Merge pull request #26625 from nextcloud/bugfix/noid/fix-sharemail-empty-password-check

[stable21] Fix empty password check for mail shares
This commit is contained in:
Morris Jobke 2021-04-20 10:01:45 +02:00 committed by GitHub
commit 1e542beaab
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 4 deletions

View File

@ -4851,6 +4851,7 @@
</UndefinedInterfaceMethod> </UndefinedInterfaceMethod>
</file> </file>
<file src="lib/private/Share20/Manager.php"> <file src="lib/private/Share20/Manager.php">
<NullArgument occurrences="1"/>
<InvalidArgument occurrences="7"> <InvalidArgument occurrences="7">
<code>$data</code> <code>$data</code>
<code>'OCP\Share::postAcceptShare'</code> <code>'OCP\Share::postAcceptShare'</code>

View File

@ -1008,7 +1008,8 @@ class Manager implements IManager {
// The new password is not set again if it is the same as the old // The new password is not set again if it is the same as the old
// one. // one.
$plainTextPassword = $share->getPassword(); $plainTextPassword = $share->getPassword();
if (!empty($plainTextPassword) && !$this->updateSharePasswordIfNeeded($share, $originalShare)) { $updatedPassword = $this->updateSharePasswordIfNeeded($share, $originalShare);
if (!empty($plainTextPassword) && !$updatedPassword) {
$plainTextPassword = null; $plainTextPassword = null;
} }
if (empty($plainTextPassword) && !$originalShare->getSendPasswordByTalk() && $share->getSendPasswordByTalk()) { if (empty($plainTextPassword) && !$originalShare->getSendPasswordByTalk() && $share->getSendPasswordByTalk()) {
@ -1116,9 +1117,13 @@ class Manager implements IManager {
$this->verifyPassword($share->getPassword()); $this->verifyPassword($share->getPassword());
// If a password is set. Hash it! // If a password is set. Hash it!
if ($share->getPassword() !== null) { if (!empty($share->getPassword())) {
$share->setPassword($this->hasher->hash($share->getPassword())); $share->setPassword($this->hasher->hash($share->getPassword()));
return true;
} else {
// Empty string and null are seen as NOT password protected
$share->setPassword(null);
return true; return true;
} }
} else { } else {

View File

@ -3515,7 +3515,7 @@ class ManagerTest extends \Test\TestCase {
$manager->expects($this->once())->method('canShare')->willReturn(true); $manager->expects($this->once())->method('canShare')->willReturn(true);
$manager->expects($this->once())->method('getShareById')->with('foo:42')->willReturn($originalShare); $manager->expects($this->once())->method('getShareById')->with('foo:42')->willReturn($originalShare);
$manager->expects($this->once())->method('generalCreateChecks')->with($share); $manager->expects($this->once())->method('generalCreateChecks')->with($share);
$manager->expects($this->never())->method('verifyPassword'); $manager->expects($this->once())->method('verifyPassword');
$manager->expects($this->never())->method('pathCreateChecks'); $manager->expects($this->never())->method('pathCreateChecks');
$manager->expects($this->never())->method('linkCreateChecks'); $manager->expects($this->never())->method('linkCreateChecks');
$manager->expects($this->never())->method('validateExpirationDateLink'); $manager->expects($this->never())->method('validateExpirationDateLink');
@ -3587,7 +3587,7 @@ class ManagerTest extends \Test\TestCase {
$manager->expects($this->once())->method('canShare')->willReturn(true); $manager->expects($this->once())->method('canShare')->willReturn(true);
$manager->expects($this->once())->method('getShareById')->with('foo:42')->willReturn($originalShare); $manager->expects($this->once())->method('getShareById')->with('foo:42')->willReturn($originalShare);
$manager->expects($this->once())->method('generalCreateChecks')->with($share); $manager->expects($this->once())->method('generalCreateChecks')->with($share);
$manager->expects($this->never())->method('verifyPassword'); $manager->expects($this->once())->method('verifyPassword');
$manager->expects($this->never())->method('pathCreateChecks'); $manager->expects($this->never())->method('pathCreateChecks');
$manager->expects($this->never())->method('linkCreateChecks'); $manager->expects($this->never())->method('linkCreateChecks');
$manager->expects($this->never())->method('validateExpirationDateLink'); $manager->expects($this->never())->method('validateExpirationDateLink');