Add support for X-NC-E2EE-COUNTER

Signed-off-by: Louis Chemineau <[email protected]>

Author: artonge

lib/Controller/LockingController.php

@@ -94,6 +94,7 @@ public function __construct(
 	 */
 	public function lockFolder(int $id, ?string $shareToken = null): DataResponse {
 		$e2eToken = $this->request->getParam('e2e-token', '');
+		$e2eCounter = (int)$this->request->getHeader('X-NC-E2EE-COUNTER');
 
 		$ownerId = $this->getOwnerId($shareToken);
 
@@ -114,7 +115,7 @@ public function lockFolder(int $id, ?string $shareToken = null): DataResponse {
 			throw new OCSForbiddenException($this->l10n->t('You are not allowed to create the lock'));
 		}
 
-		$newToken = $this->lockManager->lockFile($id, $e2eToken, $ownerId);
+		$newToken = $this->lockManager->lockFile($id, $e2eToken, $e2eCounter, $ownerId);
 		if ($newToken === null) {
 			throw new OCSForbiddenException($this->l10n->t('File already locked'));
 		}

lib/LockManager.php

@@ -67,7 +67,7 @@ public function __construct(
 	/**
 	 * Lock file
 	 */
-	public function lockFile(int $id, string $token = '', ?string $ownerId = null): ?string {
+	public function lockFile(int $id, string $token = '', int $e2eCounter, string $ownerId): ?string {
 		if ($this->isLocked($id, $token, $ownerId)) {
 			return null;
 		}
@@ -76,6 +76,13 @@ public function lockFile(int $id, string $token = '', ?string $ownerId = null):
 			$lock = $this->lockMapper->getByFileId($id);
 			return $lock->getToken() === $token ? $token : null;
 		} catch (DoesNotExistException $ex) {
+			$metaData = $this->metaDataStorage->getMetaData($ownerId, $id);
+			$decodedMetadata = json_decode($metaData, true);
+			// TODO, unsure counter is the proper property name.
+			if ($decodedMetadata['counter'] >= $e2eCounter) {
+				throw new NotPermittedException('Received counter is not greater than the stored one');
+			}
+
 			$newToken = $this->getToken();
 			$lockEntity = new Lock();
 			$lockEntity->setId($id);

tests/Unit/LockManagerTest.php

@@ -94,12 +94,13 @@ protected function setUp(): void {
 	 *
 	 * @param bool $isLocked
 	 * @param bool $lockDoesNotExist
-	 * @param string $token
+	 * @param int $token
+	 * @param bool $counter
 	 * @param bool $expectNull
 	 * @param bool $expectNewToken
 	 * @param bool $expectOldToken
 	 */
-	public function testLock(bool $isLocked, bool $lockDoesNotExist, string $token, bool $expectNull, bool $expectNewToken, bool $expectOldToken): void {
+	public function testLock(bool $isLocked, bool $lockDoesNotExist, int $counter, string $token, bool $expectNull, bool $expectNewToken, bool $expectOldToken): void {
 		$lockManager = $this->getMockBuilder(LockManager::class)
 			->setMethods(['isLocked'])
 			->setConstructorArgs([
@@ -114,7 +115,7 @@ public function testLock(bool $isLocked, bool $lockDoesNotExist, string $token,
 
 		$lockManager->expects($this->once())
 			->method('isLocked')
-			->with(42, $token)
+			->with(42, $token, 'userId')
 			->willReturn($isLocked);
 
 		if (!$isLocked) {
@@ -135,31 +136,41 @@ public function testLock(bool $isLocked, bool $lockDoesNotExist, string $token,
 		}
 
 		if ($expectNewToken) {
-			$this->secureRandom->expects($this->once())
-				->method('generate')
-				->with(64, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS)
-				->willReturn('new-token');
-
-			$this->timeFactory->expects($this->once())
-				->method('getTime')
-				->willReturn(1337);
-
-			$this->lockMapper->expects($this->once())
-				->method('insert')
-				->with($this->callback(static function ($lock) {
-					return ($lock instanceof Lock &&
-							$lock->getId() === 42 &&
-							$lock->getTimestamp() === 1337 &&
-							$lock->getToken() === 'new-token');
-				}));
+			$this->metaDataStorage->expects($this->once())
+				->method('getMetaData')
+				->with('userId', 42)
+				->willReturn('{"counter": 0}');
+
+			if ($counter > 0) {
+				$this->secureRandom->expects($this->once())
+					->method('generate')
+					->with(64, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS)
+					->willReturn('new-token');
+
+				$this->timeFactory->expects($this->once())
+					->method('getTime')
+					->willReturn(1337);
+
+					$this->lockMapper->expects($this->once())
+					->method('insert')
+					->with($this->callback(static function ($lock) {
+						return ($lock instanceof Lock &&
+								$lock->getId() === 42 &&
+								$lock->getTimestamp() === 1337 &&
+								$lock->getToken() === 'new-token');
+					}));
+			} else {
+				$this->expectException(NotPermittedException::class);
+				$this->expectExceptionMessage('Received counter is not greater than the stored one');
+			}
 		} else {
 			$this->secureRandom->expects($this->never())
 				->method('generate');
 			$this->timeFactory->expects($this->never())
 				->method('getTime');
 		}
 
-		$actual = $lockManager->lockFile(42, $token);
+		$actual = $lockManager->lockFile(42, $token, $counter, 'userId');
 
 		if ($expectNull) {
 			$this->assertNull($actual);
@@ -174,10 +185,11 @@ public function testLock(bool $isLocked, bool $lockDoesNotExist, string $token,
 
 	public function lockDataProvider(): array {
 		return [
-			[true,  false, 'correct-token123', true,  false, false],
-			[false, true,  'correct-token123', false, true,  false],
-			[false, false, 'correct-token123', false, false, true],
-			[false, false, 'wrong-token456',   true,  false, false],
+			[true,  false, 1, 'correct-token123', true,  false, false],
+			[false, true,  1, 'correct-token123', false, true,  false],
+			[false, true,  0, 'correct-token123', false, true,  false],
+			[false, false, 1, 'correct-token123', false, false, true],
+			[false, false, 1, 'wrong-token456',   true,  false, false],
 		];
 	}