upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-15 22:11:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

feat(integrity): Allow to run check for all apps

Browse source 
Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
This commit is contained in:
Marcel Müller 2025-05-16 13:40:06 +02:00
parent fc9310feef
commit f9aa4e2e04
1 changed files with 44 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

61
core/Command/Integrity/CheckApp.php
View file

@ -40,31 +40,58 @@ class CheckApp extends Base {
$this
->setName('integrity:check-app')
->setDescription('Check integrity of an app using a signature.')
->addArgument('appid', InputArgument::REQUIRED, 'Application to check')
->addOption('path', null, InputOption::VALUE_OPTIONAL, 'Path to application. If none is given it will be guessed.');
->addArgument('appid', InputArgument::OPTIONAL, 'Application to check')
->addOption('path', null, InputOption::VALUE_OPTIONAL, 'Path to application. If none is given it will be guessed.')
->addOption('all', null, InputOption::VALUE_NONE, 'Check integrity of all apps.');
}
/**
* {@inheritdoc }
*/
protected function execute(InputInterface $input, OutputInterface $output): int {
$appid = $input->getArgument('appid');
$path = (string)$input->getOption('path');
if ($path === '') {
$path = $this->appLocator->getAppPath($appid);
if ($input->getOption('all') && $input->getArgument('appid')) {
$output->writeln('<error>Option "--all" cannot be combined with an appid</error>');
return 1;
}
if ($this->appManager->isShipped($appid) || $this->fileAccessHelper->file_exists($path . '/appinfo/signature.json')) {
// Only verify if the application explicitly ships a signature.json file
$result = $this->checker->verifyAppSignature($appid, $path, true);
$this->writeArrayInOutputFormat($input, $output, $result);
if (count($result) > 0) {
$output->writeln('<error>' . count($result) . ' errors found</error>', OutputInterface::VERBOSITY_VERBOSE);
return 1;
}
$output->writeln('<info>No errors found</info>', OutputInterface::VERBOSITY_VERBOSE);
if (!$input->getArgument('appid') && !$input->getOption('all')) {
$output->writeln('<error>Please specify an appid, or "--all" to verify all apps</error>');
return 1;
}
if ($input->getArgument('appid')) {
$appIds = [$input->getArgument('appid')];
} else {
$output->writeln('<comment>App signature not found, skipping app integrity check</comment>');
$appIds = $this->appManager->getAllAppsInAppsFolders();
}
return 0;
$errorsFound = false;
foreach ($appIds as $appId) {
$path = (string)$input->getOption('path');
if ($path === '') {
$path = $this->appLocator->getAppPath($appId);
}
if ($this->appManager->isShipped($appId) || $this->fileAccessHelper->file_exists($path . '/appinfo/signature.json')) {
// Only verify if the application explicitly ships a signature.json file
$result = $this->checker->verifyAppSignature($appId, $path, true);
if (count($result) > 0) {
$output->writeln('<error>' . $appId . ': ' . count($result) . ' errors found:</error>');
$this->writeArrayInOutputFormat($input, $output, $result);
$errorsFound = true;
}
} else {
$output->writeln('<comment>' . $appId . ': ' . 'App signature not found, skipping app integrity check</comment>');
}
}
if (!$errorsFound) {
$output->writeln('<info>No errors found</info>', OutputInterface::VERBOSITY_VERBOSE);
return 0;
}
return 1;
}
}