Merge pull request #2499 from LibreSign/backport/2498/stable28

[stable28] Cover passsword CRUD with integration tests
LibreSign · Mar 8, 2024 · 6732ffe · 6732ffe
2 parents 37a4605 + 23279ca
commit 6732ffe
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 1 deletion.
diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php
@@ -478,6 +478,8 @@ public function updateSettings(?string $phone = null): JSONResponse {
 		);
 	}
 
+	#[NoAdminRequired]
+	#[NoCSRFRequired]
 	public function deletePfx(): JSONResponse {
 		$this->accountService->deletePfx($this->userSession->getUser());
 		return new JSONResponse(
@@ -494,6 +496,9 @@ public function deletePfx(): JSONResponse {
 	public function uploadPfx(): JSONResponse {
 		$file = $this->request->getUploadedFile('file');
 		try {
+			if (empty($file)) {
+				throw new LibresignException($this->l10n->t('No certificate file provided'));
+			}
 			$this->accountService->uploadPfx($file, $this->userSession->getUser());
 		} catch (InvalidArgumentException|LibresignException $e) {
 			return new JSONResponse(
@@ -512,6 +517,8 @@ public function uploadPfx(): JSONResponse {
 		);
 	}
 
+	#[NoAdminRequired]
+	#[NoCSRFRequired]
 	public function updatePfxPassword($current, $new): JSONResponse {
 		try {
 			$this->accountService->updatePfxPassword($this->userSession->getUser(), $current, $new);

diff --git a/tests/integration/features/account/signature.feature b/tests/integration/features/account/signature.feature
@@ -1,5 +1,5 @@
 Feature: account/signature
-  Background: Create users
+  Background: Create users and root certificate
     Given user "signer1" exists
     And set the email of user "signer1" to "[email protected]"
     And as user "admin"
@@ -18,3 +18,41 @@ Feature: account/signature
     And sending "post" to ocs "/apps/libresign/api/v1/account/signature"
       | signPassword | password |
     Then the response should have a status code 200
+
+  Scenario: Upload PFX file with error
+    Given sending "post" to ocs "/apps/libresign/api/v1/account/pfx"
+    Then the response should have a status code 400
+    And the response should be a JSON array with the following mandatory values
+      | key     | value                        |
+      | message | No certificate file provided |
+
+  Scenario: Change pfx password with success
+    Given as user "signer1"
+    And sending "post" to ocs "/apps/libresign/api/v1/account/signature"
+      | signPassword | password |
+    Then the response should have a status code 200
+    Given sending "patch" to ocs "/apps/libresign/api/v1/account/pfx"
+      | current | password |
+      | new | new |
+    Then the response should have a status code 202
+    And the response should be a JSON array with the following mandatory values
+      | key     | value                                           |
+      | message | New password to sign documents has been created |
+    Given sending "patch" to ocs "/apps/libresign/api/v1/account/pfx"
+      | current | new |
+      | new | anotherpassword |
+    Then the response should have a status code 202
+    And the response should be a JSON array with the following mandatory values
+      | key     | value                                           |
+      | message | New password to sign documents has been created |
+
+  Scenario: Delete pfx password with success
+    Given as user "signer1"
+    And sending "post" to ocs "/apps/libresign/api/v1/account/signature"
+      | signPassword | password |
+    Then the response should have a status code 200
+    Given sending "delete" to ocs "/apps/libresign/api/v1/account/pfx"
+    Then the response should have a status code 202
+    And the response should be a JSON array with the following mandatory values
+      | key     | value                                  |
+      | message | Certificate file deleted with success. |