Added hook to verify password to allow custom password check #1020
Conversation
There was a problem hiding this comment.
Please make sure to sign-off your commits as described here to fix the CI errors:
https://github.com/nextcloud/server/blob/master/CONTRIBUTING.md#sign-your-work
Also the new functionality should have a test to avoid breaking it in the future.
lib/Room.php
Outdated
| $event = new GenericEvent(null, [ | ||
| 'password' => $password, | ||
| 'hasPassword' => $this->hasPassword(), | ||
| ]); |
There was a problem hiding this comment.
You should pass the room as subject of the event, so the event handler knows which room is checking the password and has access to all parameters:
new GenericEvent($this, [
'password' => $password,
]);
nickvergessen
added
2. developing
enhancement
feature: api 🛠️
|
I am not sure on how to create the test, should it be something like: |
There was a problem hiding this comment.
The test should register an event handler that performs the custom validation. That way, the evaluation of the handler result in talk is tested. Your sample code would only ensure that the event is triggered, but not that its result is evaluated.
For the CI to pass, you need to sign-off all previous commits in this PR (using git rebase -i) or squash all commits into one (signed-off) commit.
lib/Room.php
Outdated
|
|
||
| $event = new GenericEvent($this, [ | ||
| 'password' => $password, | ||
| 'hasPassword' => $this->hasPassword(), |
There was a problem hiding this comment.
The hasPassword shouldn't be included in the event, the event handler can use the subject of the event (i.e. the room) to call hasPassword if necessary.
lib/Room.php
Outdated
| @@ -633,6 +649,15 @@ public function changeInCall($sessionId, $active) { | |||
| * @return bool | |||
| */ | |||
| public function verifyPassword($password) { | |||
| $event = new GenericEvent($this, [ | |||
| 'password' => $password, | |||
| 'hasPassword' => $this->hasPassword(), | |||
lib/Room.php
Outdated
| /** | ||
| * @param int $length | ||
| */ | ||
| public function generateSessionId($length) { |
There was a problem hiding this comment.
Where is this used? Please remove if it doesn't belong to this PR.
There was a problem hiding this comment.
This is used in the hook preJoinRoomGuest to generate a sessionId and return it from the event. secureRandom is private in the Room class so this function is needed for this purpose. This is part of my work on allowing guests to be assigned moderator status so in preJoinRoomGuest I create a sessionId and update the database for the user based upon email address and return the session.
There was a problem hiding this comment.
I will remove it for this PR
… Peter Edens <petere@conceiva.com>
Peterede
force-pushed
the
verify-password-hook
branch
from
e6f46fc
to
12e8250
Compare
|
I have added tests for verifying the password and testing the dispatch of the event |
lib/Room.php
Outdated
| $this->dispatcher->dispatch(self::class . '::verifyPassword', $event); | ||
| if ($event->hasArgument('result')) { | ||
| $result = $event->getArgument('result'); | ||
| return $result; |
There was a problem hiding this comment.
I would prefer:
return [
'result' => $result['result'] ?? false,
'url' => $result['url'] ?? ''
];here, just to make sure that the values we require in our code are returned
lib/Controller/PageController.php
Outdated
| @@ -147,10 +147,22 @@ public function index($token = '', $callUser = '', $password = '') { | |||
| } | |||
|
|
|||
| if ($requirePassword) { | |||
| if ($password !== '' && $room->verifyPassword($password)) { | |||
| $passwordVerification = [ | |||
lib/Controller/PageController.php
Outdated
| $this->session->setPasswordForRoom($token, $token); | ||
| } else { | ||
| return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
| if ($passwordVerification['url'] == '') { |
There was a problem hiding this comment.
empty($passwordVerification['url']) or === ''
appinfo/info.xml
Outdated
| @@ -44,7 +44,7 @@ And in the works for the [coming versions](https://github.com/nextcloud/spreed/m | |||
| <screenshot>https://github.com/raw/nextcloud/spreed/master/docs/contacts-menu.png</screenshot> | |||
|
|
|||
| <dependencies> | |||
| <nextcloud min-version="14" max-version="14" /> | |||
| <nextcloud min-version="13" max-version="14" /> | |||
| @@ -194,10 +202,22 @@ protected function guestEnterRoom($token, $password) { | |||
|
|
|||
| $this->session->removePasswordForRoom($token); | |||
| if ($room->hasPassword()) { | |||
| if ($password !== '' && $room->verifyPassword($password)) { | |||
| $passwordVerification = [ | |||
| $this->session->setPasswordForRoom($token, $token); | ||
| } else { | ||
| return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
| if ($passwordVerification['url'] == '') { |
| public function testVerifyPassword() { | ||
| $dispatcher = \OC::$server->getEventDispatcher(); | ||
|
|
||
| $dispatcher->addListener('OCA\Spreed\Room::verifyPassword', function(GenericEvent $event) { |
There was a problem hiding this comment.
missing import of Symfony\Component\EventDispatcher\GenericEvent
- OCA\Spreed\Tests\php\Signaling\BackendNotifierTest::testRoomInCallChanged
TypeError: Argument 1 passed to OCA\Spreed\Tests\php\PasswordVerificationTest::OCA\Spreed\Tests\php{closure}() must be an instance of OCA\Spreed\Tests\php\GenericEvent, instance of Symfony\Component\EventDispatcher\GenericEvent given, called in /drone/src/github.com/nextcloud/server/3rdparty/symfony/event-dispatcher/EventDispatcher.php on line 212
/drone/src/github.com/nextcloud/server/apps/spreed/tests/php/PasswordVerificationTest.php:35
/drone/src/github.com/nextcloud/server/3rdparty/symfony/event-dispatcher/EventDispatcher.php:212
/drone/src/github.com/nextcloud/server/3rdparty/symfony/event-dispatcher/EventDispatcher.php:44
/drone/src/github.com/nextcloud/server/apps/spreed/lib/Room.php:645
/drone/src/github.com/nextcloud/server/apps/spreed/lib/Room.php:583
/drone/src/github.com/nextcloud/server/apps/spreed/tests/php/Signaling/BackendNotifierTest.php:287
| use OCP\Security\ISecureRandom; | ||
| use Test\TestCase; | ||
|
|
||
| class PasswordVerificationTest extends TestCase { |
There was a problem hiding this comment.
missing database group:
/**
* @group DB
*/
|
And #1077 |
I have added a hook to allow overriding the password check in order to provide a different password evaluation. I am using this so that each user can have a different password.