diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/Core/Controller/LoginControllerTest.php | 4 | ||||
| -rw-r--r-- | tests/Settings/Controller/AuthSettingsControllerTest.php | 45 | ||||
| -rw-r--r-- | tests/lib/Authentication/Token/RemoteWipeTest.php | 68 | ||||
| -rw-r--r-- | tests/lib/Repair/RemoveRootSharesTest.php | 197 | ||||
| -rw-r--r-- | tests/lib/Repair/RepairInvalidPathsTest.php | 219 | ||||
| -rw-r--r-- | tests/lib/Repair/SetVcardDatabaseUIDTest.php | 128 | ||||
| -rw-r--r-- | tests/lib/Security/CSP/AddContentSecurityPolicyEventTest.php | 44 | ||||
| -rw-r--r-- | tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php | 54 |
8 files changed, 205 insertions, 554 deletions
diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index 44a39cc3b27..df1b12b9709 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -138,7 +138,7 @@ class LoginControllerTest extends TestCase { ->willReturn('/login'); $expected = new RedirectResponse('/login'); - $expected->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"'); + $expected->addHeader('Clear-Site-Data', '"cache", "storage"'); $this->assertEquals($expected, $this->loginController->logout()); } @@ -168,7 +168,7 @@ class LoginControllerTest extends TestCase { ->willReturn('/login'); $expected = new RedirectResponse('/login'); - $expected->addHeader('Clear-Site-Data', '"cache", "storage", "executionContexts"'); + $expected->addHeader('Clear-Site-Data', '"cache", "storage"'); $this->assertEquals($expected, $this->loginController->logout()); } diff --git a/tests/Settings/Controller/AuthSettingsControllerTest.php b/tests/Settings/Controller/AuthSettingsControllerTest.php index 198b3a72c33..d335abc98a3 100644 --- a/tests/Settings/Controller/AuthSettingsControllerTest.php +++ b/tests/Settings/Controller/AuthSettingsControllerTest.php @@ -26,6 +26,7 @@ use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\DefaultToken; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; +use OC\Authentication\Token\RemoteWipe; use OC\Settings\Controller\AuthSettingsController; use OCP\Activity\IEvent; use OCP\Activity\IManager; @@ -35,22 +36,25 @@ use OCP\IRequest; use OCP\ISession; use OCP\Security\ISecureRandom; use OCP\Session\Exceptions\SessionNotAvailableException; +use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; class AuthSettingsControllerTest extends TestCase { /** @var AuthSettingsController */ private $controller; - /** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */ + /** @var IRequest|MockObject */ private $request; - /** @var IProvider|\PHPUnit_Framework_MockObject_MockObject */ + /** @var IProvider|MockObject */ private $tokenProvider; - /** @var ISession|\PHPUnit_Framework_MockObject_MockObject */ + /** @var ISession|MockObject */ private $session; - /** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */ + /** @var ISecureRandom|MockObject */ private $secureRandom; - /** @var IManager|\PHPUnit_Framework_MockObject_MockObject */ + /** @var IManager|MockObject */ private $activityManager; + /** @var RemoteWipe|MockObject */ + private $remoteWipe; private $uid = 'jane'; protected function setUp() { @@ -61,7 +65,8 @@ class AuthSettingsControllerTest extends TestCase { $this->session = $this->createMock(ISession::class); $this->secureRandom = $this->createMock(ISecureRandom::class); $this->activityManager = $this->createMock(IManager::class); - /** @var ILogger|\PHPUnit_Framework_MockObject_MockObject $logger */ + $this->remoteWipe = $this->createMock(RemoteWipe::class); + /** @var ILogger|MockObject $logger */ $logger = $this->createMock(ILogger::class); $this->controller = new AuthSettingsController( @@ -72,6 +77,7 @@ class AuthSettingsControllerTest extends TestCase { $this->secureRandom, $this->uid, $this->activityManager, + $this->remoteWipe, $logger ); } @@ -201,6 +207,7 @@ class AuthSettingsControllerTest extends TestCase { /** * @dataProvider dataRenameToken + * * @param string $name * @param string $newName */ @@ -243,6 +250,7 @@ class AuthSettingsControllerTest extends TestCase { /** * @dataProvider dataUpdateFilesystemScope + * * @param bool $filesystem * @param bool $newFilesystem */ @@ -359,4 +367,29 @@ class AuthSettingsControllerTest extends TestCase { ->with($this->equalTo($tokenId)) ->willReturn($token); } + + public function testRemoteWipeNotSuccessful(): void { + $this->remoteWipe->expects($this->once()) + ->method('markTokenForWipe') + ->with(123) + ->willReturn(false); + + $response = $this->controller->wipe(123); + + $expected = new JSONResponse([], Http::STATUS_BAD_REQUEST); + $this->assertEquals($expected, $response); + } + + public function testRemoteWipeSuccessful(): void { + $this->remoteWipe->expects($this->once()) + ->method('markTokenForWipe') + ->with(123) + ->willReturn(true); + + $response = $this->controller->wipe(123); + + $expected = new JSONResponse([]); + $this->assertEquals($expected, $response); + } + } diff --git a/tests/lib/Authentication/Token/RemoteWipeTest.php b/tests/lib/Authentication/Token/RemoteWipeTest.php index e0b3e9fcae9..7193bee5389 100644 --- a/tests/lib/Authentication/Token/RemoteWipeTest.php +++ b/tests/lib/Authentication/Token/RemoteWipeTest.php @@ -29,9 +29,11 @@ use OC\Authentication\Exceptions\WipeTokenException; use OC\Authentication\Token\IProvider as ITokenProvider; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; +use OC\Authentication\Token\IWipeableToken; use OC\Authentication\Token\RemoteWipe; use OCP\EventDispatcher\IEventDispatcher; use OCP\ILogger; +use OCP\IUser; use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; @@ -63,6 +65,72 @@ class RemoteWipeTest extends TestCase { ); } + public function testMarkNonWipableTokenForWipe(): void { + $token = $this->createMock(IToken::class); + $this->tokenProvider->expects($this->once()) + ->method('getTokenById') + ->with(123) + ->willReturn($token); + + $result = $this->remoteWipe->markTokenForWipe(123); + + $this->assertFalse($result); + } + + public function testMarkTokenForWipe(): void { + $token = $this->createMock(IWipeableToken::class); + $this->tokenProvider->expects($this->once()) + ->method('getTokenById') + ->with(123) + ->willReturn($token); + $token->expects($this->once()) + ->method('wipe'); + $this->tokenProvider->expects($this->once()) + ->method('updateToken') + ->with($token); + + $result = $this->remoteWipe->markTokenForWipe(123); + + $this->assertTrue($result); + } + + public function testMarkAllTokensForWipeNoWipeableToken(): void { + /** @var IUser|MockObject $user */ + $user = $this->createMock(IUser::class); + $user->method('getUID')->willReturn('user123'); + $token1 = $this->createMock(IToken::class); + $token2 = $this->createMock(IToken::class); + $this->tokenProvider->expects($this->once()) + ->method('getTokenByUser') + ->with('user123') + ->willReturn([$token1, $token2]); + + $result = $this->remoteWipe->markAllTokensForWipe($user); + + $this->assertFalse($result); + } + + public function testMarkAllTokensForWipe(): void { + /** @var IUser|MockObject $user */ + $user = $this->createMock(IUser::class); + $user->method('getUID')->willReturn('user123'); + $token1 = $this->createMock(IToken::class); + $token2 = $this->createMock(IWipeableToken::class); + $this->tokenProvider->expects($this->once()) + ->method('getTokenByUser') + ->with('user123') + ->willReturn([$token1, $token2]); + $token2->expects($this->once()) + ->method('wipe'); + $this->tokenProvider->expects($this->once()) + ->method('updateToken') + ->with($token2); + + $result = $this->remoteWipe->markAllTokensForWipe($user); + + $this->assertTrue($result); + } + public function testStartWipingNotAWipeToken() { $token = $this->createMock(IToken::class); $this->tokenProvider->expects($this->once()) diff --git a/tests/lib/Repair/RemoveRootSharesTest.php b/tests/lib/Repair/RemoveRootSharesTest.php deleted file mode 100644 index 9a4882bef29..00000000000 --- a/tests/lib/Repair/RemoveRootSharesTest.php +++ /dev/null @@ -1,197 +0,0 @@ -<?php -/** - * @author Roeland Jago Douma <rullzer@owncloud.com> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ -namespace Test\Repair; - -use OC\Repair\RemoveRootShares; -use OCP\Files\IRootFolder; -use OCP\IDBConnection; -use OCP\IUserManager; -use OCP\Migration\IOutput; -use Test\Traits\UserTrait; - -/** - * Class RemoveOldSharesTest - * - * @package Test\Repair - * @group DB - */ -class RemoveRootSharesTest extends \Test\TestCase { - use UserTrait; - - /** @var RemoveRootShares */ - protected $repair; - - /** @var IDBConnection */ - protected $connection; - - /** @var IOutput */ - private $outputMock; - - /** @var IUserManager */ - private $userManager; - - /** @var IRootFolder */ - private $rootFolder; - - protected function setUp() { - parent::setUp(); - - $this->outputMock = $this->getMockBuilder('\OCP\Migration\IOutput') - ->disableOriginalConstructor() - ->getMock(); - - $this->userManager = \OC::$server->getUserManager(); - $this->rootFolder = \OC::$server->getRootFolder(); - - $this->connection = \OC::$server->getDatabaseConnection(); - $this->repair = new RemoveRootShares($this->connection, $this->userManager, $this->rootFolder); - } - - protected function tearDown() { - $qb = $this->connection->getQueryBuilder(); - $qb->delete('share'); - $qb->execute(); - - return parent::tearDown(); - } - - public function testRootSharesExist() { - //Add test user - $user = $this->userManager->createUser('test', 'test'); - $userFolder = $this->rootFolder->getUserFolder('test'); - $fileId = $userFolder->getId(); - - //Now insert cyclic share - $qb = $this->connection->getQueryBuilder(); - $qb->insert('share') - ->values([ - 'share_type' => $qb->createNamedParameter(0), - 'share_with' => $qb->createNamedParameter('foo'), - 'uid_owner' => $qb->createNamedParameter('owner'), - 'item_type' => $qb->createNamedParameter('file'), - 'item_source' => $qb->createNamedParameter($fileId), - 'item_target' => $qb->createNamedParameter('/target'), - 'file_source' => $qb->createNamedParameter($fileId), - 'file_target' => $qb->createNamedParameter('/target'), - 'permissions' => $qb->createNamedParameter(1), - ]); - $qb->execute(); - - $res = $this->invokePrivate($this->repair, 'rootSharesExist', []); - $this->assertTrue($res); - - $user->delete(); - } - - public function testRootSharesDontExist() { - //Add test user - $user = $this->userManager->createUser('test', 'test'); - $userFolder = $this->rootFolder->getUserFolder('test'); - $fileId = $userFolder->getId(); - $user->updateLastLoginTimestamp(); - - //Now insert cyclic share - $qb = $this->connection->getQueryBuilder(); - $qb->insert('share') - ->values([ - 'share_type' => $qb->createNamedParameter(0), - 'share_with' => $qb->createNamedParameter('foo'), - 'uid_owner' => $qb->createNamedParameter('owner'), - 'item_type' => $qb->createNamedParameter('file'), - 'item_source' => $qb->createNamedParameter($fileId+1), - 'item_target' => $qb->createNamedParameter('/target'), - 'file_source' => $qb->createNamedParameter($fileId+1), - 'file_target' => $qb->createNamedParameter('/target'), - 'permissions' => $qb->createNamedParameter(1), - ]); - $qb->execute(); - - $res = $this->invokePrivate($this->repair, 'rootSharesExist', []); - $this->assertFalse($res); - - $user->delete(); - } - - public function testRun() { - //Add test user - $user1 = $this->userManager->createUser('test1', 'test1'); - $userFolder = $this->rootFolder->getUserFolder('test1'); - $fileId = $userFolder->getId(); - $user1->updateLastLoginTimestamp(); - - //Now insert cyclic share - $qb = $this->connection->getQueryBuilder(); - $qb->insert('share') - ->values([ - 'share_type' => $qb->createNamedParameter(0), - 'share_with' => $qb->createNamedParameter('foo'), - 'uid_owner' => $qb->createNamedParameter('owner'), - 'item_type' => $qb->createNamedParameter('file'), - 'item_source' => $qb->createNamedParameter($fileId), - 'item_target' => $qb->createNamedParameter('/target'), - 'file_source' => $qb->createNamedParameter($fileId), - 'file_target' => $qb->createNamedParameter('/target'), - 'permissions' => $qb->createNamedParameter(1), - ]); - $qb->execute(); - - //Add test user - $user2 = $this->userManager->createUser('test2', 'test2'); - $userFolder = $this->rootFolder->getUserFolder('test2'); - $folder = $userFolder->newFolder('foo'); - $fileId = $folder->getId(); - $user2->updateLastLoginTimestamp(); - - //Now insert cyclic share - $qb = $this->connection->getQueryBuilder(); - $qb->insert('share') - ->values([ - 'share_type' => $qb->createNamedParameter(0), - 'share_with' => $qb->createNamedParameter('foo'), - 'uid_owner' => $qb->createNamedParameter('owner'), - 'item_type' => $qb->createNamedParameter('file'), - 'item_source' => $qb->createNamedParameter($fileId), - 'item_target' => $qb->createNamedParameter('/target'), - 'file_source' => $qb->createNamedParameter($fileId), - 'file_target' => $qb->createNamedParameter('/target'), - 'permissions' => $qb->createNamedParameter(1), - ]); - $qb->execute(); - - $this->repair->run($this->outputMock); - - //Verify - $qb = $this->connection->getQueryBuilder(); - $qb->select($qb->func()->count('*', 'count')) - ->from('share'); - - $cursor = $qb->execute(); - $data = $cursor->fetch(); - $cursor->closeCursor(); - - $count = (int)$data['count']; - - $this->assertEquals(1, $count); - - $user1->delete(); - $user2->delete(); - } -} diff --git a/tests/lib/Repair/RepairInvalidPathsTest.php b/tests/lib/Repair/RepairInvalidPathsTest.php deleted file mode 100644 index 17c584fd149..00000000000 --- a/tests/lib/Repair/RepairInvalidPathsTest.php +++ /dev/null @@ -1,219 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2017 Robin Appelman <robin@icewind.nl> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - */ - -namespace Test\Repair; - -use OC\Files\Cache\Cache; -use OC\Files\Storage\Temporary; -use OC\Repair\NC13\RepairInvalidPaths; -use OCP\IConfig; -use OCP\Migration\IOutput; -use Test\TestCase; - -/** - * @group DB - */ -class RepairInvalidPathsTest extends TestCase { - /** @var Temporary */ - private $storage; - /** @var Cache */ - private $cache; - /** @var Temporary */ - private $storage2; - /** @var Cache */ - private $cache2; - /** @var RepairInvalidPaths */ - private $repair; - - protected function setUp() { - parent::setUp(); - - $this->storage = new Temporary(); - $this->cache = $this->storage->getCache(); - $this->storage2 = new Temporary(); - $this->cache2 = $this->storage2->getCache(); - $config = $this->createMock(IConfig::class); - $config->expects($this->any()) - ->method('getSystemValue') - ->with('version', '0.0.0') - ->willReturn('12.0.0.0'); - $this->repair = new RepairInvalidPaths(\OC::$server->getDatabaseConnection(), $config); - } - - protected function tearDown() { - $this->cache->clear(); - - return parent::tearDown(); - } - - public function testRepairNonDuplicate() { - $this->storage->mkdir('foo/bar/asd'); - $this->storage->mkdir('foo2'); - $this->storage->getScanner()->scan(''); - - $folderId = $this->cache->getId('foo/bar'); - $newParentFolderId = $this->cache->getId('foo2'); - // failed rename, moved entry is updated but not it's children - $this->cache->update($folderId, ['path' => 'foo2/bar', 'parent' => $newParentFolderId]); - - $this->assertTrue($this->cache->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo/bar/asd')); - $this->assertFalse($this->cache->inCache('foo2/bar/asd')); - - $this->assertEquals($folderId, $this->cache->get('foo/bar/asd')['parent']); - - $this->repair->run($this->createMock(IOutput::class)); - - $this->assertTrue($this->cache->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo2/bar/asd')); - $this->assertFalse($this->cache->inCache('foo/bar/asd')); - - $this->assertEquals($folderId, $this->cache->get('foo2/bar/asd')['parent']); - $this->assertEquals($folderId, $this->cache->getId('foo2/bar')); - } - - public function testRepairDuplicate() { - $this->storage->mkdir('foo/bar/asd'); - $this->storage->mkdir('foo2'); - $this->storage->getScanner()->scan(''); - - $folderId = $this->cache->getId('foo/bar'); - $newParentFolderId = $this->cache->getId('foo2'); - // failed rename, moved entry is updated but not it's children - $this->cache->update($folderId, ['path' => 'foo2/bar', 'parent' => $newParentFolderId]); - $this->storage->rename('foo/bar', 'foo2/bar'); - $this->storage->mkdir('foo2/bar/asd/foo'); - - // usage causes the renamed subfolder to be scanned - $this->storage->getScanner()->scan('foo2/bar/asd'); - - $this->assertTrue($this->cache->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo/bar/asd')); - $this->assertTrue($this->cache->inCache('foo2/bar/asd')); - - $this->assertEquals($folderId, $this->cache->get('foo/bar/asd')['parent']); - - $this->repair->run($this->createMock(IOutput::class)); - - $this->assertTrue($this->cache->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo2/bar/asd')); - $this->assertFalse($this->cache->inCache('foo/bar/asd')); - - $this->assertEquals($this->cache->getId('foo2/bar'), $this->cache->get('foo2/bar/asd')['parent']); - $this->assertEquals($this->cache->getId('foo2/bar/asd'), $this->cache->get('foo2/bar/asd/foo')['parent']); - } - - public function testRepairMultipleNonDuplicate() { - $this->storage->mkdir('foo/bar/asd'); - $this->storage->mkdir('foo/bar2/asd'); - $this->storage->mkdir('foo2'); - $this->storage->getScanner()->scan(''); - - $folderId1 = $this->cache->getId('foo/bar'); - $folderId2 = $this->cache->getId('foo/bar2'); - $newParentFolderId = $this->cache->getId('foo2'); - // failed rename, moved entry is updated but not it's children - $this->cache->update($folderId1, ['path' => 'foo2/bar', 'parent' => $newParentFolderId]); - $this->cache->update($folderId2, ['path' => 'foo2/bar2', 'parent' => $newParentFolderId]); - - $this->assertTrue($this->cache->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo2/bar2')); - $this->assertTrue($this->cache->inCache('foo/bar/asd')); - $this->assertTrue($this->cache->inCache('foo/bar2/asd')); - $this->assertFalse($this->cache->inCache('foo2/bar/asd')); - $this->assertFalse($this->cache->inCache('foo2/bar2/asd')); - - $this->assertEquals($folderId1, $this->cache->get('foo/bar/asd')['parent']); - $this->assertEquals($folderId2, $this->cache->get('foo/bar2/asd')['parent']); - - $this->repair->run($this->createMock(IOutput::class)); - - $this->assertTrue($this->cache->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo2/bar2')); - $this->assertTrue($this->cache->inCache('foo2/bar/asd')); - $this->assertTrue($this->cache->inCache('foo2/bar2/asd')); - $this->assertFalse($this->cache->inCache('foo/bar/asd')); - $this->assertFalse($this->cache->inCache('foo/bar2/asd')); - - $this->assertEquals($folderId1, $this->cache->get('foo2/bar/asd')['parent']); - $this->assertEquals($folderId2, $this->cache->get('foo2/bar2/asd')['parent']); - $this->assertEquals($folderId1, $this->cache->getId('foo2/bar')); - $this->assertEquals($folderId2, $this->cache->getId('foo2/bar2')); - } - - public function testRepairNonDuplicateBetweenStorage() { - $this->storage->mkdir('foo/bar/asd'); - $this->storage2->mkdir('foo2'); - $this->storage->getScanner()->scan(''); - $this->storage2->getScanner()->scan(''); - - $folderId = $this->cache->getId('foo/bar'); - $newParentEntry = $this->cache2->get('foo2'); - $newParentFolderId = $newParentEntry->getId(); - // failed rename, moved entry is updated but not it's children - $this->cache->update($folderId, ['path' => 'foo2/bar', 'parent' => $newParentFolderId, 'storage' => $newParentEntry->getStorageId()]); - - $this->assertTrue($this->cache2->inCache('foo2/bar')); - $this->assertTrue($this->cache->inCache('foo/bar/asd')); - $this->assertFalse($this->cache2->inCache('foo2/bar/asd')); - - $this->assertEquals($folderId, $this->cache->get('foo/bar/asd')['parent']); - - $this->repair->run($this->createMock(IOutput::class)); - - $this->assertTrue($this->cache2->inCache('foo2/bar')); - $this->assertTrue($this->cache2->inCache('foo2/bar/asd')); - $this->assertFalse($this->cache->inCache('foo/bar/asd')); - - $this->assertEquals($folderId, $this->cache2->get('foo2/bar/asd')['parent']); - $this->assertEquals($folderId, $this->cache2->getId('foo2/bar')); - } - - public function shouldRunDataProvider() { - return [ - ['11.0.0.0', true], - ['11.0.0.31', true], - ['11.0.5.2', false], - ['12.0.0.0', true], - ['12.0.0.1', true], - ['12.0.0.31', false], - ['13.0.0.0', true], - ['13.0.0.1', false] - ]; - } - - /** - * @dataProvider shouldRunDataProvider - * - * @param string $from - * @param boolean $expected - */ - public function testShouldRun($from, $expected) { - $config = $this->createMock(IConfig::class); - $config->expects($this->any()) - ->method('getSystemValue') - ->with('version', '0.0.0') - ->willReturn($from); - $repair = new RepairInvalidPaths(\OC::$server->getDatabaseConnection(), $config); - - $this->assertEquals($expected, $this->invokePrivate($repair, 'shouldRun')); - } -} diff --git a/tests/lib/Repair/SetVcardDatabaseUIDTest.php b/tests/lib/Repair/SetVcardDatabaseUIDTest.php deleted file mode 100644 index 2939528a21a..00000000000 --- a/tests/lib/Repair/SetVcardDatabaseUIDTest.php +++ /dev/null @@ -1,128 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2018 John Molakvoæ <skjnldsv@protonmail.com> - * - * @author John Molakvoæ <skjnldsv@protonmail.com> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - */ - -namespace Test\Repair; - -use OCP\IConfig; -use OCP\ILogger; -use OCP\Migration\IOutput; -use OC\Repair\NC15\SetVcardDatabaseUID; -use Test\TestCase; - -/** - * @group DB - */ -class SetVcardDatabaseUIDTest extends TestCase { - - /** @var SetVcardDatabaseUID */ - private $repair; - - /** @var IConfig */ - private $config; - - /** @var Ilogger */ - private $logger; - - protected function setUp() { - parent::setUp(); - - $this->config = $this->createMock(IConfig::class); - $this->logger = $this->createMock(Ilogger::class); - $this->repair = new SetVcardDatabaseUID(\OC::$server->getDatabaseConnection(), $this->config, $this->logger); - } - - protected function tearDown() { - return parent::tearDown(); - } - - public function dataTestVcards() { - return [ - // classic vcard - ['BEGIN:VCARD'.PHP_EOL. - 'VERSION:3.0'.PHP_EOL. - 'PRODID:-//Sabre//Sabre VObject 4.1.2//EN'.PHP_EOL. - 'UID:Test'.PHP_EOL. - 'FN:Test'.PHP_EOL. - 'N:Test;;;;'.PHP_EOL. - 'END:VCARD', 'Test'], - - // UID as url - ['BEGIN:VCARD'.PHP_EOL. - 'VERSION:3.0'.PHP_EOL. - 'PRODID:-//Sabre//Sabre VObject 4.1.2//EN'.PHP_EOL. - 'UID:https://User@old.domain.com/remote.php/carddav/addressbooks/User/contacts/2EAF6525-17ADC861-38D6BB1D.vcf'.PHP_EOL. - 'FN:Test'.PHP_EOL. - 'N:Test;;;;'.PHP_EOL. - 'END:VCARD', 'https://User@old.domain.com/remote.php/carddav/addressbooks/User/contacts/2EAF6525-17ADC861-38D6BB1D.vcf'], - - // No uid - ['BEGIN:VCARD'.PHP_EOL. - 'VERSION:3.0'.PHP_EOL. - 'PRODID:-//Sabre//Sabre VObject 4.1.2//EN'.PHP_EOL. - 'FN:Test'.PHP_EOL. - 'N:Test;;;;'.PHP_EOL. - 'END:VCARD', false] - ]; - } - - /** - * @dataProvider dataTestVcards - * - * @param string $from - * @param string|boolean $expected - */ - public function testExtractUIDFromVcard($from, $expected) { - $output = $this->createMock(IOutput::class); - $uid = $this->invokePrivate($this->repair, 'getUid', ['carddata' => $from, 'output' => $output]); - $this->assertEquals($expected, $uid); - } - - public function shouldRunDataProvider() { - return [ - ['11.0.0.0', true], - ['15.0.0.3', false], - ['13.0.5.2', true], - ['12.0.0.0', true], - ['16.0.0.1', false], - ['15.0.0.2', true], - ['13.0.0.0', true], - ['13.0.0.1', true] - ]; - } - - /** - * @dataProvider shouldRunDataProvider - * - * @param string $from - * @param boolean $expected - */ - public function testShouldRun($from, $expected) { - $this->config->expects($this->any()) - ->method('getSystemValue') - ->with('version', '0.0.0.0') - ->willReturn($from); - - $this->assertEquals($expected, $this->invokePrivate($this->repair, 'shouldRun')); - } - -} diff --git a/tests/lib/Security/CSP/AddContentSecurityPolicyEventTest.php b/tests/lib/Security/CSP/AddContentSecurityPolicyEventTest.php new file mode 100644 index 00000000000..01227ec359a --- /dev/null +++ b/tests/lib/Security/CSP/AddContentSecurityPolicyEventTest.php @@ -0,0 +1,44 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace Test\Security\CSP; + +use OC\Security\CSP\ContentSecurityPolicyManager; +use OCP\AppFramework\Http\ContentSecurityPolicy; +use OCP\Security\CSP\AddContentSecurityPolicyEvent; +use Test\TestCase; + +class AddContentSecurityPolicyEventTest extends TestCase { + public function testAddEvent() { + $cspManager = $this->createMock(ContentSecurityPolicyManager::class); + $policy = $this->createMock(ContentSecurityPolicy::class); + $event = new AddContentSecurityPolicyEvent($cspManager); + + $cspManager->expects($this->once()) + ->method('addDefaultPolicy') + ->with($policy); + + $event->addPolicy($policy); + } +} diff --git a/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php b/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php index 8f8be5cba9f..279c4672d80 100644 --- a/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php +++ b/tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php @@ -23,14 +23,24 @@ namespace Test\Security\CSP; use OC\Security\CSP\ContentSecurityPolicyManager; +use OCP\EventDispatcher\IEventDispatcher; +use OCP\Security\CSP\AddContentSecurityPolicyEvent; +use PHPUnit\Framework\MockObject\MockObject; +use Symfony\Component\EventDispatcher\EventDispatcher; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; +use Test\TestCase; + +class ContentSecurityPolicyManagerTest extends TestCase { + /** @var EventDispatcherInterface */ + private $dispatcher; -class ContentSecurityPolicyManagerTest extends \Test\TestCase { /** @var ContentSecurityPolicyManager */ private $contentSecurityPolicyManager; public function setUp() { parent::setUp(); - $this->contentSecurityPolicyManager = new ContentSecurityPolicyManager(); + $this->dispatcher = \OC::$server->query(IEventDispatcher::class); + $this->contentSecurityPolicyManager = new ContentSecurityPolicyManager($this->dispatcher); } public function testAddDefaultPolicy() { @@ -69,4 +79,44 @@ class ContentSecurityPolicyManagerTest extends \Test\TestCase { $this->assertSame($expectedStringPolicy, $this->contentSecurityPolicyManager->getDefaultPolicy()->buildPolicy()); } + public function testGetDefaultPolicyWithPoliciesViaEvent() { + $this->dispatcher->addListener(AddContentSecurityPolicyEvent::class, function(AddContentSecurityPolicyEvent $e) { + $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(); + $policy->addAllowedFontDomain('mydomain.com'); + $policy->addAllowedImageDomain('anotherdomain.de'); + + $e->addPolicy($policy); + }); + + $this->dispatcher->addListener(AddContentSecurityPolicyEvent::class, function(AddContentSecurityPolicyEvent $e) { + $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(); + $policy->addAllowedFontDomain('example.com'); + $policy->addAllowedImageDomain('example.org'); + $policy->allowInlineScript(true); + $policy->allowEvalScript(true); + $e->addPolicy($policy); + }); + + $this->dispatcher->addListener(AddContentSecurityPolicyEvent::class, function(AddContentSecurityPolicyEvent $e) { + $policy = new \OCP\AppFramework\Http\EmptyContentSecurityPolicy(); + $policy->addAllowedChildSrcDomain('childdomain'); + $policy->addAllowedFontDomain('anotherFontDomain'); + $e->addPolicy($policy); + }); + + $expected = new \OC\Security\CSP\ContentSecurityPolicy(); + $expected->allowInlineScript(true); + $expected->allowEvalScript(true); + $expected->addAllowedFontDomain('mydomain.com'); + $expected->addAllowedFontDomain('example.com'); + $expected->addAllowedFontDomain('anotherFontDomain'); + $expected->addAllowedImageDomain('anotherdomain.de'); + $expected->addAllowedImageDomain('example.org'); + $expected->addAllowedChildSrcDomain('childdomain'); + $expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' data: mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';child-src childdomain;frame-ancestors 'self'"; + + $this->assertEquals($expected, $this->contentSecurityPolicyManager->getDefaultPolicy()); + $this->assertSame($expectedStringPolicy, $this->contentSecurityPolicyManager->getDefaultPolicy()->buildPolicy()); + } + } |