diff --git a/apps/encryption/controller/recoverycontroller.php b/apps/encryption/controller/recoverycontroller.php index 9c07bda62e..f1a2651443 100644 --- a/apps/encryption/controller/recoverycontroller.php +++ b/apps/encryption/controller/recoverycontroller.php @@ -26,6 +26,7 @@ namespace OCA\Encryption\Controller; use OCA\Encryption\Recovery; use OCP\AppFramework\Controller; +use OCP\AppFramework\Http; use OCP\IConfig; use OCP\IL10N; use OCP\IRequest; @@ -72,31 +73,36 @@ class RecoveryController extends Controller { public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) { // Check if both passwords are the same if (empty($recoveryPassword)) { - $errorMessage = (string) $this->l->t('Missing recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], 500); + $errorMessage = (string)$this->l->t('Missing recovery key password'); + return new DataResponse(['data' => ['message' => $errorMessage]], + Http::STATUS_BAD_REQUEST); } if (empty($confirmPassword)) { - $errorMessage = (string) $this->l->t('Please repeat the recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], 500); + $errorMessage = (string)$this->l->t('Please repeat the recovery key password'); + return new DataResponse(['data' => ['message' => $errorMessage]], + Http::STATUS_BAD_REQUEST); } if ($recoveryPassword !== $confirmPassword) { - $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); - return new DataResponse(['data' => ['message' => $errorMessage]], 500); + $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); + return new DataResponse(['data' => ['message' => $errorMessage]], + Http::STATUS_BAD_REQUEST); } if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') { if ($this->recovery->enableAdminRecovery($recoveryPassword)) { - return new DataResponse(['status' =>'success', 'data' => array('message' => (string) $this->l->t('Recovery key successfully enabled'))]); + return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully enabled')]]); } - return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not enable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') { if ($this->recovery->disableAdminRecovery($recoveryPassword)) { - return new DataResponse(['data' => array('message' => (string) $this->l->t('Recovery key successfully disabled'))]); + return new DataResponse(['data' => ['message' => (string)$this->l->t('Recovery key successfully disabled')]]); } - return new DataResponse(['data' => array('message' => (string) $this->l->t('Could not disable recovery key. Please check your recovery key password!'))]); + return new DataResponse(['data' => ['message' => (string)$this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST); } + // this response should never be sent but just in case. + return new DataResponse(['data' => ['message' => (string)$this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST); } /** @@ -108,43 +114,42 @@ class RecoveryController extends Controller { public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) { //check if both passwords are the same if (empty($oldPassword)) { - $errorMessage = (string) $this->l->t('Please provide the old recovery password'); - return new DataResponse(array('data' => array('message' => $errorMessage))); + $errorMessage = (string)$this->l->t('Please provide the old recovery password'); + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); } if (empty($newPassword)) { - $errorMessage = (string) $this->l->t('Please provide a new recovery password'); - return new DataResponse (array('data' => array('message' => $errorMessage))); + $errorMessage = (string)$this->l->t('Please provide a new recovery password'); + return new DataResponse (['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); } if (empty($confirmPassword)) { - $errorMessage = (string) $this->l->t('Please repeat the new recovery password'); - return new DataResponse(array('data' => array('message' => $errorMessage))); + $errorMessage = (string)$this->l->t('Please repeat the new recovery password'); + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); } if ($newPassword !== $confirmPassword) { - $errorMessage = (string) $this->l->t('Repeated recovery key password does not match the provided recovery key password'); - return new DataResponse(array('data' => array('message' => $errorMessage))); + $errorMessage = (string)$this->l->t('Repeated recovery key password does not match the provided recovery key password'); + return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST); } - $result = $this->recovery->changeRecoveryKeyPassword($newPassword, $oldPassword); + $result = $this->recovery->changeRecoveryKeyPassword($newPassword, + $oldPassword); if ($result) { return new DataResponse( - array( - 'status' => 'success' , - 'data' => array( - 'message' => (string) $this->l->t('Password successfully changed.')) - ) - ); - } else { - return new DataResponse( - array( - 'data' => array - ('message' => (string) $this->l->t('Could not change the password. Maybe the old password was not correct.')) - ) - ); + [ + 'data' => [ + 'message' => (string)$this->l->t('Password successfully changed.')] + ] + ); } + return new DataResponse( + [ + 'data' => [ + 'message' => (string)$this->l->t('Could not change the password. Maybe the old password was not correct.') + ] + ], Http::STATUS_BAD_REQUEST); } /** @@ -159,22 +164,29 @@ class RecoveryController extends Controller { $result = $this->recovery->setRecoveryForUser($userEnableRecovery); if ($result) { + if ($userEnableRecovery === '0') { + return new DataResponse( + [ + 'data' => [ + 'message' => (string)$this->l->t('Recovery Key disabled')] + ] + ); + } return new DataResponse( - array( - 'status' => 'success', - 'data' => array( - 'message' => (string) $this->l->t('Recovery Key enabled')) - ) - ); - } else { - return new DataResponse( - array( - 'data' => array - ('message' => (string) $this->l->t('Could not enable the recovery key, please try again or contact your administrator')) - ) + [ + 'data' => [ + 'message' => (string)$this->l->t('Recovery Key enabled')] + ] ); } + } + return new DataResponse( + [ + 'data' => [ + 'message' => (string)$this->l->t('Could not enable the recovery key, please try again or contact your administrator') + ] + ], Http::STATUS_BAD_REQUEST); } } diff --git a/apps/encryption/js/settings-admin.js b/apps/encryption/js/settings-admin.js index bb539f6a4e..fdc53c5215 100644 --- a/apps/encryption/js/settings-admin.js +++ b/apps/encryption/js/settings-admin.js @@ -7,52 +7,59 @@ * See the COPYING-README file. */ -$(document).ready(function(){ +$(document).ready(function () { - $( 'input:radio[name="adminEnableRecovery"]' ).change( - function() { - var recoveryStatus = $( this ).val(); - var oldStatus = (1+parseInt(recoveryStatus, 10)) % 2; - var recoveryPassword = $( '#encryptionRecoveryPassword' ).val(); - var confirmPassword = $( '#repeatEncryptionRecoveryPassword' ).val(); + $('input:radio[name="adminEnableRecovery"]').change( + function () { + var recoveryStatus = $(this).val(); + var oldStatus = (1 + parseInt(recoveryStatus)) % 2; + var recoveryPassword = $('#encryptionRecoveryPassword').val(); + var confirmPassword = $('#repeatEncryptionRecoveryPassword').val(); OC.msg.startSaving('#encryptionSetRecoveryKey .msg'); $.post( OC.generateUrl('/apps/encryption/ajax/adminRecovery'), - { adminEnableRecovery: recoveryStatus, + { + adminEnableRecovery: recoveryStatus, recoveryPassword: recoveryPassword, - confirmPassword: confirmPassword }, - function( result ) { - OC.msg.finishedSaving('#encryptionSetRecoveryKey .msg', result); - if (result.status === "error") { - $('input:radio[name="adminEnableRecovery"][value="'+oldStatus.toString()+'"]') - .attr("checked", "true"); - } else { - if (recoveryStatus === "0") { - $('p[name="changeRecoveryPasswordBlock"]').addClass("hidden"); - } else { - $('input:password[name="changeRecoveryPassword"]').val(""); - $('p[name="changeRecoveryPasswordBlock"]').removeClass("hidden"); - } - } + confirmPassword: confirmPassword } - ); + ).done(function (data) { + OC.msg.finishedSuccess('#encryptionSetRecoveryKey .msg', data.data.message); + + if (recoveryStatus === "0") { + $('p[name="changeRecoveryPasswordBlock"]').addClass("hidden"); + } else { + $('input:password[name="changeRecoveryPassword"]').val(""); + $('p[name="changeRecoveryPasswordBlock"]').removeClass("hidden"); + } + }) + .fail(function (jqXHR) { + $('input:radio[name="adminEnableRecovery"][value="' + oldStatus.toString() + '"]').attr("checked", "true"); + OC.msg.finishedError('#encryptionSetRecoveryKey .msg', JSON.parse(jqXHR.responseText).data.message); + }); } ); // change recovery password - $('button:button[name="submitChangeRecoveryKey"]').click(function() { + $('button:button[name="submitChangeRecoveryKey"]').click(function () { var oldRecoveryPassword = $('#oldEncryptionRecoveryPassword').val(); var newRecoveryPassword = $('#newEncryptionRecoveryPassword').val(); var confirmNewPassword = $('#repeatedNewEncryptionRecoveryPassword').val(); OC.msg.startSaving('#encryptionChangeRecoveryKey .msg'); $.post( - OC.generateUrl('/apps/encryption/ajax/changeRecoveryPassword'), - { oldPassword: oldRecoveryPassword, newPassword: newRecoveryPassword, confirmPassword: confirmNewPassword }, - function( data ) { - OC.msg.finishedSaving('#encryptionChangeRecoveryKey .msg', data); - } - ); + OC.generateUrl('/apps/encryption/ajax/changeRecoveryPassword'), + { + oldPassword: oldRecoveryPassword, + newPassword: newRecoveryPassword, + confirmPassword: confirmNewPassword + } + ).done(function (data) { + OC.msg.finishedSuccess('#encryptionChangeRecoveryKey .msg', data.data.message); + }) + .fail(function (jqXHR) { + OC.msg.finishedError('#encryptionChangeRecoveryKey .msg', JSON.parse(jqXHR.responseText).data.message); + }); }); }); diff --git a/apps/encryption/js/settings-personal.js b/apps/encryption/js/settings-personal.js index e36f10a244..658ba2a86e 100644 --- a/apps/encryption/js/settings-personal.js +++ b/apps/encryption/js/settings-personal.js @@ -9,35 +9,43 @@ if (!OC.Encryption) { } OC.Encryption = { - updatePrivateKeyPassword: function() { + updatePrivateKeyPassword: function () { var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val(); var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); OC.msg.startSaving('#encryption .msg'); $.post( OC.generateUrl('/apps/encryption/ajax/updatePrivateKeyPassword'), - {oldPassword: oldPrivateKeyPassword, newPassword: newPrivateKeyPassword} - ).success(function (response) { - OC.msg.finishedSuccess('#encryption .msg', response.message); - }).fail(function (response) { - OC.msg.finishedError('#encryption .msg', response.responseJSON.message); - }); + { + oldPassword: oldPrivateKeyPassword, + newPassword: newPrivateKeyPassword + } + ).done(function (data) { + OC.msg.finishedSuccess('#encryption .msg', data.message); + }) + .fail(function (jqXHR) { + OC.msg.finishedError('#encryption .msg', JSON.parse(jqXHR.responseText).message); + }); } }; -$(document).ready(function(){ +$(document).ready(function () { // Trigger ajax on recoveryAdmin status change - $( 'input:radio[name="userEnableRecovery"]' ).change( - function() { - var recoveryStatus = $( this ).val(); + $('input:radio[name="userEnableRecovery"]').change( + function () { + var recoveryStatus = $(this).val(); OC.msg.startAction('#userEnableRecovery .msg', 'Updating recovery keys. This can take some time...'); $.post( - OC.generateUrl('/apps/encryption/ajax/userSetRecovery'), - { userEnableRecovery: recoveryStatus }, - function( data ) { - OC.msg.finishedAction('#userEnableRecovery .msg', data); + OC.generateUrl('/apps/encryption/ajax/userSetRecovery'), + { + userEnableRecovery: recoveryStatus } - ); + ).done(function (data) { + OC.msg.finishedSuccess('#userEnableRecovery .msg', data.data.message); + }) + .fail(function (jqXHR) { + OC.msg.finishedError('#userEnableRecovery .msg', JSON.parse(jqXHR.responseText).data.message); + }); // Ensure page is not reloaded on form submit return false; } @@ -45,12 +53,12 @@ $(document).ready(function(){ // update private key password - $('input:password[name="changePrivateKeyPassword"]').keyup(function(event) { + $('input:password[name="changePrivateKeyPassword"]').keyup(function (event) { var oldPrivateKeyPassword = $('input:password[id="oldPrivateKeyPassword"]').val(); var newPrivateKeyPassword = $('input:password[id="newPrivateKeyPassword"]').val(); - if (newPrivateKeyPassword !== '' && oldPrivateKeyPassword !== '' ) { + if (newPrivateKeyPassword !== '' && oldPrivateKeyPassword !== '') { $('button:button[name="submitChangePrivateKeyPassword"]').removeAttr("disabled"); - if(event.which === 13) { + if (event.which === 13) { OC.Encryption.updatePrivateKeyPassword(); } } else { @@ -58,7 +66,7 @@ $(document).ready(function(){ } }); - $('button:button[name="submitChangePrivateKeyPassword"]').click(function() { + $('button:button[name="submitChangePrivateKeyPassword"]').click(function () { OC.Encryption.updatePrivateKeyPassword(); }); diff --git a/apps/encryption/tests/controller/RecoveryControllerTest.php b/apps/encryption/tests/controller/RecoveryControllerTest.php new file mode 100644 index 0000000000..89b541e7bd --- /dev/null +++ b/apps/encryption/tests/controller/RecoveryControllerTest.php @@ -0,0 +1,179 @@ + + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + */ + + +namespace OCA\Encryption\Tests\Controller; + + +use OCA\Encryption\Controller\RecoveryController; +use OCP\AppFramework\Http; +use Test\TestCase; + +class RecoveryControllerTest extends TestCase { + /** + * @var RecoveryController + */ + private $controller; + private $appName; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $requestMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $configMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $l10nMock; + /** + * @var \PHPUnit_Framework_MockObject_MockObject + */ + private $recoveryMock; + + public function adminRecoveryProvider() { + return [ + ['test', 'test', '1', 'Recovery key successfully enabled', HTTP::STATUS_OK], + ['', 'test', '1', 'Missing recovery key password', HTTP::STATUS_BAD_REQUEST], + ['test', '', '1', 'Please repeat the recovery key password', HTTP::STATUS_BAD_REQUEST], + ['test', 'soimething that doesn\'t match', '1', 'Repeated recovery key password does not match the provided recovery key password', HTTP::STATUS_BAD_REQUEST], + ['test', 'test', '0', 'Recovery key successfully disabled', HTTP::STATUS_OK], + ]; + } + + /** + * @dataProvider adminRecoveryProvider + * @param $recoveryPassword + * @param $passconfirm + * @param $enableRecovery + * @param $expectedMessage + * @param $expectedStatus + */ + public function testAdminRecovery($recoveryPassword, $passconfirm, $enableRecovery, $expectedMessage, $expectedStatus) { + + + $this->recoveryMock->expects($this->any()) + ->method('enableAdminRecovery') + ->willReturn(true); + + $this->recoveryMock->expects($this->any()) + ->method('disableAdminRecovery') + ->willReturn(true); + + $response = $this->controller->adminRecovery($recoveryPassword, + $passconfirm, + $enableRecovery); + + + $this->assertEquals($expectedMessage, $response->getData()['data']['message']); + $this->assertEquals($expectedStatus, $response->getStatus()); + + + } + + public function changeRecoveryPasswordProvider() { + return [ + ['test', 'test', 'oldtestFail', 'Could not change the password. Maybe the old password was not correct.', HTTP::STATUS_BAD_REQUEST], + ['test', 'test', 'oldtest', 'Password successfully changed.', HTTP::STATUS_OK], + ['test', 'notmatch', 'oldtest', 'Repeated recovery key password does not match the provided recovery key password', HTTP::STATUS_BAD_REQUEST], + ['', 'test', 'oldtest', 'Please provide a new recovery password', HTTP::STATUS_BAD_REQUEST], + ['test', 'test', '', 'Please provide the old recovery password', HTTP::STATUS_BAD_REQUEST] + ]; + } + + /** + * @dataProvider changeRecoveryPasswordProvider + * @param $password + * @param $confirmPassword + * @param $oldPassword + * @param $expectedMessage + * @param $expectedStatus + */ + public function testChangeRecoveryPassword($password, $confirmPassword, $oldPassword, $expectedMessage, $expectedStatus) { + $this->recoveryMock->expects($this->any()) + ->method('changeRecoveryKeyPassword') + ->with($password, $oldPassword) + ->will($this->returnValueMap([ + ['test', 'oldTestFail', false], + ['test', 'oldtest', true] + ])); + + $response = $this->controller->changeRecoveryPassword($password, + $oldPassword, + $confirmPassword); + + $this->assertEquals($expectedMessage, $response->getData()['data']['message']); + $this->assertEquals($expectedStatus, $response->getStatus()); + + + } + + public function userSetRecoveryProvider() { + return [ + ['1', 'Recovery Key enabled', Http::STATUS_OK], + ['0', 'Could not enable the recovery key, please try again or contact your administrator', Http::STATUS_BAD_REQUEST] + ]; + } + + /** + * @dataProvider userSetRecoveryProvider + * @param $enableRecovery + * @param $expectedMessage + * @param $expectedStatus + */ + public function testUserSetRecovery($enableRecovery, $expectedMessage, $expectedStatus) { + $this->recoveryMock->expects($this->any()) + ->method('setRecoveryForUser') + ->with($enableRecovery) + ->will($this->returnValueMap([ + ['1', true], + ['0', false] + ])); + + + $response = $this->controller->userSetRecovery($enableRecovery); + + $this->assertEquals($expectedMessage, $response->getData()['data']['message']); + $this->assertEquals($expectedStatus, $response->getStatus()); + + } + + protected function setUp() { + parent::setUp(); + + $this->appName = 'encryption'; + $this->requestMock = $this->getMockBuilder('\OCP\IRequest') + ->disableOriginalConstructor() + ->getMock(); + + $this->configMock = $this->getMockBuilder('OCP\IConfig') + ->disableOriginalConstructor() + ->getMock(); + + $this->l10nMock = $this->getMockBuilder('OCP\IL10N') + ->disableOriginalConstructor() + ->getMock(); + + // Make l10n work in our tests + $this->l10nMock->expects($this->any()) + ->method('t') + ->willReturnArgument(0); + + $this->recoveryMock = $this->getMockBuilder('OCA\Encryption\Recovery') + ->disableOriginalConstructor() + ->getMock(); + + $this->controller = new RecoveryController($this->appName, + $this->requestMock, + $this->configMock, + $this->l10nMock, + $this->recoveryMock); + } + +}