also block certificate management in the back-end if external storages are disabled for the user

This commit is contained in:
Bjoern Schiessle 2015-08-04 18:33:19 +02:00
parent 573177d176
commit dc5e89e624
3 changed files with 52 additions and 8 deletions

View File

@ -107,7 +107,8 @@ class Application extends App {
$c->query('AppName'),
$c->query('Request'),
$c->query('CertificateManager'),
$c->query('L10N')
$c->query('L10N'),
$c->query('IAppManager')
);
});
$container->registerService('GroupsController', function(IContainer $c) {

View File

@ -21,6 +21,7 @@
namespace OC\Settings\Controller;
use OCP\App\IAppManager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
@ -36,20 +37,25 @@ class CertificateController extends Controller {
private $certificateManager;
/** @var IL10N */
private $l10n;
/** @var IAppManager */
private $appManager;
/**
* @param string $appName
* @param IRequest $request
* @param ICertificateManager $certificateManager
* @param IL10N $l10n
* @param IAppManager $appManager
*/
public function __construct($appName,
IRequest $request,
ICertificateManager $certificateManager,
IL10N $l10n) {
IL10N $l10n,
IAppManager $appManager) {
parent::__construct($appName, $request);
$this->certificateManager = $certificateManager;
$this->l10n = $l10n;
$this->appManager = $appManager;
}
/**
@ -60,6 +66,11 @@ class CertificateController extends Controller {
* @return array
*/
public function addPersonalRootCertificate() {
if ($this->isCertificateImportAllowed() === false) {
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
}
$file = $this->request->getUploadedFile('rootcert_import');
if(empty($file)) {
return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY);
@ -92,8 +103,29 @@ class CertificateController extends Controller {
* @return DataResponse
*/
public function removePersonalRootCertificate($certificateIdentifier) {
if ($this->isCertificateImportAllowed() === false) {
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
}
$this->certificateManager->removeCertificate($certificateIdentifier);
return new DataResponse();
}
/**
* check if certificate import is allowed
*
* @return bool
*/
protected function isCertificateImportAllowed() {
$externalStorageEnabled = $this->appManager->isEnabledForUser('files_external');
if ($externalStorageEnabled) {
$backends = \OC_Mount_Config::getPersonalBackends();
if (!empty($backends)) {
return true;
}
}
return false;
}
}

View File

@ -21,6 +21,7 @@
namespace OC\Settings\Controller;
use OCP\App\IAppManager;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\DataResponse;
use OCP\IRequest;
@ -41,6 +42,8 @@ class CertificateControllerTest extends \Test\TestCase {
private $certificateManager;
/** @var IL10N */
private $l10n;
/** @var IAppManager */
private $appManager;
public function setUp() {
parent::setUp();
@ -48,13 +51,21 @@ class CertificateControllerTest extends \Test\TestCase {
$this->request = $this->getMock('\OCP\IRequest');
$this->certificateManager = $this->getMock('\OCP\ICertificateManager');
$this->l10n = $this->getMock('\OCP\IL10N');
$this->appManager = $this->getMock('OCP\App\IAppManager');
$this->certificateController = new CertificateController(
'settings',
$this->request,
$this->certificateManager,
$this->l10n
);
$this->certificateController = $this->getMockBuilder('OC\Settings\Controller\CertificateController')
->setConstructorArgs(
[
'settings',
$this->request,
$this->certificateManager,
$this->l10n,
$this->appManager
]
)->setMethods(['isCertificateImportAllowed'])->getMock();
$this->certificateController->expects($this->any())
->method('isCertificateImportAllowed')->willReturn(true);
}
public function testAddPersonalRootCertificateWithEmptyFile() {