feat(setup-check): add CertificateEngineSetupCheck

guilhermercarvalho · guilhermercarvalho · commit 31365851f383 · 2026-03-03T19:13:59.000Z
Adds CertificateEngineSetupCheck to process certificate engine configuration results. Related issue: #6590 Type: Feature Checklist: - [x] Implement ISetupCheck interface - [x] Use CertificateEngineFactory to get current engine - [x] Process ConfigureCheckHelper results from engine - [x] Convert to SetupResult with aggregated messages and tips - [x] Handle engine not defined (error) - [x] Add unit tests covering success, warning, error, and mixed results
diff --git a/lib/SetupCheck/CertificateEngineSetupCheck.php b/lib/SetupCheck/CertificateEngineSetupCheck.php
@@ -0,0 +1,94 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2026 LibreCode coop and contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Libresign\SetupCheck;
+
+use OCA\Libresign\Handler\CertificateEngine\CertificateEngineFactory;
+use OCA\Libresign\Helper\ConfigureCheckHelper;
+use OCP\IL10N;
+use OCP\SetupCheck\ISetupCheck;
+use OCP\SetupCheck\SetupResult;
+
+class CertificateEngineSetupCheck implements ISetupCheck
+{
+  private IL10N $l10n;
+  private CertificateEngineFactory $certificateEngineFactory;
+
+  public function __construct(
+    IL10N $l10n,
+    CertificateEngineFactory $certificateEngineFactory
+  ) {
+    $this->l10n = $l10n;
+    $this->certificateEngineFactory = $certificateEngineFactory;
+  }
+
+  public function getName(): string
+  {
+    return $this->l10n->t('Certificate engine');
+  }
+
+  public function getCategory(): string
+  {
+    return 'security';
+  }
+
+  public function run(): SetupResult
+  {
+    try {
+      $engine = $this->certificateEngineFactory->getEngine();
+      $checkResults = $engine->configureCheck();
+    } catch (\Throwable $e) {
+      $engineName = $this->certificateEngineFactory->getEngine()->getName() ?? 'unknown';
+      return SetupResult::error(
+        $this->l10n->t('Define the certificate engine to use'),
+        $this->l10n->t('Run occ libresign:configure:%s --help', [$engineName])
+      );
+    }
+
+    // Process results: if any error, return error; else if any warning, return warning; else success
+    $hasError = false;
+    $hasWarning = false;
+    $messages = [];
+    $tips = [];
+
+    foreach ($checkResults as $result) {
+      if ($result instanceof ConfigureCheckHelper) {
+        $status = $result->getStatus();
+        $msg = $result->getMessage();
+        $tip = $result->getTip();
+
+        if ($status === 'error') {
+          $hasError = true;
+          $messages[] = "[ERROR] $msg";
+        } elseif ($status === 'warning') {
+          $hasWarning = true;
+          $messages[] = "[WARNING] $msg";
+        } else {
+          $messages[] = $msg;
+        }
+
+        if (!empty($tip)) {
+          $tips[] = $tip;
+        }
+      }
+    }
+
+    $tip = '';
+    if (!empty($tips)) {
+      $tip = implode("\n", array_unique($tips));
+    }
+
+    if ($hasError) {
+      return SetupResult::error(implode("\n", $messages), $tip);
+    } elseif ($hasWarning) {
+      return SetupResult::warning(implode("\n", $messages), $tip);
+    } else {
+      return SetupResult::success(implode("\n", $messages) ?: $this->l10n->t('Certificate engine is configured correctly'));
+    }
+  }
+}
diff --git a/tests/php/Unit/SetupCheck/CertificateEngineSetupCheckTest.php b/tests/php/Unit/SetupCheck/CertificateEngineSetupCheckTest.php
@@ -0,0 +1,235 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2026 LibreCode coop and contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Libresign\Tests\Unit\SetupCheck;
+
+use OCA\Libresign\Handler\CertificateEngine\CertificateEngineFactory;
+use OCA\Libresign\Handler\CertificateEngine\IEngineHandler;
+use OCA\Libresign\Helper\ConfigureCheckHelper;
+use OCA\Libresign\SetupCheck\CertificateEngineSetupCheck;
+use OCP\IL10N;
+use OCP\SetupCheck\SetupResult;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+
+interface MockableIEngineHandler extends IEngineHandler
+{
+  public function getName(): string;
+}
+
+final class CertificateEngineSetupCheckTest extends TestCase
+{
+  /** @var IL10N&MockObject */
+  private $l10n;
+  /** @var CertificateEngineFactory&MockObject */
+  private $certificateEngineFactory;
+
+  protected function setUp(): void
+  {
+    parent::setUp();
+    $this->l10n = $this->createMock(IL10N::class);
+    $this->certificateEngineFactory = $this->createMock(CertificateEngineFactory::class);
+  }
+
+  private function getInstance(): CertificateEngineSetupCheck
+  {
+    return new CertificateEngineSetupCheck(
+      $this->l10n,
+      $this->certificateEngineFactory
+    );
+  }
+
+  public function testGetName(): void
+  {
+    $this->l10n->expects($this->once())
+      ->method('t')
+      ->with('Certificate engine')
+      ->willReturn('Certificate engine');
+
+    $check = $this->getInstance();
+    $this->assertSame('Certificate engine', $check->getName());
+  }
+
+  public function testGetCategory(): void
+  {
+    $check = $this->getInstance();
+    $this->assertSame('security', $check->getCategory());
+  }
+
+  public function testRunWithException(): void
+  {
+    $engineMock = $this->createMock(MockableIEngineHandler::class);
+    $engineMock->method('getName')->willReturn('cfssl');
+
+    $this->certificateEngineFactory->expects($this->exactly(2))
+      ->method('getEngine')
+      ->willReturnOnConsecutiveCalls(
+        $this->throwException(new \RuntimeException('Engine not found')),
+        $engineMock
+      );
+
+    $calls = 0;
+    $this->l10n->expects($this->exactly(2))
+      ->method('t')
+      ->willReturnCallback(function ($arg1, $arg2 = []) use (&$calls) {
+        $calls++;
+        if ($calls === 1) {
+          $this->assertEquals('Define the certificate engine to use', $arg1);
+          $this->assertEquals([], $arg2);
+          return 'Define the certificate engine to use';
+        } elseif ($calls === 2) {
+          $this->assertEquals('Run occ libresign:configure:%s --help', $arg1);
+          $this->assertEquals(['cfssl'], $arg2);
+          return 'Run occ libresign:configure:cfssl --help';
+        }
+      });
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('error', $result->getSeverity());
+    $this->assertEquals('Define the certificate engine to use', $result->getDescription());
+    $this->assertEquals('Run occ libresign:configure:cfssl --help', $result->getLinkToDoc());
+  }
+
+  public function testRunWithSuccess(): void
+  {
+    $engine = $this->createMock(IEngineHandler::class);
+    $engine->method('configureCheck')
+      ->willReturn([
+        (new ConfigureCheckHelper())->setSuccessMessage('Engine OK'),
+      ]);
+
+    $this->certificateEngineFactory->method('getEngine')->willReturn($engine);
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('success', $result->getSeverity());
+    $this->assertEquals('Engine OK', $result->getDescription());
+  }
+
+  public function testRunWithError(): void
+  {
+    $engine = $this->createMock(IEngineHandler::class);
+    $engine->method('configureCheck')
+      ->willReturn([
+        (new ConfigureCheckHelper())->setErrorMessage('Engine error'),
+      ]);
+
+    $this->certificateEngineFactory->method('getEngine')->willReturn($engine);
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('error', $result->getSeverity());
+    $this->assertEquals('[ERROR] Engine error', $result->getDescription());
+  }
+
+  public function testRunWithMixedResults(): void
+  {
+    $engine = $this->createMock(IEngineHandler::class);
+    $engine->method('configureCheck')
+      ->willReturn([
+        (new ConfigureCheckHelper())->setSuccessMessage('Success'),
+        (new ConfigureCheckHelper())->setInfoMessage('Info message'),
+        (new ConfigureCheckHelper())->setErrorMessage('Error'),
+      ]);
+
+    $this->certificateEngineFactory->method('getEngine')->willReturn($engine);
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('error', $result->getSeverity());
+    $expected = "Success\nInfo message\n[ERROR] Error";
+    $this->assertEquals($expected, $result->getDescription());
+  }
+
+  public function testRunWithEmptyResults(): void
+  {
+    $engine = $this->createMock(IEngineHandler::class);
+    $engine->method('configureCheck')->willReturn([]);
+
+    $this->certificateEngineFactory->method('getEngine')->willReturn($engine);
+
+    $this->l10n->method('t')
+      ->with('Certificate engine is configured correctly')
+      ->willReturn('Certificate engine is configured correctly');
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('success', $result->getSeverity());
+    $this->assertEquals('Certificate engine is configured correctly', $result->getDescription());
+  }
+
+  public function testRunWithOnlyWarnings(): void
+  {
+    $engine = $this->createMock(IEngineHandler::class);
+
+    $warning1 = new ConfigureCheckHelper();
+    $warning1->setStatus('warning');
+    $warning1->setMessage('Disk space low');
+
+    $warning2 = new ConfigureCheckHelper();
+    $warning2->setStatus('warning');
+    $warning2->setMessage('Certificate expires soon');
+
+    $engine->method('configureCheck')
+      ->willReturn([$warning1, $warning2]);
+
+    $this->certificateEngineFactory->method('getEngine')->willReturn($engine);
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('warning', $result->getSeverity());
+    $expected = "[WARNING] Disk space low\n[WARNING] Certificate expires soon";
+    $this->assertEquals($expected, $result->getDescription());
+  }
+
+  public function testRunCollectsTipsAndRemovesDuplicates(): void
+  {
+    $engine = $this->createMock(IEngineHandler::class);
+
+    $helper1 = (new ConfigureCheckHelper())
+      ->setErrorMessage('First error')
+      ->setTip('Tip A');
+    $helper2 = (new ConfigureCheckHelper())
+      ->setInfoMessage('Irrelevant info')
+      ->setTip('');
+    $helper3 = (new ConfigureCheckHelper())
+      ->setErrorMessage('Second error')
+      ->setTip('Tip B');
+    $helper4 = (new ConfigureCheckHelper())
+      ->setErrorMessage('First error again')
+      ->setTip('Tip A');
+
+    $engine->method('configureCheck')
+      ->willReturn([$helper1, $helper2, $helper3, $helper4]);
+
+    $this->certificateEngineFactory->method('getEngine')->willReturn($engine);
+
+    $check = $this->getInstance();
+    $result = $check->run();
+
+    $this->assertInstanceOf(SetupResult::class, $result);
+    $this->assertEquals('error', $result->getSeverity());
+
+    $expectedDesc = "[ERROR] First error\nIrrelevant info\n[ERROR] Second error\n[ERROR] First error again";
+    $this->assertEquals($expectedDesc, $result->getDescription());
+    $this->assertEquals("Tip A\nTip B", $result->getLinkToDoc());
+  }
+}
