From ff810f8e2311061908ab0f0f9f8f856a9145f0c5 Mon Sep 17 00:00:00 2001 From: Daniel Calviño Sánchez Date: Thu, 28 May 2020 20:26:00 +0200 Subject: Extend mail shares unit tests to check the password and mail template MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Daniel Calviño Sánchez --- apps/sharebymail/tests/ShareByMailProviderTest.php | 25 ++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'apps') diff --git a/apps/sharebymail/tests/ShareByMailProviderTest.php b/apps/sharebymail/tests/ShareByMailProviderTest.php index 07bba57a19c..dde24138a48 100644 --- a/apps/sharebymail/tests/ShareByMailProviderTest.php +++ b/apps/sharebymail/tests/ShareByMailProviderTest.php @@ -263,11 +263,18 @@ class ShareByMailProviderTest extends TestCase { // The autogenerated password should be mailed to the receiver of the share. $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true); $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true); - $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('password'); + $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('autogeneratedPassword'); $message = $this->createMock(IMessage::class); $message->expects($this->once())->method('setTo')->with(['receiver@example.com']); $this->mailer->expects($this->once())->method('createMessage')->willReturn($message); + $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [ + 'filename' => 'filename', + 'password' => 'autogeneratedPassword', + 'initiator' => 'owner', + 'initiatorEmail' => null, + 'shareWith' => 'receiver@example.com', + ]); $this->mailer->expects($this->once())->method('send'); $this->assertSame('shareObject', @@ -296,11 +303,18 @@ class ShareByMailProviderTest extends TestCase { // The autogenerated password should be mailed to the owner of the share. $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true); $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true); - $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('password'); + $instance->expects($this->once())->method('autoGeneratePassword')->with($share)->willReturn('autogeneratedPassword'); $message = $this->createMock(IMessage::class); $message->expects($this->once())->method('setTo')->with(['owner@example.com' => 'Owner display name']); $this->mailer->expects($this->once())->method('createMessage')->willReturn($message); + $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.OwnerPasswordNotification', [ + 'filename' => 'filename', + 'password' => 'autogeneratedPassword', + 'initiator' => 'Owner display name', + 'initiatorEmail' => 'owner@example.com', + 'shareWith' => 'receiver@example.com', + ]); $this->mailer->expects($this->once())->method('send'); $user = $this->createMock(IUser::class); @@ -533,6 +547,13 @@ class ShareByMailProviderTest extends TestCase { $share->expects($this->any())->method('getSendPasswordByTalk')->willReturn($newSendPasswordByTalk); if ($sendMail) { + $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [ + 'filename' => 'filename', + 'password' => $plainTextPassword, + 'initiator' => null, + 'initiatorEmail' => null, + 'shareWith' => 'receiver@example.com', + ]); $this->mailer->expects($this->once())->method('send'); } else { $this->mailer->expects($this->never())->method('send'); -- cgit v1.2.3 From 149d2b00135249c1c84bcf4a134332884528e199 Mon Sep 17 00:00:00 2001 From: Daniel Calviño Sánchez Date: Thu, 28 May 2020 20:27:33 +0200 Subject: Fix creating a mail share with a password MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit When a mail share was created with a password the given password was not hashed, so it was not possible to open the share with that password. Moreover, if passwords were enforced the given password was ignored and a new one was set (although in this case it was hashed so it worked as expected). Now the given password is properly hashed and not overriden. Signed-off-by: Daniel Calviño Sánchez --- apps/sharebymail/lib/ShareByMailProvider.php | 10 ++- apps/sharebymail/tests/ShareByMailProviderTest.php | 98 ++++++++++++++++++++++ 2 files changed, 104 insertions(+), 4 deletions(-) (limited to 'apps') diff --git a/apps/sharebymail/lib/ShareByMailProvider.php b/apps/sharebymail/lib/ShareByMailProvider.php index 50338c48830..c3636f379d8 100644 --- a/apps/sharebymail/lib/ShareByMailProvider.php +++ b/apps/sharebymail/lib/ShareByMailProvider.php @@ -186,12 +186,16 @@ class ShareByMailProvider implements IShareProvider { // if the admin enforces a password for all mail shares we create a // random password and send it to the recipient - $password = ''; + $password = $share->getPassword() ?: ''; $passwordEnforced = $this->settingsManager->enforcePasswordProtection(); - if ($passwordEnforced) { + if ($passwordEnforced && empty($password)) { $password = $this->autoGeneratePassword($share); } + if (!empty($password)) { + $share->setPassword($this->hasher->hash($password)); + } + $shareId = $this->createMailShare($share); $send = $this->sendPassword($share, $password); if ($passwordEnforced && $send === false) { @@ -233,8 +237,6 @@ class ShareByMailProvider implements IShareProvider { $password = $this->secureRandom->generate($passwordLength, $passwordCharset); - $share->setPassword($this->hasher->hash($password)); - return $password; } diff --git a/apps/sharebymail/tests/ShareByMailProviderTest.php b/apps/sharebymail/tests/ShareByMailProviderTest.php index dde24138a48..66e9f7437b6 100644 --- a/apps/sharebymail/tests/ShareByMailProviderTest.php +++ b/apps/sharebymail/tests/ShareByMailProviderTest.php @@ -242,6 +242,51 @@ class ShareByMailProviderTest extends TestCase { ); } + public function testCreateSendPasswordByMailWithPasswordAndWithoutEnforcedPasswordProtection() { + $share = $this->getMockBuilder(IShare::class)->getMock(); + $share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com'); + $share->expects($this->any())->method('getSendPasswordByTalk')->willReturn(false); + $share->expects($this->any())->method('getSharedBy')->willReturn('owner'); + + $node = $this->getMockBuilder(File::class)->getMock(); + $node->expects($this->any())->method('getName')->willReturn('filename'); + + $instance = $this->getInstance(['getSharedWith', 'createMailShare', 'getRawShare', 'createShareObject', 'createShareActivity', 'autoGeneratePassword', 'createPasswordSendActivity']); + + $instance->expects($this->once())->method('getSharedWith')->willReturn([]); + $instance->expects($this->once())->method('createMailShare')->with($share)->willReturn(42); + $instance->expects($this->once())->method('createShareActivity')->with($share); + $instance->expects($this->once())->method('getRawShare')->with(42)->willReturn('rawShare'); + $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject'); + $share->expects($this->any())->method('getNode')->willReturn($node); + + $share->expects($this->once())->method('getPassword')->willReturn('password'); + $this->hasher->expects($this->once())->method('hash')->with('password')->willReturn('passwordHashed'); + $share->expects($this->once())->method('setPassword')->with('passwordHashed'); + + // The given password (but not the autogenerated password) should be + // mailed to the receiver of the share. + $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(false); + $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true); + $instance->expects($this->never())->method('autoGeneratePassword'); + + $message = $this->createMock(IMessage::class); + $message->expects($this->once())->method('setTo')->with(['receiver@example.com']); + $this->mailer->expects($this->once())->method('createMessage')->willReturn($message); + $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [ + 'filename' => 'filename', + 'password' => 'password', + 'initiator' => 'owner', + 'initiatorEmail' => null, + 'shareWith' => 'receiver@example.com', + ]); + $this->mailer->expects($this->once())->method('send'); + + $this->assertSame('shareObject', + $instance->create($share) + ); + } + public function testCreateSendPasswordByMailWithEnforcedPasswordProtection() { $share = $this->getMockBuilder(IShare::class)->getMock(); $share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com'); @@ -260,6 +305,10 @@ class ShareByMailProviderTest extends TestCase { $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject'); $share->expects($this->any())->method('getNode')->willReturn($node); + $share->expects($this->once())->method('getPassword')->willReturn(null); + $this->hasher->expects($this->once())->method('hash')->with('autogeneratedPassword')->willReturn('autogeneratedPasswordHashed'); + $share->expects($this->once())->method('setPassword')->with('autogeneratedPasswordHashed'); + // The autogenerated password should be mailed to the receiver of the share. $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true); $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true); @@ -282,6 +331,51 @@ class ShareByMailProviderTest extends TestCase { ); } + public function testCreateSendPasswordByMailWithPasswordAndWithEnforcedPasswordProtection() { + $share = $this->getMockBuilder(IShare::class)->getMock(); + $share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com'); + $share->expects($this->any())->method('getSendPasswordByTalk')->willReturn(false); + $share->expects($this->any())->method('getSharedBy')->willReturn('owner'); + + $node = $this->getMockBuilder(File::class)->getMock(); + $node->expects($this->any())->method('getName')->willReturn('filename'); + + $instance = $this->getInstance(['getSharedWith', 'createMailShare', 'getRawShare', 'createShareObject', 'createShareActivity', 'autoGeneratePassword', 'createPasswordSendActivity']); + + $instance->expects($this->once())->method('getSharedWith')->willReturn([]); + $instance->expects($this->once())->method('createMailShare')->with($share)->willReturn(42); + $instance->expects($this->once())->method('createShareActivity')->with($share); + $instance->expects($this->once())->method('getRawShare')->with(42)->willReturn('rawShare'); + $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject'); + $share->expects($this->any())->method('getNode')->willReturn($node); + + $share->expects($this->once())->method('getPassword')->willReturn('password'); + $this->hasher->expects($this->once())->method('hash')->with('password')->willReturn('passwordHashed'); + $share->expects($this->once())->method('setPassword')->with('passwordHashed'); + + // The given password (but not the autogenerated password) should be + // mailed to the receiver of the share. + $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true); + $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true); + $instance->expects($this->never())->method('autoGeneratePassword'); + + $message = $this->createMock(IMessage::class); + $message->expects($this->once())->method('setTo')->with(['receiver@example.com']); + $this->mailer->expects($this->once())->method('createMessage')->willReturn($message); + $this->mailer->expects($this->once())->method('createEMailTemplate')->with('sharebymail.RecipientPasswordNotification', [ + 'filename' => 'filename', + 'password' => 'password', + 'initiator' => 'owner', + 'initiatorEmail' => null, + 'shareWith' => 'receiver@example.com', + ]); + $this->mailer->expects($this->once())->method('send'); + + $this->assertSame('shareObject', + $instance->create($share) + ); + } + public function testCreateSendPasswordByTalkWithEnforcedPasswordProtection() { $share = $this->getMockBuilder(IShare::class)->getMock(); $share->expects($this->any())->method('getSharedWith')->willReturn('receiver@example.com'); @@ -300,6 +394,10 @@ class ShareByMailProviderTest extends TestCase { $instance->expects($this->once())->method('createShareObject')->with('rawShare')->willReturn('shareObject'); $share->expects($this->any())->method('getNode')->willReturn($node); + $share->expects($this->once())->method('getPassword')->willReturn(null); + $this->hasher->expects($this->once())->method('hash')->with('autogeneratedPassword')->willReturn('autogeneratedPasswordHashed'); + $share->expects($this->once())->method('setPassword')->with('autogeneratedPasswordHashed'); + // The autogenerated password should be mailed to the owner of the share. $this->settingsManager->expects($this->any())->method('enforcePasswordProtection')->willReturn(true); $this->settingsManager->expects($this->any())->method('sendPasswordByMail')->willReturn(true); -- cgit v1.2.3