Merge pull request #18057 from owncloud/import_root_certificates

disable "ssl root certificate" settings if user can't mount external storages
This commit is contained in:
Thomas Müller 2015-08-05 17:18:46 +02:00
commit 314fc11e1b
5 changed files with 71 additions and 9 deletions

View File

@ -107,7 +107,8 @@ class Application extends App {
$c->query('AppName'),
$c->query('Request'),
$c->query('CertificateManager'),
$c->query('L10N')
$c->query('L10N'),
$c->query('IAppManager')
);
});
$container->registerService('GroupsController', function(IContainer $c) {

View File

@ -21,6 +21,7 @@
namespace OC\Settings\Controller;
use OCP\App\IAppManager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
@ -36,20 +37,25 @@ class CertificateController extends Controller {
private $certificateManager;
/** @var IL10N */
private $l10n;
/** @var IAppManager */
private $appManager;
/**
* @param string $appName
* @param IRequest $request
* @param ICertificateManager $certificateManager
* @param IL10N $l10n
* @param IAppManager $appManager
*/
public function __construct($appName,
IRequest $request,
ICertificateManager $certificateManager,
IL10N $l10n) {
IL10N $l10n,
IAppManager $appManager) {
parent::__construct($appName, $request);
$this->certificateManager = $certificateManager;
$this->l10n = $l10n;
$this->appManager = $appManager;
}
/**
@ -60,6 +66,11 @@ class CertificateController extends Controller {
* @return array
*/
public function addPersonalRootCertificate() {
if ($this->isCertificateImportAllowed() === false) {
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
}
$file = $this->request->getUploadedFile('rootcert_import');
if(empty($file)) {
return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY);
@ -92,8 +103,29 @@ class CertificateController extends Controller {
* @return DataResponse
*/
public function removePersonalRootCertificate($certificateIdentifier) {
if ($this->isCertificateImportAllowed() === false) {
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
}
$this->certificateManager->removeCertificate($certificateIdentifier);
return new DataResponse();
}
/**
* check if certificate import is allowed
*
* @return bool
*/
protected function isCertificateImportAllowed() {
$externalStorageEnabled = $this->appManager->isEnabledForUser('files_external');
if ($externalStorageEnabled) {
$backends = \OC_Mount_Config::getPersonalBackends();
if (!empty($backends)) {
return true;
}
}
return false;
}
}

View File

@ -104,6 +104,17 @@ $clients = array(
'ios' => $config->getSystemValue('customclient_ios', $defaults->getiOSClientUrl())
);
// only show root certificate import if external storages are enabled
$enableCertImport = false;
$externalStorageEnabled = \OC::$server->getAppManager()->isEnabledForUser('files_external');
if ($externalStorageEnabled) {
$backends = OC_Mount_Config::getPersonalBackends();
if (!empty($backends)) {
$enableCertImport = true;
}
}
// Return template
$tmpl = new OC_Template( 'settings', 'personal', 'user');
$tmpl->assign('usage', OC_Helper::humanFileSize($storageInfo['used']));
@ -120,6 +131,7 @@ $tmpl->assign('displayName', OC_User::getDisplayName());
$tmpl->assign('enableAvatars', $config->getSystemValue('enable_avatars', true));
$tmpl->assign('avatarChangeSupported', OC_User::canUserChangeAvatar(OC_User::getUser()));
$tmpl->assign('certs', $certificateManager->listCertificates());
$tmpl->assign('showCertificates', $enableCertImport);
$tmpl->assign('urlGenerator', $urlGenerator);
// Get array of group ids for this user
@ -157,7 +169,11 @@ $formsMap = array_map(function($form){
$formsAndMore = array_merge($formsAndMore, $formsMap);
// add bottom hardcoded forms from the template
$formsAndMore[]= array( 'anchor' => 'ssl-root-certificates', 'section-name' => $l->t('SSL root certificates') );
if($enableCertImport) {
$formsAndMore[]= array( 'anchor' => 'ssl-root-certificates', 'section-name' => $l->t('SSL root certificates') );
}
$tmpl->assign('forms', $formsAndMore);
$tmpl->printPage();

View File

@ -205,6 +205,7 @@ if($_['passwordChangeSupported']) {
<?php }
};?>
<?php if($_['showCertificates']) : ?>
<div id="ssl-root-certificates" class="section">
<h2><?php p($l->t('SSL root certificates')); ?></h2>
<table id="sslCertificate" class="grid">
@ -242,6 +243,7 @@ if($_['passwordChangeSupported']) {
<input type="button" id="rootcert_import_button" value="<?php p($l->t('Import root certificate')); ?>"/>
</form>
</div>
<?php endif; ?>
<div class="section">
<h2><?php p($l->t('Version'));?></h2>

View File

@ -21,6 +21,7 @@
namespace OC\Settings\Controller;
use OCP\App\IAppManager;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
use OCP\IRequest;
@ -41,6 +42,8 @@ class CertificateControllerTest extends \Test\TestCase {
private $certificateManager;
/** @var IL10N */
private $l10n;
/** @var IAppManager */
private $appManager;
public function setUp() {
parent::setUp();
@ -48,13 +51,21 @@ class CertificateControllerTest extends \Test\TestCase {
$this->request = $this->getMock('\OCP\IRequest');
$this->certificateManager = $this->getMock('\OCP\ICertificateManager');
$this->l10n = $this->getMock('\OCP\IL10N');
$this->appManager = $this->getMock('OCP\App\IAppManager');
$this->certificateController = new CertificateController(
'settings',
$this->request,
$this->certificateManager,
$this->l10n
);
$this->certificateController = $this->getMockBuilder('OC\Settings\Controller\CertificateController')
->setConstructorArgs(
[
'settings',
$this->request,
$this->certificateManager,
$this->l10n,
$this->appManager
]
)->setMethods(['isCertificateImportAllowed'])->getMock();
$this->certificateController->expects($this->any())
->method('isCertificateImportAllowed')->willReturn(true);
}
public function testAddPersonalRootCertificateWithEmptyFile() {