582b33bdf1
Do not use realpath() on includes.
262 lines
7.8 KiB
PHP
Executable file
262 lines
7.8 KiB
PHP
Executable file
<?php
|
|
/**
|
|
* ownCloud
|
|
*
|
|
* @author Florin Peter
|
|
* @copyright 2013 Florin Peter <owncloud@florin-peter.de>
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
|
|
* License as published by the Free Software Foundation; either
|
|
* version 3 of the License, or any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public
|
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
|
|
require_once __DIR__ . '/../../../lib/base.php';
|
|
require_once __DIR__ . '/../lib/crypt.php';
|
|
require_once __DIR__ . '/../lib/keymanager.php';
|
|
require_once __DIR__ . '/../lib/proxy.php';
|
|
require_once __DIR__ . '/../lib/stream.php';
|
|
require_once __DIR__ . '/../lib/util.php';
|
|
require_once __DIR__ . '/../appinfo/app.php';
|
|
require_once __DIR__ . '/util.php';
|
|
|
|
use OCA\Encryption;
|
|
|
|
/**
|
|
* Class Test_Encryption_Webdav
|
|
* @brief this class provide basic webdav tests for PUT,GET and DELETE
|
|
*/
|
|
class Test_Encryption_Webdav extends \PHPUnit_Framework_TestCase {
|
|
|
|
const TEST_ENCRYPTION_WEBDAV_USER1 = "test-webdav-user1";
|
|
|
|
public $userId;
|
|
public $pass;
|
|
/**
|
|
* @var \OC_FilesystemView
|
|
*/
|
|
public $view;
|
|
public $dataShort;
|
|
public $stateFilesTrashbin;
|
|
|
|
public static function setUpBeforeClass() {
|
|
// reset backend
|
|
\OC_User::clearBackends();
|
|
\OC_User::useBackend('database');
|
|
|
|
// Filesystem related hooks
|
|
\OCA\Encryption\Helper::registerFilesystemHooks();
|
|
|
|
// Filesystem related hooks
|
|
\OCA\Encryption\Helper::registerUserHooks();
|
|
|
|
// clear and register hooks
|
|
\OC_FileProxy::clearProxies();
|
|
\OC_FileProxy::register(new OCA\Encryption\Proxy());
|
|
|
|
// create test user
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1, true);
|
|
}
|
|
|
|
function setUp() {
|
|
// reset backend
|
|
\OC_User::useBackend('database');
|
|
|
|
// set user id
|
|
\OC_User::setUserId(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1);
|
|
$this->userId = \Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1;
|
|
$this->pass = \Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1;
|
|
|
|
// init filesystem view
|
|
$this->view = new \OC_FilesystemView('/');
|
|
|
|
// init short data
|
|
$this->dataShort = 'hats';
|
|
|
|
// remember files_trashbin state
|
|
$this->stateFilesTrashbin = OC_App::isEnabled('files_trashbin');
|
|
|
|
// we don't want to tests with app files_trashbin enabled
|
|
\OC_App::disable('files_trashbin');
|
|
|
|
// create test user
|
|
\Test_Encryption_Util::loginHelper(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1);
|
|
}
|
|
|
|
function tearDown() {
|
|
// reset app files_trashbin
|
|
if ($this->stateFilesTrashbin) {
|
|
OC_App::enable('files_trashbin');
|
|
}
|
|
else {
|
|
OC_App::disable('files_trashbin');
|
|
}
|
|
}
|
|
|
|
public static function tearDownAfterClass() {
|
|
// cleanup test user
|
|
\OC_User::deleteUser(\Test_Encryption_Webdav::TEST_ENCRYPTION_WEBDAV_USER1);
|
|
}
|
|
|
|
/**
|
|
* @brief test webdav put random file
|
|
*/
|
|
function testWebdavPUT() {
|
|
|
|
// generate filename
|
|
$filename = '/tmp-' . time() . '.txt';
|
|
|
|
// set server vars
|
|
$_SERVER['REQUEST_METHOD'] = 'OPTIONS';
|
|
|
|
$_SERVER['REQUEST_METHOD'] = 'PUT';
|
|
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
|
|
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
|
|
$_SERVER['CONTENT_TYPE'] = 'application/octet-stream';
|
|
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
|
|
$_SERVER['CONTENT_LENGTH'] = strlen($this->dataShort);
|
|
|
|
// handle webdav request
|
|
$this->handleWebdavRequest($this->dataShort);
|
|
|
|
// check if file was created
|
|
$this->assertTrue($this->view->file_exists('/' . $this->userId . '/files' . $filename));
|
|
|
|
// check if key-file was created
|
|
$this->assertTrue($this->view->file_exists(
|
|
'/' . $this->userId . '/files_encryption/keyfiles/' . $filename . '.key'));
|
|
|
|
// check if shareKey-file was created
|
|
$this->assertTrue($this->view->file_exists(
|
|
'/' . $this->userId . '/files_encryption/share-keys/' . $filename . '.' . $this->userId . '.shareKey'));
|
|
|
|
// disable encryption proxy to prevent recursive calls
|
|
$proxyStatus = \OC_FileProxy::$enabled;
|
|
\OC_FileProxy::$enabled = false;
|
|
|
|
// get encrypted file content
|
|
$encryptedContent = $this->view->file_get_contents('/' . $this->userId . '/files' . $filename);
|
|
|
|
// restore proxy state
|
|
\OC_FileProxy::$enabled = $proxyStatus;
|
|
|
|
// check if encrypted content is valid
|
|
$this->assertTrue(Encryption\Crypt::isCatfileContent($encryptedContent));
|
|
|
|
// get decrypted file contents
|
|
$decrypt = file_get_contents('crypt:///' . $this->userId . '/files'. $filename);
|
|
|
|
// check if file content match with the written content
|
|
$this->assertEquals($this->dataShort, $decrypt);
|
|
|
|
// return filename for next test
|
|
return $filename;
|
|
}
|
|
|
|
/**
|
|
* @brief test webdav get random file
|
|
*
|
|
* @depends testWebdavPUT
|
|
*/
|
|
function testWebdavGET($filename) {
|
|
|
|
// set server vars
|
|
$_SERVER['REQUEST_METHOD'] = 'GET';
|
|
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
|
|
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
|
|
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
|
|
|
|
// handle webdav request
|
|
$content = $this->handleWebdavRequest();
|
|
|
|
// check if file content match with the written content
|
|
$this->assertEquals($this->dataShort, $content);
|
|
|
|
// return filename for next test
|
|
return $filename;
|
|
}
|
|
|
|
/**
|
|
* @brief test webdav delete random file
|
|
* @depends testWebdavGET
|
|
*/
|
|
function testWebdavDELETE($filename) {
|
|
// set server vars
|
|
$_SERVER['REQUEST_METHOD'] = 'DELETE';
|
|
$_SERVER['REQUEST_URI'] = '/remote.php/webdav' . $filename;
|
|
$_SERVER['HTTP_AUTHORIZATION'] = 'Basic dGVzdC13ZWJkYXYtdXNlcjE6dGVzdC13ZWJkYXYtdXNlcjE=';
|
|
$_SERVER['PATH_INFO'] = '/webdav' . $filename;
|
|
|
|
// handle webdav request
|
|
$content = $this->handleWebdavRequest();
|
|
|
|
// check if file was removed
|
|
$this->assertFalse($this->view->file_exists('/' . $this->userId . '/files' . $filename));
|
|
|
|
// check if key-file was removed
|
|
$this->assertFalse($this->view->file_exists(
|
|
'/' . $this->userId . '/files_encryption/keyfiles' . $filename . '.key'));
|
|
|
|
// check if shareKey-file was removed
|
|
$this->assertFalse($this->view->file_exists(
|
|
'/' . $this->userId . '/files_encryption/share-keys' . $filename . '.' . $this->userId . '.shareKey'));
|
|
}
|
|
|
|
/**
|
|
* @brief handle webdav request
|
|
*
|
|
* @param bool $body
|
|
*
|
|
* @note this init procedure is copied from /apps/files/appinfo/remote.php
|
|
*/
|
|
function handleWebdavRequest($body = false) {
|
|
// Backends
|
|
$authBackend = new OC_Connector_Sabre_Auth();
|
|
$lockBackend = new OC_Connector_Sabre_Locks();
|
|
$requestBackend = new OC_Connector_Sabre_Request();
|
|
|
|
// Create ownCloud Dir
|
|
$publicDir = new OC_Connector_Sabre_Directory('');
|
|
|
|
// Fire up server
|
|
$server = new Sabre_DAV_Server($publicDir);
|
|
$server->httpRequest = $requestBackend;
|
|
$server->setBaseUri('/remote.php/webdav/');
|
|
|
|
// Load plugins
|
|
$server->addPlugin(new Sabre_DAV_Auth_Plugin($authBackend, 'ownCloud'));
|
|
$server->addPlugin(new Sabre_DAV_Locks_Plugin($lockBackend));
|
|
$server->addPlugin(new Sabre_DAV_Browser_Plugin(false)); // Show something in the Browser, but no upload
|
|
$server->addPlugin(new OC_Connector_Sabre_QuotaPlugin());
|
|
$server->addPlugin(new OC_Connector_Sabre_MaintenancePlugin());
|
|
|
|
// And off we go!
|
|
if ($body) {
|
|
$server->httpRequest->setBody($body);
|
|
}
|
|
|
|
// turn on output buffering
|
|
ob_start();
|
|
|
|
// handle request
|
|
$server->exec();
|
|
|
|
// file content is written in the output buffer
|
|
$content = ob_get_contents();
|
|
|
|
// flush the output buffer and turn off output buffering
|
|
ob_end_clean();
|
|
|
|
// return captured content
|
|
return $content;
|
|
}
|
|
}
|