1 files changed, 58 insertions, 38 deletions
diff --git a/core/Command/Integrity/CheckApp.php b/core/Command/Integrity/CheckApp.php
index ebd502c3d29..0145a3f8070 100644
--- a/core/Command/Integrity/CheckApp.php
+++ b/core/Command/Integrity/CheckApp.php
@@ -1,34 +1,17 @@
 <?php
+
 /**
- * @copyright Copyright (c) 2016, ownCloud, Inc.
- *
- * @author Carla Schroder <carla@owncloud.com>
- * @author Christoph Wurst <christoph@winzerhof-wurst.at>
- * @author Georg Ehrke <oc.list@georgehrke.com>
- * @author Joas Schilling <coding@schilljs.com>
- * @author Morris Jobke <hey@morrisjobke.de>
- * @author Roeland Jago Douma <roeland@famdouma.nl>
- * @author Victor Dubiniuk <dubiniuk@owncloud.com>
- *
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
+ * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
+ * SPDX-License-Identifier: AGPL-3.0-only
  */
 namespace OC\Core\Command\Integrity;
 
 use OC\Core\Command\Base;
 use OC\IntegrityCheck\Checker;
+use OC\IntegrityCheck\Helpers\AppLocator;
+use OC\IntegrityCheck\Helpers\FileAccessHelper;
+use OCP\App\IAppManager;
 use Symfony\Component\Console\Input\InputArgument;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Input\InputOption;
@@ -40,11 +23,13 @@ use Symfony\Component\Console\Output\OutputInterface;
  * @package OC\Core\Command\Integrity
  */
 class CheckApp extends Base {
-	private Checker $checker;
-
-	public function __construct(Checker $checker) {
+	public function __construct(
+		private Checker $checker,
+		private AppLocator $appLocator,
+		private FileAccessHelper $fileAccessHelper,
+		private IAppManager $appManager,
+	) {
 		parent::__construct();
-		$this->checker = $checker;
 	}
 
 	/**
@@ -55,23 +40,58 @@ class CheckApp extends Base {
 		$this
 			->setName('integrity:check-app')
 			->setDescription('Check integrity of an app using a signature.')
-			->addArgument('appid', InputArgument::REQUIRED, 'Application to check')
-			->addOption('path', null, InputOption::VALUE_OPTIONAL, 'Path to application. If none is given it will be guessed.');
+			->addArgument('appid', InputArgument::OPTIONAL, 'Application to check')
+			->addOption('path', null, InputOption::VALUE_OPTIONAL, 'Path to application. If none is given it will be guessed.')
+			->addOption('all', null, InputOption::VALUE_NONE, 'Check integrity of all apps.');
 	}
 
 	/**
 	 * {@inheritdoc }
 	 */
 	protected function execute(InputInterface $input, OutputInterface $output): int {
-		$appid = $input->getArgument('appid');
-		$path = (string)$input->getOption('path');
-		$result = $this->checker->verifyAppSignature($appid, $path, true);
-		$this->writeArrayInOutputFormat($input, $output, $result);
-		if (count($result) > 0) {
-			$output->writeln('<error>' . count($result) . ' errors found</error>', OutputInterface::VERBOSITY_VERBOSE);
+		if ($input->getOption('all') && $input->getArgument('appid')) {
+			$output->writeln('<error>Option "--all" cannot be combined with an appid</error>');
+			return 1;
+		}
+
+		if (!$input->getArgument('appid') && !$input->getOption('all')) {
+			$output->writeln('<error>Please specify an appid, or "--all" to verify all apps</error>');
 			return 1;
 		}
-		$output->writeln('<info>No errors found</info>', OutputInterface::VERBOSITY_VERBOSE);
-		return 0;
+
+		if ($input->getArgument('appid')) {
+			$appIds = [$input->getArgument('appid')];
+		} else {
+			$appIds = $this->appManager->getAllAppsInAppsFolders();
+		}
+
+		$errorsFound = false;
+
+		foreach ($appIds as $appId) {
+			$path = (string)$input->getOption('path');
+			if ($path === '') {
+				$path = $this->appLocator->getAppPath($appId);
+			}
+
+			if ($this->appManager->isShipped($appId) || $this->fileAccessHelper->file_exists($path . '/appinfo/signature.json')) {
+				// Only verify if the application explicitly ships a signature.json file
+				$result = $this->checker->verifyAppSignature($appId, $path, true);
+
+				if (count($result) > 0) {
+					$output->writeln('<error>' . $appId . ': ' . count($result) . ' errors found:</error>');
+					$this->writeArrayInOutputFormat($input, $output, $result);
+					$errorsFound = true;
+				}
+			} else {
+				$output->writeln('<comment>' . $appId . ': ' . 'App signature not found, skipping app integrity check</comment>');
+			}
+		}
+
+		if (!$errorsFound) {
+			$output->writeln('<info>No errors found</info>', OutputInterface::VERBOSITY_VERBOSE);
+			return 0;
+		}
+
+		return 1;
 	}
 }