Require the secret config to be configured

If it's not configured the instance will look like it is working but various features will silently break (end to end encryption, setting alternate email and probably more). One issue is that changing the secret from empty to something will break various other stuff (app token). I don't think there is a good way to solve this issue other than breaking early instead of having to handle a painful migration later on. Signed-off-by: Carl Schwan <carl@carlschwan.eu>
nextcloud · Mar 8, 2022 · 7496bf3 · 7496bf3
1 parent 8a52591
commit 7496bf3
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 1 deletion.
diff --git a/.github/workflows/s3-external.yml b/.github/workflows/s3-external.yml
@@ -55,7 +55,7 @@ jobs:
           php -S localhost:8080 &
       - name: PHPUnit
         run: |
-          echo "<?php return ['run' => true,'hostname' => 'localhost','key' => 'minio','secret' => 'minio123', 'bucket' => 'bucket', 'port' => 9000, 'use_ssl' => false, 'autocreate' => true, 'use_path_style' => true];" > apps/${{ env.APP_NAME }}/tests/config.amazons3.php
+          echo "<?php return ['run' => true, 'secret' => 'actually-not-secret', 'hostname' => 'localhost','key' => 'minio','secret' => 'minio123', 'bucket' => 'bucket', 'port' => 9000, 'use_ssl' => false, 'autocreate' => true, 'use_path_style' => true];" > apps/${{ env.APP_NAME }}/tests/config.amazons3.php
           phpunit --configuration tests/phpunit-autotest-external.xml apps/files_external/tests/Storage/Amazons3Test.php
           phpunit --configuration tests/phpunit-autotest-external.xml apps/files_external/tests/Storage/VersionedAmazonS3Test.php
       - name: S3 logs

diff --git a/lib/private/legacy/OC_Util.php b/lib/private/legacy/OC_Util.php
@@ -969,6 +969,13 @@ public static function checkServer(\OC\SystemConfig $config) {
 			];
 		}
 
+		if ($config->getValue('secret', '') === '' && !\OC::$CLI) {
+			$errors[] = [
+				'error' => $l->t('The required \'secret\' config variable is not configued in the config.php file.'),
+				'hint' => $l->t('Please ask your server administrator to check the Nextcloud configuration.')
+			];
+		}
+
 		$errors = array_merge($errors, self::checkDatabaseVersion());
 
 		// Cache the result of this function

diff --git a/tests/travis/install.sh b/tests/travis/install.sh
@@ -44,6 +44,7 @@ echo "Using database $DATABASENAME"
 cat > ./tests/autoconfig-sqlite.php <<DELIM
 <?php
 \$AUTOCONFIG = array (
+  'secret' => 'actually-not-secret',
   'installed' => false,
   'dbtype' => 'sqlite',
   'dbtableprefix' => 'oc_',
@@ -56,6 +57,7 @@ DELIM
 cat > ./tests/autoconfig-mysql.php <<DELIM
 <?php
 \$AUTOCONFIG = array (
+  'secret' => 'actually-not-secret',
   'installed' => false,
   'dbtype' => 'mysql',
   'dbtableprefix' => 'oc_',
@@ -72,6 +74,7 @@ DELIM
 cat > ./tests/autoconfig-pgsql.php <<DELIM
 <?php
 \$AUTOCONFIG = array (
+  'secret' => 'actually-not-secret',
   'installed' => false,
   'dbtype' => 'pgsql',
   'dbtableprefix' => 'oc_',
@@ -88,6 +91,7 @@ DELIM
 cat > ./tests/autoconfig-oracle.php <<DELIM
 <?php
 \$AUTOCONFIG = array (
+  'secret' => 'actually-not-secret',
   'installed' => false,
   'dbtype' => 'oci',
   'dbtableprefix' => 'oc_',