is stored
+ $this->assertGreaterThan(0, $fileInfo['unencrypted_size']);
+
+ // break users public key
+ $this->view->rename('/public-keys/user2.public.key', '/public-keys/user2.public.key_backup');
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // share the file
+ \OCP\Share::shareItem('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'group1', OCP\PERMISSION_ALL);
+
+ // login as admin
+ $this->loginHelper('admin');
+
+ // check if share key for user1 not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey'));
+
+ // disable encryption proxy to prevent recursive calls
+ $proxyStatus = \OC_FileProxy::$enabled;
+ \OC_FileProxy::$enabled = false;
+
+ // break user1 public key
+ $this->view->rename('/public-keys/user2.public.key_backup', '/public-keys/user2.public.key');
+
+ // remove share file
+ $this->view->unlink('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey');
+
+ // re-enable the file proxy
+ \OC_FileProxy::$enabled = $proxyStatus;
+
+ // unshare the file with user1
+ \OCP\Share::unshare('file', $fileInfo['fileid'], \OCP\Share::SHARE_TYPE_GROUP, 'group1');
+
+ // check if share key not exists
+ $this->assertFalse($this->view->file_exists('/admin/files_encryption/share-keys/' . $this->filename . '.user2.shareKey'));
+
+ // cleanup
+ $this->view->unlink('/admin/files/' . $this->filename);
+ }
+
+
+
+ /**
+ * @param $user
+ * @param bool $create
+ * @param bool $password
+ */
+ function loginHelper($user, $create = false, $password = false)
+ {
+ if ($create) {
+ \OC_User::createUser($user, $user);
+ }
+
+ if ($password === false) {
+ $password = $user;
+ }
+
+ \OC_Util::tearDownFS();
+ \OC_User::setUserId('');
+ \OC\Files\Filesystem::tearDown();
+ \OC_Util::setupFS($user);
+ \OC_User::setUserId($user);
+
+ $params['uid'] = $user;
+ $params['password'] = $password;
+ OCA\Encryption\Hooks::login($params);
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-08 08:17:39 +0000