Merge pull request #18057 from owncloud/import_root_certificates
disable "ssl root certificate" settings if user can't mount external storages
This commit is contained in:
commit
314fc11e1b
|
@ -107,7 +107,8 @@ class Application extends App {
|
|||
$c->query('AppName'),
|
||||
$c->query('Request'),
|
||||
$c->query('CertificateManager'),
|
||||
$c->query('L10N')
|
||||
$c->query('L10N'),
|
||||
$c->query('IAppManager')
|
||||
);
|
||||
});
|
||||
$container->registerService('GroupsController', function(IContainer $c) {
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
|
||||
namespace OC\Settings\Controller;
|
||||
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
|
@ -36,20 +37,25 @@ class CertificateController extends Controller {
|
|||
private $certificateManager;
|
||||
/** @var IL10N */
|
||||
private $l10n;
|
||||
/** @var IAppManager */
|
||||
private $appManager;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
* @param IRequest $request
|
||||
* @param ICertificateManager $certificateManager
|
||||
* @param IL10N $l10n
|
||||
* @param IAppManager $appManager
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
ICertificateManager $certificateManager,
|
||||
IL10N $l10n) {
|
||||
IL10N $l10n,
|
||||
IAppManager $appManager) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->certificateManager = $certificateManager;
|
||||
$this->l10n = $l10n;
|
||||
$this->appManager = $appManager;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -60,6 +66,11 @@ class CertificateController extends Controller {
|
|||
* @return array
|
||||
*/
|
||||
public function addPersonalRootCertificate() {
|
||||
|
||||
if ($this->isCertificateImportAllowed() === false) {
|
||||
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
||||
}
|
||||
|
||||
$file = $this->request->getUploadedFile('rootcert_import');
|
||||
if(empty($file)) {
|
||||
return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY);
|
||||
|
@ -92,8 +103,29 @@ class CertificateController extends Controller {
|
|||
* @return DataResponse
|
||||
*/
|
||||
public function removePersonalRootCertificate($certificateIdentifier) {
|
||||
|
||||
if ($this->isCertificateImportAllowed() === false) {
|
||||
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
||||
}
|
||||
|
||||
$this->certificateManager->removeCertificate($certificateIdentifier);
|
||||
return new DataResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* check if certificate import is allowed
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
protected function isCertificateImportAllowed() {
|
||||
$externalStorageEnabled = $this->appManager->isEnabledForUser('files_external');
|
||||
if ($externalStorageEnabled) {
|
||||
$backends = \OC_Mount_Config::getPersonalBackends();
|
||||
if (!empty($backends)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -104,6 +104,17 @@ $clients = array(
|
|||
'ios' => $config->getSystemValue('customclient_ios', $defaults->getiOSClientUrl())
|
||||
);
|
||||
|
||||
// only show root certificate import if external storages are enabled
|
||||
$enableCertImport = false;
|
||||
$externalStorageEnabled = \OC::$server->getAppManager()->isEnabledForUser('files_external');
|
||||
if ($externalStorageEnabled) {
|
||||
$backends = OC_Mount_Config::getPersonalBackends();
|
||||
if (!empty($backends)) {
|
||||
$enableCertImport = true;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Return template
|
||||
$tmpl = new OC_Template( 'settings', 'personal', 'user');
|
||||
$tmpl->assign('usage', OC_Helper::humanFileSize($storageInfo['used']));
|
||||
|
@ -120,6 +131,7 @@ $tmpl->assign('displayName', OC_User::getDisplayName());
|
|||
$tmpl->assign('enableAvatars', $config->getSystemValue('enable_avatars', true));
|
||||
$tmpl->assign('avatarChangeSupported', OC_User::canUserChangeAvatar(OC_User::getUser()));
|
||||
$tmpl->assign('certs', $certificateManager->listCertificates());
|
||||
$tmpl->assign('showCertificates', $enableCertImport);
|
||||
$tmpl->assign('urlGenerator', $urlGenerator);
|
||||
|
||||
// Get array of group ids for this user
|
||||
|
@ -157,7 +169,11 @@ $formsMap = array_map(function($form){
|
|||
$formsAndMore = array_merge($formsAndMore, $formsMap);
|
||||
|
||||
// add bottom hardcoded forms from the template
|
||||
$formsAndMore[]= array( 'anchor' => 'ssl-root-certificates', 'section-name' => $l->t('SSL root certificates') );
|
||||
if($enableCertImport) {
|
||||
$formsAndMore[]= array( 'anchor' => 'ssl-root-certificates', 'section-name' => $l->t('SSL root certificates') );
|
||||
}
|
||||
|
||||
|
||||
|
||||
$tmpl->assign('forms', $formsAndMore);
|
||||
$tmpl->printPage();
|
||||
|
|
|
@ -205,6 +205,7 @@ if($_['passwordChangeSupported']) {
|
|||
<?php }
|
||||
};?>
|
||||
|
||||
<?php if($_['showCertificates']) : ?>
|
||||
<div id="ssl-root-certificates" class="section">
|
||||
<h2><?php p($l->t('SSL root certificates')); ?></h2>
|
||||
<table id="sslCertificate" class="grid">
|
||||
|
@ -242,6 +243,7 @@ if($_['passwordChangeSupported']) {
|
|||
<input type="button" id="rootcert_import_button" value="<?php p($l->t('Import root certificate')); ?>"/>
|
||||
</form>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
|
||||
<div class="section">
|
||||
<h2><?php p($l->t('Version'));?></h2>
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
|
||||
namespace OC\Settings\Controller;
|
||||
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\IRequest;
|
||||
|
@ -41,6 +42,8 @@ class CertificateControllerTest extends \Test\TestCase {
|
|||
private $certificateManager;
|
||||
/** @var IL10N */
|
||||
private $l10n;
|
||||
/** @var IAppManager */
|
||||
private $appManager;
|
||||
|
||||
public function setUp() {
|
||||
parent::setUp();
|
||||
|
@ -48,13 +51,21 @@ class CertificateControllerTest extends \Test\TestCase {
|
|||
$this->request = $this->getMock('\OCP\IRequest');
|
||||
$this->certificateManager = $this->getMock('\OCP\ICertificateManager');
|
||||
$this->l10n = $this->getMock('\OCP\IL10N');
|
||||
$this->appManager = $this->getMock('OCP\App\IAppManager');
|
||||
|
||||
$this->certificateController = new CertificateController(
|
||||
'settings',
|
||||
$this->request,
|
||||
$this->certificateManager,
|
||||
$this->l10n
|
||||
);
|
||||
$this->certificateController = $this->getMockBuilder('OC\Settings\Controller\CertificateController')
|
||||
->setConstructorArgs(
|
||||
[
|
||||
'settings',
|
||||
$this->request,
|
||||
$this->certificateManager,
|
||||
$this->l10n,
|
||||
$this->appManager
|
||||
]
|
||||
)->setMethods(['isCertificateImportAllowed'])->getMock();
|
||||
|
||||
$this->certificateController->expects($this->any())
|
||||
->method('isCertificateImportAllowed')->willReturn(true);
|
||||
}
|
||||
|
||||
public function testAddPersonalRootCertificateWithEmptyFile() {
|
||||
|
|
Loading…
Reference in New Issue