From bd59ffca52fe3d14203ce9aba74e55abe23961cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Mon, 6 Nov 2023 17:48:42 +0100 Subject: [PATCH] Revert "Migrate code integrity to SetupCheck API" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit aa2d315d95d37b48752d0e92d0ce79913be1d4f1. Signed-off-by: Côme Chilliet --- .../composer/composer/autoload_classmap.php | 1 - .../composer/composer/autoload_static.php | 1 - apps/settings/lib/AppInfo/Application.php | 4 +- .../lib/Controller/CheckSetupController.php | 2 + .../lib/SetupChecks/CodeIntegrity.php | 63 ------------------- .../Controller/CheckSetupControllerTest.php | 2 + core/js/setupchecks.js | 10 +++ core/js/tests/specs/setupchecksSpec.js | 19 ++++++ 8 files changed, 34 insertions(+), 68 deletions(-) delete mode 100644 apps/settings/lib/SetupChecks/CodeIntegrity.php diff --git a/apps/settings/composer/composer/autoload_classmap.php b/apps/settings/composer/composer/autoload_classmap.php index b78c044a02c34..f4d29d724f7ee 100644 --- a/apps/settings/composer/composer/autoload_classmap.php +++ b/apps/settings/composer/composer/autoload_classmap.php @@ -74,7 +74,6 @@ 'OCA\\Settings\\Settings\\Personal\\Security\\WebAuthn' => $baseDir . '/../lib/Settings/Personal/Security/WebAuthn.php', 'OCA\\Settings\\Settings\\Personal\\ServerDevNotice' => $baseDir . '/../lib/Settings/Personal/ServerDevNotice.php', 'OCA\\Settings\\SetupChecks\\CheckUserCertificates' => $baseDir . '/../lib/SetupChecks/CheckUserCertificates.php', - 'OCA\\Settings\\SetupChecks\\CodeIntegrity' => $baseDir . '/../lib/SetupChecks/CodeIntegrity.php', 'OCA\\Settings\\SetupChecks\\DefaultPhoneRegionSet' => $baseDir . '/../lib/SetupChecks/DefaultPhoneRegionSet.php', 'OCA\\Settings\\SetupChecks\\EmailTestSuccessful' => $baseDir . '/../lib/SetupChecks/EmailTestSuccessful.php', 'OCA\\Settings\\SetupChecks\\FileLocking' => $baseDir . '/../lib/SetupChecks/FileLocking.php', diff --git a/apps/settings/composer/composer/autoload_static.php b/apps/settings/composer/composer/autoload_static.php index 18dae0aaec513..f8595eb7c684d 100644 --- a/apps/settings/composer/composer/autoload_static.php +++ b/apps/settings/composer/composer/autoload_static.php @@ -89,7 +89,6 @@ class ComposerStaticInitSettings 'OCA\\Settings\\Settings\\Personal\\Security\\WebAuthn' => __DIR__ . '/..' . '/../lib/Settings/Personal/Security/WebAuthn.php', 'OCA\\Settings\\Settings\\Personal\\ServerDevNotice' => __DIR__ . '/..' . '/../lib/Settings/Personal/ServerDevNotice.php', 'OCA\\Settings\\SetupChecks\\CheckUserCertificates' => __DIR__ . '/..' . '/../lib/SetupChecks/CheckUserCertificates.php', - 'OCA\\Settings\\SetupChecks\\CodeIntegrity' => __DIR__ . '/..' . '/../lib/SetupChecks/CodeIntegrity.php', 'OCA\\Settings\\SetupChecks\\DefaultPhoneRegionSet' => __DIR__ . '/..' . '/../lib/SetupChecks/DefaultPhoneRegionSet.php', 'OCA\\Settings\\SetupChecks\\EmailTestSuccessful' => __DIR__ . '/..' . '/../lib/SetupChecks/EmailTestSuccessful.php', 'OCA\\Settings\\SetupChecks\\FileLocking' => __DIR__ . '/..' . '/../lib/SetupChecks/FileLocking.php', diff --git a/apps/settings/lib/AppInfo/Application.php b/apps/settings/lib/AppInfo/Application.php index dfb65669e8eb3..d2539864708e8 100644 --- a/apps/settings/lib/AppInfo/Application.php +++ b/apps/settings/lib/AppInfo/Application.php @@ -49,7 +49,6 @@ use OCA\Settings\Search\SectionSearch; use OCA\Settings\Search\UserSearch; use OCA\Settings\SetupChecks\CheckUserCertificates; -use OCA\Settings\SetupChecks\CodeIntegrity; use OCA\Settings\SetupChecks\DefaultPhoneRegionSet; use OCA\Settings\SetupChecks\EmailTestSuccessful; use OCA\Settings\SetupChecks\FileLocking; @@ -57,9 +56,9 @@ use OCA\Settings\SetupChecks\LegacySSEKeyFormat; use OCA\Settings\SetupChecks\MemcacheConfigured; use OCA\Settings\SetupChecks\PhpDefaultCharset; -use OCA\Settings\SetupChecks\PhpModules; use OCA\Settings\SetupChecks\PhpFreetypeSupport; use OCA\Settings\SetupChecks\PhpGetEnv; +use OCA\Settings\SetupChecks\PhpModules; use OCA\Settings\SetupChecks\PhpOutdated; use OCA\Settings\SetupChecks\PhpOutputBuffering; use OCA\Settings\SetupChecks\RandomnessSecure; @@ -157,7 +156,6 @@ public function register(IRegistrationContext $context): void { ); }); $context->registerSetupCheck(CheckUserCertificates::class); - $context->registerSetupCheck(CodeIntegrity::class); $context->registerSetupCheck(DefaultPhoneRegionSet::class); $context->registerSetupCheck(EmailTestSuccessful::class); $context->registerSetupCheck(FileLocking::class); diff --git a/apps/settings/lib/Controller/CheckSetupController.php b/apps/settings/lib/Controller/CheckSetupController.php index d316e39d5030c..04efb6b47a7cb 100644 --- a/apps/settings/lib/Controller/CheckSetupController.php +++ b/apps/settings/lib/Controller/CheckSetupController.php @@ -736,6 +736,8 @@ public function check() { 'forwardedForHeadersWorking' => $this->forwardedForHeadersWorking(), 'reverseProxyDocs' => $this->urlGenerator->linkToDocs('admin-reverse-proxy'), 'isCorrectMemcachedPHPModuleInstalled' => $this->isCorrectMemcachedPHPModuleInstalled(), + 'hasPassedCodeIntegrityCheck' => $this->checker->hasPassedCheck(), + 'codeIntegrityCheckerDocumentation' => $this->urlGenerator->linkToDocs('admin-code-integrity'), 'OpcacheSetupRecommendations' => $this->getOpcacheSetupRecommendations(), 'isSettimelimitAvailable' => $this->isSettimelimitAvailable(), 'missingPrimaryKeys' => $this->hasMissingPrimaryKeys(), diff --git a/apps/settings/lib/SetupChecks/CodeIntegrity.php b/apps/settings/lib/SetupChecks/CodeIntegrity.php deleted file mode 100644 index 234e1fbf05888..0000000000000 --- a/apps/settings/lib/SetupChecks/CodeIntegrity.php +++ /dev/null @@ -1,63 +0,0 @@ - - * - * @author Côme Chilliet - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - * - */ -namespace OCA\Settings\SetupChecks; - -use OC\IntegrityCheck\Checker; -use OCP\IL10N; -use OCP\IURLGenerator; -use OCP\SetupCheck\ISetupCheck; -use OCP\SetupCheck\SetupResult; - -class CodeIntegrity implements ISetupCheck { - public function __construct( - private IL10N $l10n, - private IURLGenerator $urlGenerator, - private Checker $checker, - ) { - } - - public function getName(): string { - return $this->l10n->t('Code integrity'); - } - - public function getCategory(): string { - return 'security'; - } - - public function run(): SetupResult { - if (!$this->checker->isCodeCheckEnforced()) { - return SetupResult::info($this->l10n->t('Integrity checker has been disabled. Integrity cannot be verified.')); - } elseif ($this->checker->hasPassedCheck()) { - return SetupResult::success($this->l10n->t('No altered files')); - } else { - // FIXME: If setup check can link to settings pages this should link to /settings/integrity/failed and /settings/integrity/rescan?requesttoken=TOKEN - return SetupResult::error( - $this->l10n->t('Some files have not passed the integrity check.'), - $this->urlGenerator->linkToDocs('admin-code-integrity') - ); - } - } -} diff --git a/apps/settings/tests/Controller/CheckSetupControllerTest.php b/apps/settings/tests/Controller/CheckSetupControllerTest.php index 9590241aeb4c2..c0a7803ab26b8 100644 --- a/apps/settings/tests/Controller/CheckSetupControllerTest.php +++ b/apps/settings/tests/Controller/CheckSetupControllerTest.php @@ -437,6 +437,8 @@ public function testCheck() { 'forwardedForHeadersWorking' => false, 'reverseProxyDocs' => 'reverse-proxy-doc-link', 'isCorrectMemcachedPHPModuleInstalled' => true, + 'hasPassedCodeIntegrityCheck' => true, + 'codeIntegrityCheckerDocumentation' => 'http://docs.example.org/server/go.php?to=admin-code-integrity', 'OpcacheSetupRecommendations' => ['recommendation1', 'recommendation2'], 'isSettimelimitAvailable' => true, 'isSqliteUsed' => false, diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js index 0f95eb8c4a581..f5ac857536521 100644 --- a/core/js/setupchecks.js +++ b/core/js/setupchecks.js @@ -246,6 +246,16 @@ type: OC.SetupChecks.MESSAGE_TYPE_WARNING }); } + if(!data.hasPassedCodeIntegrityCheck) { + messages.push({ + msg: t('core', 'Some files have not passed the integrity check. Further information on how to resolve this issue can be found in the {linkstart1}documentation ↗{linkend}. ({linkstart2}List of invalid files…{linkend} / {linkstart3}Rescan…{linkend})') + .replace('{linkstart1}', '') + .replace('{linkstart2}', '') + .replace('{linkstart3}', '') + .replace(/{linkend}/g, ''), + type: OC.SetupChecks.MESSAGE_TYPE_ERROR + }); + } if(data.OpcacheSetupRecommendations.length > 0) { var listOfOPcacheRecommendations = ""; data.OpcacheSetupRecommendations.forEach(function(element){ diff --git a/core/js/tests/specs/setupchecksSpec.js b/core/js/tests/specs/setupchecksSpec.js index 771c3aa08bc60..33e3516cd5b07 100644 --- a/core/js/tests/specs/setupchecksSpec.js +++ b/core/js/tests/specs/setupchecksSpec.js @@ -227,6 +227,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -285,6 +286,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -343,6 +345,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -397,6 +400,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: false, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -449,6 +453,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -504,6 +509,7 @@ describe('OC.SetupChecks tests', function() { forwardedForHeadersWorking: false, reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html', isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -559,6 +565,7 @@ describe('OC.SetupChecks tests', function() { forwardedForHeadersWorking: true, reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html', isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -612,6 +619,7 @@ describe('OC.SetupChecks tests', function() { forwardedForHeadersWorking: true, reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html', isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: false, missingIndexes: [], @@ -665,6 +673,7 @@ describe('OC.SetupChecks tests', function() { forwardedForHeadersWorking: true, reverseProxyDocs: 'https://docs.nextcloud.com/foo/bar.html', isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -737,6 +746,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -796,6 +806,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: ['recommendation1', 'recommendation2'], isSettimelimitAvailable: true, missingIndexes: [], @@ -848,6 +859,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -904,6 +916,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -957,6 +970,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -1007,6 +1021,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -1060,6 +1075,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -1113,6 +1129,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -1165,6 +1182,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [], @@ -1224,6 +1242,7 @@ describe('OC.SetupChecks tests', function() { isFairUseOfFreePushService: true, forwardedForHeadersWorking: true, isCorrectMemcachedPHPModuleInstalled: true, + hasPassedCodeIntegrityCheck: true, OpcacheSetupRecommendations: [], isSettimelimitAvailable: true, missingIndexes: [],