You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

252 lines
9.4 KiB

11 years ago
11 years ago
  1. <?php
  2. /**
  3. * @author Georg Ehrke <georg@owncloud.com>
  4. * @author Joas Schilling <nickvergessen@owncloud.com>
  5. * @author Lukas Reschke <lukas@owncloud.com>
  6. * @author Morris Jobke <hey@morrisjobke.de>
  7. * @author Robin Appelman <icewind@owncloud.com>
  8. * @author Vincent Cloutier <vincent1cloutier@gmail.com>
  9. *
  10. * @copyright Copyright (c) 2015, ownCloud, Inc.
  11. * @license AGPL-3.0
  12. *
  13. * This code is free software: you can redistribute it and/or modify
  14. * it under the terms of the GNU Affero General Public License, version 3,
  15. * as published by the Free Software Foundation.
  16. *
  17. * This program is distributed in the hope that it will be useful,
  18. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  20. * GNU Affero General Public License for more details.
  21. *
  22. * You should have received a copy of the GNU Affero General Public License, version 3,
  23. * along with this program. If not, see <http://www.gnu.org/licenses/>
  24. *
  25. */
  26. namespace OCA\Files_Sharing\Controllers;
  27. use OC\Files\Filesystem;
  28. use OCA\Files_Sharing\AppInfo\Application;
  29. use OCP\AppFramework\Http\NotFoundResponse;
  30. use OCP\AppFramework\IAppContainer;
  31. use OCP\AppFramework\Http\RedirectResponse;
  32. use OCP\AppFramework\Http\TemplateResponse;
  33. use OCP\Security\ISecureRandom;
  34. use OC\Files\View;
  35. use OCP\Share;
  36. use OC\URLGenerator;
  37. /**
  38. * @group DB
  39. *
  40. * @package OCA\Files_Sharing\Controllers
  41. */
  42. class ShareControllerTest extends \Test\TestCase {
  43. /** @var IAppContainer */
  44. private $container;
  45. /** @var string */
  46. private $user;
  47. /** @var string */
  48. private $token;
  49. /** @var string */
  50. private $oldUser;
  51. /** @var ShareController */
  52. private $shareController;
  53. /** @var URLGenerator */
  54. private $urlGenerator;
  55. protected function setUp() {
  56. $app = new Application();
  57. $this->container = $app->getContainer();
  58. $this->container['Config'] = $this->getMockBuilder('\OCP\IConfig')
  59. ->disableOriginalConstructor()->getMock();
  60. $this->container['AppName'] = 'files_sharing';
  61. $this->container['UserSession'] = $this->getMockBuilder('\OC\User\Session')
  62. ->disableOriginalConstructor()->getMock();
  63. $this->container['URLGenerator'] = $this->getMockBuilder('\OC\URLGenerator')
  64. ->disableOriginalConstructor()->getMock();
  65. $this->container['UserManager'] = $this->getMockBuilder('\OCP\IUserManager')
  66. ->disableOriginalConstructor()->getMock();
  67. $this->urlGenerator = $this->container['URLGenerator'];
  68. $this->shareController = $this->container['ShareController'];
  69. // Store current user
  70. $this->oldUser = \OC_User::getUser();
  71. // Create a dummy user
  72. $this->user = \OC::$server->getSecureRandom()->getLowStrengthGenerator()->generate(12, ISecureRandom::CHAR_LOWER);
  73. \OC::$server->getUserManager()->createUser($this->user, $this->user);
  74. \OC_Util::tearDownFS();
  75. $this->loginAsUser($this->user);
  76. // Create a dummy shared file
  77. $view = new View('/'. $this->user . '/files');
  78. $view->file_put_contents('file1.txt', 'I am such an awesome shared file!');
  79. $this->token = \OCP\Share::shareItem(
  80. Filesystem::getFileInfo('file1.txt')->getType(),
  81. Filesystem::getFileInfo('file1.txt')->getId(),
  82. \OCP\Share::SHARE_TYPE_LINK,
  83. 'IAmPasswordProtected!',
  84. 1
  85. );
  86. }
  87. protected function tearDown() {
  88. \OC_Util::tearDownFS();
  89. \OC_User::setUserId('');
  90. Filesystem::tearDown();
  91. $user = \OC::$server->getUserManager()->get($this->user);
  92. if ($user !== null) { $user->delete(); }
  93. \OC_User::setIncognitoMode(false);
  94. \OC::$server->getSession()->set('public_link_authenticated', '');
  95. // Set old user
  96. \OC_User::setUserId($this->oldUser);
  97. \OC_Util::setupFS($this->oldUser);
  98. }
  99. public function testShowAuthenticate() {
  100. $linkItem = \OCP\Share::getShareByToken($this->token, false);
  101. // Test without being authenticated
  102. $response = $this->shareController->showAuthenticate($this->token);
  103. $expectedResponse = new TemplateResponse($this->container['AppName'], 'authenticate', array(), 'guest');
  104. $this->assertEquals($expectedResponse, $response);
  105. // Test with being authenticated for another file
  106. \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']-1);
  107. $response = $this->shareController->showAuthenticate($this->token);
  108. $expectedResponse = new TemplateResponse($this->container['AppName'], 'authenticate', array(), 'guest');
  109. $this->assertEquals($expectedResponse, $response);
  110. // Test with being authenticated for the correct file
  111. \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
  112. $response = $this->shareController->showAuthenticate($this->token);
  113. $expectedResponse = new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.showShare', array('token' => $this->token)));
  114. $this->assertEquals($expectedResponse, $response);
  115. }
  116. public function testAuthenticate() {
  117. // Test without a not existing token
  118. $response = $this->shareController->authenticate('ThisTokenShouldHopefullyNeverExistSoThatTheUnitTestWillAlwaysPass :)');
  119. $expectedResponse = new NotFoundResponse();
  120. $this->assertEquals($expectedResponse, $response);
  121. // Test with a valid password
  122. $response = $this->shareController->authenticate($this->token, 'IAmPasswordProtected!');
  123. $expectedResponse = new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.showShare', array('token' => $this->token)));
  124. $this->assertEquals($expectedResponse, $response);
  125. // Test with a invalid password
  126. $response = $this->shareController->authenticate($this->token, 'WrongPw!');
  127. $expectedResponse = new TemplateResponse($this->container['AppName'], 'authenticate', array('wrongpw' => true), 'guest');
  128. $this->assertEquals($expectedResponse, $response);
  129. }
  130. public function testShowShare() {
  131. $this->container['UserManager']->expects($this->exactly(2))
  132. ->method('userExists')
  133. ->with($this->user)
  134. ->will($this->returnValue(true));
  135. // Test without a not existing token
  136. $response = $this->shareController->showShare('ThisTokenShouldHopefullyNeverExistSoThatTheUnitTestWillAlwaysPass :)');
  137. $expectedResponse = new NotFoundResponse();
  138. $this->assertEquals($expectedResponse, $response);
  139. // Test with a password protected share and no authentication
  140. $response = $this->shareController->showShare($this->token);
  141. $expectedResponse = new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate', array('token' => $this->token)));
  142. $this->assertEquals($expectedResponse, $response);
  143. // Test with password protected share and authentication
  144. $linkItem = Share::getShareByToken($this->token, false);
  145. \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
  146. $response = $this->shareController->showShare($this->token);
  147. $sharedTmplParams = array(
  148. 'displayName' => $this->user,
  149. 'owner' => $this->user,
  150. 'filename' => 'file1.txt',
  151. 'directory_path' => '/file1.txt',
  152. 'mimetype' => 'text/plain',
  153. 'dirToken' => $this->token,
  154. 'sharingToken' => $this->token,
  155. 'server2serversharing' => true,
  156. 'protected' => 'true',
  157. 'dir' => '',
  158. 'downloadURL' => null,
  159. 'fileSize' => '33 B',
  160. 'nonHumanFileSize' => 33,
  161. 'maxSizeAnimateGif' => 10,
  162. 'previewSupported' => true,
  163. 'previewEnabled' => true,
  164. );
  165. $csp = new \OCP\AppFramework\Http\ContentSecurityPolicy();
  166. $csp->addAllowedFrameDomain('\'self\'');
  167. $expectedResponse = new TemplateResponse($this->container['AppName'], 'public', $sharedTmplParams, 'base');
  168. $expectedResponse->setContentSecurityPolicy($csp);
  169. $this->assertEquals($expectedResponse, $response);
  170. }
  171. public function testDownloadShare() {
  172. // Test with a password protected share and no authentication
  173. $response = $this->shareController->downloadShare($this->token);
  174. $expectedResponse = new RedirectResponse($this->urlGenerator->linkToRoute('files_sharing.sharecontroller.authenticate',
  175. array('token' => $this->token)));
  176. $this->assertEquals($expectedResponse, $response);
  177. }
  178. /**
  179. * @expectedException \OCP\Files\NotFoundException
  180. */
  181. public function testShowShareWithDeletedFile() {
  182. $this->container['UserManager']->expects($this->once())
  183. ->method('userExists')
  184. ->with($this->user)
  185. ->will($this->returnValue(true));
  186. $view = new View('/'. $this->user . '/files');
  187. $view->unlink('file1.txt');
  188. $linkItem = Share::getShareByToken($this->token, false);
  189. \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
  190. $this->shareController->showShare($this->token);
  191. }
  192. /**
  193. * @expectedException \OCP\Files\NotFoundException
  194. */
  195. public function testDownloadShareWithDeletedFile() {
  196. $this->container['UserManager']->expects($this->once())
  197. ->method('userExists')
  198. ->with($this->user)
  199. ->will($this->returnValue(true));
  200. $view = new View('/'. $this->user . '/files');
  201. $view->unlink('file1.txt');
  202. $linkItem = Share::getShareByToken($this->token, false);
  203. \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
  204. $this->shareController->downloadShare($this->token);
  205. }
  206. /**
  207. * @expectedException \Exception
  208. * @expectedExceptionMessage Owner of the share does not exist anymore
  209. */
  210. public function testShowShareWithNotExistingUser() {
  211. $this->container['UserManager']->expects($this->once())
  212. ->method('userExists')
  213. ->with($this->user)
  214. ->will($this->returnValue(false));
  215. $linkItem = Share::getShareByToken($this->token, false);
  216. \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
  217. $this->shareController->showShare($this->token);
  218. }
  219. }