aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/Lockdown
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/Lockdown')
-rw-r--r--tests/lib/Lockdown/Filesystem/NoFSTest.php49
-rw-r--r--tests/lib/Lockdown/Filesystem/NullCacheTest.php136
-rw-r--r--tests/lib/Lockdown/Filesystem/NullStorageTest.php229
-rw-r--r--tests/lib/Lockdown/LockdownManagerTest.php47
4 files changed, 461 insertions, 0 deletions
diff --git a/tests/lib/Lockdown/Filesystem/NoFSTest.php b/tests/lib/Lockdown/Filesystem/NoFSTest.php
new file mode 100644
index 00000000000..b471f573fb7
--- /dev/null
+++ b/tests/lib/Lockdown/Filesystem/NoFSTest.php
@@ -0,0 +1,49 @@
+<?php
+
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace Test\Lockdown\Filesystem;
+
+use OC\Authentication\Token\PublicKeyToken;
+use OC\Files\Filesystem;
+use OC\Lockdown\Filesystem\NullStorage;
+use OCP\Authentication\Token\IToken;
+use OCP\Server;
+use Test\Traits\UserTrait;
+
+/**
+ * @group DB
+ */
+class NoFSTest extends \Test\TestCase {
+ use UserTrait;
+
+ protected function tearDown(): void {
+ $token = new PublicKeyToken();
+ $token->setScope([
+ IToken::SCOPE_FILESYSTEM => true
+ ]);
+ Server::get('LockdownManager')->setToken($token);
+ parent::tearDown();
+ }
+
+ protected function setUp(): void {
+ parent::setUp();
+ $token = new PublicKeyToken();
+ $token->setScope([
+ IToken::SCOPE_FILESYSTEM => false
+ ]);
+
+ Server::get('LockdownManager')->setToken($token);
+ $this->createUser('foo', 'var');
+ }
+
+ public function testSetupFS(): void {
+ \OC_Util::tearDownFS();
+ \OC_Util::setupFS('foo');
+
+ $this->assertInstanceOf(NullStorage::class, Filesystem::getStorage('/foo/files'));
+ }
+}
diff --git a/tests/lib/Lockdown/Filesystem/NullCacheTest.php b/tests/lib/Lockdown/Filesystem/NullCacheTest.php
new file mode 100644
index 00000000000..505951ea2ef
--- /dev/null
+++ b/tests/lib/Lockdown/Filesystem/NullCacheTest.php
@@ -0,0 +1,136 @@
+<?php
+
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace Test\Lockdown\Filesystem;
+
+use OC\ForbiddenException;
+use OC\Lockdown\Filesystem\NullCache;
+use OCP\Constants;
+use OCP\Files\Cache\ICache;
+use OCP\Files\FileInfo;
+
+class NulLCacheTest extends \Test\TestCase {
+ /** @var NullCache */
+ private $cache;
+
+ protected function setUp(): void {
+ parent::setUp();
+
+ $this->cache = new NullCache();
+ }
+
+ public function testGetNumericStorageId(): void {
+ $this->assertSame(-1, $this->cache->getNumericStorageId());
+ }
+
+ public function testGetEmpty(): void {
+ $this->assertFalse($this->cache->get('foo'));
+ }
+
+ public function testGet(): void {
+ $data = $this->cache->get('');
+
+ $this->assertEquals(-1, $data['fileid']);
+ $this->assertEquals(-1, $data['parent']);
+ $this->assertEquals('', $data['name']);
+ $this->assertEquals('', $data['path']);
+ $this->assertEquals('0', $data['size']);
+ $this->assertEquals('', $data['etag']);
+ $this->assertEquals(FileInfo::MIMETYPE_FOLDER, $data['mimetype']);
+ $this->assertEquals('httpd', $data['mimepart']);
+ $this->assertEquals(Constants::PERMISSION_READ, $data['permissions']);
+ }
+
+ public function testGetFolderContents(): void {
+ $this->assertSame([], $this->cache->getFolderContents('foo'));
+ }
+
+ public function testGetFolderContentsById(): void {
+ $this->assertSame([], $this->cache->getFolderContentsById(42));
+ }
+
+ public function testPut(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->cache->put('foo', ['size' => 100]);
+ }
+
+ public function testInsert(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->cache->insert('foo', ['size' => 100]);
+ }
+
+ public function testUpdate(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->cache->update('foo', ['size' => 100]);
+ }
+
+ public function testGetId(): void {
+ $this->assertSame(-1, $this->cache->getId('foo'));
+ }
+
+ public function testGetParentId(): void {
+ $this->assertSame(-1, $this->cache->getParentId('foo'));
+ }
+
+ public function testInCache(): void {
+ $this->assertTrue($this->cache->inCache(''));
+ $this->assertFalse($this->cache->inCache('foo'));
+ }
+
+ public function testRemove(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->cache->remove('foo');
+ }
+
+ public function testMove(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->cache->move('foo', 'bar');
+ }
+
+ public function testMoveFromCache(): void {
+ $sourceCache = $this->createMock(ICache::class);
+
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->cache->moveFromCache($sourceCache, 'foo', 'bar');
+ }
+
+ public function testGetStatus(): void {
+ $this->assertSame(ICache::COMPLETE, $this->cache->getStatus('foo'));
+ }
+
+ public function testSearch(): void {
+ $this->assertSame([], $this->cache->search('foo'));
+ }
+
+ public function testSearchByMime(): void {
+ $this->assertSame([], $this->cache->searchByMime('foo'));
+ }
+
+ public function testGetIncomplete(): void {
+ $this->assertSame([], $this->cache->getIncomplete());
+ }
+
+ public function testGetPathById(): void {
+ $this->assertSame('', $this->cache->getPathById(42));
+ }
+
+ public function testNormalize(): void {
+ $this->assertSame('foo/ bar /', $this->cache->normalize('foo/ bar /'));
+ }
+}
diff --git a/tests/lib/Lockdown/Filesystem/NullStorageTest.php b/tests/lib/Lockdown/Filesystem/NullStorageTest.php
new file mode 100644
index 00000000000..fa019ada4e5
--- /dev/null
+++ b/tests/lib/Lockdown/Filesystem/NullStorageTest.php
@@ -0,0 +1,229 @@
+<?php
+
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace Test\Lockdown\Filesystem;
+
+use Icewind\Streams\IteratorDirectory;
+use OC\Files\FileInfo;
+use OC\ForbiddenException;
+use OC\Lockdown\Filesystem\NullCache;
+use OC\Lockdown\Filesystem\NullStorage;
+use OCP\Files\Storage\IStorage;
+use Test\TestCase;
+
+class NullStorageTest extends TestCase {
+ /** @var NullStorage */
+ private $storage;
+
+ protected function setUp(): void {
+ parent::setUp();
+
+ $this->storage = new NullStorage([]);
+ }
+
+ public function testGetId(): void {
+ $this->assertSame('null', $this->storage->getId());
+ }
+
+ public function testMkdir(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->mkdir('foo');
+ }
+
+ public function testRmdir(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->rmdir('foo');
+ }
+
+ public function testOpendir(): void {
+ $this->assertInstanceOf(IteratorDirectory::class, $this->storage->opendir('foo'));
+ }
+
+ public function testIs_dir(): void {
+ $this->assertTrue($this->storage->is_dir(''));
+ $this->assertFalse($this->storage->is_dir('foo'));
+ }
+
+ public function testIs_file(): void {
+ $this->assertFalse($this->storage->is_file('foo'));
+ }
+
+ public function testStat(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->stat('foo');
+ }
+
+ public function testFiletype(): void {
+ $this->assertSame('dir', $this->storage->filetype(''));
+ $this->assertFalse($this->storage->filetype('foo'));
+ }
+
+ public function testFilesize(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->filesize('foo');
+ }
+
+ public function testIsCreatable(): void {
+ $this->assertFalse($this->storage->isCreatable('foo'));
+ }
+
+ public function testIsReadable(): void {
+ $this->assertTrue($this->storage->isReadable(''));
+ $this->assertFalse($this->storage->isReadable('foo'));
+ }
+
+ public function testIsUpdatable(): void {
+ $this->assertFalse($this->storage->isUpdatable('foo'));
+ }
+
+ public function testIsDeletable(): void {
+ $this->assertFalse($this->storage->isDeletable('foo'));
+ }
+
+ public function testIsSharable(): void {
+ $this->assertFalse($this->storage->isSharable('foo'));
+ }
+
+ public function testGetPermissions(): void {
+ $this->assertEquals(0, $this->storage->getPermissions('foo'));
+ }
+
+ public function testFile_exists(): void {
+ $this->assertTrue($this->storage->file_exists(''));
+ $this->assertFalse($this->storage->file_exists('foo'));
+ }
+
+ public function testFilemtime(): void {
+ $this->assertFalse($this->storage->filemtime('foo'));
+ }
+
+ public function testFile_get_contents(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->file_get_contents('foo');
+ }
+
+ public function testFile_put_contents(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->file_put_contents('foo', 'bar');
+ }
+
+ public function testUnlink(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->unlink('foo');
+ }
+
+ public function testRename(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->rename('foo', 'bar');
+ }
+
+ public function testCopy(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->copy('foo', 'bar');
+ }
+
+ public function testFopen(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->fopen('foo', 'R');
+ }
+
+ public function testGetMimeType(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->getMimeType('foo');
+ }
+
+ public function testHash(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->hash('md5', 'foo', true);
+ }
+
+ public function testFree_space(): void {
+ $this->assertSame(FileInfo::SPACE_UNKNOWN, $this->storage->free_space('foo'));
+ }
+
+ public function testTouch(): void {
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->touch('foo');
+ }
+
+ public function testGetLocalFile(): void {
+ $this->assertFalse($this->storage->getLocalFile('foo'));
+ }
+
+ public function testHasUpdated(): void {
+ $this->assertFalse($this->storage->hasUpdated('foo', 42));
+ }
+
+ public function testGetETag(): void {
+ $this->assertSame('', $this->storage->getETag('foo'));
+ }
+
+ public function testIsLocal(): void {
+ $this->assertFalse($this->storage->isLocal());
+ }
+
+ public function testGetDirectDownload(): void {
+ $this->assertFalse($this->storage->getDirectDownload('foo'));
+ }
+
+ public function testCopyFromStorage(): void {
+ $sourceStorage = $this->createMock(IStorage::class);
+
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->copyFromStorage($sourceStorage, 'foo', 'bar');
+ }
+
+ public function testMoveFromStorage(): void {
+ $sourceStorage = $this->createMock(IStorage::class);
+
+ $this->expectException(ForbiddenException::class);
+ $this->expectExceptionMessage('This request is not allowed to access the filesystem');
+
+ $this->storage->moveFromStorage($sourceStorage, 'foo', 'bar');
+ }
+
+ public function testTest() {
+ $this->assertTrue($this->storage->test());
+ return true;
+ }
+
+ public function testGetOwner(): void {
+ $this->assertFalse($this->storage->getOwner('foo'));
+ }
+
+ public function testGetCache(): void {
+ $this->assertInstanceOf(NullCache::class, $this->storage->getCache('foo'));
+ }
+}
diff --git a/tests/lib/Lockdown/LockdownManagerTest.php b/tests/lib/Lockdown/LockdownManagerTest.php
new file mode 100644
index 00000000000..973dec6d1f2
--- /dev/null
+++ b/tests/lib/Lockdown/LockdownManagerTest.php
@@ -0,0 +1,47 @@
+<?php
+
+/**
+ * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace Test\Lockdown;
+
+use OC\Authentication\Token\PublicKeyToken;
+use OC\Lockdown\LockdownManager;
+use OCP\Authentication\Token\IToken;
+use OCP\ISession;
+use Test\TestCase;
+
+class LockdownManagerTest extends TestCase {
+ private $sessionCallback;
+
+ protected function setUp(): void {
+ parent::setUp();
+
+ $this->sessionCallback = function () {
+ return $this->createMock(ISession::class);
+ };
+ }
+
+ public function testCanAccessFilesystemDisabled(): void {
+ $manager = new LockdownManager($this->sessionCallback);
+ $this->assertTrue($manager->canAccessFilesystem());
+ }
+
+ public function testCanAccessFilesystemAllowed(): void {
+ $token = new PublicKeyToken();
+ $token->setScope([IToken::SCOPE_FILESYSTEM => true]);
+ $manager = new LockdownManager($this->sessionCallback);
+ $manager->setToken($token);
+ $this->assertTrue($manager->canAccessFilesystem());
+ }
+
+ public function testCanAccessFilesystemNotAllowed(): void {
+ $token = new PublicKeyToken();
+ $token->setScope([IToken::SCOPE_FILESYSTEM => false]);
+ $manager = new LockdownManager($this->sessionCallback);
+ $manager->setToken($token);
+ $this->assertFalse($manager->canAccessFilesystem());
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-16 11:51:12 +0000