From d3eeecba54fc891da20093c88648e5f10ed0e706 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Tue, 29 Jun 2021 20:44:07 +0200 Subject: [PATCH] Prevent running FixEncryptedVersion without master key Return an error when running occ encryption:fix-encrypted-version when master key encryption is not enabled. Signed-off-by: Vincent Petry --- .../lib/Command/FixEncryptedVersion.php | 19 +++++++- .../tests/Command/FixEncryptedVersionTest.php | 46 +++++++++++++++++++ 2 files changed, 64 insertions(+), 1 deletion(-) diff --git a/apps/encryption/lib/Command/FixEncryptedVersion.php b/apps/encryption/lib/Command/FixEncryptedVersion.php index e2181f9a22917..a85a96258fcf4 100644 --- a/apps/encryption/lib/Command/FixEncryptedVersion.php +++ b/apps/encryption/lib/Command/FixEncryptedVersion.php @@ -24,6 +24,7 @@ use OC\Files\View; use OC\HintException; +use OCA\Encryption\Util; use OCP\Files\IRootFolder; use OCP\IConfig; use OCP\ILogger; @@ -46,14 +47,25 @@ class FixEncryptedVersion extends Command { /** @var IUserManager */ private $userManager; + /** @var Util */ + private $util; + /** @var View */ private $view; - public function __construct(IConfig $config, ILogger $logger, IRootFolder $rootFolder, IUserManager $userManager, View $view) { + public function __construct( + IConfig $config, + ILogger $logger, + IRootFolder $rootFolder, + IUserManager $userManager, + Util $util, + View $view + ) { $this->config = $config; $this->logger = $logger; $this->rootFolder = $rootFolder; $this->userManager = $userManager; + $this->util = $util; $this->view = $view; parent::__construct(); } @@ -89,6 +101,11 @@ protected function execute(InputInterface $input, OutputInterface $output): int return 1; } + if (!$this->util->isMasterKeyEnabled()) { + $output->writeln("Repairing only works with master key encryption.\n"); + return 1; + } + $user = (string)$input->getArgument('user'); $pathToWalk = "/$user/files"; diff --git a/apps/encryption/tests/Command/FixEncryptedVersionTest.php b/apps/encryption/tests/Command/FixEncryptedVersionTest.php index a530275784ae8..22ae239aec23d 100644 --- a/apps/encryption/tests/Command/FixEncryptedVersionTest.php +++ b/apps/encryption/tests/Command/FixEncryptedVersionTest.php @@ -23,6 +23,7 @@ use OC\Files\View; use OCA\Encryption\Command\FixEncryptedVersion; +use OCA\Encryption\Util; use Symfony\Component\Console\Tester\CommandTester; use Test\TestCase; use Test\Traits\EncryptionTrait; @@ -48,11 +49,17 @@ class FixEncryptedVersionTest extends TestCase { /** @var CommandTester */ private $commandTester; + /** @var Util|\PHPUnit\Framework\MockObject\MockObject */ + protected $util; + public function setUp(): void { parent::setUp(); \OC::$server->getConfig()->setAppValue('encryption', 'useMasterKey', '1'); + $this->util = $this->getMockBuilder(Util::class) + ->disableOriginalConstructor()->getMock(); + $this->userId = $this->getUniqueId('user_'); $this->createUser($this->userId, 'foo12345678'); @@ -66,6 +73,7 @@ public function setUp(): void { \OC::$server->getLogger(), \OC::$server->getRootFolder(), \OC::$server->getUserManager(), + $this->util, new View('/') ); $this->commandTester = new CommandTester($this->fixEncryptedVersion); @@ -80,6 +88,9 @@ public function setUp(): void { * but greater than zero */ public function testEncryptedVersionLessThanOriginalValue() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('hello.txt'); @@ -145,6 +156,9 @@ public function testEncryptedVersionLessThanOriginalValue() { * but greater than zero */ public function testEncryptedVersionGreaterThanOriginalValue() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('hello.txt'); @@ -201,6 +215,9 @@ public function testEncryptedVersionGreaterThanOriginalValue() { } public function testVersionIsRestoredToOriginalIfNoFixIsFound() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('bar.txt'); @@ -231,6 +248,9 @@ public function testVersionIsRestoredToOriginalIfNoFixIsFound() { * Test commands with a file path */ public function testExecuteWithFilePathOption() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->touch('hello.txt'); @@ -252,6 +272,9 @@ public function testExecuteWithFilePathOption() { * Test commands with a directory path */ public function testExecuteWithDirectoryPathOption() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $view = new View("/" . $this->userId . "/files"); $view->mkdir('sub'); @@ -274,6 +297,9 @@ public function testExecuteWithDirectoryPathOption() { * Test commands with a directory path */ public function testExecuteWithNoUser() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $this->commandTester->execute([ 'user' => null, '--path' => "/" @@ -288,6 +314,9 @@ public function testExecuteWithNoUser() { * Test commands with a directory path */ public function testExecuteWithNonExistentPath() { + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(true); + $this->commandTester->execute([ 'user' => $this->userId, '--path' => '/non-exist' @@ -297,4 +326,21 @@ public function testExecuteWithNonExistentPath() { $this->assertStringContainsString('Please provide a valid path.', $output); } + + /** + * Test commands without master key + */ + public function testExecuteWithNoMasterKey() { + \OC::$server->getConfig()->setAppValue('encryption', 'useMasterKey', '0'); + $this->util->expects($this->once())->method('isMasterKeyEnabled') + ->willReturn(false); + + $this->commandTester->execute([ + 'user' => $this->userId, + ]); + + $output = $this->commandTester->getDisplay(); + + $this->assertStringContainsString('only works with master key', $output); + } }