Only prevent disabling encrytion via the API
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling
parent
f877176fed
commit
f8592e5e79
|
|
@ -106,7 +106,7 @@ class AppConfigController extends OCSController {
|
||||||
public function setValue(string $app, string $key, string $value): DataResponse {
|
public function setValue(string $app, string $key, string $value): DataResponse {
|
||||||
try {
|
try {
|
||||||
$this->verifyAppId($app);
|
$this->verifyAppId($app);
|
||||||
$this->verifyConfigKey($app, $key);
|
$this->verifyConfigKey($app, $key, $value);
|
||||||
} catch (\InvalidArgumentException $e) {
|
} catch (\InvalidArgumentException $e) {
|
||||||
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN);
|
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN);
|
||||||
}
|
}
|
||||||
|
|
@ -124,7 +124,7 @@ class AppConfigController extends OCSController {
|
||||||
public function deleteKey(string $app, string $key): DataResponse {
|
public function deleteKey(string $app, string $key): DataResponse {
|
||||||
try {
|
try {
|
||||||
$this->verifyAppId($app);
|
$this->verifyAppId($app);
|
||||||
$this->verifyConfigKey($app, $key);
|
$this->verifyConfigKey($app, $key, '');
|
||||||
} catch (\InvalidArgumentException $e) {
|
} catch (\InvalidArgumentException $e) {
|
||||||
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN);
|
return new DataResponse(['data' => ['message' => $e->getMessage()]], Http::STATUS_FORBIDDEN);
|
||||||
}
|
}
|
||||||
|
|
@ -146,14 +146,19 @@ class AppConfigController extends OCSController {
|
||||||
/**
|
/**
|
||||||
* @param string $app
|
* @param string $app
|
||||||
* @param string $key
|
* @param string $key
|
||||||
|
* @param string $value
|
||||||
* @throws \InvalidArgumentException
|
* @throws \InvalidArgumentException
|
||||||
*/
|
*/
|
||||||
protected function verifyConfigKey(string $app, string $key) {
|
protected function verifyConfigKey(string $app, string $key, string $value) {
|
||||||
if (in_array($key, ['installed_version', 'enabled', 'types'])) {
|
if (in_array($key, ['installed_version', 'enabled', 'types'])) {
|
||||||
throw new \InvalidArgumentException('The given key can not be set');
|
throw new \InvalidArgumentException('The given key can not be set');
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($app === 'core' && ($key === 'encryption_enabled' || strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) {
|
if ($app === 'core' && $key === 'encryption_enabled' && $value !== 'yes') {
|
||||||
|
throw new \InvalidArgumentException('The given key can not be set');
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($app === 'core' && (strpos($key, 'public_') === 0 || strpos($key, 'remote_') === 0)) {
|
||||||
throw new \InvalidArgumentException('The given key can not be set');
|
throw new \InvalidArgumentException('The given key can not be set');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -342,9 +342,10 @@ class AppConfigControllerTest extends TestCase {
|
||||||
|
|
||||||
public function dataVerifyConfigKey() {
|
public function dataVerifyConfigKey() {
|
||||||
return [
|
return [
|
||||||
['activity', 'abc'],
|
['activity', 'abc', ''],
|
||||||
['dav', 'public_route'],
|
['dav', 'public_route', ''],
|
||||||
['files', 'remote_route'],
|
['files', 'remote_route', ''],
|
||||||
|
['core', 'encryption_enabled', 'yes'],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -352,22 +353,25 @@ class AppConfigControllerTest extends TestCase {
|
||||||
* @dataProvider dataVerifyConfigKey
|
* @dataProvider dataVerifyConfigKey
|
||||||
* @param string $app
|
* @param string $app
|
||||||
* @param string $key
|
* @param string $key
|
||||||
|
* @param string $value
|
||||||
*/
|
*/
|
||||||
public function testVerifyConfigKey($app, $key) {
|
public function testVerifyConfigKey($app, $key, $value) {
|
||||||
$api = $this->getInstance();
|
$api = $this->getInstance();
|
||||||
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key]);
|
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]);
|
||||||
$this->addToAssertionCount(1);
|
$this->addToAssertionCount(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function dataVerifyConfigKeyThrows() {
|
public function dataVerifyConfigKeyThrows() {
|
||||||
return [
|
return [
|
||||||
['activity', 'installed_version'],
|
['activity', 'installed_version', ''],
|
||||||
['calendar', 'enabled'],
|
['calendar', 'enabled', ''],
|
||||||
['contacts', 'types'],
|
['contacts', 'types', ''],
|
||||||
['core', 'public_files'],
|
['core', 'encryption_enabled', 'no'],
|
||||||
['core', 'public_dav'],
|
['core', 'encryption_enabled', ''],
|
||||||
['core', 'remote_files'],
|
['core', 'public_files', ''],
|
||||||
['core', 'remote_dav'],
|
['core', 'public_dav', ''],
|
||||||
|
['core', 'remote_files', ''],
|
||||||
|
['core', 'remote_dav', ''],
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -376,9 +380,10 @@ class AppConfigControllerTest extends TestCase {
|
||||||
* @expectedException \InvalidArgumentException
|
* @expectedException \InvalidArgumentException
|
||||||
* @param string $app
|
* @param string $app
|
||||||
* @param string $key
|
* @param string $key
|
||||||
|
* @param string $value
|
||||||
*/
|
*/
|
||||||
public function testVerifyConfigKeyThrows($app, $key) {
|
public function testVerifyConfigKeyThrows($app, $key, $value) {
|
||||||
$api = $this->getInstance();
|
$api = $this->getInstance();
|
||||||
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key]);
|
$this->invokePrivate($api, 'verifyConfigKey', [$app, $key, $value]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue