Merge pull request #2589 from LibreSign/backport/2585/stable28

[stable28] Retrieve signer data of multiple signers
LibreSign · Mar 25, 2024 · a6ce1d6 · a6ce1d6
2 parents fcbeb7e + 5be7265
commit a6ce1d6
Show file tree

Hide file tree

Showing 10 changed files with 119 additions and 45 deletions.
diff --git a/lib/Service/IdentifyMethod/AbstractIdentifyMethod.php b/lib/Service/IdentifyMethod/AbstractIdentifyMethod.php
@@ -43,6 +43,10 @@ abstract class AbstractIdentifyMethod implements IIdentifyMethod {
 	protected string $codeSentByUser = '';
 	protected array $settings = [];
 	protected bool $willNotify = true;
+	/**
+	 * @var string[]
+	 */
+	public array $availableSignatureMethods;
 	/**
 	 * @var AbstractSignatureMethod[]
 	 */
@@ -89,11 +93,28 @@ public function signatureMethodsToArray(): array {
 		return array_map(function (AbstractSignatureMethod $method) {
 			return [
 				'label' => $method->friendlyName,
+				'name' => $method->getName(),
 				'enabled' => $method->isEnabled(),
 			];
 		}, $this->signatureMethods);
 	}
 
+	public function getEmptyInstanceOfSignatureMethodByName(string $name): AbstractSignatureMethod {
+		if (!in_array($name, $this->availableSignatureMethods)) {
+			throw new InvalidArgumentException(sprintf('%s is not a valid signature method of identify method %s', $name, $this->getName()));
+		}
+		$className = 'OCA\Libresign\Service\IdentifyMethod\\SignatureMethod\\' . ucfirst($name);
+		if (!class_exists($className)) {
+			throw new InvalidArgumentException('Invalid signature method. Set at identify method the list  of available signature methdos with right values.');
+		}
+		$signatureMethod = clone \OC::$server->get($className);
+		$signatureMethod->cleanEntity();
+		return $signatureMethod;
+	}
+
+	/**
+	 * @return AbstractSignatureMethod[]
+	 */
 	public function getSignatureMethods(): array {
 		return $this->signatureMethods;
 	}
@@ -294,14 +315,23 @@ private function loadSavedSettings(): void {
 			}
 			return $carry;
 		}, []);
+		foreach ($this->availableSignatureMethods as $signatureMethodName) {
+			$this->signatureMethods[$signatureMethodName] =
+				$this->getEmptyInstanceOfSignatureMethodByName($signatureMethodName);
+		}
 		if (!isset($this->settings['signatureMethods']) || !is_array($this->settings['signatureMethods'])) {
 			return;
 		}
-		foreach ($this->settings['signatureMethods'] as $method => $settings) {
-			$this->signatureMethods[$method]->setEntity($this->getEntity());
-			if (is_object($this->signatureMethods[$method]) && isset($settings['enabled']) && $settings['enabled']) {
-				$this->signatureMethods[$method]->enable();
+		foreach ($this->settings['signatureMethods'] as $signatureMethodName => $settings) {
+			if (!in_array($signatureMethodName, $this->availableSignatureMethods)) {
+				unset($this->settings['signatureMethods'][$signatureMethodName]);
+				continue;
+			}
+			$signatureMethod = $this->getEmptyInstanceOfSignatureMethodByName($signatureMethodName);
+			if (isset($settings['enabled']) && $settings['enabled']) {
+				$signatureMethod->enable();
 			}
+			$this->signatureMethods[$signatureMethodName] = $signatureMethod;
 		}
 	}
 

diff --git a/lib/Service/IdentifyMethod/Account.php b/lib/Service/IdentifyMethod/Account.php
@@ -27,9 +27,7 @@
 use OCA\Libresign\Db\IdentifyMethodMapper;
 use OCA\Libresign\Exception\LibresignException;
 use OCA\Libresign\Helper\JSActions;
-use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\ClickToSign;
-use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\EmailToken;
-use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\Password;
+use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\ISignatureMethod;
 use OCA\Libresign\Service\MailService;
 use OCA\Libresign\Service\SessionService;
 use OCP\AppFramework\Utility\ITimeFactory;
@@ -43,6 +41,11 @@
 use Psr\Log\LoggerInterface;
 
 class Account extends AbstractIdentifyMethod {
+	public array $availableSignatureMethods = [
+		ISignatureMethod::SIGNATURE_METHOD_CLICK_TO_SIGN,
+		ISignatureMethod::SIGNATURE_METHOD_EMAIL_TOKEN,
+		ISignatureMethod::SIGNATURE_METHOD_PASSWORD,
+	];
 	public function __construct(
 		protected IdentifyService $identifyService,
 		private IUserManager $userManager,
@@ -56,17 +59,9 @@ public function __construct(
 		private LoggerInterface $logger,
 		private SessionService $sessionService,
 		private MailService $mail,
-		private Password $password,
-		private ClickToSign $clickToSign,
-		private EmailToken $emailToken,
 	) {
 		// TRANSLATORS Name of possible authenticator method. This signalize that the signer could be identified by Nextcloud acccount
 		$this->friendlyName = $this->identifyService->getL10n()->t('Account');
-		$this->signatureMethods = [
-			$this->password->getName() => $this->password,
-			$this->clickToSign->getName() => $this->clickToSign,
-			$this->emailToken->getName() => $this->emailToken,
-		];
 		parent::__construct(
 			$identifyService,
 		);

diff --git a/lib/Service/IdentifyMethod/Email.php b/lib/Service/IdentifyMethod/Email.php
@@ -28,32 +28,29 @@
 use OCA\Libresign\Db\IdentifyMethodMapper;
 use OCA\Libresign\Exception\LibresignException;
 use OCA\Libresign\Helper\JSActions;
-use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\ClickToSign;
-use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\EmailToken;
+use OCA\Libresign\Service\IdentifyMethod\SignatureMethod\ISignatureMethod;
 use OCA\Libresign\Service\SessionService;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Files\IRootFolder;
 use OCP\IUser;
 use OCP\IUserSession;
 
 class Email extends AbstractIdentifyMethod {
+	public array $availableSignatureMethods = [
+		ISignatureMethod::SIGNATURE_METHOD_CLICK_TO_SIGN,
+		ISignatureMethod::SIGNATURE_METHOD_EMAIL_TOKEN,
+	];
 	public function __construct(
 		protected IdentifyService $identifyService,
 		private IdentifyMethodMapper $identifyMethodMapper,
 		private IRootFolder $root,
 		private ITimeFactory $timeFactory,
 		private SessionService $sessionService,
 		private FileElementMapper $fileElementMapper,
-		private ClickToSign $clickToSign,
-		private EmailToken $emailToken,
 		private IUserSession $userSession,
 	) {
 		// TRANSLATORS Name of possible authenticator method. This signalize that the signer could be identified by email
 		$this->friendlyName = $this->identifyService->getL10n()->t('Email');
-		$this->signatureMethods = [
-			$this->clickToSign->getName() => $this->clickToSign,
-			$this->emailToken->getName() => $this->emailToken,
-		];
 		parent::__construct(
 			$identifyService,
 		);

diff --git a/lib/Service/IdentifyMethod/IIdentifyMethod.php b/lib/Service/IdentifyMethod/IIdentifyMethod.php
@@ -36,9 +36,7 @@ public function setCodeSentByUser(string $code): void;
 	public function cleanEntity(): void;
 	public function setEntity(IdentifyMethod $entity): void;
 	public function getEntity(): IdentifyMethod;
-	/**
-	 * @return AbstractSignatureMethod[]
-	 */
+	public function getEmptyInstanceOfSignatureMethodByName(string $name): AbstractSignatureMethod;
 	public function getSignatureMethods(): array;
 	public function signatureMethodsToArray(): array;
 	public function getSettings(): array;

diff --git a/lib/Service/IdentifyMethod/SignatureMethod/ISignatureMethod.php b/lib/Service/IdentifyMethod/SignatureMethod/ISignatureMethod.php
@@ -25,6 +25,9 @@
 namespace OCA\Libresign\Service\IdentifyMethod\SignatureMethod;
 
 interface ISignatureMethod {
+	public const SIGNATURE_METHOD_CLICK_TO_SIGN = 'clickToSign';
+	public const SIGNATURE_METHOD_EMAIL_TOKEN = 'emailToken';
+	public const SIGNATURE_METHOD_PASSWORD = 'password';
 	public function enable(): void;
 	public function isEnabled(): bool;
 	public function toArray(): array;

diff --git a/lib/Service/IdentifyMethodService.php b/lib/Service/IdentifyMethodService.php
@@ -191,10 +191,12 @@ public function getSignMethodsOfIdentifiedFactors(int $signRequestId): array {
 				if (empty($identifyMethod->getEntity()->getIdentifiedAtDate())) {
 					continue;
 				}
-				foreach ($identifyMethod->getSignatureMethods() as $signatureMethod) {
+				$signatureMethods = $identifyMethod->getSignatureMethods();
+				foreach ($signatureMethods as $signatureMethod) {
 					if (!$signatureMethod->isEnabled()) {
 						continue;
 					}
+					$signatureMethod->setEntity($identifyMethod->getEntity());
 					$return[$signatureMethod->getName()] = $signatureMethod->toArray();
 				}
 			}

diff --git a/lib/Service/SignFileService.php b/lib/Service/SignFileService.php
@@ -447,12 +447,13 @@ public function requestCode(
 			throw new LibresignException($this->l10n->t('Invalid identification method'));
 		}
 		foreach ($identifyMethods[$identifyMethodName] as $identifyMethod) {
-			$signatureMethods = $identifyMethod->getSignatureMethods();
-			if (empty($signatureMethods[$signMethodName])) {
-				throw new LibresignException($this->l10n->t('Invalid identification method'));
+			try {
+				$signatureMethod = $identifyMethod->getEmptyInstanceOfSignatureMethodByName($signMethodName);
+				$signatureMethod->setEntity($identifyMethod->getEntity());
+			} catch (InvalidArgumentException $th) {
+				continue;
 			}
 			/** @var EmailToken $signatureMethod */
-			$signatureMethod = $signatureMethods[$signMethodName];
 			$signatureMethod->requestCode($identify);
 			return;
 		}

diff --git a/tests/integration/features/admin/initial_state.feature b/tests/integration/features/admin/initial_state.feature
@@ -6,8 +6,8 @@ Feature: admin/initial_state
     Then the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """
 
@@ -20,8 +20,8 @@ Feature: admin/initial_state
     And the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """
 
@@ -34,8 +34,8 @@ Feature: admin/initial_state
     And the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """
 
@@ -48,8 +48,8 @@ Feature: admin/initial_state
     And the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """
 
@@ -62,8 +62,8 @@ Feature: admin/initial_state
     And the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """
 
@@ -75,7 +75,7 @@ Feature: admin/initial_state
     And the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":false,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":false,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """
diff --git a/tests/integration/features/page/index.feature b/tests/integration/features/page/index.feature
@@ -10,7 +10,7 @@ Feature: page/sign_identify_default
     And the response should contain the initial state "libresign-identify_methods" with the following values:
       """
       [
-        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"},"password":{"enabled":false,"label":"Certificate with password"}}},
-        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign"},"emailToken":{"enabled":false,"label":"Email token"}}}
+        {"name":"account","friendly_name":"Account","enabled":true,"mandatory":true,"signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"},"password":{"enabled":false,"label":"Certificate with password","name":"password"}}},
+        {"name":"email","friendly_name":"Email","enabled":false,"mandatory":true,"can_create_account":true,"test_url":"/index.php/settings/admin/mailtest","signatureMethods":{"clickToSign":{"enabled":false,"label":"Click to sign","name":"clickToSign"},"emailToken":{"enabled":false,"label":"Email token","name":"emailToken"}}}
       ]
       """