don't allow token login for disabled users
This commit is contained in:
Christoph Wurst
parent
dc0e3617dc
commit
f824f3e5f3
2 changed files with 36 additions and 0 deletions
|
|
@ -362,6 +362,10 @@ class Session implements IUserSession, Emitter {
|
|||
// user does not exist
|
||||
return false;
|
||||
}
|
||||
if (!$user->isEnabled()) {
|
||||
// disabled users can not log in
|
||||
return false;
|
||||
}
|
||||
|
||||
//login
|
||||
$this->setUser($user);
|
||||
|
|
|
|||
|
|
@ -477,4 +477,36 @@ class Session extends \Test\TestCase {
|
|||
$this->assertEquals($users['bar'], $userSession->getUser());
|
||||
}
|
||||
|
||||
public function testTryTokenLoginWithDisabledUser() {
|
||||
$manager = $this->getMockBuilder('\OC\User\Manager')
|
||||
->disableOriginalConstructor()
|
||||
->getMock();
|
||||
$session = new Memory('');
|
||||
$token = $this->getMock('\OC\Authentication\Token\IToken');
|
||||
$user = $this->getMock('\OCP\IUser');
|
||||
$userSession = new \OC\User\Session($manager, $session, $this->timeFactory, $this->defaultProvider);
|
||||
$request = $this->getMock('\OCP\IRequest');
|
||||
|
||||
$request->expects($this->once())
|
||||
->method('getHeader')
|
||||
->with('Authorization')
|
||||
->will($this->returnValue('token xxxxx'));
|
||||
$this->defaultProvider->expects($this->once())
|
||||
->method('validateToken')
|
||||
->with('xxxxx')
|
||||
->will($this->returnValue($token));
|
||||
$token->expects($this->once())
|
||||
->method('getUID')
|
||||
->will($this->returnValue('user123'));
|
||||
$manager->expects($this->once())
|
||||
->method('get')
|
||||
->with('user123')
|
||||
->will($this->returnValue($user));
|
||||
$user->expects($this->once())
|
||||
->method('isEnabled')
|
||||
->will($this->returnValue(false));
|
||||
|
||||
$this->assertFalse($userSession->tryTokenLogin($request));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue