Merge pull request #21336 from owncloud/system-root-certs
Allow admins to add system wide root certificates
This commit is contained in:
commit
eac5d9fb3a
|
@ -1210,13 +1210,6 @@ $(document).ready(function() {
|
||||||
});
|
});
|
||||||
mountConfigListView.loadStorages();
|
mountConfigListView.loadStorages();
|
||||||
|
|
||||||
$('#sslCertificate').on('click', 'td.remove>img', function() {
|
|
||||||
var $tr = $(this).closest('tr');
|
|
||||||
$.post(OC.filePath('files_external', 'ajax', 'removeRootCertificate.php'), {cert: $tr.attr('id')});
|
|
||||||
$tr.remove();
|
|
||||||
return true;
|
|
||||||
});
|
|
||||||
|
|
||||||
// TODO: move this into its own View class
|
// TODO: move this into its own View class
|
||||||
var $allowUserMounting = $('#allowUserMounting');
|
var $allowUserMounting = $('#allowUserMounting');
|
||||||
$allowUserMounting.bind('change', function() {
|
$allowUserMounting.bind('change', function() {
|
||||||
|
|
|
@ -853,6 +853,11 @@ $CONFIG = array(
|
||||||
'config' => '/absolute/location/of/openssl.cnf',
|
'config' => '/absolute/location/of/openssl.cnf',
|
||||||
),
|
),
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Allow the configuration of system wide trusted certificates
|
||||||
|
*/
|
||||||
|
'enable_certificate_management' => false,
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Memory caching backend configuration
|
* Memory caching backend configuration
|
||||||
*
|
*
|
||||||
|
|
|
@ -58,12 +58,11 @@ class Client implements IClient {
|
||||||
* Sets the default options to the client
|
* Sets the default options to the client
|
||||||
*/
|
*/
|
||||||
private function setDefaultOptions() {
|
private function setDefaultOptions() {
|
||||||
// Either use default bundle or the user bundle if nothing is specified
|
// Either use user bundle or the system bundle if nothing is specified
|
||||||
if($this->certificateManager->listCertificates() !== []) {
|
if ($this->certificateManager->listCertificates() !== []) {
|
||||||
$dataDir = $this->config->getSystemValue('datadirectory');
|
$this->client->setDefaultOption('verify', $this->certificateManager->getAbsoluteBundlePath());
|
||||||
$this->client->setDefaultOption('verify', $dataDir.'/'.$this->certificateManager->getCertificateBundle());
|
|
||||||
} else {
|
} else {
|
||||||
$this->client->setDefaultOption('verify', \OC::$SERVERROOT . '/resources/config/ca-bundle.crt');
|
$this->client->setDefaultOption('verify', $this->certificateManager->getAbsoluteBundlePath(null));
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->client->setDefaultOption('headers/User-Agent', 'ownCloud Server Crawler');
|
$this->client->setDefaultOption('headers/User-Agent', 'ownCloud Server Crawler');
|
||||||
|
|
|
@ -50,7 +50,7 @@ class CertificateManager implements ICertificateManager {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $uid
|
* @param string $uid
|
||||||
* @param \OC\Files\View $view relative zu data/
|
* @param \OC\Files\View $view relative to data/
|
||||||
* @param IConfig $config
|
* @param IConfig $config
|
||||||
*/
|
*/
|
||||||
public function __construct($uid, \OC\Files\View $view, IConfig $config) {
|
public function __construct($uid, \OC\Files\View $view, IConfig $config) {
|
||||||
|
@ -83,7 +83,8 @@ class CertificateManager implements ICertificateManager {
|
||||||
if ($file != '.' && $file != '..') {
|
if ($file != '.' && $file != '..') {
|
||||||
try {
|
try {
|
||||||
$result[] = new Certificate($this->view->file_get_contents($path . $file), $file);
|
$result[] = new Certificate($this->view->file_get_contents($path . $file), $file);
|
||||||
} catch(\Exception $e) {}
|
} catch (\Exception $e) {
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
closedir($handle);
|
closedir($handle);
|
||||||
|
@ -97,22 +98,34 @@ class CertificateManager implements ICertificateManager {
|
||||||
$path = $this->getPathToCertificates();
|
$path = $this->getPathToCertificates();
|
||||||
$certs = $this->listCertificates();
|
$certs = $this->listCertificates();
|
||||||
|
|
||||||
$fh_certs = $this->view->fopen($path . '/rootcerts.crt', 'w');
|
if (!$this->view->file_exists($path)) {
|
||||||
|
$this->view->mkdir($path);
|
||||||
|
}
|
||||||
|
|
||||||
|
$fhCerts = $this->view->fopen($path . '/rootcerts.crt', 'w');
|
||||||
|
|
||||||
// Write user certificates
|
// Write user certificates
|
||||||
foreach ($certs as $cert) {
|
foreach ($certs as $cert) {
|
||||||
$file = $path . '/uploads/' . $cert->getName();
|
$file = $path . '/uploads/' . $cert->getName();
|
||||||
$data = $this->view->file_get_contents($file);
|
$data = $this->view->file_get_contents($file);
|
||||||
if (strpos($data, 'BEGIN CERTIFICATE')) {
|
if (strpos($data, 'BEGIN CERTIFICATE')) {
|
||||||
fwrite($fh_certs, $data);
|
fwrite($fhCerts, $data);
|
||||||
fwrite($fh_certs, "\r\n");
|
fwrite($fhCerts, "\r\n");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Append the default certificates
|
// Append the default certificates
|
||||||
$defaultCertificates = file_get_contents(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt');
|
$defaultCertificates = file_get_contents(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt');
|
||||||
fwrite($fh_certs, $defaultCertificates);
|
fwrite($fhCerts, $defaultCertificates);
|
||||||
fclose($fh_certs);
|
|
||||||
|
// Append the system certificate bundle
|
||||||
|
$systemBundle = $this->getCertificateBundle(null);
|
||||||
|
if ($this->view->file_exists($systemBundle)) {
|
||||||
|
$systemCertificates = $this->view->file_get_contents($systemBundle);
|
||||||
|
fwrite($fhCerts, $systemCertificates);
|
||||||
|
}
|
||||||
|
|
||||||
|
fclose($fhCerts);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -166,18 +179,72 @@ class CertificateManager implements ICertificateManager {
|
||||||
/**
|
/**
|
||||||
* Get the path to the certificate bundle for this user
|
* Get the path to the certificate bundle for this user
|
||||||
*
|
*
|
||||||
|
* @param string $uid (optional) user to get the certificate bundle for, use `null` to get the system bundle
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getCertificateBundle() {
|
public function getCertificateBundle($uid = '') {
|
||||||
return $this->getPathToCertificates() . 'rootcerts.crt';
|
if ($uid === '') {
|
||||||
|
$uid = $this->uid;
|
||||||
|
}
|
||||||
|
return $this->getPathToCertificates($uid) . 'rootcerts.crt';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
* Get the full local path to the certificate bundle for this user
|
||||||
|
*
|
||||||
|
* @param string $uid (optional) user to get the certificate bundle for, use `null` to get the system bundle
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
private function getPathToCertificates() {
|
public function getAbsoluteBundlePath($uid = '') {
|
||||||
$path = is_null($this->uid) ? '/files_external/' : '/' . $this->uid . '/files_external/';
|
if ($uid === '') {
|
||||||
|
$uid = $this->uid;
|
||||||
|
}
|
||||||
|
if ($this->needsRebundling($uid)) {
|
||||||
|
if (is_null($uid)) {
|
||||||
|
$manager = new CertificateManager(null, $this->view, $this->config);
|
||||||
|
$manager->createCertificateBundle();
|
||||||
|
} else {
|
||||||
|
$this->createCertificateBundle();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $this->view->getLocalFile($this->getCertificateBundle($uid));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $uid (optional) user to get the certificate path for, use `null` to get the system path
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
private function getPathToCertificates($uid = '') {
|
||||||
|
if ($uid === '') {
|
||||||
|
$uid = $this->uid;
|
||||||
|
}
|
||||||
|
$path = is_null($uid) ? '/files_external/' : '/' . $uid . '/files_external/';
|
||||||
|
|
||||||
return $path;
|
return $path;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if we need to re-bundle the certificates because one of the sources has updated
|
||||||
|
*
|
||||||
|
* @param string $uid (optional) user to get the certificate path for, use `null` to get the system path
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
private function needsRebundling($uid = '') {
|
||||||
|
if ($uid === '') {
|
||||||
|
$uid = $this->uid;
|
||||||
|
}
|
||||||
|
$sourceMTimes = [filemtime(\OC::$SERVERROOT . '/resources/config/ca-bundle.crt')];
|
||||||
|
$targetBundle = $this->getCertificateBundle($uid);
|
||||||
|
if (!$this->view->file_exists($targetBundle)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
if (!is_null($uid)) { // also depend on the system bundle
|
||||||
|
$sourceBundles[] = $this->view->filemtime($this->getCertificateBundle(null));
|
||||||
|
}
|
||||||
|
|
||||||
|
$sourceMTime = array_reduce($sourceMTimes, function ($max, $mtime) {
|
||||||
|
return max($max, $mtime);
|
||||||
|
}, 0);
|
||||||
|
return $sourceMTime > $this->view->filemtime($targetBundle);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -921,11 +921,11 @@ class Server extends ServerContainer implements IServerContainer {
|
||||||
/**
|
/**
|
||||||
* Get the certificate manager for the user
|
* Get the certificate manager for the user
|
||||||
*
|
*
|
||||||
* @param string $userId (optional) if not specified the current loggedin user is used
|
* @param string $userId (optional) if not specified the current loggedin user is used, use null to get the system certificate manager
|
||||||
* @return \OCP\ICertificateManager | null if $uid is null and no user is logged in
|
* @return \OCP\ICertificateManager | null if $uid is null and no user is logged in
|
||||||
*/
|
*/
|
||||||
public function getCertificateManager($userId = null) {
|
public function getCertificateManager($userId = '') {
|
||||||
if (is_null($userId)) {
|
if ($userId === '') {
|
||||||
$userSession = $this->getUserSession();
|
$userSession = $this->getUserSession();
|
||||||
$user = $userSession->getUser();
|
$user = $userSession->getUser();
|
||||||
if (is_null($user)) {
|
if (is_null($user)) {
|
||||||
|
|
|
@ -54,8 +54,18 @@ interface ICertificateManager {
|
||||||
/**
|
/**
|
||||||
* Get the path to the certificate bundle for this user
|
* Get the path to the certificate bundle for this user
|
||||||
*
|
*
|
||||||
|
* @param string $uid (optional) user to get the certificate bundle for, use `null` to get the system bundle (since 9.0.0)
|
||||||
* @return string
|
* @return string
|
||||||
* @since 8.0.0
|
* @since 8.0.0
|
||||||
*/
|
*/
|
||||||
public function getCertificateBundle();
|
public function getCertificateBundle($uid = '');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the full local path to the certificate bundle for this user
|
||||||
|
*
|
||||||
|
* @param string $uid (optional) user to get the certificate bundle for, use `null` to get the system bundle
|
||||||
|
* @return string
|
||||||
|
* @since 9.0.0
|
||||||
|
*/
|
||||||
|
public function getAbsoluteBundlePath($uid = '');
|
||||||
}
|
}
|
||||||
|
|
|
@ -326,7 +326,7 @@ interface IServerContainer {
|
||||||
/**
|
/**
|
||||||
* Get the certificate manager for the user
|
* Get the certificate manager for the user
|
||||||
*
|
*
|
||||||
* @param string $userId (optional) if not specified the current loggedin user is used
|
* @param string $userId (optional) if not specified the current loggedin user is used, use null to get the system certificate manager
|
||||||
* @return \OCP\ICertificateManager | null if $userId is null and no user is logged in
|
* @return \OCP\ICertificateManager | null if $userId is null and no user is logged in
|
||||||
* @since 8.0.0
|
* @since 8.0.0
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -38,6 +38,10 @@ OC_Util::checkAdminUser();
|
||||||
$template = new OC_Template('settings', 'admin', 'user');
|
$template = new OC_Template('settings', 'admin', 'user');
|
||||||
$l = \OC::$server->getL10N('settings');
|
$l = \OC::$server->getL10N('settings');
|
||||||
|
|
||||||
|
OC_Util::addScript('settings', 'certificates');
|
||||||
|
OC_Util::addScript('files', 'jquery.iframe-transport');
|
||||||
|
OC_Util::addScript('files', 'jquery.fileupload');
|
||||||
|
|
||||||
$showLog = (\OC::$server->getConfig()->getSystemValue('log_type', 'owncloud') === 'owncloud');
|
$showLog = (\OC::$server->getConfig()->getSystemValue('log_type', 'owncloud') === 'owncloud');
|
||||||
$numEntriesToLoad = 3;
|
$numEntriesToLoad = 3;
|
||||||
$entries = OC_Log_Owncloud::getEntries($numEntriesToLoad + 1);
|
$entries = OC_Log_Owncloud::getEntries($numEntriesToLoad + 1);
|
||||||
|
@ -52,6 +56,8 @@ if($doesLogFileExist) {
|
||||||
$config = \OC::$server->getConfig();
|
$config = \OC::$server->getConfig();
|
||||||
$appConfig = \OC::$server->getAppConfig();
|
$appConfig = \OC::$server->getAppConfig();
|
||||||
$request = \OC::$server->getRequest();
|
$request = \OC::$server->getRequest();
|
||||||
|
$certificateManager = \OC::$server->getCertificateManager(null);
|
||||||
|
$urlGenerator = \OC::$server->getURLGenerator();
|
||||||
|
|
||||||
// Should we display sendmail as an option?
|
// Should we display sendmail as an option?
|
||||||
$template->assign('sendmail_is_available', (bool) \OC_Helper::findBinaryPath('sendmail'));
|
$template->assign('sendmail_is_available', (bool) \OC_Helper::findBinaryPath('sendmail'));
|
||||||
|
@ -152,6 +158,16 @@ $template->assign('OutdatedCacheWarning', $outdatedCaches);
|
||||||
|
|
||||||
// add hardcoded forms from the template
|
// add hardcoded forms from the template
|
||||||
$forms = OC_App::getForms('admin');
|
$forms = OC_App::getForms('admin');
|
||||||
|
|
||||||
|
if ($config->getSystemValue('enable_certificate_management', false)) {
|
||||||
|
$certificatesTemplate = new OC_Template('settings', 'certificates');
|
||||||
|
$certificatesTemplate->assign('type', 'admin');
|
||||||
|
$certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addSystemRootCertificate');
|
||||||
|
$certificatesTemplate->assign('certs', $certificateManager->listCertificates());
|
||||||
|
$certificatesTemplate->assign('urlGenerator', $urlGenerator);
|
||||||
|
$forms[] = $certificatesTemplate->fetchPage();
|
||||||
|
}
|
||||||
|
|
||||||
$formsAndMore = array();
|
$formsAndMore = array();
|
||||||
if ($request->getServerProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() ||
|
if ($request->getServerProtocol() !== 'https' || !OC_Util::isAnnotationsWorking() ||
|
||||||
$suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() ||
|
$suggestedOverwriteCliUrl || !OC_Util::isSetLocaleWorking() ||
|
||||||
|
|
|
@ -107,6 +107,7 @@ class Application extends App {
|
||||||
$c->query('AppName'),
|
$c->query('AppName'),
|
||||||
$c->query('Request'),
|
$c->query('Request'),
|
||||||
$c->query('CertificateManager'),
|
$c->query('CertificateManager'),
|
||||||
|
$c->query('SystemCertificateManager'),
|
||||||
$c->query('L10N'),
|
$c->query('L10N'),
|
||||||
$c->query('IAppManager')
|
$c->query('IAppManager')
|
||||||
);
|
);
|
||||||
|
@ -243,6 +244,9 @@ class Application extends App {
|
||||||
$container->registerService('CertificateManager', function(IContainer $c){
|
$container->registerService('CertificateManager', function(IContainer $c){
|
||||||
return $c->query('ServerContainer')->getCertificateManager();
|
return $c->query('ServerContainer')->getCertificateManager();
|
||||||
});
|
});
|
||||||
|
$container->registerService('SystemCertificateManager', function (IContainer $c) {
|
||||||
|
return $c->query('ServerContainer')->getCertificateManager(null);
|
||||||
|
});
|
||||||
$container->registerService('Checker', function(IContainer $c) {
|
$container->registerService('Checker', function(IContainer $c) {
|
||||||
/** @var Server $server */
|
/** @var Server $server */
|
||||||
$server = $c->query('ServerContainer');
|
$server = $c->query('ServerContainer');
|
||||||
|
|
|
@ -36,7 +36,9 @@ use OCP\IRequest;
|
||||||
*/
|
*/
|
||||||
class CertificateController extends Controller {
|
class CertificateController extends Controller {
|
||||||
/** @var ICertificateManager */
|
/** @var ICertificateManager */
|
||||||
private $certificateManager;
|
private $userCertificateManager;
|
||||||
|
/** @var ICertificateManager */
|
||||||
|
private $systemCertificateManager;
|
||||||
/** @var IL10N */
|
/** @var IL10N */
|
||||||
private $l10n;
|
private $l10n;
|
||||||
/** @var IAppManager */
|
/** @var IAppManager */
|
||||||
|
@ -45,17 +47,20 @@ class CertificateController extends Controller {
|
||||||
/**
|
/**
|
||||||
* @param string $appName
|
* @param string $appName
|
||||||
* @param IRequest $request
|
* @param IRequest $request
|
||||||
* @param ICertificateManager $certificateManager
|
* @param ICertificateManager $userCertificateManager
|
||||||
|
* @param ICertificateManager $systemCertificateManager
|
||||||
* @param IL10N $l10n
|
* @param IL10N $l10n
|
||||||
* @param IAppManager $appManager
|
* @param IAppManager $appManager
|
||||||
*/
|
*/
|
||||||
public function __construct($appName,
|
public function __construct($appName,
|
||||||
IRequest $request,
|
IRequest $request,
|
||||||
ICertificateManager $certificateManager,
|
ICertificateManager $userCertificateManager,
|
||||||
|
ICertificateManager $systemCertificateManager,
|
||||||
IL10N $l10n,
|
IL10N $l10n,
|
||||||
IAppManager $appManager) {
|
IAppManager $appManager) {
|
||||||
parent::__construct($appName, $request);
|
parent::__construct($appName, $request);
|
||||||
$this->certificateManager = $certificateManager;
|
$this->userCertificateManager = $userCertificateManager;
|
||||||
|
$this->systemCertificateManager = $systemCertificateManager;
|
||||||
$this->l10n = $l10n;
|
$this->l10n = $l10n;
|
||||||
$this->appManager = $appManager;
|
$this->appManager = $appManager;
|
||||||
}
|
}
|
||||||
|
@ -68,6 +73,16 @@ class CertificateController extends Controller {
|
||||||
* @return array
|
* @return array
|
||||||
*/
|
*/
|
||||||
public function addPersonalRootCertificate() {
|
public function addPersonalRootCertificate() {
|
||||||
|
return $this->addCertificate($this->userCertificateManager);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a new root certificate to a trust store
|
||||||
|
*
|
||||||
|
* @param ICertificateManager $certificateManager
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
private function addCertificate(ICertificateManager $certificateManager) {
|
||||||
$headers = [];
|
$headers = [];
|
||||||
if ($this->request->isUserAgent([\OC\AppFramework\Http\Request::USER_AGENT_IE_8])) {
|
if ($this->request->isUserAgent([\OC\AppFramework\Http\Request::USER_AGENT_IE_8])) {
|
||||||
// due to upload iframe workaround, need to set content-type to text/plain
|
// due to upload iframe workaround, need to set content-type to text/plain
|
||||||
|
@ -79,23 +94,23 @@ class CertificateController extends Controller {
|
||||||
}
|
}
|
||||||
|
|
||||||
$file = $this->request->getUploadedFile('rootcert_import');
|
$file = $this->request->getUploadedFile('rootcert_import');
|
||||||
if(empty($file)) {
|
if (empty($file)) {
|
||||||
return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY, $headers);
|
return new DataResponse(['message' => 'No file uploaded'], Http::STATUS_UNPROCESSABLE_ENTITY, $headers);
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$certificate = $this->certificateManager->addCertificate(file_get_contents($file['tmp_name']), $file['name']);
|
$certificate = $certificateManager->addCertificate(file_get_contents($file['tmp_name']), $file['name']);
|
||||||
return new DataResponse(
|
return new DataResponse(
|
||||||
[
|
[
|
||||||
'name' => $certificate->getName(),
|
'name' => $certificate->getName(),
|
||||||
'commonName' => $certificate->getCommonName(),
|
'commonName' => $certificate->getCommonName(),
|
||||||
'organization' => $certificate->getOrganization(),
|
'organization' => $certificate->getOrganization(),
|
||||||
'validFrom' => $certificate->getIssueDate()->getTimestamp(),
|
'validFrom' => $certificate->getIssueDate()->getTimestamp(),
|
||||||
'validTill' => $certificate->getExpireDate()->getTimestamp(),
|
'validTill' => $certificate->getExpireDate()->getTimestamp(),
|
||||||
'validFromString' => $this->l10n->l('date', $certificate->getIssueDate()),
|
'validFromString' => $this->l10n->l('date', $certificate->getIssueDate()),
|
||||||
'validTillString' => $this->l10n->l('date', $certificate->getExpireDate()),
|
'validTillString' => $this->l10n->l('date', $certificate->getExpireDate()),
|
||||||
'issuer' => $certificate->getIssuerName(),
|
'issuer' => $certificate->getIssuerName(),
|
||||||
'issuerOrganization' => $certificate->getIssuerOrganization(),
|
'issuerOrganization' => $certificate->getIssuerOrganization(),
|
||||||
],
|
],
|
||||||
Http::STATUS_OK,
|
Http::STATUS_OK,
|
||||||
$headers
|
$headers
|
||||||
|
@ -119,7 +134,7 @@ class CertificateController extends Controller {
|
||||||
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->certificateManager->removeCertificate($certificateIdentifier);
|
$this->userCertificateManager->removeCertificate($certificateIdentifier);
|
||||||
return new DataResponse();
|
return new DataResponse();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -140,4 +155,28 @@ class CertificateController extends Controller {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Add a new personal root certificate to the system's trust store
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function addSystemRootCertificate() {
|
||||||
|
return $this->addCertificate($this->systemCertificateManager);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Removes a personal root certificate from the users' trust store
|
||||||
|
*
|
||||||
|
* @param string $certificateIdentifier
|
||||||
|
* @return DataResponse
|
||||||
|
*/
|
||||||
|
public function removeSystemRootCertificate($certificateIdentifier) {
|
||||||
|
|
||||||
|
if ($this->isCertificateImportAllowed() === false) {
|
||||||
|
return new DataResponse('Individual certificate management disabled', Http::STATUS_FORBIDDEN);
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->systemCertificateManager->removeCertificate($certificateIdentifier);
|
||||||
|
return new DataResponse();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,69 @@
|
||||||
|
$(document).ready(function () {
|
||||||
|
var type = $('#sslCertificate').data('type');
|
||||||
|
$('#sslCertificate').on('click', 'td.remove', function () {
|
||||||
|
var row = $(this).parent();
|
||||||
|
$.ajax(OC.generateUrl('settings/' + type + '/certificate/{certificate}', {certificate: row.data('name')}), {
|
||||||
|
type: 'DELETE'
|
||||||
|
});
|
||||||
|
row.remove();
|
||||||
|
|
||||||
|
if ($('#sslCertificate > tbody > tr').length === 0) {
|
||||||
|
$('#sslCertificate').hide();
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
});
|
||||||
|
|
||||||
|
$('#sslCertificate tr > td').tipsy({gravity: 'n', live: true});
|
||||||
|
|
||||||
|
$('#rootcert_import').fileupload({
|
||||||
|
submit: function (e, data) {
|
||||||
|
data.formData = _.extend(data.formData || {}, {
|
||||||
|
requesttoken: OC.requestToken
|
||||||
|
});
|
||||||
|
},
|
||||||
|
success: function (data) {
|
||||||
|
if (typeof data === 'string') {
|
||||||
|
data = $.parseJSON(data);
|
||||||
|
} else if (data && data.length) {
|
||||||
|
// fetch response from iframe
|
||||||
|
data = $.parseJSON(data[0].body.innerText);
|
||||||
|
}
|
||||||
|
if (!data || typeof(data) === 'string') {
|
||||||
|
// IE8 iframe workaround comes here instead of fail()
|
||||||
|
OC.Notification.showTemporary(
|
||||||
|
t('settings', 'An error occurred. Please upload an ASCII-encoded PEM certificate.'));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
var issueDate = new Date(data.validFrom * 1000);
|
||||||
|
var expireDate = new Date(data.validTill * 1000);
|
||||||
|
var now = new Date();
|
||||||
|
var isExpired = !(issueDate <= now && now <= expireDate);
|
||||||
|
|
||||||
|
var row = $('<tr/>');
|
||||||
|
row.data('name', data.name);
|
||||||
|
row.addClass(isExpired ? 'expired' : 'valid');
|
||||||
|
row.append($('<td/>').attr('title', data.organization).text(data.commonName));
|
||||||
|
row.append($('<td/>').attr('title', t('core,', 'Valid until {date}', {date: data.validTillString}))
|
||||||
|
.text(data.validTillString));
|
||||||
|
row.append($('<td/>').attr('title', data.issuerOrganization).text(data.issuer));
|
||||||
|
row.append($('<td/>').addClass('remove').append(
|
||||||
|
$('<img/>').attr({
|
||||||
|
alt: t('core', 'Delete'),
|
||||||
|
title: t('core', 'Delete'),
|
||||||
|
src: OC.imagePath('core', 'actions/delete.svg')
|
||||||
|
}).addClass('action')
|
||||||
|
));
|
||||||
|
|
||||||
|
$('#sslCertificate tbody').append(row);
|
||||||
|
$('#sslCertificate').show();
|
||||||
|
},
|
||||||
|
fail: function () {
|
||||||
|
OC.Notification.showTemporary(
|
||||||
|
t('settings', 'An error occurred. Please upload an ASCII-encoded PEM certificate.'));
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
if ($('#sslCertificate > tbody > tr').length === 0) {
|
||||||
|
$('#sslCertificate').hide();
|
||||||
|
}
|
||||||
|
});
|
|
@ -339,73 +339,6 @@ $(document).ready(function () {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
$('#sslCertificate').on('click', 'td.remove > img', function () {
|
|
||||||
var row = $(this).parent().parent();
|
|
||||||
$.ajax(OC.generateUrl('settings/personal/certificate/{certificate}', {certificate: row.data('name')}), {
|
|
||||||
type: 'DELETE'
|
|
||||||
});
|
|
||||||
row.remove();
|
|
||||||
|
|
||||||
if ($('#sslCertificate > tbody > tr').length === 0) {
|
|
||||||
$('#sslCertificate').hide();
|
|
||||||
}
|
|
||||||
return true;
|
|
||||||
});
|
|
||||||
|
|
||||||
$('#sslCertificate tr > td').tipsy({gravity: 'n', live: true});
|
|
||||||
|
|
||||||
$('#rootcert_import').fileupload({
|
|
||||||
submit: function(e, data) {
|
|
||||||
data.formData = _.extend(data.formData || {}, {
|
|
||||||
requesttoken: OC.requestToken
|
|
||||||
});
|
|
||||||
},
|
|
||||||
success: function (data) {
|
|
||||||
if (typeof data === 'string') {
|
|
||||||
data = $.parseJSON(data);
|
|
||||||
} else if (data && data.length) {
|
|
||||||
// fetch response from iframe
|
|
||||||
data = $.parseJSON(data[0].body.innerText);
|
|
||||||
}
|
|
||||||
if (!data || typeof(data) === 'string') {
|
|
||||||
// IE8 iframe workaround comes here instead of fail()
|
|
||||||
OC.Notification.showTemporary(
|
|
||||||
t('settings', 'An error occurred. Please upload an ASCII-encoded PEM certificate.'));
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
var issueDate = new Date(data.validFrom * 1000);
|
|
||||||
var expireDate = new Date(data.validTill * 1000);
|
|
||||||
var now = new Date();
|
|
||||||
var isExpired = !(issueDate <= now && now <= expireDate);
|
|
||||||
|
|
||||||
var row = $('<tr/>');
|
|
||||||
row.data('name', data.name);
|
|
||||||
row.addClass(isExpired? 'expired': 'valid');
|
|
||||||
row.append($('<td/>').attr('title', data.organization).text(data.commonName));
|
|
||||||
row.append($('<td/>').attr('title', t('core,', 'Valid until {date}', {date: data.validTillString}))
|
|
||||||
.text(data.validTillString));
|
|
||||||
row.append($('<td/>').attr('title', data.issuerOrganization).text(data.issuer));
|
|
||||||
row.append($('<td/>').addClass('remove').append(
|
|
||||||
$('<img/>').attr({
|
|
||||||
alt: t('core', 'Delete'),
|
|
||||||
title: t('core', 'Delete'),
|
|
||||||
src: OC.imagePath('core', 'actions/delete.svg')
|
|
||||||
}).addClass('action')
|
|
||||||
));
|
|
||||||
|
|
||||||
$('#sslCertificate tbody').append(row);
|
|
||||||
$('#sslCertificate').show();
|
|
||||||
},
|
|
||||||
fail: function () {
|
|
||||||
OC.Notification.showTemporary(
|
|
||||||
t('settings', 'An error occurred. Please upload an ASCII-encoded PEM certificate.'));
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
if ($('#sslCertificate > tbody > tr').length === 0) {
|
|
||||||
$('#sslCertificate').hide();
|
|
||||||
}
|
|
||||||
|
|
||||||
// Load the big avatar
|
// Load the big avatar
|
||||||
if (oc_config.enable_avatars) {
|
if (oc_config.enable_avatars) {
|
||||||
$('#avatar .avatardiv').avatar(OC.currentUser, 145);
|
$('#avatar .avatardiv').avatar(OC.currentUser, 145);
|
||||||
|
|
|
@ -43,6 +43,7 @@ $urlGenerator = \OC::$server->getURLGenerator();
|
||||||
|
|
||||||
// Highlight navigation entry
|
// Highlight navigation entry
|
||||||
OC_Util::addScript( 'settings', 'personal' );
|
OC_Util::addScript( 'settings', 'personal' );
|
||||||
|
OC_Util::addScript('settings', 'certificates');
|
||||||
OC_Util::addStyle( 'settings', 'settings' );
|
OC_Util::addStyle( 'settings', 'settings' );
|
||||||
\OC_Util::addVendorScript('strengthify/jquery.strengthify');
|
\OC_Util::addVendorScript('strengthify/jquery.strengthify');
|
||||||
\OC_Util::addVendorStyle('strengthify/strengthify');
|
\OC_Util::addVendorStyle('strengthify/strengthify');
|
||||||
|
@ -168,6 +169,17 @@ $formsAndMore[]= ['anchor' => 'clientsbox', 'section-name' => $l->t('Sync client
|
||||||
|
|
||||||
$forms=OC_App::getForms('personal');
|
$forms=OC_App::getForms('personal');
|
||||||
|
|
||||||
|
|
||||||
|
// add bottom hardcoded forms from the template
|
||||||
|
if ($enableCertImport) {
|
||||||
|
$certificatesTemplate = new OC_Template('settings', 'certificates');
|
||||||
|
$certificatesTemplate->assign('type', 'personal');
|
||||||
|
$certificatesTemplate->assign('uploadRoute', 'settings.Certificate.addPersonalRootCertificate');
|
||||||
|
$certificatesTemplate->assign('certs', $certificateManager->listCertificates());
|
||||||
|
$certificatesTemplate->assign('urlGenerator', $urlGenerator);
|
||||||
|
$forms[] = $certificatesTemplate->fetchPage();
|
||||||
|
}
|
||||||
|
|
||||||
$formsMap = array_map(function($form){
|
$formsMap = array_map(function($form){
|
||||||
if (preg_match('%(<h2(?P<class>[^>]*)>.*?</h2>)%i', $form, $regs)) {
|
if (preg_match('%(<h2(?P<class>[^>]*)>.*?</h2>)%i', $form, $regs)) {
|
||||||
$sectionName = str_replace('<h2'.$regs['class'].'>', '', $regs[0]);
|
$sectionName = str_replace('<h2'.$regs['class'].'>', '', $regs[0]);
|
||||||
|
@ -188,12 +200,5 @@ $formsMap = array_map(function($form){
|
||||||
|
|
||||||
$formsAndMore = array_merge($formsAndMore, $formsMap);
|
$formsAndMore = array_merge($formsAndMore, $formsMap);
|
||||||
|
|
||||||
// add bottom hardcoded forms from the template
|
|
||||||
if($enableCertImport) {
|
|
||||||
$formsAndMore[]= array( 'anchor' => 'ssl-root-certificates', 'section-name' => $l->t('SSL root certificates') );
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$tmpl->assign('forms', $formsAndMore);
|
$tmpl->assign('forms', $formsAndMore);
|
||||||
$tmpl->printPage();
|
$tmpl->printPage();
|
||||||
|
|
|
@ -57,6 +57,8 @@ $application->registerRoutes($this, [
|
||||||
['name' => 'CheckSetup#rescanFailedIntegrityCheck', 'url' => '/settings/integrity/rescan', 'verb' => 'GET'],
|
['name' => 'CheckSetup#rescanFailedIntegrityCheck', 'url' => '/settings/integrity/rescan', 'verb' => 'GET'],
|
||||||
['name' => 'Certificate#addPersonalRootCertificate', 'url' => '/settings/personal/certificate', 'verb' => 'POST'],
|
['name' => 'Certificate#addPersonalRootCertificate', 'url' => '/settings/personal/certificate', 'verb' => 'POST'],
|
||||||
['name' => 'Certificate#removePersonalRootCertificate', 'url' => '/settings/personal/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
|
['name' => 'Certificate#removePersonalRootCertificate', 'url' => '/settings/personal/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
|
||||||
|
['name' => 'Certificate#addSystemRootCertificate', 'url' => '/settings/admin/certificate', 'verb' => 'POST'],
|
||||||
|
['name' => 'Certificate#removeSystemRootCertificate', 'url' => '/settings/admin/certificate/{certificateIdentifier}', 'verb' => 'DELETE'],
|
||||||
]
|
]
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,44 @@
|
||||||
|
<div class="section">
|
||||||
|
<h2><?php p($l->t('SSL Root Certificates')); ?></h2>
|
||||||
|
<table id="sslCertificate" class="grid" data-type="<?php p($_['type']); ?>">
|
||||||
|
<thead>
|
||||||
|
<tr>
|
||||||
|
<th><?php p($l->t('Common Name')); ?></th>
|
||||||
|
<th><?php p($l->t('Valid until')); ?></th>
|
||||||
|
<th><?php p($l->t('Issued By')); ?></th>
|
||||||
|
</tr>
|
||||||
|
</thead>
|
||||||
|
<tbody>
|
||||||
|
<?php foreach ($_['certs'] as $rootCert): /**@var \OCP\ICertificate $rootCert */ ?>
|
||||||
|
<tr class="<?php echo ($rootCert->isExpired()) ? 'expired' : 'valid' ?>"
|
||||||
|
data-name="<?php p($rootCert->getName()) ?>">
|
||||||
|
<td class="rootCert"
|
||||||
|
title="<?php p($rootCert->getOrganization()) ?>">
|
||||||
|
<?php p($rootCert->getCommonName()) ?>
|
||||||
|
</td>
|
||||||
|
<td title="<?php p($l->t('Valid until %s', $l->l('date', $rootCert->getExpireDate()))) ?>">
|
||||||
|
<?php echo $l->l('date', $rootCert->getExpireDate()) ?>
|
||||||
|
</td>
|
||||||
|
<td title="<?php p($rootCert->getIssuerOrganization()) ?>">
|
||||||
|
<?php p($rootCert->getIssuerName()) ?>
|
||||||
|
</td>
|
||||||
|
<td <?php if ($rootCert != ''): ?>class="remove"
|
||||||
|
<?php else: ?>style="visibility:hidden;"
|
||||||
|
<?php endif; ?>><img alt="<?php p($l->t('Delete')); ?>"
|
||||||
|
title="<?php p($l->t('Delete')); ?>"
|
||||||
|
class="svg action"
|
||||||
|
src="<?php print_unescaped(image_path('core', 'actions/delete.svg')); ?>"/>
|
||||||
|
</td>
|
||||||
|
</tr>
|
||||||
|
<?php endforeach; ?>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
<form class="uploadButton" method="post"
|
||||||
|
action="<?php p($_['urlGenerator']->linkToRoute($_['uploadRoute'])); ?>"
|
||||||
|
target="certUploadFrame">
|
||||||
|
<label for="rootcert_import" class="inlineblock button"
|
||||||
|
id="rootcert_import_button"><?php p($l->t('Import root certificate')); ?></label>
|
||||||
|
<input type="file" id="rootcert_import" name="rootcert_import"
|
||||||
|
class="hiddenuploadfield">
|
||||||
|
</form>
|
||||||
|
</div>
|
|
@ -204,48 +204,6 @@ if($_['passwordChangeSupported']) {
|
||||||
<?php }
|
<?php }
|
||||||
};?>
|
};?>
|
||||||
|
|
||||||
<?php if($_['showCertificates']) : ?>
|
|
||||||
<div id="ssl-root-certificates" class="section">
|
|
||||||
<h2><?php p($l->t('SSL root certificates')); ?></h2>
|
|
||||||
<table id="sslCertificate" class="grid">
|
|
||||||
<thead>
|
|
||||||
<tr>
|
|
||||||
<th><?php p($l->t('Common Name')); ?></th>
|
|
||||||
<th><?php p($l->t('Valid until')); ?></th>
|
|
||||||
<th><?php p($l->t('Issued By')); ?></th>
|
|
||||||
<th></th>
|
|
||||||
</tr>
|
|
||||||
</thead>
|
|
||||||
<tbody>
|
|
||||||
<?php foreach ($_['certs'] as $rootCert): /**@var \OCP\ICertificate $rootCert*/ ?>
|
|
||||||
<tr class="<?php echo ($rootCert->isExpired()) ? 'expired' : 'valid' ?>" data-name="<?php p($rootCert->getName()) ?>">
|
|
||||||
<td class="rootCert" title="<?php p($rootCert->getOrganization())?>">
|
|
||||||
<?php p($rootCert->getCommonName()) ?>
|
|
||||||
</td>
|
|
||||||
<td title="<?php p($l->t('Valid until %s', $l->l('date', $rootCert->getExpireDate()))) ?>">
|
|
||||||
<?php echo $l->l('date', $rootCert->getExpireDate()) ?>
|
|
||||||
</td>
|
|
||||||
<td title="<?php p($rootCert->getIssuerOrganization()) ?>">
|
|
||||||
<?php p($rootCert->getIssuerName()) ?>
|
|
||||||
</td>
|
|
||||||
<td <?php if ($rootCert != ''): ?>class="remove"
|
|
||||||
<?php else: ?>style="visibility:hidden;"
|
|
||||||
<?php endif; ?>><img alt="<?php p($l->t('Delete')); ?>"
|
|
||||||
title="<?php p($l->t('Delete')); ?>"
|
|
||||||
class="svg action"
|
|
||||||
src="<?php print_unescaped(image_path('core', 'actions/delete.svg')); ?>"/>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
<?php endforeach; ?>
|
|
||||||
</tbody>
|
|
||||||
</table>
|
|
||||||
<form class="uploadButton" method="post" action="<?php p($_['urlGenerator']->linkToRoute('settings.Certificate.addPersonalRootCertificate')); ?>" target="certUploadFrame">
|
|
||||||
<label for="rootcert_import" class="inlineblock button" id="rootcert_import_button"><?php p($l->t('Import root certificate')); ?></label>
|
|
||||||
<input type="file" id="rootcert_import" name="rootcert_import" class="hiddenuploadfield">
|
|
||||||
</form>
|
|
||||||
</div>
|
|
||||||
<?php endif; ?>
|
|
||||||
|
|
||||||
<div class="section">
|
<div class="section">
|
||||||
<h2><?php p($l->t('Version'));?></h2>
|
<h2><?php p($l->t('Version'));?></h2>
|
||||||
<p><a href="<?php print_unescaped($theme->getBaseUrl()); ?>" target="_blank"><?php p($theme->getTitle()); ?></a> <?php p(OC_Util::getHumanVersion()) ?></p>
|
<p><a href="<?php print_unescaped($theme->getBaseUrl()); ?>" target="_blank"><?php p($theme->getTitle()); ?></a> <?php p(OC_Util::getHumanVersion()) ?></p>
|
||||||
|
|
|
@ -14,6 +14,8 @@ use \OC\Security\CertificateManager;
|
||||||
* @group DB
|
* @group DB
|
||||||
*/
|
*/
|
||||||
class CertificateManagerTest extends \Test\TestCase {
|
class CertificateManagerTest extends \Test\TestCase {
|
||||||
|
use \Test\Traits\UserTrait;
|
||||||
|
use \Test\Traits\MountProviderTrait;
|
||||||
|
|
||||||
/** @var CertificateManager */
|
/** @var CertificateManager */
|
||||||
private $certificateManager;
|
private $certificateManager;
|
||||||
|
@ -24,7 +26,10 @@ class CertificateManagerTest extends \Test\TestCase {
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
|
|
||||||
$this->username = $this->getUniqueID('', 20);
|
$this->username = $this->getUniqueID('', 20);
|
||||||
\OC::$server->getUserManager()->createUser($this->username, $this->getUniqueID('', 20));
|
$this->createUser($this->username, '');
|
||||||
|
|
||||||
|
$storage = new \OC\Files\Storage\Temporary();
|
||||||
|
$this->registerMount($this->username, $storage, '/' . $this->username . '/');
|
||||||
|
|
||||||
\OC_Util::tearDownFS();
|
\OC_Util::tearDownFS();
|
||||||
\OC_User::setUserId('');
|
\OC_User::setUserId('');
|
||||||
|
@ -40,7 +45,9 @@ class CertificateManagerTest extends \Test\TestCase {
|
||||||
|
|
||||||
protected function tearDown() {
|
protected function tearDown() {
|
||||||
$user = \OC::$server->getUserManager()->get($this->username);
|
$user = \OC::$server->getUserManager()->get($this->username);
|
||||||
if ($user !== null) { $user->delete(); }
|
if ($user !== null) {
|
||||||
|
$user->delete();
|
||||||
|
}
|
||||||
parent::tearDown();
|
parent::tearDown();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -56,14 +63,14 @@ class CertificateManagerTest extends \Test\TestCase {
|
||||||
$this->assertSame(array(), $this->certificateManager->listCertificates());
|
$this->assertSame(array(), $this->certificateManager->listCertificates());
|
||||||
|
|
||||||
// Add some certificates
|
// Add some certificates
|
||||||
$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
|
$this->certificateManager->addCertificate(file_get_contents(__DIR__ . '/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
|
||||||
$certificateStore = array();
|
$certificateStore = array();
|
||||||
$certificateStore[] = new \OC\Security\Certificate(file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
|
$certificateStore[] = new \OC\Security\Certificate(file_get_contents(__DIR__ . '/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
|
||||||
$this->assertEqualsArrays($certificateStore, $this->certificateManager->listCertificates());
|
$this->assertEqualsArrays($certificateStore, $this->certificateManager->listCertificates());
|
||||||
|
|
||||||
// Add another certificates
|
// Add another certificates
|
||||||
$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), 'ExpiredCertificate');
|
$this->certificateManager->addCertificate(file_get_contents(__DIR__ . '/../../data/certificates/expiredCertificate.crt'), 'ExpiredCertificate');
|
||||||
$certificateStore[] = new \OC\Security\Certificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), 'ExpiredCertificate');
|
$certificateStore[] = new \OC\Security\Certificate(file_get_contents(__DIR__ . '/../../data/certificates/expiredCertificate.crt'), 'ExpiredCertificate');
|
||||||
$this->assertEqualsArrays($certificateStore, $this->certificateManager->listCertificates());
|
$this->assertEqualsArrays($certificateStore, $this->certificateManager->listCertificates());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -93,7 +100,7 @@ class CertificateManagerTest extends \Test\TestCase {
|
||||||
* @param string $filename
|
* @param string $filename
|
||||||
*/
|
*/
|
||||||
function testAddDangerousFile($filename) {
|
function testAddDangerousFile($filename) {
|
||||||
$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/expiredCertificate.crt'), $filename);
|
$this->certificateManager->addCertificate(file_get_contents(__DIR__ . '/../../data/certificates/expiredCertificate.crt'), $filename);
|
||||||
}
|
}
|
||||||
|
|
||||||
function testRemoveDangerousFile() {
|
function testRemoveDangerousFile() {
|
||||||
|
@ -101,7 +108,7 @@ class CertificateManagerTest extends \Test\TestCase {
|
||||||
}
|
}
|
||||||
|
|
||||||
function testRemoveExistingFile() {
|
function testRemoveExistingFile() {
|
||||||
$this->certificateManager->addCertificate(file_get_contents(__DIR__.'/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
|
$this->certificateManager->addCertificate(file_get_contents(__DIR__ . '/../../data/certificates/goodCertificate.crt'), 'GoodCertificate');
|
||||||
$this->assertTrue($this->certificateManager->removeCertificate('GoodCertificate'));
|
$this->assertTrue($this->certificateManager->removeCertificate('GoodCertificate'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -44,12 +44,15 @@ class CertificateControllerTest extends \Test\TestCase {
|
||||||
private $l10n;
|
private $l10n;
|
||||||
/** @var IAppManager */
|
/** @var IAppManager */
|
||||||
private $appManager;
|
private $appManager;
|
||||||
|
/** @var ICertificateManager */
|
||||||
|
private $systemCertificateManager;
|
||||||
|
|
||||||
public function setUp() {
|
public function setUp() {
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
|
|
||||||
$this->request = $this->getMock('\OCP\IRequest');
|
$this->request = $this->getMock('\OCP\IRequest');
|
||||||
$this->certificateManager = $this->getMock('\OCP\ICertificateManager');
|
$this->certificateManager = $this->getMock('\OCP\ICertificateManager');
|
||||||
|
$this->systemCertificateManager = $this->getMock('\OCP\ICertificateManager');
|
||||||
$this->l10n = $this->getMock('\OCP\IL10N');
|
$this->l10n = $this->getMock('\OCP\IL10N');
|
||||||
$this->appManager = $this->getMock('OCP\App\IAppManager');
|
$this->appManager = $this->getMock('OCP\App\IAppManager');
|
||||||
|
|
||||||
|
@ -59,6 +62,7 @@ class CertificateControllerTest extends \Test\TestCase {
|
||||||
'settings',
|
'settings',
|
||||||
$this->request,
|
$this->request,
|
||||||
$this->certificateManager,
|
$this->certificateManager,
|
||||||
|
$this->systemCertificateManager,
|
||||||
$this->l10n,
|
$this->l10n,
|
||||||
$this->appManager
|
$this->appManager
|
||||||
]
|
]
|
||||||
|
|
Loading…
Reference in New Issue