From b0b03661c1b16376c755fc1570a5ba32f7071896 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Wed, 1 Jun 2022 14:10:38 +0200 Subject: [PATCH 1/2] Trim mount point before matching in encryption code Often times the mount point has a leading slash. This fix sanitizes it to make sure matching works. Signed-off-by: Vincent Petry --- lib/private/Encryption/Util.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/private/Encryption/Util.php b/lib/private/Encryption/Util.php index dc878ba8fc133..bf89ef26f082c 100644 --- a/lib/private/Encryption/Util.php +++ b/lib/private/Encryption/Util.php @@ -304,7 +304,7 @@ public function isSystemWideMountPoint($path, $uid) { $storageService = \OC::$server->get(GlobalStoragesService::class); $storages = $storageService->getAllStorages(); foreach ($storages as $storage) { - if (strpos($path, '/files/' . $storage->getMountPoint()) === 0) { + if (strpos($path, '/files/' . ltrim($storage->getMountPoint(), '/')) === 0) { if ($this->isMountPointApplicableToUser($storage, $uid)) { return true; } From c2c65c26fd67b790db42560279136801ec4d9ec9 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Wed, 1 Jun 2022 18:01:59 +0200 Subject: [PATCH 2/2] Add unit tests for encryption's isSystemWideMountPoint Signed-off-by: Vincent Petry --- tests/lib/Encryption/UtilTest.php | 41 +++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/tests/lib/Encryption/UtilTest.php b/tests/lib/Encryption/UtilTest.php index 84d81dd1cbb4b..02155be11ddab 100644 --- a/tests/lib/Encryption/UtilTest.php +++ b/tests/lib/Encryption/UtilTest.php @@ -4,6 +4,8 @@ use OC\Encryption\Util; use OC\Files\View; +use OCA\Files_External\Lib\StorageConfig; +use OCA\Files_External\Service\GlobalStoragesService; use OCP\Encryption\IEncryptionModule; use OCP\IConfig; use Test\TestCase; @@ -188,4 +190,43 @@ public function dataTestStripPartialFileExtension() { ['/foo/test.txt.ocTransferId7567.part', '/foo/test.txt'], ]; } + + public function dataTestIsSystemWideMountPoint() { + return [ + [false, 'non-matching mount point name', [], [], '/mp_another'], + [true, 'applicable to all', [], []], + [true, 'applicable to user directly', ['user1'], []], + [true, 'applicable to group directly', [], ['group1']], + [false, 'non-applicable to current user', ['user2'], []], + [false, 'non-applicable to current user\'s group', [], ['group2']], + [true, 'mount point without leading slash', [], [], 'mp'], + ]; + } + + /** + * @dataProvider dataTestIsSystemWideMountPoint + */ + public function testIsSystemWideMountPoint($expectedResult, $expectationText, $applicableUsers, $applicableGroups, $mountPointName = '/mp') { + $this->groupManager->method('isInGroup') + ->will($this->returnValueMap([ + ['user1', 'group1', true], // user is only in group1 + ['user1', 'group2', false], + ])); + + $storages = []; + + $storageConfig = $this->createMock(StorageConfig::class); + $storageConfig->method('getMountPoint')->willReturn($mountPointName); + $storageConfig->method('getApplicableUsers')->willReturn($applicableUsers); + $storageConfig->method('getApplicableGroups')->willReturn($applicableGroups); + $storages[] = $storageConfig; + + $storagesServiceMock = $this->createMock(GlobalStoragesService::class); + $storagesServiceMock->expects($this->atLeastOnce())->method('getAllStorages') + ->willReturn($storages); + + $this->overwriteService(GlobalStoragesService::class, $storagesServiceMock); + + $this->assertEquals($expectedResult, $this->util->isSystemWideMountPoint('/files/mp', 'user1'), 'Test case: ' . $expectationText); + } }