diff --git a/lib/Controller/BanController.php b/lib/Controller/BanController.php index ea110cd17c3..8725e8b64d0 100644 --- a/lib/Controller/BanController.php +++ b/lib/Controller/BanController.php @@ -40,7 +40,7 @@ public function __construct( * @param 'users'|'guests'|'ip' $actorType Type of actor to ban, or `ip` when banning a clients remote address * @param string $actorId Actor ID or the IP address or range in case of type `ip` * @param string $internalNote Optional internal note (max. 4000 characters) - * @return DataResponse|DataResponse + * @return DataResponse|DataResponse * * 200: Ban successfully * 400: Actor information is invalid diff --git a/lib/Service/BanService.php b/lib/Service/BanService.php index 09655f48022..0076b2e871b 100644 --- a/lib/Service/BanService.php +++ b/lib/Service/BanService.php @@ -44,6 +44,10 @@ public function __construct( * @throws \InvalidArgumentException */ public function createBan(Room $room, string $moderatorActorType, string $moderatorActorId, string $moderatorDisplayname, string $bannedActorType, string $bannedActorId, DateTime $bannedTime, string $internalNote): Ban { + if (!in_array($room->getType(), [Room::TYPE_GROUP, Room::TYPE_PUBLIC], true)) { + throw new \InvalidArgumentException('room'); + } + if (!in_array($bannedActorType, ['users', 'guests', 'ip'], true)) { throw new \InvalidArgumentException('bannedActor'); } @@ -58,9 +62,9 @@ public function createBan(Room $room, string $moderatorActorType, string $modera } catch (\InvalidArgumentException) { // Not an IP, check if it's a range try { - $this->ipFactory->addressFromString($bannedActorId); + $this->ipFactory->rangeFromString($bannedActorId); } catch (\InvalidArgumentException) { - // Not an IP, see if it's a range + // Not an IP range either throw new \InvalidArgumentException('bannedActor'); } } diff --git a/openapi-full.json b/openapi-full.json index 3fcdb8046b5..7428c7058a0 100644 --- a/openapi-full.json +++ b/openapi-full.json @@ -2177,7 +2177,8 @@ "bannedActor", "internalNote", "moderator", - "self" + "self", + "room" ] } } diff --git a/openapi.json b/openapi.json index a2ec3fccc4e..3f632302b4f 100644 --- a/openapi.json +++ b/openapi.json @@ -2064,7 +2064,8 @@ "bannedActor", "internalNote", "moderator", - "self" + "self", + "room" ] } } diff --git a/src/types/openapi/openapi-full.ts b/src/types/openapi/openapi-full.ts index 3dc190b20e9..226e7f5dd9a 100644 --- a/src/types/openapi/openapi-full.ts +++ b/src/types/openapi/openapi-full.ts @@ -2507,7 +2507,7 @@ export interface operations { meta: components["schemas"]["OCSMeta"]; data: { /** @enum {string} */ - error: "bannedActor" | "internalNote" | "moderator" | "self"; + error: "bannedActor" | "internalNote" | "moderator" | "self" | "room"; }; }; }; diff --git a/src/types/openapi/openapi.ts b/src/types/openapi/openapi.ts index 8bac8a501f7..ce7e95c0f12 100644 --- a/src/types/openapi/openapi.ts +++ b/src/types/openapi/openapi.ts @@ -1988,7 +1988,7 @@ export interface operations { meta: components["schemas"]["OCSMeta"]; data: { /** @enum {string} */ - error: "bannedActor" | "internalNote" | "moderator" | "self"; + error: "bannedActor" | "internalNote" | "moderator" | "self" | "room"; }; }; }; diff --git a/tests/integration/features/bootstrap/FeatureContext.php b/tests/integration/features/bootstrap/FeatureContext.php index 85e512e66d3..f62f4647035 100644 --- a/tests/integration/features/bootstrap/FeatureContext.php +++ b/tests/integration/features/bootstrap/FeatureContext.php @@ -1547,16 +1547,9 @@ public function userRemovesAttendeeFromRoom(string $user, string $actorType, str } /** - * @When /^user "([^"]*)" bans (user|group|email|remote|guest) "([^"]*)" from room "([^"]*)" with (\d+) \((v1)\)$/ - * - * @param string $user - * @param string $actorType - * @param string $actorId - * @param string $identifier - * @param int $statusCode - * @param string $apiVersion + * @When /^user "([^"]*)" bans ([^ ]*) "([^"]*)" from room "([^"]*)" with (\d+) \((v1)\)$/ */ - public function userBansUserFromRoom(string $user, string $actorType, string $actorId, string $identifier, int $statusCode, string $apiVersion = 'v1', TableNode $internalNote): void { + public function userBansUserFromRoom(string $user, string $actorType, string $actorId, string $identifier, int $statusCode, string $apiVersion = 'v1', ?TableNode $internalNote = null): void { if ($actorType === 'guest') { $actorId = self::$sessionNameToActorId[$actorId]; } elseif ($actorId === 'stranger') { @@ -1568,7 +1561,9 @@ public function userBansUserFromRoom(string $user, string $actorType, string $ac } } - $actorType .= 's'; + if ($actorType !== 'ip') { + $actorType .= 's'; + } $this->setCurrentUser($user); $body = [ @@ -1588,13 +1583,18 @@ public function userBansUserFromRoom(string $user, string $actorType, string $ac 'POST', '/apps/spreed/api/' . $apiVersion . '/ban/' . self::$identifierToToken[$identifier], $body ); - $this->assertStatusCode($this->response, $statusCode); + $data = $this->getDataFromResponse($this->response); + $this->assertStatusCode($this->response, $statusCode, print_r($data, true)); if ($statusCode === 200) { - $data = $this->getDataFromResponse($this->response); self::$userToBanId[self::$identifierToToken[$identifier]] ??= []; self::$userToBanId[self::$identifierToToken[$identifier]][$actorType] ??= []; self::$userToBanId[self::$identifierToToken[$identifier]][$actorType][$actorId] = $data['id']; + } elseif ($internalNote !== null) { + $internalNoteData = $internalNote->getRowsHash(); + if (isset($internalNoteData['error'])) { + Assert::assertSame($internalNoteData['error'], $data['error']); + } } } diff --git a/tests/integration/features/conversation-1/ban.feature b/tests/integration/features/conversation-1/ban.feature index 3746516f2b1..d781bdd52c3 100644 --- a/tests/integration/features/conversation-1/ban.feature +++ b/tests/integration/features/conversation-1/ban.feature @@ -72,6 +72,7 @@ Feature: conversation/ban And user "participant1" joins room "room" with 200 (v4) And user "participant1" bans user "participant1" from room "room" with 400 (v1) | internalNote | BannedP1 | + | error | self | Scenario: Moderator trying to ban moderator Given user "participant1" creates room "room" (v4) @@ -83,6 +84,7 @@ Feature: conversation/ban And user "participant1" promotes "participant2" in room "room" with 200 (v4) And user "participant1" bans user "participant2" from room "room" with 400 (v1) | internalNote | BannedP2 | + | error | moderator | And user "participant1" demotes "participant2" in room "room" with 200 (v4) And user "participant1" bans user "participant2" from room "room" with 200 (v1) | internalNote | BannedP2 | @@ -179,3 +181,42 @@ Feature: conversation/ban | actorType | actorId | | users | participant1 | | groups | group1 | + + Scenario: Can not ban in one-to-one conversations + Given user "participant1" creates room "one-to-one room" (v4) + | roomType | 1 | + | invite | participant2 | + And user "participant1" bans user "participant2" from room "one-to-one room" with 400 (v1) + | error | room | + + Scenario: Invalid banned actor type + Given user "participant1" creates room "room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" bans range "participant2" from room "room" with 400 (v1) + | error | bannedActor | + + Scenario: Invalid IP address + Given user "participant1" creates room "room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" bans ip "participant2" from room "room" with 400 (v1) + | error | bannedActor | + + Scenario: Invalid IP address range + Given user "participant1" creates room "room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" bans ip "127.0.0.1/64" from room "room" with 400 (v1) + | error | bannedActor | + + Scenario: Test valid IP bans + Given user "participant1" creates room "room" (v4) + | roomType | 3 | + | roomName | room | + And user "participant1" bans ip "127.0.0.1" from room "room" with 200 (v1) + And user "participant1" bans ip "127.0.0.1/24" from room "room" with 200 (v1) + And user "participant1" bans ip "127.0.0.1/32" from room "room" with 200 (v1) + And user "participant1" bans ip "::1" from room "room" with 200 (v1) + And user "participant1" bans ip "::1/32" from room "room" with 200 (v1) + And user "participant1" bans ip "::1/64" from room "room" with 200 (v1)