public function testCheckPasswordValidPassword()
{
$share = $this->getMock('\\OC\\Share20\\IShare');
$share->method('getShareType')->willReturn(\OCP\Share::SHARE_TYPE_LINK);
$share->method('getPassword')->willReturn('passwordHash');
$this->hasher->method('verify')->with('password', 'passwordHash', '')->willReturn(true);
$this->assertTrue($this->manager->checkPassword($share, 'password'));
}
/**
* Share a path
*
* @param IShare $share
* @return Share The share object
* @throws \Exception
*
* TODO: handle link share permissions or check them
*/
public function createShare(IShare $share)
{
if (!$this->canShare($share)) {
throw new \Exception('The Share API is disabled');
}
$this->generalCreateChecks($share);
//Verify share type
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
$this->userCreateChecks($share);
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) {
$this->groupCreateChecks($share);
} else {
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_LINK) {
$this->linkCreateChecks($share);
/*
* For now ignore a set token.
*/
$share->setToken($this->secureRandom->generate(\OC\Share\Constants::TOKEN_LENGTH, \OCP\Security\ISecureRandom::CHAR_LOWER . \OCP\Security\ISecureRandom::CHAR_UPPER . \OCP\Security\ISecureRandom::CHAR_DIGITS));
//Verify the expiration date
$share->setExpirationDate($this->validateExpiredate($share->getExpirationDate()));
//Verify the password
$this->verifyPassword($share->getPassword());
// If a password is set. Hash it!
if ($share->getPassword() !== null) {
$share->setPassword($this->hasher->hash($share->getPassword()));
}
}
}
}
// Verify if there are any issues with the path
$this->pathCreateChecks($share->getPath());
// On creation of a share the owner is always the owner of the path
$share->setShareOwner($share->getPath()->getOwner());
// Generate the target
$target = $this->config->getSystemValue('share_folder', '/') . '/' . $share->getPath()->getName();
$target = \OC\Files\Filesystem::normalizePath($target);
$share->setTarget($target);
// Pre share hook
$run = true;
$error = '';
$preHookData = ['itemType' => $share->getPath() instanceof \OCP\Files\File ? 'file' : 'folder', 'itemSource' => $share->getPath()->getId(), 'shareType' => $share->getShareType(), 'uidOwner' => $share->getSharedBy()->getUID(), 'permissions' => $share->getPermissions(), 'fileSource' => $share->getPath()->getId(), 'expiration' => $share->getExpirationDate(), 'token' => $share->getToken(), 'run' => &$run, 'error' => &$error];
\OC_Hook::emit('OCP\\Share', 'pre_shared', $preHookData);
if ($run === false) {
throw new \Exception($error);
}
$provider = $this->factory->getProviderForType($share->getShareType());
$share = $provider->create($share);
$share->setProviderId($provider->identifier());
// Post share hook
$postHookData = ['itemType' => $share->getPath() instanceof \OCP\Files\File ? 'file' : 'folder', 'itemSource' => $share->getPath()->getId(), 'shareType' => $share->getShareType(), 'uidOwner' => $share->getSharedBy()->getUID(), 'permissions' => $share->getPermissions(), 'fileSource' => $share->getPath()->getId(), 'expiration' => $share->getExpirationDate(), 'token' => $share->getToken(), 'id' => $share->getId()];
\OC_Hook::emit('OCP\\Share', 'post_shared', $postHookData);
return $share;
}
public function testCheckPasswordUpdateShare()
{
$share = $this->manager->newShare();
$share->setShareType(\OCP\Share::SHARE_TYPE_LINK)->setPassword('passwordHash');
$this->hasher->method('verify')->with('password', 'passwordHash', '')->will($this->returnCallback(function ($pass, $hash, &$newHash) {
$newHash = 'newHash';
return true;
}));
$this->defaultProvider->expects($this->once())->method('update')->with($this->callback(function (\OCP\Share\IShare $share) {
return $share->getPassword() === 'newHash';
}));
$this->assertTrue($this->manager->checkPassword($share, 'password'));
}
/**
* Validates the given password
*
* @param array|bool $linkItem
* @param string $password
*
* @throws ServiceException
*/
private function checkPassword($linkItem, $password)
{
$newHash = '';
if ($this->hasher->verify($password, $linkItem['share_with'], $newHash)) {
// Save item id in session for future requests
$this->session->set('public_link_authenticated', $linkItem['id']);
if (!empty($newHash)) {
// For future use
}
} else {
$this->logAndThrow("Wrong password", Http::STATUS_UNAUTHORIZED);
}
}
/**
* Validates the given password
*
* @param array|bool $linkItem
* @param string $password
*
* @throws CheckException
*/
private function checkPassword($linkItem, $password)
{
$newHash = '';
if ($this->hasher->verify($password, $linkItem['share_with'], $newHash)) {
// Save item id in session for future requests
$this->session->set('public_link_authenticated', $linkItem['id']);
// @codeCoverageIgnoreStart
if (!empty($newHash)) {
// For future use
}
// @codeCoverageIgnoreEnd
} else {
throw new CheckException("Wrong password", Http::STATUS_UNAUTHORIZED);
}
}
/**
* Verify the password of a public share
*
* @param IShare $share
* @param string $password
* @return bool
*/
public function checkPassword(IShare $share, $password)
{
if ($share->getShareType() !== \OCP\Share::SHARE_TYPE_LINK) {
//TODO maybe exception?
return false;
}
if ($password === null || $share->getPassword() === null) {
return false;
}
$newHash = '';
if (!$this->hasher->verify($password, $share->getPassword(), $newHash)) {
return false;
}
if (!empty($newHash)) {
//TODO update hash!
}
return true;
}
/**
* Verify the password of a public share
*
* @param \OCP\Share\IShare $share
* @param string $password
* @return bool
*/
public function checkPassword(\OCP\Share\IShare $share, $password)
{
if ($share->getShareType() !== \OCP\Share::SHARE_TYPE_LINK) {
//TODO maybe exception?
return false;
}
if ($password === null || $share->getPassword() === null) {
return false;
}
$newHash = '';
if (!$this->hasher->verify($password, $share->getPassword(), $newHash)) {
return false;
}
if (!empty($newHash)) {
$share->setPassword($newHash);
$provider = $this->factory->getProviderForType($share->getShareType());
$provider->update($share);
}
return true;
}
public function testCreateShareLink()
{
$manager = $this->createManagerMock()->setMethods(['canShare', 'generalCreateChecks', 'linkCreateChecks', 'pathCreateChecks', 'validateExpiredate', 'verifyPassword'])->getMock();
$sharedBy = $this->getMock('\\OCP\\IUser');
$sharedBy->method('getUID')->willReturn('sharedBy');
$shareOwner = $this->getMock('\\OCP\\IUser');
$path = $this->getMock('\\OCP\\Files\\File');
$path->method('getOwner')->willReturn($shareOwner);
$path->method('getName')->willReturn('target');
$path->method('getId')->willReturn(1);
$date = new \DateTime();
$share = $this->createShare(null, \OCP\Share::SHARE_TYPE_LINK, $path, null, $sharedBy, null, \OCP\Constants::PERMISSION_ALL, $date, 'password');
$manager->expects($this->once())->method('canShare')->with($share)->willReturn(true);
$manager->expects($this->once())->method('generalCreateChecks')->with($share);
$manager->expects($this->once())->method('linkCreateChecks')->with($share);
$manager->expects($this->once())->method('pathCreateChecks')->with($path);
$manager->expects($this->once())->method('validateExpiredate')->with($date)->will($this->returnArgument(0));
$manager->expects($this->once())->method('verifyPassword')->with('password');
$this->hasher->expects($this->once())->method('hash')->with('password')->willReturn('hashed');
$this->secureRandom->method('getMediumStrengthGenerator')->will($this->returnSelf());
$this->secureRandom->method('generate')->willReturn('token');
$this->defaultProvider->expects($this->once())->method('create')->with($share)->will($this->returnArgument(0));
$share->expects($this->once())->method('setShareOwner')->with($shareOwner);
$share->expects($this->once())->method('setTarget')->with('/target');
$share->method('getTarget')->willReturn('/target');
$share->expects($this->once())->method('setExpirationDate')->with($date);
$share->expects($this->once())->method('setPassword')->with('hashed');
$share->method('getToken')->willReturn('token');
$hookListner = $this->getMockBuilder('Dummy')->setMethods(['pre', 'post'])->getMock();
\OCP\Util::connectHook('OCP\\Share', 'pre_shared', $hookListner, 'pre');
\OCP\Util::connectHook('OCP\\Share', 'post_shared', $hookListner, 'post');
$hookListnerExpectsPre = ['itemType' => 'file', 'itemSource' => 1, 'shareType' => \OCP\Share::SHARE_TYPE_LINK, 'uidOwner' => 'sharedBy', 'permissions' => 31, 'fileSource' => 1, 'expiration' => $date, 'token' => 'token', 'run' => true, 'error' => '', 'itemTarget' => '/target', 'shareWith' => null];
$hookListnerExpectsPost = ['itemType' => 'file', 'itemSource' => 1, 'shareType' => \OCP\Share::SHARE_TYPE_LINK, 'uidOwner' => 'sharedBy', 'permissions' => 31, 'fileSource' => 1, 'expiration' => $date, 'token' => 'token', 'id' => 42, 'itemTarget' => '/target', 'fileTarget' => '/target', 'shareWith' => null];
$share->method('getId')->willReturn(42);
$hookListner->expects($this->once())->method('pre')->with($this->equalTo($hookListnerExpectsPre));
$hookListner->expects($this->once())->method('post')->with($this->equalTo($hookListnerExpectsPost));
$manager->createShare($share);
}
/**
* @param string $givenPassword clear text password
* @param string $tokenPassword encrypted password
* @param bool $valid
*/
private function mockHasherVerify($givenPassword, $tokenPassword, $valid)
{
$this->hasher->expects($this->once())->method('verify')->with($givenPassword, $tokenPassword, '')->willReturn($valid);
}
