RecoveryTest.php 9.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Björn Schießle <bjoern@schiessle.org>
  6. * @author Clark Tomlinson <fallen013@gmail.com>
  7. * @author Joas Schilling <coding@schilljs.com>
  8. * @author Lukas Reschke <lukas@statuscode.ch>
  9. *
  10. * @license AGPL-3.0
  11. *
  12. * This code is free software: you can redistribute it and/or modify
  13. * it under the terms of the GNU Affero General Public License, version 3,
  14. * as published by the Free Software Foundation.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License, version 3,
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>
  23. *
  24. */
  25. namespace OCA\Encryption\Tests;
  26. use OC\Files\View;
  27. use OCA\Encryption\Recovery;
  28. use OCP\Encryption\IFile;
  29. use OCP\Encryption\Keys\IStorage;
  30. use OCP\IConfig;
  31. use OCP\Security\ISecureRandom;
  32. use Test\TestCase;
  33. class RecoveryTest extends TestCase {
  34. private static $tempStorage = [];
  35. /**
  36. * @var \OCP\Encryption\IFile|\PHPUnit_Framework_MockObject_MockObject
  37. */
  38. private $fileMock;
  39. /**
  40. * @var \OC\Files\View|\PHPUnit_Framework_MockObject_MockObject
  41. */
  42. private $viewMock;
  43. /**
  44. * @var \OCP\IUserSession|\PHPUnit_Framework_MockObject_MockObject
  45. */
  46. private $userSessionMock;
  47. /**
  48. * @var \OCA\Encryption\KeyManager|\PHPUnit_Framework_MockObject_MockObject
  49. */
  50. private $keyManagerMock;
  51. /**
  52. * @var \OCP\IConfig|\PHPUnit_Framework_MockObject_MockObject
  53. */
  54. private $configMock;
  55. /**
  56. * @var \OCA\Encryption\Crypto\Crypt|\PHPUnit_Framework_MockObject_MockObject
  57. */
  58. private $cryptMock;
  59. /**
  60. * @var Recovery
  61. */
  62. private $instance;
  63. public function testEnableAdminRecoverySuccessful() {
  64. $this->keyManagerMock->expects($this->exactly(2))
  65. ->method('recoveryKeyExists')
  66. ->willReturnOnConsecutiveCalls(false, true);
  67. $this->cryptMock->expects($this->once())
  68. ->method('createKeyPair')
  69. ->willReturn([
  70. 'publicKey' => 'privateKey',
  71. 'privateKey' => 'publicKey',
  72. ]);
  73. $this->keyManagerMock->expects($this->once())
  74. ->method('setRecoveryKey')
  75. ->willReturn(false);
  76. $this->keyManagerMock->expects($this->exactly(2))
  77. ->method('checkRecoveryPassword')
  78. ->willReturnOnConsecutiveCalls(true, true);
  79. $this->assertTrue($this->instance->enableAdminRecovery('password'));
  80. $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
  81. $this->assertEquals(1, self::$tempStorage['recoveryAdminEnabled']);
  82. $this->assertTrue($this->instance->enableAdminRecovery('password'));
  83. }
  84. public function testEnableAdminRecoveryCouldNotCheckPassword() {
  85. $this->keyManagerMock->expects($this->exactly(2))
  86. ->method('recoveryKeyExists')
  87. ->willReturnOnConsecutiveCalls(false, true);
  88. $this->cryptMock->expects($this->once())
  89. ->method('createKeyPair')
  90. ->willReturn([
  91. 'publicKey' => 'privateKey',
  92. 'privateKey' => 'publicKey',
  93. ]);
  94. $this->keyManagerMock->expects($this->once())
  95. ->method('setRecoveryKey')
  96. ->willReturn(false);
  97. $this->keyManagerMock->expects($this->exactly(2))
  98. ->method('checkRecoveryPassword')
  99. ->willReturnOnConsecutiveCalls(true, false);
  100. $this->assertTrue($this->instance->enableAdminRecovery('password'));
  101. $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
  102. $this->assertEquals(1, self::$tempStorage['recoveryAdminEnabled']);
  103. $this->assertFalse($this->instance->enableAdminRecovery('password'));
  104. }
  105. public function testEnableAdminRecoveryCouldNotCreateKey() {
  106. $this->keyManagerMock->expects($this->once())
  107. ->method('recoveryKeyExists')
  108. ->willReturn(false);
  109. $this->cryptMock->expects($this->once())
  110. ->method('createKeyPair')
  111. ->willReturn(false);
  112. $this->assertFalse($this->instance->enableAdminRecovery('password'));
  113. }
  114. public function testChangeRecoveryKeyPasswordSuccessful() {
  115. $this->assertFalse($this->instance->changeRecoveryKeyPassword('password',
  116. 'passwordOld'));
  117. $this->keyManagerMock->expects($this->once())
  118. ->method('getSystemPrivateKey');
  119. $this->cryptMock->expects($this->once())
  120. ->method('decryptPrivateKey');
  121. $this->cryptMock->expects($this->once())
  122. ->method('encryptPrivateKey')
  123. ->willReturn(true);
  124. $this->assertTrue($this->instance->changeRecoveryKeyPassword('password',
  125. 'passwordOld'));
  126. }
  127. public function testChangeRecoveryKeyPasswordCouldNotDecryptPrivateRecoveryKey() {
  128. $this->assertFalse($this->instance->changeRecoveryKeyPassword('password', 'passwordOld'));
  129. $this->keyManagerMock->expects($this->once())
  130. ->method('getSystemPrivateKey');
  131. $this->cryptMock->expects($this->once())
  132. ->method('decryptPrivateKey')
  133. ->will($this->returnValue(false));
  134. $this->assertFalse($this->instance->changeRecoveryKeyPassword('password', 'passwordOld'));
  135. }
  136. public function testDisableAdminRecovery() {
  137. $this->keyManagerMock->expects($this->exactly(2))
  138. ->method('checkRecoveryPassword')
  139. ->willReturnOnConsecutiveCalls(true, false);
  140. $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
  141. $this->assertTrue($this->instance->disableAdminRecovery('password'));
  142. $this->assertEquals(0, self::$tempStorage['recoveryAdminEnabled']);
  143. $this->assertFalse($this->instance->disableAdminRecovery('password'));
  144. }
  145. public function testIsRecoveryEnabledForUser() {
  146. $this->configMock->expects($this->exactly(2))
  147. ->method('getUserValue')
  148. ->willReturnOnConsecutiveCalls('1', '0');
  149. $this->assertTrue($this->instance->isRecoveryEnabledForUser());
  150. $this->assertFalse($this->instance->isRecoveryEnabledForUser('admin'));
  151. }
  152. public function testIsRecoveryKeyEnabled() {
  153. $this->assertFalse($this->instance->isRecoveryKeyEnabled());
  154. self::$tempStorage['recoveryAdminEnabled'] = '1';
  155. $this->assertTrue($this->instance->isRecoveryKeyEnabled());
  156. }
  157. public function testSetRecoveryFolderForUser() {
  158. $this->viewMock->expects($this->exactly(2))
  159. ->method('getDirectoryContent')
  160. ->willReturn([]);
  161. $this->assertTrue($this->instance->setRecoveryForUser(0));
  162. $this->assertTrue($this->instance->setRecoveryForUser('1'));
  163. }
  164. public function testRecoverUserFiles() {
  165. $this->viewMock->expects($this->once())
  166. ->method('getDirectoryContent')
  167. ->willReturn([]);
  168. $this->cryptMock->expects($this->once())
  169. ->method('decryptPrivateKey');
  170. $this->instance->recoverUsersFiles('password', 'admin');
  171. $this->assertTrue(true);
  172. }
  173. public function testRecoverFile() {
  174. $this->keyManagerMock->expects($this->once())
  175. ->method('getEncryptedFileKey')
  176. ->willReturn(true);
  177. $this->keyManagerMock->expects($this->once())
  178. ->method('getShareKey')
  179. ->willReturn(true);
  180. $this->cryptMock->expects($this->once())
  181. ->method('multiKeyDecrypt')
  182. ->willReturn(true);
  183. $this->fileMock->expects($this->once())
  184. ->method('getAccessList')
  185. ->willReturn(['users' => ['admin']]);
  186. $this->keyManagerMock->expects($this->once())
  187. ->method('getPublicKey')
  188. ->willReturn('publicKey');
  189. $this->keyManagerMock->expects($this->once())
  190. ->method('addSystemKeys')
  191. ->with($this->anything(), $this->anything(), $this->equalTo('admin'))
  192. ->willReturn(['admin' => 'publicKey']);
  193. $this->cryptMock->expects($this->once())
  194. ->method('multiKeyEncrypt');
  195. $this->keyManagerMock->expects($this->once())
  196. ->method('setAllFileKeys');
  197. $this->assertNull(self::invokePrivate($this->instance,
  198. 'recoverFile',
  199. ['/', 'testkey', 'admin']));
  200. }
  201. protected function setUp() {
  202. parent::setUp();
  203. $this->userSessionMock = $this->getMockBuilder('OCP\IUserSession')
  204. ->disableOriginalConstructor()
  205. ->setMethods([
  206. 'isLoggedIn',
  207. 'getUID',
  208. 'login',
  209. 'logout',
  210. 'setUser',
  211. 'getUser'
  212. ])
  213. ->getMock();
  214. $this->userSessionMock->expects($this->any())->method('getUID')->will($this->returnValue('admin'));
  215. $this->userSessionMock->expects($this->any())
  216. ->method($this->anything())
  217. ->will($this->returnSelf());
  218. $this->cryptMock = $this->getMockBuilder('OCA\Encryption\Crypto\Crypt')->disableOriginalConstructor()->getMock();
  219. /** @var \OCP\Security\ISecureRandom $randomMock */
  220. $randomMock = $this->createMock(ISecureRandom::class);
  221. $this->keyManagerMock = $this->getMockBuilder('OCA\Encryption\KeyManager')->disableOriginalConstructor()->getMock();
  222. $this->configMock = $this->createMock(IConfig::class);
  223. /** @var \OCP\Encryption\Keys\IStorage $keyStorageMock */
  224. $keyStorageMock = $this->createMock(IStorage::class);
  225. $this->fileMock = $this->createMock(IFile::class);
  226. $this->viewMock = $this->createMock(View::class);
  227. $this->configMock->expects($this->any())
  228. ->method('setAppValue')
  229. ->will($this->returnCallback([$this, 'setValueTester']));
  230. $this->configMock->expects($this->any())
  231. ->method('getAppValue')
  232. ->will($this->returnCallback([$this, 'getValueTester']));
  233. $this->instance = new Recovery($this->userSessionMock,
  234. $this->cryptMock,
  235. $randomMock,
  236. $this->keyManagerMock,
  237. $this->configMock,
  238. $keyStorageMock,
  239. $this->fileMock,
  240. $this->viewMock);
  241. }
  242. /**
  243. * @param $app
  244. * @param $key
  245. * @param $value
  246. */
  247. public function setValueTester($app, $key, $value) {
  248. self::$tempStorage[$key] = $value;
  249. }
  250. /**
  251. * @param $key
  252. */
  253. public function removeValueTester($key) {
  254. unset(self::$tempStorage[$key]);
  255. }
  256. /**
  257. * @param $app
  258. * @param $key
  259. * @return mixed
  260. */
  261. public function getValueTester($app, $key) {
  262. if (!empty(self::$tempStorage[$key])) {
  263. return self::$tempStorage[$key];
  264. }
  265. return null;
  266. }
  267. }