archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(appconfig): Make sure sensitive values stay sensitive

Browse Source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/43114/head
Joas Schilling 3 months ago
parent 24607a37d8
commit 3a67080a96
No known key found for this signature in database
GPG Key ID: 74434EFE0D2E2205
2 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File

9
lib/private/AppConfig.php
Unescape Escape View File

@ -754,14 +754,13 @@ class AppConfig implements IAppConfig {
* no update if key is already known with set lazy status, or value is
* different, or sensitivity switched from false to true.
*/
if (!$sensitive
&& $this->hasKey($app, $key, $lazy)
if ($this->hasKey($app, $key, $lazy)
&& $value === $this->getTypedValue($app, $key, $value, $lazy, $type)
&& !$this->isSensitive($app, $key, $lazy)) {
&& (!$sensitive || $this->isSensitive($app, $key, $lazy))) {
return false;
}
if ($sensitive) {
if ($sensitive || ($this->hasKey($app, $key, $lazy) && $this->isSensitive($app, $key, $lazy))) {
$value = self::ENCRYPTION_PREFIX . $this->crypto->encrypt($value);
}
@ -812,7 +811,7 @@ class AppConfig implements IAppConfig {
// we fix $type if the stored value, or the new value as it might be changed, is set as sensitive
if ($sensitive || $this->isTyped(self::VALUE_SENSITIVE, $currType)) {
$type = $type | self::VALUE_SENSITIVE;
$type |= self::VALUE_SENSITIVE;
}
if ($lazy !== $this->isLazy($app, $key)) {

9
tests/lib/AppConfigTest.php
Unescape Escape View File

@ -877,6 +877,9 @@ class AppConfigTest extends TestCase {
$config->setValueString('feed', 'string', 'value-1', sensitive: false);
$config->setValueString('feed', 'string', 'value-1', sensitive: true);
$this->assertSame(true, $config->isSensitive('feed', 'string'));
$this->assertConfigValueNotEquals('feed', 'string', 'value-1');
$this->assertConfigValueNotEquals('feed', 'string', 'value-2');
}
public function testSetSensitiveValueStringAsNonSensitiveStaysSensitive(): void {
@ -884,6 +887,9 @@ class AppConfigTest extends TestCase {
$config->setValueString('feed', 'string', 'value-1', sensitive: true);
$config->setValueString('feed', 'string', 'value-2', sensitive: false);
$this->assertSame(true, $config->isSensitive('feed', 'string'));
$this->assertConfigValueNotEquals('feed', 'string', 'value-1');
$this->assertConfigValueNotEquals('feed', 'string', 'value-2');
}
public function testSetSensitiveValueStringAsNonSensitiveAreStillUpdated(): void {
@ -891,6 +897,9 @@ class AppConfigTest extends TestCase {
$config->setValueString('feed', 'string', 'value-1', sensitive: true);
$config->setValueString('feed', 'string', 'value-2', sensitive: false);
$this->assertSame('value-2', $config->getValueString('feed', 'string', ''));
$this->assertConfigValueNotEquals('feed', 'string', 'value-1');
$this->assertConfigValueNotEquals('feed', 'string', 'value-2');
}
public function testSetLazyValueInt(): void {

Write Preview
Loading…
Cancel
Save