RecoveryTest.php 9.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Björn Schießle <bjoern@schiessle.org>
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author Clark Tomlinson <fallen013@gmail.com>
  8. * @author Joas Schilling <coding@schilljs.com>
  9. * @author Lukas Reschke <lukas@statuscode.ch>
  10. * @author Morris Jobke <hey@morrisjobke.de>
  11. * @author Roeland Jago Douma <roeland@famdouma.nl>
  12. *
  13. * @license AGPL-3.0
  14. *
  15. * This code is free software: you can redistribute it and/or modify
  16. * it under the terms of the GNU Affero General Public License, version 3,
  17. * as published by the Free Software Foundation.
  18. *
  19. * This program is distributed in the hope that it will be useful,
  20. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  22. * GNU Affero General Public License for more details.
  23. *
  24. * You should have received a copy of the GNU Affero General Public License, version 3,
  25. * along with this program. If not, see <http://www.gnu.org/licenses/>
  26. *
  27. */
  28. namespace OCA\Encryption\Tests;
  29. use OC\Files\View;
  30. use OCA\Encryption\Crypto\Crypt;
  31. use OCA\Encryption\KeyManager;
  32. use OCA\Encryption\Recovery;
  33. use OCP\Encryption\IFile;
  34. use OCP\IConfig;
  35. use OCP\IUser;
  36. use OCP\IUserSession;
  37. use PHPUnit\Framework\MockObject\MockObject;
  38. use Test\TestCase;
  39. class RecoveryTest extends TestCase {
  40. private static $tempStorage = [];
  41. /**
  42. * @var \OCP\Encryption\IFile|\PHPUnit\Framework\MockObject\MockObject
  43. */
  44. private $fileMock;
  45. /**
  46. * @var \OC\Files\View|\PHPUnit\Framework\MockObject\MockObject
  47. */
  48. private $viewMock;
  49. /**
  50. * @var \OCP\IUserSession|\PHPUnit\Framework\MockObject\MockObject
  51. */
  52. private $userSessionMock;
  53. /**
  54. * @var MockObject|IUser
  55. */
  56. private $user;
  57. /**
  58. * @var \OCA\Encryption\KeyManager|\PHPUnit\Framework\MockObject\MockObject
  59. */
  60. private $keyManagerMock;
  61. /**
  62. * @var \OCP\IConfig|\PHPUnit\Framework\MockObject\MockObject
  63. */
  64. private $configMock;
  65. /**
  66. * @var \OCA\Encryption\Crypto\Crypt|\PHPUnit\Framework\MockObject\MockObject
  67. */
  68. private $cryptMock;
  69. /**
  70. * @var Recovery
  71. */
  72. private $instance;
  73. public function testEnableAdminRecoverySuccessful() {
  74. $this->keyManagerMock->expects($this->exactly(2))
  75. ->method('recoveryKeyExists')
  76. ->willReturnOnConsecutiveCalls(false, true);
  77. $this->cryptMock->expects($this->once())
  78. ->method('createKeyPair')
  79. ->willReturn([
  80. 'publicKey' => 'privateKey',
  81. 'privateKey' => 'publicKey',
  82. ]);
  83. $this->keyManagerMock->expects($this->once())
  84. ->method('setRecoveryKey')
  85. ->willReturn(false);
  86. $this->keyManagerMock->expects($this->exactly(2))
  87. ->method('checkRecoveryPassword')
  88. ->willReturnOnConsecutiveCalls(true, true);
  89. $this->assertTrue($this->instance->enableAdminRecovery('password'));
  90. $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
  91. $this->assertEquals(1, self::$tempStorage['recoveryAdminEnabled']);
  92. $this->assertTrue($this->instance->enableAdminRecovery('password'));
  93. }
  94. public function testEnableAdminRecoveryCouldNotCheckPassword() {
  95. $this->keyManagerMock->expects($this->exactly(2))
  96. ->method('recoveryKeyExists')
  97. ->willReturnOnConsecutiveCalls(false, true);
  98. $this->cryptMock->expects($this->once())
  99. ->method('createKeyPair')
  100. ->willReturn([
  101. 'publicKey' => 'privateKey',
  102. 'privateKey' => 'publicKey',
  103. ]);
  104. $this->keyManagerMock->expects($this->once())
  105. ->method('setRecoveryKey')
  106. ->willReturn(false);
  107. $this->keyManagerMock->expects($this->exactly(2))
  108. ->method('checkRecoveryPassword')
  109. ->willReturnOnConsecutiveCalls(true, false);
  110. $this->assertTrue($this->instance->enableAdminRecovery('password'));
  111. $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
  112. $this->assertEquals(1, self::$tempStorage['recoveryAdminEnabled']);
  113. $this->assertFalse($this->instance->enableAdminRecovery('password'));
  114. }
  115. public function testEnableAdminRecoveryCouldNotCreateKey() {
  116. $this->keyManagerMock->expects($this->once())
  117. ->method('recoveryKeyExists')
  118. ->willReturn(false);
  119. $this->cryptMock->expects($this->once())
  120. ->method('createKeyPair')
  121. ->willReturn(false);
  122. $this->assertFalse($this->instance->enableAdminRecovery('password'));
  123. }
  124. public function testChangeRecoveryKeyPasswordSuccessful() {
  125. $this->assertFalse($this->instance->changeRecoveryKeyPassword('password',
  126. 'passwordOld'));
  127. $this->keyManagerMock->expects($this->once())
  128. ->method('getSystemPrivateKey');
  129. $this->cryptMock->expects($this->once())
  130. ->method('decryptPrivateKey');
  131. $this->cryptMock->expects($this->once())
  132. ->method('encryptPrivateKey')
  133. ->willReturn(true);
  134. $this->assertTrue($this->instance->changeRecoveryKeyPassword('password',
  135. 'passwordOld'));
  136. }
  137. public function testChangeRecoveryKeyPasswordCouldNotDecryptPrivateRecoveryKey() {
  138. $this->assertFalse($this->instance->changeRecoveryKeyPassword('password', 'passwordOld'));
  139. $this->keyManagerMock->expects($this->once())
  140. ->method('getSystemPrivateKey');
  141. $this->cryptMock->expects($this->once())
  142. ->method('decryptPrivateKey')
  143. ->willReturn(false);
  144. $this->assertFalse($this->instance->changeRecoveryKeyPassword('password', 'passwordOld'));
  145. }
  146. public function testDisableAdminRecovery() {
  147. $this->keyManagerMock->expects($this->exactly(2))
  148. ->method('checkRecoveryPassword')
  149. ->willReturnOnConsecutiveCalls(true, false);
  150. $this->assertArrayHasKey('recoveryAdminEnabled', self::$tempStorage);
  151. $this->assertTrue($this->instance->disableAdminRecovery('password'));
  152. $this->assertEquals(0, self::$tempStorage['recoveryAdminEnabled']);
  153. $this->assertFalse($this->instance->disableAdminRecovery('password'));
  154. }
  155. public function testIsRecoveryEnabledForUser() {
  156. $this->configMock->expects($this->exactly(2))
  157. ->method('getUserValue')
  158. ->willReturnOnConsecutiveCalls('1', '0');
  159. $this->assertTrue($this->instance->isRecoveryEnabledForUser());
  160. $this->assertFalse($this->instance->isRecoveryEnabledForUser('admin'));
  161. }
  162. public function testIsRecoveryKeyEnabled() {
  163. $this->assertFalse($this->instance->isRecoveryKeyEnabled());
  164. self::$tempStorage['recoveryAdminEnabled'] = '1';
  165. $this->assertTrue($this->instance->isRecoveryKeyEnabled());
  166. }
  167. public function testSetRecoveryFolderForUser() {
  168. $this->viewMock->expects($this->exactly(2))
  169. ->method('getDirectoryContent')
  170. ->willReturn([]);
  171. $this->assertTrue($this->instance->setRecoveryForUser(0));
  172. $this->assertTrue($this->instance->setRecoveryForUser('1'));
  173. }
  174. public function testRecoverUserFiles() {
  175. $this->viewMock->expects($this->once())
  176. ->method('getDirectoryContent')
  177. ->willReturn([]);
  178. $this->cryptMock->expects($this->once())
  179. ->method('decryptPrivateKey')
  180. ->willReturn('privateKey');
  181. $this->instance->recoverUsersFiles('password', 'admin');
  182. $this->addToAssertionCount(1);
  183. }
  184. public function testRecoverFile() {
  185. $this->keyManagerMock->expects($this->once())
  186. ->method('getEncryptedFileKey')
  187. ->willReturn(true);
  188. $this->keyManagerMock->expects($this->once())
  189. ->method('getShareKey')
  190. ->willReturn(true);
  191. $this->cryptMock->expects($this->once())
  192. ->method('multiKeyDecryptLegacy')
  193. ->willReturn('multiKeyDecryptLegacyResult');
  194. $this->fileMock->expects($this->once())
  195. ->method('getAccessList')
  196. ->willReturn(['users' => ['admin']]);
  197. $this->keyManagerMock->expects($this->once())
  198. ->method('getPublicKey')
  199. ->willReturn('publicKey');
  200. $this->keyManagerMock->expects($this->once())
  201. ->method('addSystemKeys')
  202. ->with($this->anything(), $this->anything(), $this->equalTo('admin'))
  203. ->willReturn(['admin' => 'publicKey']);
  204. $this->cryptMock->expects($this->once())
  205. ->method('multiKeyEncrypt')
  206. ->willReturn(['admin' => 'shareKey']);
  207. $this->keyManagerMock->expects($this->once())
  208. ->method('deleteLegacyFileKey');
  209. $this->keyManagerMock->expects($this->once())
  210. ->method('setShareKey');
  211. $this->assertNull(self::invokePrivate($this->instance,
  212. 'recoverFile',
  213. ['/', 'testkey', 'admin']));
  214. }
  215. protected function setUp(): void {
  216. parent::setUp();
  217. $this->user = $this->createMock(IUser::class);
  218. $this->user->expects($this->any())
  219. ->method('getUID')
  220. ->willReturn('admin');
  221. $this->userSessionMock = $this->createMock(IUserSession::class);
  222. $this->userSessionMock->expects($this->any())
  223. ->method('getUser')
  224. ->willReturn($this->user);
  225. $this->userSessionMock->expects($this->any())
  226. ->method('isLoggedIn')
  227. ->willReturn(true);
  228. $this->cryptMock = $this->getMockBuilder(Crypt::class)->disableOriginalConstructor()->getMock();
  229. $this->keyManagerMock = $this->getMockBuilder(KeyManager::class)->disableOriginalConstructor()->getMock();
  230. $this->configMock = $this->createMock(IConfig::class);
  231. $this->fileMock = $this->createMock(IFile::class);
  232. $this->viewMock = $this->createMock(View::class);
  233. $this->configMock->expects($this->any())
  234. ->method('setAppValue')
  235. ->willReturnCallback([$this, 'setValueTester']);
  236. $this->configMock->expects($this->any())
  237. ->method('getAppValue')
  238. ->willReturnCallback([$this, 'getValueTester']);
  239. $this->instance = new Recovery($this->userSessionMock,
  240. $this->cryptMock,
  241. $this->keyManagerMock,
  242. $this->configMock,
  243. $this->fileMock,
  244. $this->viewMock);
  245. }
  246. /**
  247. * @param $app
  248. * @param $key
  249. * @param $value
  250. */
  251. public function setValueTester($app, $key, $value) {
  252. self::$tempStorage[$key] = $value;
  253. }
  254. /**
  255. * @param $key
  256. */
  257. public function removeValueTester($key) {
  258. unset(self::$tempStorage[$key]);
  259. }
  260. /**
  261. * @param $app
  262. * @param $key
  263. * @return mixed
  264. */
  265. public function getValueTester($app, $key) {
  266. if (!empty(self::$tempStorage[$key])) {
  267. return self::$tempStorage[$key];
  268. }
  269. return null;
  270. }
  271. }