sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15686 from owncloud/enc_fix_change_password 

fix change password if no user is logged in, occ call
remotes/origin/poc-doctrine-migrations
Thomas Müller 2015-04-17 14:14:29 +07:00
parent aef6ecdbf1 195a48b2b8
commit 295839930a
2 changed files with 38 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
apps/encryption/hooks/userhooks.php
Unescape Escape View File

@ -196,7 +196,9 @@ class UserHooks implements IHook {
public function preSetPassphrase($params) { public function preSetPassphrase($params) {
if (App::isEnabled('encryption')) { if (App::isEnabled('encryption')) {
if (!$this->user->getUser()->canChangePassword()) { $user = $this->user->getUser();
if ($user && !$user->canChangePassword()) {
$this->setPassphrase($params); $this->setPassphrase($params);
} }
} }
@ -212,8 +214,10 @@ class UserHooks implements IHook {
// Get existing decrypted private key // Get existing decrypted private key
$privateKey = $this->session->getPrivateKey(); $privateKey = $this->session->getPrivateKey();
$user = $this->user->getUser();
if ($params['uid'] === $this->user->getUser()->getUID() && $privateKey) { // current logged in user changes his own password
if ($user && $params['uid'] === $user->getUID() && $privateKey) {
// Encrypt private key with new user pwd as passphrase // Encrypt private key with new user pwd as passphrase
$encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey, $encryptedPrivateKey = $this->crypt->symmetricEncryptFileContent($privateKey,
@ -230,7 +234,7 @@ class UserHooks implements IHook {
// NOTE: Session does not need to be updated as the // NOTE: Session does not need to be updated as the
// private key has not changed, only the passphrase // private key has not changed, only the passphrase
// used to decrypt it has changed // used to decrypt it has changed
} else { // admin changed the password for a different user, create new keys and reencrypt file keys } else { // admin changed the password for a different user, create new keys and re-encrypt file keys
$user = $params['uid']; $user = $params['uid'];
$recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null; $recoveryPassword = isset($params['recoveryPassword']) ? $params['recoveryPassword'] : null;

33
apps/encryption/tests/hooks/UserHooksTest.php
Unescape Escape View File

@ -143,6 +143,35 @@ class UserHooksTest extends TestCase {
$this->assertNull($this->instance->setPassphrase($this->params)); $this->assertNull($this->instance->setPassphrase($this->params));
} }
public function testSetPasswordNoUser() {
$this->sessionMock->expects($this->once())
->method('getPrivateKey')
->willReturn(true);
$userSessionMock = $this->getMockBuilder('OCP\IUserSession')
->disableOriginalConstructor()
->getMock();
$userSessionMock->expects($this->any())->method('getUser')->will($this->returnValue(null));
$this->recoveryMock->expects($this->once())
->method('isRecoveryEnabledForUser')
->with('testUser')
->willReturn(false);
$userHooks = new UserHooks($this->keyManagerMock,
$this->loggerMock,
$this->userSetupMock,
$userSessionMock,
$this->utilMock,
$this->sessionMock,
$this->cryptMock,
$this->recoveryMock
);
$this->assertNull($userHooks->setPassphrase($this->params));
}
public function testPostPasswordReset() { public function testPostPasswordReset() {
$this->keyManagerMock->expects($this->once()) $this->keyManagerMock->expects($this->once())
->method('replaceUserKeys') ->method('replaceUserKeys')
@ -157,7 +186,7 @@ class UserHooksTest extends TestCase {
protected function setUp() { protected function setUp() {
parent::setUp(); parent::setUp();
$loggerMock = $this->getMock('OCP\ILogger'); $this->loggerMock = $this->getMock('OCP\ILogger');
$this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager') $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager')
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
@ -203,7 +232,7 @@ class UserHooksTest extends TestCase {
$this->recoveryMock = $recoveryMock; $this->recoveryMock = $recoveryMock;
$this->utilMock = $utilMock; $this->utilMock = $utilMock;
$this->instance = new UserHooks($this->keyManagerMock, $this->instance = new UserHooks($this->keyManagerMock,
$loggerMock, $this->loggerMock,
$this->userSetupMock, $this->userSetupMock,
$this->userSessionMock, $this->userSessionMock,
$this->utilMock, $this->utilMock,