refactor: Apply rector Nextcloud 27 set

Signed-off-by: provokateurin <kate@provokateurin.de>
2 weeks ago · 504eae65bd
parent d59338b377
commit 504eae65bd
7 changed files with 92 additions and 80 deletions
--- a/REUSE.toml
+++ b/REUSE.toml
@ -250,7 +250,7 @@ SPDX-FileCopyrightText = "2023 Nextcloud GmbH and Nextcloud contributors"
 SPDX-License-Identifier = "AGPL-3.0-or-later"

 [[annotations]]
-path = ["apps/dav/lib/ExampleContentFiles/exampleContact.vcf", "tests/data/testvideo-remote-file.mp4", "tests/lib/AppFramework/Middleware/Mock/UseSessionController.php"]
+path = ["apps/dav/lib/ExampleContentFiles/exampleContact.vcf", "tests/data/testvideo-remote-file.mp4", "tests/lib/AppFramework/Middleware/Mock/UseSessionController.php", "tests/lib/AppFramework/Middleware/Security/Mock/BruteForceMiddlewareController.php", "tests/lib/AppFramework/Middleware/Security/Mock/RateLimitingMiddlewareController.php"]
 precedence = "aggregate"
 SPDX-FileCopyrightText = "2025 Nextcloud GmbH and Nextcloud contributors"
 SPDX-License-Identifier = "AGPL-3.0-or-later"
--- a/build/rector.php
+++ b/build/rector.php
@ -79,6 +79,7 @@ $config = RectorConfig::configure()
 		$nextcloudDir . '/apps/*/config/*',
 		// The mock classes are excluded, as the tests explicitly test the annotations which should not be migrated to attributes
 		$nextcloudDir . '/tests/lib/AppFramework/Middleware/Mock/*',
+		$nextcloudDir . '/tests/lib/AppFramework/Middleware/Security/Mock/*',
 	])
 	// uncomment to reach your current PHP version
 	// ->withPhpSets()
@ -94,7 +95,7 @@ $config = RectorConfig::configure()
 		'rename_property' => true,
 	])
 	->withSets([
-		NextcloudSets::NEXTCLOUD_26,
+		NextcloudSets::NEXTCLOUD_27,
 	]);

 $config->registerService(NextcloudNamespaceSkipVoter::class, tag:ClassNameImportSkipVoterInterface::class);
--- a/core/Controller/TwoFactorChallengeController.php
+++ b/core/Controller/TwoFactorChallengeController.php
@ -14,6 +14,7 @@ use OCP\AppFramework\Http\Attribute\FrontpageRoute;
 use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\UserRateLimit;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\RedirectResponse;
 use OCP\AppFramework\Http\StandaloneTemplateResponse;
@ -150,7 +151,6 @@ class TwoFactorChallengeController extends Controller {
 	/**
 	 * @TwoFactorSetUpDoneRequired
 	 *
-	 * @UserRateThrottle(limit=5, period=100)
 	 *
 	 * @param string $challengeProviderId
 	 * @param string $challenge
@ -161,6 +161,7 @@ class TwoFactorChallengeController extends Controller {
 	#[NoCSRFRequired]
 	#[UseSession]
 	#[FrontpageRoute(verb: 'POST', url: '/login/challenge/{challengeProviderId}')]
+	#[UserRateLimit(limit: 5, period: 100)]
 	public function solveChallenge($challengeProviderId, $challenge, $redirect_url = null) {
 		$user = $this->userSession->getUser();
 		$provider = $this->twoFactorManager->getProvider($user, $challengeProviderId);
--- a/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php
+++ b/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php
@ -9,34 +9,13 @@ namespace Test\AppFramework\Middleware\Security;

 use OC\AppFramework\Middleware\Security\BruteForceMiddleware;
 use OC\AppFramework\Utility\ControllerMethodReflector;
-use OCP\AppFramework\Controller;
-use OCP\AppFramework\Http\Attribute\BruteForceProtection;
 use OCP\AppFramework\Http\Response;
 use OCP\IRequest;
 use OCP\Security\Bruteforce\IThrottler;
 use Psr\Log\LoggerInterface;
+use Test\AppFramework\Middleware\Security\Mock\BruteForceMiddlewareController;
 use Test\TestCase;

-class TestController extends Controller {
-	/**
-	 * @BruteForceProtection(action=login)
-	 */
-	public function testMethodWithAnnotation() {
-	}
-
-	public function testMethodWithoutAnnotation() {
-	}
-
-	#[BruteForceProtection(action: 'single')]
-	public function singleAttribute(): void {
-	}
-
-	#[BruteForceProtection(action: 'first')]
-	#[BruteForceProtection(action: 'second')]
-	public function multipleAttributes(): void {
-	}
-}
-
 class BruteForceMiddlewareTest extends TestCase {
 	/** @var ControllerMethodReflector */
 	private $reflector;
@ -74,7 +53,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->method('sleepDelayOrThrowOnMax')
 			->with('127.0.0.1', 'login');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'testMethodWithAnnotation');
 		$this->bruteForceMiddleware->beforeController($controller, 'testMethodWithAnnotation');
 	}
@ -89,7 +68,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->method('sleepDelayOrThrowOnMax')
 			->with('::1', 'single');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'singleAttribute');
 		$this->bruteForceMiddleware->beforeController($controller, 'singleAttribute');
 	}
@ -113,7 +92,7 @@ class BruteForceMiddlewareTest extends TestCase {
 				return 0;
 			});

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'multipleAttributes');
 		$this->bruteForceMiddleware->beforeController($controller, 'multipleAttributes');
 	}
@ -126,7 +105,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->expects($this->never())
 			->method('sleepDelayOrThrowOnMax');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'testMethodWithoutAnnotation');
 		$this->bruteForceMiddleware->beforeController($controller, 'testMethodWithoutAnnotation');
 	}
@ -155,7 +134,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->method('registerAttempt')
 			->with('login', '127.0.0.1');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'testMethodWithAnnotation');
 		$this->bruteForceMiddleware->afterController($controller, 'testMethodWithAnnotation', $response);
 	}
@ -177,7 +156,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->expects($this->never())
 			->method('registerAttempt');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'testMethodWithAnnotation');
 		$this->bruteForceMiddleware->afterController($controller, 'testMethodWithAnnotation', $response);
 	}
@ -207,7 +186,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->method('registerAttempt')
 			->with('single', '::1');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'singleAttribute');
 		$this->bruteForceMiddleware->afterController($controller, 'singleAttribute', $response);
 	}
@ -254,7 +233,7 @@ class BruteForceMiddlewareTest extends TestCase {
 				$this->assertEquals($expected, func_get_args());
 			});

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'multipleAttributes');
 		$this->bruteForceMiddleware->afterController($controller, 'multipleAttributes', $response);
 	}
@ -284,7 +263,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->method('registerAttempt')
 			->with('second', '::1');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'multipleAttributes');
 		$this->bruteForceMiddleware->afterController($controller, 'multipleAttributes', $response);
 	}
@ -297,7 +276,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->expects($this->never())
 			->method('sleepDelayOrThrowOnMax');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'testMethodWithoutAnnotation');
 		/** @var Response|\PHPUnit\Framework\MockObject\MockObject $response */
 		$response = $this->createMock(Response::class);
@ -312,7 +291,7 @@ class BruteForceMiddlewareTest extends TestCase {
 			->expects($this->never())
 			->method('sleepDelayOrThrowOnMax');

-		$controller = new TestController('test', $this->request);
+		$controller = new BruteForceMiddlewareController('test', $this->request);
 		$this->reflector->reflect($controller, 'testMethodWithoutAnnotation');
 		/** @var Response|\PHPUnit\Framework\MockObject\MockObject $response */
 		$response = $this->createMock(Response::class);
@ -321,7 +300,7 @@ class BruteForceMiddlewareTest extends TestCase {

 		$this->logger->expects($this->once())
 			->method('debug')
-			->with('Response for Test\AppFramework\Middleware\Security\TestController::testMethodWithoutAnnotation got bruteforce throttled but has no annotation nor attribute defined.');
+			->with('Response for Test\AppFramework\Middleware\Security\Mock\BruteForceMiddlewareController::testMethodWithoutAnnotation got bruteforce throttled but has no annotation nor attribute defined.');

 		$this->bruteForceMiddleware->afterController($controller, 'testMethodWithoutAnnotation', $response);
 	}
--- a/tests/lib/AppFramework/Middleware/Security/Mock/BruteForceMiddlewareController.php
+++ b/tests/lib/AppFramework/Middleware/Security/Mock/BruteForceMiddlewareController.php
@ -0,0 +1,26 @@
+<?php
+
+namespace Test\AppFramework\Middleware\Security\Mock;
+
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\BruteForceProtection;
+
+class BruteForceMiddlewareController extends Controller {
+	/**
+	 * @BruteForceProtection(action=login)
+	 */
+	public function testMethodWithAnnotation() {
+	}
+
+	public function testMethodWithoutAnnotation() {
+	}
+
+	#[BruteForceProtection(action: 'single')]
+	public function singleAttribute(): void {
+	}
+
+	#[BruteForceProtection(action: 'first')]
+	#[BruteForceProtection(action: 'second')]
+	public function multipleAttributes(): void {
+	}
+}
--- a/tests/lib/AppFramework/Middleware/Security/Mock/RateLimitingMiddlewareController.php
+++ b/tests/lib/AppFramework/Middleware/Security/Mock/RateLimitingMiddlewareController.php
@ -0,0 +1,34 @@
+<?php
+
+namespace Test\AppFramework\Middleware\Security\Mock;
+
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\AnonRateLimit;
+use OCP\AppFramework\Http\Attribute\UserRateLimit;
+
+class RateLimitingMiddlewareController extends Controller {
+	/**
+	 * @UserRateThrottle(limit=20, period=200)
+	 * @AnonRateThrottle(limit=10, period=100)
+	 */
+	public function testMethodWithAnnotation() {
+	}
+
+	/**
+	 * @AnonRateThrottle(limit=10, period=100)
+	 */
+	public function testMethodWithAnnotationFallback() {
+	}
+
+	public function testMethodWithoutAnnotation() {
+	}
+
+	#[UserRateLimit(limit: 20, period: 200)]
+	#[AnonRateLimit(limit: 10, period: 100)]
+	public function testMethodWithAttributes() {
+	}
+
+	#[AnonRateLimit(limit: 10, period: 100)]
+	public function testMethodWithAttributesFallback() {
+	}
+}
--- a/tests/lib/AppFramework/Middleware/Security/RateLimitingMiddlewareTest.php
+++ b/tests/lib/AppFramework/Middleware/Security/RateLimitingMiddlewareTest.php
@ -14,9 +14,6 @@ use OC\AppFramework\Utility\ControllerMethodReflector;
 use OC\Security\Ip\BruteforceAllowList;
 use OC\Security\RateLimiting\Exception\RateLimitExceededException;
 use OC\Security\RateLimiting\Limiter;
-use OCP\AppFramework\Controller;
-use OCP\AppFramework\Http\Attribute\AnonRateLimit;
-use OCP\AppFramework\Http\Attribute\UserRateLimit;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\IAppConfig;
@ -25,35 +22,9 @@ use OCP\ISession;
 use OCP\IUser;
 use OCP\IUserSession;
 use PHPUnit\Framework\MockObject\MockObject;
+use Test\AppFramework\Middleware\Security\Mock\RateLimitingMiddlewareController;
 use Test\TestCase;

-class TestRateLimitController extends Controller {
-	/**
-	 * @UserRateThrottle(limit=20, period=200)
-	 * @AnonRateThrottle(limit=10, period=100)
-	 */
-	public function testMethodWithAnnotation() {
-	}
-
-	/**
-	 * @AnonRateThrottle(limit=10, period=100)
-	 */
-	public function testMethodWithAnnotationFallback() {
-	}
-
-	public function testMethodWithoutAnnotation() {
-	}
-
-	#[UserRateLimit(limit: 20, period: 200)]
-	#[AnonRateLimit(limit: 10, period: 100)]
-	public function testMethodWithAttributes() {
-	}
-
-	#[AnonRateLimit(limit: 10, period: 100)]
-	public function testMethodWithAttributesFallback() {
-	}
-}
-
 /**
 * @group DB
 */
@ -101,8 +72,8 @@ class RateLimitingMiddlewareTest extends TestCase {
 			->method('isLoggedIn')
 			->willReturn(false);

-		/** @var TestRateLimitController|MockObject $controller */
-		$controller = $this->createMock(TestRateLimitController::class);
+		/** @var RateLimitingMiddlewareController|MockObject $controller */
+		$controller = $this->createMock(RateLimitingMiddlewareController::class);
 		$this->reflector->reflect($controller, 'testMethodWithoutAnnotation');
 		$this->rateLimitingMiddleware->beforeController($controller, 'testMethodWithoutAnnotation');
 	}
@ -119,14 +90,14 @@ class RateLimitingMiddlewareTest extends TestCase {
 			->method('isLoggedIn')
 			->willReturn(true);

-		/** @var TestRateLimitController|MockObject $controller */
-		$controller = $this->createMock(TestRateLimitController::class);
+		/** @var RateLimitingMiddlewareController|MockObject $controller */
+		$controller = $this->createMock(RateLimitingMiddlewareController::class);
 		$this->reflector->reflect($controller, 'testMethodWithoutAnnotation');
 		$this->rateLimitingMiddleware->beforeController($controller, 'testMethodWithoutAnnotation');
 	}

 	public function testBeforeControllerForAnon(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);

 		$this->request
 			->method('getRemoteAddress')
@ -150,7 +121,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 	}

 	public function testBeforeControllerForLoggedIn(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);
 		/** @var IUser|MockObject $user */
 		$user = $this->createMock(IUser::class);

@ -177,7 +148,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 	}

 	public function testBeforeControllerAnonWithFallback(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);
 		$this->request
 			->expects($this->once())
 			->method('getRemoteAddress')
@ -202,7 +173,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 	}

 	public function testBeforeControllerAttributesForAnon(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);

 		$this->request
 			->method('getRemoteAddress')
@ -226,7 +197,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 	}

 	public function testBeforeControllerAttributesForLoggedIn(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);
 		/** @var IUser|MockObject $user */
 		$user = $this->createMock(IUser::class);

@ -253,7 +224,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 	}

 	public function testBeforeControllerAttributesAnonWithFallback(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);
 		$this->request
 			->expects($this->once())
 			->method('getRemoteAddress')
@ -281,13 +252,13 @@ class RateLimitingMiddlewareTest extends TestCase {
 		$this->expectException(\Exception::class);
 		$this->expectExceptionMessage('My test exception');

-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);

 		$this->rateLimitingMiddleware->afterException($controller, 'testMethod', new \Exception('My test exception'));
 	}

 	public function testAfterExceptionWithJsonBody(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);
 		$this->request
 			->expects($this->once())
 			->method('getHeader')
@ -301,7 +272,7 @@ class RateLimitingMiddlewareTest extends TestCase {
 	}

 	public function testAfterExceptionWithHtmlBody(): void {
-		$controller = new TestRateLimitController('test', $this->request);
+		$controller = new RateLimitingMiddlewareController('test', $this->request);
 		$this->request
 			->expects($this->once())
 			->method('getHeader')