-
Notifications
You must be signed in to change notification settings - Fork 435
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added hook to verify password to allow custom password check #1020
Added hook to verify password to allow custom password check #1020
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please make sure to sign-off your commits as described here to fix the CI errors:
https://github.com/nextcloud/server/blob/master/CONTRIBUTING.md#sign-your-work
Also the new functionality should have a test to avoid breaking it in the future.
lib/Room.php
Outdated
$event = new GenericEvent(null, [ | ||
'password' => $password, | ||
'hasPassword' => $this->hasPassword(), | ||
]); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should pass the room as subject of the event, so the event handler knows which room is checking the password and has access to all parameters:
new GenericEvent($this, [
'password' => $password,
]);
I am not sure on how to create the test, should it be something like:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The test should register an event handler that performs the custom validation. That way, the evaluation of the handler result in talk is tested. Your sample code would only ensure that the event is triggered, but not that its result is evaluated.
For the CI to pass, you need to sign-off all previous commits in this PR (using git rebase -i
) or squash all commits into one (signed-off) commit.
lib/Room.php
Outdated
|
||
$event = new GenericEvent($this, [ | ||
'password' => $password, | ||
'hasPassword' => $this->hasPassword(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The hasPassword
shouldn't be included in the event, the event handler can use the subject of the event (i.e. the room) to call hasPassword
if necessary.
lib/Room.php
Outdated
@@ -633,6 +649,15 @@ public function changeInCall($sessionId, $active) { | |||
* @return bool | |||
*/ | |||
public function verifyPassword($password) { | |||
$event = new GenericEvent($this, [ | |||
'password' => $password, | |||
'hasPassword' => $this->hasPassword(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See above.
lib/Room.php
Outdated
/** | ||
* @param int $length | ||
*/ | ||
public function generateSessionId($length) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where is this used? Please remove if it doesn't belong to this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is used in the hook preJoinRoomGuest to generate a sessionId and return it from the event. secureRandom is private in the Room class so this function is needed for this purpose. This is part of my work on allowing guests to be assigned moderator status so in preJoinRoomGuest I create a sessionId and update the database for the user based upon email address and return the session.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I will remove it for this PR
… Peter Edens <petere@conceiva.com>
e6f46fc
to
12e8250
Compare
I have added tests for verifying the password and testing the dispatch of the event |
lib/Room.php
Outdated
$this->dispatcher->dispatch(self::class . '::verifyPassword', $event); | ||
if ($event->hasArgument('result')) { | ||
$result = $event->getArgument('result'); | ||
return $result; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer:
return [
'result' => $result['result'] ?? false,
'url' => $result['url'] ?? ''
];
here, just to make sure that the values we require in our code are returned
lib/Controller/PageController.php
Outdated
@@ -147,10 +147,22 @@ public function index($token = '', $callUser = '', $password = '') { | |||
} | |||
|
|||
if ($requirePassword) { | |||
if ($password !== '' && $room->verifyPassword($password)) { | |||
$passwordVerification = [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Useless assignment
lib/Controller/PageController.php
Outdated
$this->session->setPasswordForRoom($token, $token); | ||
} else { | ||
return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
if ($passwordVerification['url'] == '') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
empty($passwordVerification['url'])
or === ''
appinfo/info.xml
Outdated
@@ -44,7 +44,7 @@ And in the works for the [coming versions](https://github.com/nextcloud/spreed/m | |||
<screenshot>https://github.com/raw/nextcloud/spreed/master/docs/contacts-menu.png</screenshot> | |||
|
|||
<dependencies> | |||
<nextcloud min-version="14" max-version="14" /> | |||
<nextcloud min-version="13" max-version="14" /> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Revert this please
@@ -194,10 +202,22 @@ protected function guestEnterRoom($token, $password) { | |||
|
|||
$this->session->removePasswordForRoom($token); | |||
if ($room->hasPassword()) { | |||
if ($password !== '' && $room->verifyPassword($password)) { | |||
$passwordVerification = [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
useless assignment
$this->session->setPasswordForRoom($token, $token); | ||
} else { | ||
return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
if ($passwordVerification['url'] == '') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
===
public function testVerifyPassword() { | ||
$dispatcher = \OC::$server->getEventDispatcher(); | ||
|
||
$dispatcher->addListener('OCA\Spreed\Room::verifyPassword', function(GenericEvent $event) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
missing import of Symfony\Component\EventDispatcher\GenericEvent
- OCA\Spreed\Tests\php\Signaling\BackendNotifierTest::testRoomInCallChanged
TypeError: Argument 1 passed to OCA\Spreed\Tests\php\PasswordVerificationTest::OCA\Spreed\Tests\php{closure}() must be an instance of OCA\Spreed\Tests\php\GenericEvent, instance of Symfony\Component\EventDispatcher\GenericEvent given, called in /drone/src/github.com/nextcloud/server/3rdparty/symfony/event-dispatcher/EventDispatcher.php on line 212
/drone/src/github.com/nextcloud/server/apps/spreed/tests/php/PasswordVerificationTest.php:35
/drone/src/github.com/nextcloud/server/3rdparty/symfony/event-dispatcher/EventDispatcher.php:212
/drone/src/github.com/nextcloud/server/3rdparty/symfony/event-dispatcher/EventDispatcher.php:44
/drone/src/github.com/nextcloud/server/apps/spreed/lib/Room.php:645
/drone/src/github.com/nextcloud/server/apps/spreed/lib/Room.php:583
/drone/src/github.com/nextcloud/server/apps/spreed/tests/php/Signaling/BackendNotifierTest.php:287
use OCP\Security\ISecureRandom; | ||
use Test\TestCase; | ||
|
||
class PasswordVerificationTest extends TestCase { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
missing database group:
/**
* @group DB
*/
And #1077 |
I have added a hook to allow overriding the password check in order to provide a different password evaluation. I am using this so that each user can have a different password.