skip user if we don't have a public key

This commit is contained in:
Bjoern Schiessle 2015-04-13 15:56:36 +02:00
parent d308ec4f0e
commit 4ef9df8750
3 changed files with 87 additions and 1 deletions

View file

@ -94,10 +94,12 @@ class Application extends \OCP\AppFramework\App {
public function registerEncryptionModule() {
$container = $this->getContainer();
$this->encryptionManager->registerEncryptionModule(
Encryption::ID,
Encryption::DISPLAY_NAME,
function() use ($container) {
return new Encryption(
$container->query('Crypt'),
$container->query('KeyManager'),
@ -105,6 +107,7 @@ class Application extends \OCP\AppFramework\App {
$container->getServer()->getLogger()
);
});
}
public function registerServices() {

View file

@ -25,6 +25,7 @@
namespace OCA\Encryption\Crypto;
use OCA\Encryption\Exceptions\PublicKeyMissingException;
use OCA\Encryption\Util;
use OCP\Encryption\IEncryptionModule;
use OCA\Encryption\KeyManager;
@ -67,6 +68,7 @@ class Encryption implements IEncryptionModule {
/** @var Util */
private $util;
/** @var ILogger */
private $logger;
@ -161,6 +163,9 @@ class Encryption implements IEncryptionModule {
* @param string $path to the file
* @return string remained data which should be written to the file in case
* of a write operation
* @throws PublicKeyMissingException
* @throws \Exception
* @throws \OCA\Encryption\Exceptions\MultiKeyEncryptException
*/
public function end($path) {
$result = '';
@ -171,7 +176,16 @@ class Encryption implements IEncryptionModule {
}
$publicKeys = array();
foreach ($this->accessList['users'] as $uid) {
$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
try {
$publicKeys[$uid] = $this->keyManager->getPublicKey($uid);
} catch (PublicKeyMissingException $e) {
$this->logger->warning('no public key found for user \'' . $uid .
'\', user will not be able to read the file', array('app' => 'encryption'));
// if the public key of the owner is missing we should fail
if ($uid === $this->user) {
throw $e;
}
}
}
$publicKeys = $this->keyManager->addSystemKeys($this->accessList, $publicKeys);

View file

@ -21,6 +21,7 @@
namespace OCA\Encryption\Tests\Crypto;
use OCA\Encryption\Exceptions\PublicKeyMissingException;
use Test\TestCase;
use OCA\Encryption\Crypto\Encryption;
@ -63,6 +64,74 @@ class EncryptionTest extends TestCase {
$this->utilMock,
$this->loggerMock
);
}
/**
* test if public key from one of the recipients is missing
*/
public function testEndUser1() {
$this->instance->begin('/foo/bar', 'user1', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
$this->endTest();
}
/**
* test if public key from owner is missing
*
* @expectedException \OCA\Encryption\Exceptions\PublicKeyMissingException
*/
public function testEndUser2() {
$this->instance->begin('/foo/bar', 'user2', 'r', array(), array('users' => array('user1', 'user2', 'user3')));
$this->endTest();
}
/**
* common part of testEndUser1 and testEndUser2
*
* @throws PublicKeyMissingException
*/
public function endTest() {
// prepare internal variables
$class = get_class($this->instance);
$module = new \ReflectionClass($class);
$isWriteOperation = $module->getProperty('isWriteOperation');
$writeCache = $module->getProperty('writeCache');
$isWriteOperation->setAccessible(true);
$writeCache->setAccessible(true);
$isWriteOperation->setValue($this->instance, true);
$writeCache->setValue($this->instance, '');
$isWriteOperation->setAccessible(false);
$writeCache->setAccessible(false);
$this->keyManagerMock->expects($this->any())
->method('getPublicKey')
->will($this->returnCallback([$this, 'getPublicKeyCallback']));
$this->keyManagerMock->expects($this->any())
->method('addSystemKeys')
->will($this->returnCallback([$this, 'addSystemKeysCallback']));
$this->cryptMock->expects($this->any())
->method('multiKeyEncrypt')
->willReturn(true);
$this->cryptMock->expects($this->any())
->method('setAllFileKeys')
->willReturn(true);
$this->instance->end('/foo/bar');
}
public function getPublicKeyCallback($uid) {
if ($uid === 'user2') {
throw new PublicKeyMissingException($uid);
}
return $uid;
}
public function addSystemKeysCallback($accessList, $publicKeys) {
$this->assertSame(2, count($publicKeys));
$this->assertArrayHasKey('user1', $publicKeys);
$this->assertArrayHasKey('user3', $publicKeys);
return $publicKeys;
}
/**