Refactor: move remote wipe token logic to RW service
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This commit is contained in:
parent
22de685f54
commit
1c261675ad
|
@ -24,6 +24,11 @@ declare(strict_types=1);
|
||||||
|
|
||||||
namespace OC\Authentication\Token;
|
namespace OC\Authentication\Token;
|
||||||
|
|
||||||
interface IWipeableToken {
|
interface IWipeableToken extends IToken {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Mark the token for remote wipe
|
||||||
|
*/
|
||||||
public function wipe(): void;
|
public function wipe(): void;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -35,6 +35,7 @@ use OCP\Activity\IManager as IActivityManager;
|
||||||
use OCP\AppFramework\Utility\ITimeFactory;
|
use OCP\AppFramework\Utility\ITimeFactory;
|
||||||
use OCP\EventDispatcher\IEventDispatcher;
|
use OCP\EventDispatcher\IEventDispatcher;
|
||||||
use OCP\ILogger;
|
use OCP\ILogger;
|
||||||
|
use OCP\IUser;
|
||||||
use OCP\Notification\IManager as INotificationManager;
|
use OCP\Notification\IManager as INotificationManager;
|
||||||
use Symfony\Component\EventDispatcher\EventDispatcher;
|
use Symfony\Component\EventDispatcher\EventDispatcher;
|
||||||
|
|
||||||
|
@ -57,6 +58,19 @@ class RemoteWipe {
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function markTokenForWipe(int $id): bool {
|
||||||
|
$token = $this->tokenProvider->getTokenById($id);
|
||||||
|
|
||||||
|
if (!($token instanceof IWipeableToken)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$token->wipe();
|
||||||
|
$this->tokenProvider->updateToken($token);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $token
|
* @param string $token
|
||||||
*
|
*
|
||||||
|
|
|
@ -35,6 +35,7 @@ use OC\Authentication\Token\INamedToken;
|
||||||
use OC\Authentication\Token\IProvider;
|
use OC\Authentication\Token\IProvider;
|
||||||
use OC\Authentication\Token\IToken;
|
use OC\Authentication\Token\IToken;
|
||||||
use OC\Authentication\Token\IWipeableToken;
|
use OC\Authentication\Token\IWipeableToken;
|
||||||
|
use OC\Authentication\Token\RemoteWipe;
|
||||||
use OC\Settings\Activity\Provider;
|
use OC\Settings\Activity\Provider;
|
||||||
use OCP\Activity\IManager;
|
use OCP\Activity\IManager;
|
||||||
use OCP\AppFramework\Controller;
|
use OCP\AppFramework\Controller;
|
||||||
|
@ -63,6 +64,9 @@ class AuthSettingsController extends Controller {
|
||||||
/** @var IManager */
|
/** @var IManager */
|
||||||
private $activityManager;
|
private $activityManager;
|
||||||
|
|
||||||
|
/** @var RemoteWipe */
|
||||||
|
private $remoteWipe;
|
||||||
|
|
||||||
/** @var ILogger */
|
/** @var ILogger */
|
||||||
private $logger;
|
private $logger;
|
||||||
|
|
||||||
|
@ -74,6 +78,7 @@ class AuthSettingsController extends Controller {
|
||||||
* @param ISecureRandom $random
|
* @param ISecureRandom $random
|
||||||
* @param string|null $userId
|
* @param string|null $userId
|
||||||
* @param IManager $activityManager
|
* @param IManager $activityManager
|
||||||
|
* @param RemoteWipe $remoteWipe
|
||||||
* @param ILogger $logger
|
* @param ILogger $logger
|
||||||
*/
|
*/
|
||||||
public function __construct(string $appName,
|
public function __construct(string $appName,
|
||||||
|
@ -83,6 +88,7 @@ class AuthSettingsController extends Controller {
|
||||||
ISecureRandom $random,
|
ISecureRandom $random,
|
||||||
?string $userId,
|
?string $userId,
|
||||||
IManager $activityManager,
|
IManager $activityManager,
|
||||||
|
RemoteWipe $remoteWipe,
|
||||||
ILogger $logger) {
|
ILogger $logger) {
|
||||||
parent::__construct($appName, $request);
|
parent::__construct($appName, $request);
|
||||||
$this->tokenProvider = $tokenProvider;
|
$this->tokenProvider = $tokenProvider;
|
||||||
|
@ -90,6 +96,7 @@ class AuthSettingsController extends Controller {
|
||||||
$this->session = $session;
|
$this->session = $session;
|
||||||
$this->random = $random;
|
$this->random = $random;
|
||||||
$this->activityManager = $activityManager;
|
$this->activityManager = $activityManager;
|
||||||
|
$this->remoteWipe = $remoteWipe;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -262,15 +269,10 @@ class AuthSettingsController extends Controller {
|
||||||
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
|
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
|
||||||
*/
|
*/
|
||||||
public function wipe(int $id): JSONResponse {
|
public function wipe(int $id): JSONResponse {
|
||||||
$token = $this->tokenProvider->getTokenById($id);
|
if (!$this->remoteWipe->markTokenForWipe($id)) {
|
||||||
|
|
||||||
if (!($token instanceof IWipeableToken)) {
|
|
||||||
return new JSONResponse([], Http::STATUS_BAD_REQUEST);
|
return new JSONResponse([], Http::STATUS_BAD_REQUEST);
|
||||||
}
|
}
|
||||||
|
|
||||||
$token->wipe();
|
|
||||||
$this->tokenProvider->updateToken($token);
|
|
||||||
|
|
||||||
return new JSONResponse([]);
|
return new JSONResponse([]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -26,6 +26,7 @@ use OC\Authentication\Exceptions\InvalidTokenException;
|
||||||
use OC\Authentication\Token\DefaultToken;
|
use OC\Authentication\Token\DefaultToken;
|
||||||
use OC\Authentication\Token\IProvider;
|
use OC\Authentication\Token\IProvider;
|
||||||
use OC\Authentication\Token\IToken;
|
use OC\Authentication\Token\IToken;
|
||||||
|
use OC\Authentication\Token\RemoteWipe;
|
||||||
use OC\Settings\Controller\AuthSettingsController;
|
use OC\Settings\Controller\AuthSettingsController;
|
||||||
use OCP\Activity\IEvent;
|
use OCP\Activity\IEvent;
|
||||||
use OCP\Activity\IManager;
|
use OCP\Activity\IManager;
|
||||||
|
@ -35,22 +36,25 @@ use OCP\IRequest;
|
||||||
use OCP\ISession;
|
use OCP\ISession;
|
||||||
use OCP\Security\ISecureRandom;
|
use OCP\Security\ISecureRandom;
|
||||||
use OCP\Session\Exceptions\SessionNotAvailableException;
|
use OCP\Session\Exceptions\SessionNotAvailableException;
|
||||||
|
use PHPUnit\Framework\MockObject\MockObject;
|
||||||
use Test\TestCase;
|
use Test\TestCase;
|
||||||
|
|
||||||
class AuthSettingsControllerTest extends TestCase {
|
class AuthSettingsControllerTest extends TestCase {
|
||||||
|
|
||||||
/** @var AuthSettingsController */
|
/** @var AuthSettingsController */
|
||||||
private $controller;
|
private $controller;
|
||||||
/** @var IRequest|\PHPUnit_Framework_MockObject_MockObject */
|
/** @var IRequest|MockObject */
|
||||||
private $request;
|
private $request;
|
||||||
/** @var IProvider|\PHPUnit_Framework_MockObject_MockObject */
|
/** @var IProvider|MockObject */
|
||||||
private $tokenProvider;
|
private $tokenProvider;
|
||||||
/** @var ISession|\PHPUnit_Framework_MockObject_MockObject */
|
/** @var ISession|MockObject */
|
||||||
private $session;
|
private $session;
|
||||||
/** @var ISecureRandom|\PHPUnit_Framework_MockObject_MockObject */
|
/** @var ISecureRandom|MockObject */
|
||||||
private $secureRandom;
|
private $secureRandom;
|
||||||
/** @var IManager|\PHPUnit_Framework_MockObject_MockObject */
|
/** @var IManager|MockObject */
|
||||||
private $activityManager;
|
private $activityManager;
|
||||||
|
/** @var RemoteWipe|MockObject */
|
||||||
|
private $remoteWipe;
|
||||||
private $uid = 'jane';
|
private $uid = 'jane';
|
||||||
|
|
||||||
protected function setUp() {
|
protected function setUp() {
|
||||||
|
@ -61,7 +65,8 @@ class AuthSettingsControllerTest extends TestCase {
|
||||||
$this->session = $this->createMock(ISession::class);
|
$this->session = $this->createMock(ISession::class);
|
||||||
$this->secureRandom = $this->createMock(ISecureRandom::class);
|
$this->secureRandom = $this->createMock(ISecureRandom::class);
|
||||||
$this->activityManager = $this->createMock(IManager::class);
|
$this->activityManager = $this->createMock(IManager::class);
|
||||||
/** @var ILogger|\PHPUnit_Framework_MockObject_MockObject $logger */
|
$this->remoteWipe = $this->createMock(RemoteWipe::class);
|
||||||
|
/** @var ILogger|MockObject $logger */
|
||||||
$logger = $this->createMock(ILogger::class);
|
$logger = $this->createMock(ILogger::class);
|
||||||
|
|
||||||
$this->controller = new AuthSettingsController(
|
$this->controller = new AuthSettingsController(
|
||||||
|
@ -72,6 +77,7 @@ class AuthSettingsControllerTest extends TestCase {
|
||||||
$this->secureRandom,
|
$this->secureRandom,
|
||||||
$this->uid,
|
$this->uid,
|
||||||
$this->activityManager,
|
$this->activityManager,
|
||||||
|
$this->remoteWipe,
|
||||||
$logger
|
$logger
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -201,6 +207,7 @@ class AuthSettingsControllerTest extends TestCase {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @dataProvider dataRenameToken
|
* @dataProvider dataRenameToken
|
||||||
|
*
|
||||||
* @param string $name
|
* @param string $name
|
||||||
* @param string $newName
|
* @param string $newName
|
||||||
*/
|
*/
|
||||||
|
@ -243,6 +250,7 @@ class AuthSettingsControllerTest extends TestCase {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @dataProvider dataUpdateFilesystemScope
|
* @dataProvider dataUpdateFilesystemScope
|
||||||
|
*
|
||||||
* @param bool $filesystem
|
* @param bool $filesystem
|
||||||
* @param bool $newFilesystem
|
* @param bool $newFilesystem
|
||||||
*/
|
*/
|
||||||
|
@ -359,4 +367,29 @@ class AuthSettingsControllerTest extends TestCase {
|
||||||
->with($this->equalTo($tokenId))
|
->with($this->equalTo($tokenId))
|
||||||
->willReturn($token);
|
->willReturn($token);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testRemoteWipeNotSuccessful(): void {
|
||||||
|
$this->remoteWipe->expects($this->once())
|
||||||
|
->method('markTokenForWipe')
|
||||||
|
->with(123)
|
||||||
|
->willReturn(false);
|
||||||
|
|
||||||
|
$response = $this->controller->wipe(123);
|
||||||
|
|
||||||
|
$expected = new JSONResponse([], Http::STATUS_BAD_REQUEST);
|
||||||
|
$this->assertEquals($expected, $response);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testRemoteWipeSuccessful(): void {
|
||||||
|
$this->remoteWipe->expects($this->once())
|
||||||
|
->method('markTokenForWipe')
|
||||||
|
->with(123)
|
||||||
|
->willReturn(true);
|
||||||
|
|
||||||
|
$response = $this->controller->wipe(123);
|
||||||
|
|
||||||
|
$expected = new JSONResponse([]);
|
||||||
|
$this->assertEquals($expected, $response);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,6 +29,7 @@ use OC\Authentication\Exceptions\WipeTokenException;
|
||||||
use OC\Authentication\Token\IProvider as ITokenProvider;
|
use OC\Authentication\Token\IProvider as ITokenProvider;
|
||||||
use OC\Authentication\Token\IProvider;
|
use OC\Authentication\Token\IProvider;
|
||||||
use OC\Authentication\Token\IToken;
|
use OC\Authentication\Token\IToken;
|
||||||
|
use OC\Authentication\Token\IWipeableToken;
|
||||||
use OC\Authentication\Token\RemoteWipe;
|
use OC\Authentication\Token\RemoteWipe;
|
||||||
use OCP\EventDispatcher\IEventDispatcher;
|
use OCP\EventDispatcher\IEventDispatcher;
|
||||||
use OCP\ILogger;
|
use OCP\ILogger;
|
||||||
|
@ -63,6 +64,35 @@ class RemoteWipeTest extends TestCase {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testMarkNonWipableTokenForWipe(): void {
|
||||||
|
$token = $this->createMock(IToken::class);
|
||||||
|
$this->tokenProvider->expects($this->once())
|
||||||
|
->method('getTokenById')
|
||||||
|
->with(123)
|
||||||
|
->willReturn($token);
|
||||||
|
|
||||||
|
$result = $this->remoteWipe->markTokenForWipe(123);
|
||||||
|
|
||||||
|
$this->assertFalse($result);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testMarkTokenForWipe(): void {
|
||||||
|
$token = $this->createMock(IWipeableToken::class);
|
||||||
|
$this->tokenProvider->expects($this->once())
|
||||||
|
->method('getTokenById')
|
||||||
|
->with(123)
|
||||||
|
->willReturn($token);
|
||||||
|
$token->expects($this->once())
|
||||||
|
->method('wipe');
|
||||||
|
$this->tokenProvider->expects($this->once())
|
||||||
|
->method('updateToken')
|
||||||
|
->with($token);
|
||||||
|
|
||||||
|
$result = $this->remoteWipe->markTokenForWipe(123);
|
||||||
|
|
||||||
|
$this->assertTrue($result);
|
||||||
|
}
|
||||||
|
|
||||||
public function testStartWipingNotAWipeToken() {
|
public function testStartWipingNotAWipeToken() {
|
||||||
$token = $this->createMock(IToken::class);
|
$token = $this->createMock(IToken::class);
|
||||||
$this->tokenProvider->expects($this->once())
|
$this->tokenProvider->expects($this->once())
|
||||||
|
|
Loading…
Reference in New Issue