Merge pull request #16425 from nextcloud/backport/16423/stable16

[stable16] Only prevent disabling encrytion via the API
This commit is contained in:
Morris Jobke 2019-07-16 21:09:34 +02:00 committed by GitHub
commit c440b64d26
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 18 deletions

View File

@ -106,7 +106,7 @@ class AppConfigController extends OCSController {
public function setValue(string $app, string $key, string $value): DataResponse {
try {
$this->verifyAppId($app);
$this->verifyConfigKey($app, $key);
$this->verifyConfigKey($app, $key, $value);
} catch (\InvalidArgumentException $e) {
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN);
}
@ -124,7 +124,7 @@ class AppConfigController extends OCSController {
public function deleteKey(string $app, string $key): DataResponse {
try {
$this->verifyAppId($app);
$this->verifyConfigKey($app, $key);
$this->verifyConfigKey($app, $key, '');
} catch (\InvalidArgumentException $e) {
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN);
}
@ -146,14 +146,19 @@ class AppConfigController extends OCSController {
/**
* @param string $app
* @param string $key
* @param string $value
* @throws \InvalidArgumentException
*/
protected function verifyConfigKey(string $app, string $key) {
protected function verifyConfigKey(string $app, string $key, string $value) {
if (in_array($key, ['installed_version', 'enabled', 'types'])) {
throw new \InvalidArgumentException('The given key can not be set');
}
if ($app === 'core' && ($key === 'encryption_enabled' || strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) {
if ($app === 'core' && $key === 'encryption_enabled' && $value !== 'yes') {
throw new \InvalidArgumentException('The given key can not be set');
}
if ($app === 'core' && (strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) {
throw new \InvalidArgumentException('The given key can not be set');
}
}

View File

@ -342,9 +342,10 @@ class AppConfigControllerTest extends TestCase {
public function dataVerifyConfigKey() {
return [
['activity', 'abc'],
['dav', 'public_route'],
['files', 'remote_route'],
['activity', 'abc', ''],
['dav', 'public_route', ''],
['files', 'remote_route', ''],
['core', 'encryption_enabled', 'yes'],
];
}
@ -352,22 +353,25 @@ class AppConfigControllerTest extends TestCase {
* @dataProvider dataVerifyConfigKey
* @param string $app
* @param string $key
* @param string $value
*/
public function testVerifyConfigKey($app, $key) {
public function testVerifyConfigKey($app, $key, $value) {
$api = $this->getInstance();
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key]);
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]);
$this->addToAssertionCount(1);
}
public function dataVerifyConfigKeyThrows() {
return [
['activity', 'installed_version'],
['calendar', 'enabled'],
['contacts', 'types'],
['core', 'public_files'],
['core', 'public_dav'],
['core', 'remote_files'],
['core', 'remote_dav'],
['activity', 'installed_version', ''],
['calendar', 'enabled', ''],
['contacts', 'types', ''],
['core', 'encryption_enabled', 'no'],
['core', 'encryption_enabled', ''],
['core', 'public_files', ''],
['core', 'public_dav', ''],
['core', 'remote_files', ''],
['core', 'remote_dav', ''],
];
}
@ -376,9 +380,10 @@ class AppConfigControllerTest extends TestCase {
* @expectedException \InvalidArgumentException
* @param string $app
* @param string $key
* @param string $value
*/
public function testVerifyConfigKeyThrows($app, $key) {
public function testVerifyConfigKeyThrows($app, $key, $value) {
$api = $this->getInstance();
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key]);
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]);
}
}