let user set avatar in nextcloud von LDAP provides invalid image data

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2018-07-03 00:38:25 +02:00
parent 552da85df8
commit a4dda465c2
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
4 changed files with 152 additions and 13 deletions

View File

@ -552,35 +552,37 @@ class User {
/** /**
* @brief attempts to get an image from LDAP and sets it as Nextcloud avatar * @brief attempts to get an image from LDAP and sets it as Nextcloud avatar
* @return null * @return bool
*/ */
public function updateAvatar() { public function updateAvatar($force = false) {
if($this->wasRefreshed('avatar')) { if(!$force && $this->wasRefreshed('avatar')) {
return; return false;
} }
$avatarImage = $this->getAvatarImage(); $avatarImage = $this->getAvatarImage();
if($avatarImage === false) { if($avatarImage === false) {
//not set, nothing left to do; //not set, nothing left to do;
return; return false;
} }
$this->image->loadFromBase64(base64_encode($avatarImage)); if(!$this->image->loadFromBase64(base64_encode($avatarImage))) {
$this->setOwnCloudAvatar(); return false;
}
return $this->setOwnCloudAvatar();
} }
/** /**
* @brief sets an image as Nextcloud avatar * @brief sets an image as Nextcloud avatar
* @return null * @return bool
*/ */
private function setOwnCloudAvatar() { private function setOwnCloudAvatar() {
if(!$this->image->valid()) { if(!$this->image->valid()) {
$this->log->log('jpegPhoto data invalid for '.$this->dn, ILogger::ERROR); $this->log->log('jpegPhoto data invalid for '.$this->dn, ILogger::ERROR);
return; return false;
} }
//make sure it is a square and not bigger than 128x128 //make sure it is a square and not bigger than 128x128
$size = min(array($this->image->width(), $this->image->height(), 128)); $size = min(array($this->image->width(), $this->image->height(), 128));
if(!$this->image->centerCrop($size)) { if(!$this->image->centerCrop($size)) {
$this->log->log('croping image for avatar failed for '.$this->dn, ILogger::ERROR); $this->log->log('croping image for avatar failed for '.$this->dn, ILogger::ERROR);
return; return false;
} }
if(!$this->fs->isLoaded()) { if(!$this->fs->isLoaded()) {
@ -590,6 +592,7 @@ class User {
try { try {
$avatar = $this->avatarManager->getAvatar($this->uid); $avatar = $this->avatarManager->getAvatar($this->uid);
$avatar->set($this->image); $avatar->set($this->image);
return true;
} catch (\Exception $e) { } catch (\Exception $e) {
\OC::$server->getLogger()->logException($e, [ \OC::$server->getLogger()->logException($e, [
'message' => 'Could not set avatar for ' . $this->dn, 'message' => 'Could not set avatar for ' . $this->dn,
@ -597,6 +600,7 @@ class User {
'app' => 'user_ldap', 'app' => 'user_ldap',
]); ]);
} }
return false;
} }
/** /**

View File

@ -93,8 +93,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
/** /**
* checks whether the user is allowed to change his avatar in Nextcloud * checks whether the user is allowed to change his avatar in Nextcloud
*
* @param string $uid the Nextcloud user name * @param string $uid the Nextcloud user name
* @return boolean either the user can or cannot * @return boolean either the user can or cannot
* @throws \Exception
*/ */
public function canChangeAvatar($uid) { public function canChangeAvatar($uid) {
if ($this->userPluginManager->implementsActions(Backend::PROVIDE_AVATAR)) { if ($this->userPluginManager->implementsActions(Backend::PROVIDE_AVATAR)) {
@ -105,11 +107,11 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
if(!$user instanceof User) { if(!$user instanceof User) {
return false; return false;
} }
if($user->getAvatarImage() === false) { $imageData = $user->getAvatarImage();
if($imageData === false) {
return true; return true;
} }
return !$user->updateAvatar(true);
return false;
} }
/** /**

View File

@ -506,6 +506,9 @@ class UserTest extends \Test\TestCase {
$this->equalTo('jpegPhoto')) $this->equalTo('jpegPhoto'))
->will($this->returnValue(['this is a photo'])); ->will($this->returnValue(['this is a photo']));
$this->image->expects($this->once())
->method('loadFromBase64')
->willReturn('imageResource');
$this->image->expects($this->once()) $this->image->expects($this->once())
->method('valid') ->method('valid')
->will($this->returnValue(true)); ->will($this->returnValue(true));
@ -552,6 +555,9 @@ class UserTest extends \Test\TestCase {
return null; return null;
}); });
$this->image->expects($this->once())
->method('loadFromBase64')
->willReturn('imageResource');
$this->image->expects($this->once()) $this->image->expects($this->once())
->method('valid') ->method('valid')
->will($this->returnValue(true)); ->will($this->returnValue(true));
@ -582,6 +588,97 @@ class UserTest extends \Test\TestCase {
$this->user->updateAvatar(); $this->user->updateAvatar();
} }
public function testUpdateAvatarCorruptPhotoProvided() {
$this->access->expects($this->any())
->method('readAttribute')
->willReturnCallback(function($dn, $attr) {
if($dn === $this->dn
&& $attr === 'jpegPhoto')
{
return false;
} elseif($dn === $this->dn
&& $attr === 'thumbnailPhoto')
{
return ['this is a photo'];
}
return null;
});
$this->image->expects($this->once())
->method('loadFromBase64')
->willReturn(false);
$this->image->expects($this->never())
->method('valid');
$this->image->expects($this->never())
->method('width');
$this->image->expects($this->never())
->method('height');
$this->image->expects($this->never())
->method('centerCrop');
$this->filesystemhelper->expects($this->never())
->method('isLoaded');
$avatar = $this->createMock(IAvatar::class);
$avatar->expects($this->never())
->method('set');
$this->avatarManager->expects($this->never())
->method('getAvatar');
$this->user->updateAvatar();
}
public function testUpdateAvatarUnsupportedThumbnailPhotoProvided() {
$this->access->expects($this->any())
->method('readAttribute')
->willReturnCallback(function($dn, $attr) {
if($dn === $this->dn
&& $attr === 'jpegPhoto')
{
return false;
} elseif($dn === $this->dn
&& $attr === 'thumbnailPhoto')
{
return ['this is a photo'];
}
return null;
});
$this->image->expects($this->once())
->method('loadFromBase64')
->willReturn('imageResource');
$this->image->expects($this->once())
->method('valid')
->will($this->returnValue(true));
$this->image->expects($this->once())
->method('width')
->will($this->returnValue(128));
$this->image->expects($this->once())
->method('height')
->will($this->returnValue(128));
$this->image->expects($this->once())
->method('centerCrop')
->will($this->returnValue(true));
$this->filesystemhelper->expects($this->once())
->method('isLoaded')
->will($this->returnValue(true));
$avatar = $this->createMock(IAvatar::class);
$avatar->expects($this->once())
->method('set')
->with($this->isInstanceOf($this->image))
->willThrowException(new \Exception());
$this->avatarManager->expects($this->once())
->method('getAvatar')
->with($this->equalTo($this->uid))
->will($this->returnValue($avatar));
$this->assertFalse($this->user->updateAvatar());
}
public function testUpdateAvatarNotProvided() { public function testUpdateAvatarNotProvided() {
$this->access->expects($this->any()) $this->access->expects($this->any())
->method('readAttribute') ->method('readAttribute')
@ -715,6 +812,14 @@ class UserTest extends \Test\TestCase {
$this->user->getAvatarImage(); $this->user->getAvatarImage();
} }
public function imageDataProvider() {
return [
[ false, false ],
[ 'corruptData', false ],
[ 'validData', true ],
];
}
public function testProcessAttributes() { public function testProcessAttributes() {
$requiredMethods = array( $requiredMethods = array(
'markRefreshTime', 'markRefreshTime',

View File

@ -1312,6 +1312,34 @@ class User_LDAPTest extends TestCase {
$this->assertEquals($this->backend->setPassword('uid', 'password'),'result'); $this->assertEquals($this->backend->setPassword('uid', 'password'),'result');
} }
public function avatarDataProvider() {
return [
[ 'validImageData', false ],
[ 'corruptImageData', true ],
[ false, true]
];
}
/** @dataProvider avatarDataProvider */
public function testCanChangeAvatar($imageData, $expected) {
$isValidImage = strpos((string)$imageData, 'valid') === 0;
$user = $this->createMock(User::class);
$user->expects($this->once())
->method('getAvatarImage')
->willReturn($imageData);
$user->expects($this->atMost(1))
->method('updateAvatar')
->willReturn($isValidImage);
$this->userManager->expects($this->atLeastOnce())
->method('get')
->willReturn($user);
/** @noinspection PhpUnhandledExceptionInspection */
$this->assertSame($expected, $this->backend->canChangeAvatar('uid'));
}
public function testCanChangeAvatarWithPlugin() { public function testCanChangeAvatarWithPlugin() {
$this->pluginManager->expects($this->once()) $this->pluginManager->expects($this->once())
->method('implementsActions') ->method('implementsActions')