Refactor: move remote wipe token logic to RW service

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
Christoph Wurst 2019-07-03 09:44:37 +02:00 committed by Roeland Jago Douma
parent 22de685f54
commit 1c261675ad
No known key found for this signature in database
GPG Key ID: F941078878347C0C
5 changed files with 97 additions and 13 deletions

View File

@ -24,6 +24,11 @@ declare(strict_types=1);
namespace OC\Authentication\Token; namespace OC\Authentication\Token;
interface IWipeableToken { interface IWipeableToken extends IToken {
/**
* Mark the token for remote wipe
*/
public function wipe(): void; public function wipe(): void;
} }

View File

@ -35,6 +35,7 @@ use OCP\Activity\IManager as IActivityManager;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
use OCP\EventDispatcher\IEventDispatcher; use OCP\EventDispatcher\IEventDispatcher;
use OCP\ILogger; use OCP\ILogger;
use OCP\IUser;
use OCP\Notification\IManager as INotificationManager; use OCP\Notification\IManager as INotificationManager;
use Symfony\Component\EventDispatcher\EventDispatcher; use Symfony\Component\EventDispatcher\EventDispatcher;
@ -57,6 +58,19 @@ class RemoteWipe {
$this->logger = $logger; $this->logger = $logger;
} }
public function markTokenForWipe(int $id): bool {
$token = $this->tokenProvider->getTokenById($id);
if (!($token instanceof IWipeableToken)) {
return false;
}
$token->wipe();
$this->tokenProvider->updateToken($token);
return true;
}
/** /**
* @param string $token * @param string $token
* *

View File

@ -35,6 +35,7 @@ use OC\Authentication\Token\INamedToken;
use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken; use OC\Authentication\Token\IToken;
use OC\Authentication\Token\IWipeableToken; use OC\Authentication\Token\IWipeableToken;
use OC\Authentication\Token\RemoteWipe;
use OC\Settings\Activity\Provider; use OC\Settings\Activity\Provider;
use OCP\Activity\IManager; use OCP\Activity\IManager;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
@ -63,6 +64,9 @@ class AuthSettingsController extends Controller {
/** @var IManager */ /** @var IManager */
private $activityManager; private $activityManager;
/** @var RemoteWipe */
private $remoteWipe;
/** @var ILogger */ /** @var ILogger */
private $logger; private $logger;
@ -74,6 +78,7 @@ class AuthSettingsController extends Controller {
* @param ISecureRandom $random * @param ISecureRandom $random
* @param string|null $userId * @param string|null $userId
* @param IManager $activityManager * @param IManager $activityManager
* @param RemoteWipe $remoteWipe
* @param ILogger $logger * @param ILogger $logger
*/ */
public function __construct(string $appName, public function __construct(string $appName,
@ -83,6 +88,7 @@ class AuthSettingsController extends Controller {
ISecureRandom $random, ISecureRandom $random,
?string $userId, ?string $userId,
IManager $activityManager, IManager $activityManager,
RemoteWipe $remoteWipe,
ILogger $logger) { ILogger $logger) {
parent::__construct($appName, $request); parent::__construct($appName, $request);
$this->tokenProvider = $tokenProvider; $this->tokenProvider = $tokenProvider;
@ -90,6 +96,7 @@ class AuthSettingsController extends Controller {
$this->session = $session; $this->session = $session;
$this->random = $random; $this->random = $random;
$this->activityManager = $activityManager; $this->activityManager = $activityManager;
$this->remoteWipe = $remoteWipe;
$this->logger = $logger; $this->logger = $logger;
} }
@ -262,15 +269,10 @@ class AuthSettingsController extends Controller {
* @throws \OC\Authentication\Exceptions\ExpiredTokenException * @throws \OC\Authentication\Exceptions\ExpiredTokenException
*/ */
public function wipe(int $id): JSONResponse { public function wipe(int $id): JSONResponse {
$token = $this->tokenProvider->getTokenById($id); if (!$this->remoteWipe->markTokenForWipe($id)) {
if (!($token instanceof IWipeableToken)) {
return new JSONResponse([], Http::STATUS_BAD_REQUEST); return new JSONResponse([], Http::STATUS_BAD_REQUEST);
} }
$token->wipe();
$this->tokenProvider->updateToken($token);
return new JSONResponse([]); return new JSONResponse([]);
} }
} }

View File

@ -26,6 +26,7 @@ use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\DefaultToken; use OC\Authentication\Token\DefaultToken;
use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken; use OC\Authentication\Token\IToken;
use OC\Authentication\Token\RemoteWipe;
use OC\Settings\Controller\AuthSettingsController; use OC\Settings\Controller\AuthSettingsController;
use OCP\Activity\IEvent; use OCP\Activity\IEvent;
use OCP\Activity\IManager; use OCP\Activity\IManager;
@ -35,22 +36,25 @@ use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use OCP\Session\Exceptions\SessionNotAvailableException; use OCP\Session\Exceptions\SessionNotAvailableException;
use PHPUnit\Framework\MockObject\MockObject;
use Test\TestCase; use Test\TestCase;
class AuthSettingsControllerTest extends TestCase { class AuthSettingsControllerTest extends TestCase {
/** @var AuthSettingsController */ /** @var AuthSettingsController */
private $controller; private $controller;
/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */ /** @var IRequest|MockObject */
private $request; private $request;
/** @var IProvider|\PHPUnit_Framework_MockObject_MockObject */ /** @var IProvider|MockObject */
private $tokenProvider; private $tokenProvider;
/** @var ISession|\PHPUnit_Framework_MockObject_MockObject */ /** @var ISession|MockObject */
private $session; private $session;
/** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */ /** @var ISecureRandom|MockObject */
private $secureRandom; private $secureRandom;
/** @var IManager|\PHPUnit_Framework_MockObject_MockObject */ /** @var IManager|MockObject */
private $activityManager; private $activityManager;
/** @var RemoteWipe|MockObject */
private $remoteWipe;
private $uid = 'jane'; private $uid = 'jane';
protected function setUp() { protected function setUp() {
@ -61,7 +65,8 @@ class AuthSettingsControllerTest extends TestCase {
$this->session = $this->createMock(ISession::class); $this->session = $this->createMock(ISession::class);
$this->secureRandom = $this->createMock(ISecureRandom::class); $this->secureRandom = $this->createMock(ISecureRandom::class);
$this->activityManager = $this->createMock(IManager::class); $this->activityManager = $this->createMock(IManager::class);
/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject $logger */ $this->remoteWipe = $this->createMock(RemoteWipe::class);
/** @var ILogger|MockObject $logger */
$logger = $this->createMock(ILogger::class); $logger = $this->createMock(ILogger::class);
$this->controller = new AuthSettingsController( $this->controller = new AuthSettingsController(
@ -72,6 +77,7 @@ class AuthSettingsControllerTest extends TestCase {
$this->secureRandom, $this->secureRandom,
$this->uid, $this->uid,
$this->activityManager, $this->activityManager,
$this->remoteWipe,
$logger $logger
); );
} }
@ -201,6 +207,7 @@ class AuthSettingsControllerTest extends TestCase {
/** /**
* @dataProvider dataRenameToken * @dataProvider dataRenameToken
*
* @param string $name * @param string $name
* @param string $newName * @param string $newName
*/ */
@ -243,6 +250,7 @@ class AuthSettingsControllerTest extends TestCase {
/** /**
* @dataProvider dataUpdateFilesystemScope * @dataProvider dataUpdateFilesystemScope
*
* @param bool $filesystem * @param bool $filesystem
* @param bool $newFilesystem * @param bool $newFilesystem
*/ */
@ -359,4 +367,29 @@ class AuthSettingsControllerTest extends TestCase {
->with($this->equalTo($tokenId)) ->with($this->equalTo($tokenId))
->willReturn($token); ->willReturn($token);
} }
public function testRemoteWipeNotSuccessful(): void {
$this->remoteWipe->expects($this->once())
->method('markTokenForWipe')
->with(123)
->willReturn(false);
$response = $this->controller->wipe(123);
$expected = new JSONResponse([], Http::STATUS_BAD_REQUEST);
$this->assertEquals($expected, $response);
}
public function testRemoteWipeSuccessful(): void {
$this->remoteWipe->expects($this->once())
->method('markTokenForWipe')
->with(123)
->willReturn(true);
$response = $this->controller->wipe(123);
$expected = new JSONResponse([]);
$this->assertEquals($expected, $response);
}
} }

View File

@ -29,6 +29,7 @@ use OC\Authentication\Exceptions\WipeTokenException;
use OC\Authentication\Token\IProvider as ITokenProvider; use OC\Authentication\Token\IProvider as ITokenProvider;
use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken; use OC\Authentication\Token\IToken;
use OC\Authentication\Token\IWipeableToken;
use OC\Authentication\Token\RemoteWipe; use OC\Authentication\Token\RemoteWipe;
use OCP\EventDispatcher\IEventDispatcher; use OCP\EventDispatcher\IEventDispatcher;
use OCP\ILogger; use OCP\ILogger;
@ -63,6 +64,35 @@ class RemoteWipeTest extends TestCase {
); );
} }
public function testMarkNonWipableTokenForWipe(): void {
$token = $this->createMock(IToken::class);
$this->tokenProvider->expects($this->once())
->method('getTokenById')
->with(123)
->willReturn($token);
$result = $this->remoteWipe->markTokenForWipe(123);
$this->assertFalse($result);
}
public function testMarkTokenForWipe(): void {
$token = $this->createMock(IWipeableToken::class);
$this->tokenProvider->expects($this->once())
->method('getTokenById')
->with(123)
->willReturn($token);
$token->expects($this->once())
->method('wipe');
$this->tokenProvider->expects($this->once())
->method('updateToken')
->with($token);
$result = $this->remoteWipe->markTokenForWipe(123);
$this->assertTrue($result);
}
public function testStartWipingNotAWipeToken() { public function testStartWipingNotAWipeToken() {
$token = $this->createMock(IToken::class); $token = $this->createMock(IToken::class);
$this->tokenProvider->expects($this->once()) $this->tokenProvider->expects($this->once())