From c053a275d77e1bafb37b528135f46022b4706d3c Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Thu, 4 May 2017 11:20:20 +0200 Subject: [PATCH] check password for mail shares as well Signed-off-by: Bjoern Schiessle --- apps/dav/lib/Connector/PublicAuth.php | 2 +- .../tests/unit/Connector/PublicAuthTest.php | 52 ++++++++++++++++++- 2 files changed, 52 insertions(+), 2 deletions(-) diff --git a/apps/dav/lib/Connector/PublicAuth.php b/apps/dav/lib/Connector/PublicAuth.php index 94fa370a87..5fca8d5c02 100644 --- a/apps/dav/lib/Connector/PublicAuth.php +++ b/apps/dav/lib/Connector/PublicAuth.php @@ -96,7 +96,7 @@ class PublicAuth extends AbstractBasic { // check if the share is password protected if ($share->getPassword() !== null) { - if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) { + if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK || $share->getShareType() === \OCP\Share::SHARE_TYPE_EMAIL) { if ($this->shareManager->checkPassword($share, $password)) { return true; } else if ($this->session->exists('public_link_authenticated') diff --git a/apps/dav/tests/unit/Connector/PublicAuthTest.php b/apps/dav/tests/unit/Connector/PublicAuthTest.php index 47e1a5be7b..41cfc0f8ce 100644 --- a/apps/dav/tests/unit/Connector/PublicAuthTest.php +++ b/apps/dav/tests/unit/Connector/PublicAuthTest.php @@ -33,7 +33,7 @@ use OCP\Share\IManager; * Class PublicAuthTest * * @group DB - * + * * @package OCA\DAV\Tests\unit\Connector */ class PublicAuthTest extends \Test\TestCase { @@ -163,6 +163,28 @@ class PublicAuthTest extends \Test\TestCase { $this->assertTrue($result); } + public function testSharePasswordMailValidPassword() { + $share = $this->getMockBuilder('OCP\Share\IShare') + ->disableOriginalConstructor() + ->getMock(); + $share->method('getPassword')->willReturn('password'); + $share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_EMAIL); + + $this->shareManager->expects($this->once()) + ->method('getShareByToken') + ->willReturn($share); + + $this->shareManager->expects($this->once()) + ->method('checkPassword')->with( + $this->equalTo($share), + $this->equalTo('password') + )->willReturn(true); + + $result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']); + + $this->assertTrue($result); + } + public function testSharePasswordLinkValidSession() { $share = $this->getMockBuilder('OCP\Share\IShare') ->disableOriginalConstructor() @@ -214,4 +236,32 @@ class PublicAuthTest extends \Test\TestCase { $this->assertFalse($result); } + + + public function testSharePasswordMailInvalidSession() { + $share = $this->getMockBuilder('OCP\Share\IShare') + ->disableOriginalConstructor() + ->getMock(); + $share->method('getPassword')->willReturn('password'); + $share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_EMAIL); + $share->method('getId')->willReturn('42'); + + $this->shareManager->expects($this->once()) + ->method('getShareByToken') + ->willReturn($share); + + $this->shareManager->method('checkPassword') + ->with( + $this->equalTo($share), + $this->equalTo('password') + )->willReturn(false); + + $this->session->method('exists')->with('public_link_authenticated')->willReturn(true); + $this->session->method('get')->with('public_link_authenticated')->willReturn('43'); + + $result = $this->invokePrivate($this->auth, 'validateUserPass', ['username', 'password']); + + $this->assertFalse($result); + } + }