Fix AppDirsWithDifferentOwnerTest

Signed-off-by: Côme Chilliet <[email protected]>
nextcloud · Altahrim · Jan 16, 2024 · Nov 14, 2023 · Nov 16, 2023 · Nov 16, 2023
commit ed87e4b4ca417caa2d7cdd52b674322997d11149
diff --git a/apps/settings/tests/Controller/CheckSetupControllerTest.php b/apps/settings/tests/Controller/CheckSetupControllerTest.php
@@ -86,13 +86,6 @@ class CheckSetupControllerTest extends TestCase {
 	/** @var ISetupCheckManager|MockObject */
 	private $setupCheckManager;
 
-	/**
-	 * Holds a list of directories created during tests.
-	 *
-	 * @var array
-	 */
-	private $dirsToRemove = [];
-
 	protected function setUp(): void {
 		parent::setUp();
 
@@ -145,19 +138,6 @@ protected function setUp(): void {
 			])->getMock();
 	}
 
-	/**
-	 * Removes directories created during tests.
-	 *
-	 * @after
-	 * @return void
-	 */
-	public function removeTestDirectories() {
-		foreach ($this->dirsToRemove as $dirToRemove) {
-			rmdir($dirToRemove);
-		}
-		$this->dirsToRemove = [];
-	}
-
 	public function testCheck() {
 		$this->config->expects($this->any())
 			->method('getAppValue')

diff --git a/apps/settings/tests/SetupChecks/AppDirsWithDifferentOwnerTest.php b/apps/settings/tests/SetupChecks/AppDirsWithDifferentOwnerTest.php
@@ -33,6 +33,13 @@ class AppDirsWithDifferentOwnerTest extends TestCase {
 	private IL10N $l10n;
 	private AppDirsWithDifferentOwner $check;
 
+	/**
+	 * Holds a list of directories created during tests.
+	 *
+	 * @var array
+	 */
+	private $dirsToRemove = [];
+
 	protected function setUp(): void {
 		parent::setUp();
 
@@ -97,4 +104,17 @@ public function testAppDirectoryOwnersNotWritable() {
 			$this->invokePrivate($this->check, 'getAppDirsWithDifferentOwner', [posix_getuid()])
 		);
 	}
+
+	/**
+	 * Removes directories created during tests.
+	 *
+	 * @after
+	 * @return void
+	 */
+	public function removeTestDirectories() {
+		foreach ($this->dirsToRemove as $dirToRemove) {
+			rmdir($dirToRemove);
+		}
+		$this->dirsToRemove = [];
+	}
 }
diff --git a/apps/admin_audit/lib/Actions/Action.php b/apps/admin_audit/lib/Actions/Action.php
 					$this->logger->critical(
 						sprintf(
 							'$params["'.$element.'"] was missing. Transferred value: %s',
 							print_r($params, true)
 						),
 						['app' => 'admin_audit']
 					);
diff --git a/apps/files_external/lib/Config/ConfigAdapter.php b/apps/files_external/lib/Config/ConfigAdapter.php
 			if (!is_subclass_of($objectClass, '\OCP\Files\ObjectStore\IObjectStore')) {
 				throw new \InvalidArgumentException('Invalid object store');
 			}
 			$storage->setBackendOption('objectstore', new $objectClass($objectStore));
 		}

 		$storage->getAuthMechanism()->manipulateStorageConfig($storage, $user);
diff --git a/apps/files_external/lib/Lib/Storage/SFTP.php b/apps/files_external/lib/Lib/Storage/SFTP.php
 		try {
 			$keyPath = $this->hostKeysPath();
 			if ($keyPath && file_exists($keyPath)) {
 				$fp = fopen($keyPath, 'w');
 				foreach ($keys as $host => $key) {
 					fwrite($fp, $host . '::' . $key . "\n");
 				}
 			if (file_exists($keyPath)) {
 				$hosts = [];
 				$keys = [];
 				$lines = file($keyPath, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
 				if ($lines) {
 					foreach ($lines as $line) {
 						$hostKeyArray = explode("::", $line, 2);
 				case 'c':
 				case 'c+':
 					$context = stream_context_create(['sftp' => ['session' => $connection]]);
 					$handle = fopen($this->constructUrl($path), $mode, false, $context);
 					return RetryWrapper::wrap($handle);
 			}
 		} catch (\Exception $e) {
diff --git a/apps/files_sharing/lib/Controller/ShareController.php b/apps/files_sharing/lib/Controller/ShareController.php
 			&& !isset($downloadStartSecret[32])
 			&& preg_match('!^[a-zA-Z0-9]+$!', $downloadStartSecret) === 1) {
 			// FIXME: set on the response once we use an actual app framework response
 			setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
 		}

 		$this->emitAccessShareHook($share);
diff --git a/apps/theming/lib/IconBuilder.php b/apps/theming/lib/IconBuilder.php
 			$appIconContent = $appIcon->getContent();
 			$mime = $appIcon->getMimeType();
 		} else {
 			$appIconContent = file_get_contents($appIcon);
 			$mime = mime_content_type($appIcon);
 		}

 		if ($imageFile === false || $imageFile === "") {
 			return false;
 		}
 		$svg = file_get_contents($imageFile);
 		if ($svg !== false && $svg !== "") {
 			$color = $this->util->elementColor($this->themingDefaults->getColorPrimary());
 			$svg = $this->util->colorizeSvg($svg, $color);
diff --git a/lib/base.php b/lib/base.php
 			// slash which is required by URL generation.
 			if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
 					substr($_SERVER['REQUEST_URI'], -1) !== '/') {
 				header('Location: '.\OC::$WEBROOT.'/');
 				exit();
 			}
 		}
 				throw new Exception('Not installed');
 			} else {
 				$url = OC::$WEBROOT . '/index.php';
 				header('Location: ' . $url);
 			}
 			exit();
 		}
diff --git a/core/src/OC/l10n.js b/core/src/OC/l10n.js
 	 * @deprecated 26.0.0 use `register` from https://www.npmjs.com/package/@nextcloud/l10
 	 *
 	 * @param {string} appName name of the app
 	 * @param {Object<string, string>} bundle bundle
 	 */
 	register,

diff --git a/core/src/OC/menu.js b/core/src/OC/menu.js
 /**
 * Shows a given element as menu
 *
 * @param {object} [$toggle=null] menu toggle
 * @param {object} $menuEl menu element
 * @param {Function} complete callback when the showing animation is done
 */
diff --git a/core/src/OC/notification.js b/core/src/OC/notification.js
 	 * @param {string} html Message to display
 	 * @param {object} [options] options
 	 * @param {string} [options.type] notification type
 	 * @param {number} [options.timeout=0] timeout value, defaults to 0 (permanent)
 	 * @return {jQuery} jQuery element for notification row
 	 * @deprecated 17.0.0 use the `@nextcloud/dialogs` package
 	 */
 	 * @param {string} text Message to display
 	 * @param {object} [options] options
 	 * @param {string} [options.type] notification type
 	 * @param {number} [options.timeout=0] timeout value, defaults to 0 (permanent)
 	 * @return {jQuery} jQuery element for notification row
 	 * @deprecated 17.0.0 use the `@nextcloud/dialogs` package
 	 */
 	 *
 	 * @param {string} text Message to show
 	 * @param {Array} [options] options array
 	 * @param {number} [options.timeout=7] timeout in seconds, if this is 0 it will show the message permanently
 	 * @param {boolean} [options.isHTML=false] an indicator for HTML notifications (true) or text (false)
 	 * @param {string} [options.type] notification type
 	 * @return {JQuery} the toast element
 	 * @deprecated 17.0.0 use the `@nextcloud/dialogs` package
 	 */
 	showTemporary(text, options) {
diff --git a/core/src/OC/query-string.js b/core/src/OC/query-string.js
 * Parses a URL query string into a JS map
 *
 * @param {string} queryString query string in the format param1=1234&param2=abcde&param3=xyz
 * @return {Object<string, string>} map containing key/values matching the URL parameters
 */
 export const parse = queryString => {
 	let pos
 /**
 * Builds a URL query from a JS map.
 *
 * @param {Object<string, string>} params map containing key/values matching the URL parameters
 * @return {string} String containing a URL query (without question) mark
 */
 export const build = params => {
diff --git a/core/src/OC/util-history.js b/core/src/OC/util-history.js
 	 * or a map
 	 * @param {string} [url] URL to be used, otherwise the current URL will be used,
 	 * using the params as query string
 	 * @param {boolean} [replace=false] whether to replace instead of pushing
 	 */
 	_pushState(params, url, replace) {
 		let strParams
	$this->logger->critical(
	sprintf(
	'$params["'.$element.'"] was missing. Transferred value: %s',
	print_r($params, true)
Check failure on line 63 in apps/admin_audit/lib/Actions/Action.php GitHub Actions / static-code-analysis-security TaintedHtml `apps/admin_audit/lib/Actions/Action.php:63:16: TaintedHtml: Detected tainted HTML (see https://psalm.dev/245)`
	),
	['app' => 'admin_audit']
	);
	if (!is_subclass_of($objectClass, '\OCP\Files\ObjectStore\IObjectStore')) {
	throw new \InvalidArgumentException('Invalid object store');
	}
	$storage->setBackendOption('objectstore', new $objectClass($objectStore));
Check failure on line 75 in apps/files_external/lib/Config/ConfigAdapter.php GitHub Actions / static-code-analysis-security TaintedCallable `apps/files_external/lib/Config/ConfigAdapter.php:75:50: TaintedCallable: Detected tainted text (see https://psalm.dev/243)`
	}

	$storage->getAuthMechanism()->manipulateStorageConfig($storage, $user);
	try {
	$keyPath = $this->hostKeysPath();
	if ($keyPath && file_exists($keyPath)) {
	$fp = fopen($keyPath, 'w');
Check failure on line 246 in apps/files_external/lib/Lib/Storage/SFTP.php GitHub Actions / static-code-analysis-security TaintedFile `apps/files_external/lib/Lib/Storage/SFTP.php:246:17: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)`
	foreach ($keys as $host => $key) {
	fwrite($fp, $host . '::' . $key . "\n");
	}
	if (file_exists($keyPath)) {
	$hosts = [];
	$keys = [];
	$lines = file($keyPath, FILE_IGNORE_NEW_LINES \| FILE_SKIP_EMPTY_LINES);
Check failure on line 267 in apps/files_external/lib/Lib/Storage/SFTP.php GitHub Actions / static-code-analysis-security TaintedFile `apps/files_external/lib/Lib/Storage/SFTP.php:267:19: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)`
	if ($lines) {
	foreach ($lines as $line) {
	$hostKeyArray = explode("::", $line, 2);
	case 'c':
	case 'c+':
	$context = stream_context_create(['sftp' => ['session' => $connection]]);
	$handle = fopen($this->constructUrl($path), $mode, false, $context);
Check failure on line 412 in apps/files_external/lib/Lib/Storage/SFTP.php GitHub Actions / static-code-analysis-security TaintedFile `apps/files_external/lib/Lib/Storage/SFTP.php:412:22: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)`
	return RetryWrapper::wrap($handle);
	}
	} catch (\Exception $e) {
	&& !isset($downloadStartSecret[32])
	&& preg_match('!^[a-zA-Z0-9]+$!', $downloadStartSecret) === 1) {
	// FIXME: set on the response once we use an actual app framework response
	setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
Check failure on line 463 in apps/files_sharing/lib/Controller/ShareController.php GitHub Actions / static-code-analysis-security TaintedCookie `apps/files_sharing/lib/Controller/ShareController.php:463:35: TaintedCookie: Detected tainted cookie (see https://psalm.dev/257)`
	}

	$this->emitAccessShareHook($share);
	$appIconContent = $appIcon->getContent();
	$mime = $appIcon->getMimeType();
	} else {
	$appIconContent = file_get_contents($appIcon);
Check failure on line 137 in apps/theming/lib/IconBuilder.php GitHub Actions / static-code-analysis-security TaintedFile `apps/theming/lib/IconBuilder.php:137:40: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)`
	$mime = mime_content_type($appIcon);
	}

	if ($imageFile === false \|\| $imageFile === "") {
	return false;
	}
	$svg = file_get_contents($imageFile);
Check failure on line 235 in apps/theming/lib/IconBuilder.php GitHub Actions / static-code-analysis-security TaintedFile `apps/theming/lib/IconBuilder.php:235:28: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)`
	if ($svg !== false && $svg !== "") {
	$color = $this->util->elementColor($this->themingDefaults->getColorPrimary());
	$svg = $this->util->colorizeSvg($svg, $color);
	// slash which is required by URL generation.
	if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
	substr($_SERVER['REQUEST_URI'], -1) !== '/') {
	header('Location: '.\OC::$WEBROOT.'/');
Check failure on line 204 in lib/base.php GitHub Actions / static-code-analysis-security TaintedHeader `lib/base.php:204:12: TaintedHeader: Detected tainted header (see https://psalm.dev/256)`
	exit();
	}
	}
	throw new Exception('Not installed');
	} else {
	$url = OC::$WEBROOT . '/index.php';
	header('Location: ' . $url);
Check failure on line 286 in lib/base.php GitHub Actions / static-code-analysis-security TaintedHeader `lib/base.php:286:12: TaintedHeader: Detected tainted header (see https://psalm.dev/256)`
	}
	exit();
	}
	* @deprecated 26.0.0 use `register` from https://www.npmjs.com/package/@nextcloud/l10
	*
	* @param {string} appName name of the app
	* @param {Object<string, string>} bundle bundle
Check warning on line 65 in core/src/OC/l10n.js GitHub Actions / NPM lint Use object shorthand or index signatures instead of `Object`, e.g., `{[key: string]: string}`
	*/
	register,
	/**
	* Shows a given element as menu
	*
	* @param {object} [$toggle=null] menu toggle
Check warning on line 126 in core/src/OC/menu.js GitHub Actions / NPM lint `Defaults are not permitted on @param`
	* @param {object} $menuEl menu element
	* @param {Function} complete callback when the showing animation is done
	*/
	* @param {string} html Message to display
	* @param {object} [options] options
	* @param {string} [options.type] notification type
	* @param {number} [options.timeout=0] timeout value, defaults to 0 (permanent)
Check warning on line 101 in core/src/OC/notification.js GitHub Actions / NPM lint `Defaults are not permitted on @param`
	* @return {jQuery} jQuery element for notification row
	* @deprecated 17.0.0 use the `@nextcloud/dialogs` package
	*/
	* @param {string} text Message to display
	* @param {object} [options] options
	* @param {string} [options.type] notification type
	* @param {number} [options.timeout=0] timeout value, defaults to 0 (permanent)
Check warning on line 120 in core/src/OC/notification.js GitHub Actions / NPM lint `Defaults are not permitted on @param`
	* @return {jQuery} jQuery element for notification row
	* @deprecated 17.0.0 use the `@nextcloud/dialogs` package
	*/
	*
	* @param {string} text Message to show
	* @param {Array} [options] options array
	* @param {number} [options.timeout=7] timeout in seconds, if this is 0 it will show the message permanently
Check warning on line 163 in core/src/OC/notification.js GitHub Actions / NPM lint `Defaults are not permitted on @param`
	* @param {boolean} [options.isHTML=false] an indicator for HTML notifications (true) or text (false)
Check warning on line 164 in core/src/OC/notification.js GitHub Actions / NPM lint `Defaults are not permitted on @param`
	* @param {string} [options.type] notification type
	* @return {JQuery} the toast element
Check warning on line 166 in core/src/OC/notification.js GitHub Actions / NPM lint `The type 'JQuery' is undefined`
	* @deprecated 17.0.0 use the `@nextcloud/dialogs` package
	*/
	showTemporary(text, options) {
	* Parses a URL query string into a JS map
	*
	* @param {string} queryString query string in the format param1=1234&param2=abcde&param3=xyz
	* @return {Object<string, string>} map containing key/values matching the URL parameters
Check warning on line 31 in core/src/OC/query-string.js GitHub Actions / NPM lint Use object shorthand or index signatures instead of `Object`, e.g., `{[key: string]: string}`
	*/
	export const parse = queryString => {
	let pos
	/**
	* Builds a URL query from a JS map.
	*
	* @param {Object<string, string>} params map containing key/values matching the URL parameters
Check warning on line 80 in core/src/OC/query-string.js GitHub Actions / NPM lint Use object shorthand or index signatures instead of `Object`, e.g., `{[key: string]: string}`
	* @return {string} String containing a URL query (without question) mark
	*/
	export const build = params => {