fix(appconfig): Make sure sensitive values stay sensitive

nickvergessen · nickvergessen · commit 3a67080a96e5 · 2024-03-06T22:58:59.000+01:00
Signed-off-by: Joas Schilling &lt;coding@schilljs.com&gt;
diff --git a/lib/private/AppConfig.php b/lib/private/AppConfig.php
@@ -754,14 +754,13 @@ private function setTypedValue(
 		 * no update if key is already known with set lazy status, or value is
 		 * different, or sensitivity switched from false to true.
 		 */
-		if (!$sensitive
-			&& $this->hasKey($app, $key, $lazy)
+		if ($this->hasKey($app, $key, $lazy)
 			&& $value === $this->getTypedValue($app, $key, $value, $lazy, $type)
-			&& !$this->isSensitive($app, $key, $lazy)) {
+			&& (!$sensitive || $this->isSensitive($app, $key, $lazy))) {
 			return false;
 		}
 
-		if ($sensitive) {
+		if ($sensitive || ($this->hasKey($app, $key, $lazy) && $this->isSensitive($app, $key, $lazy))) {
 			$value = self::ENCRYPTION_PREFIX . $this->crypto->encrypt($value);
 		}
 
@@ -812,7 +811,7 @@ private function setTypedValue(
 
 			// we fix $type if the stored value, or the new value as it might be changed, is set as sensitive
 			if ($sensitive || $this->isTyped(self::VALUE_SENSITIVE, $currType)) {
-				$type = $type | self::VALUE_SENSITIVE;
+				$type |= self::VALUE_SENSITIVE;
 			}
 
 			if ($lazy !== $this->isLazy($app, $key)) {
diff --git a/tests/lib/AppConfigTest.php b/tests/lib/AppConfigTest.php
@@ -877,20 +877,29 @@ public function testSetNonSensitiveValueStringAsSensitive(): void {
 		$config->setValueString('feed', 'string', 'value-1', sensitive: false);
 		$config->setValueString('feed', 'string', 'value-1', sensitive: true);
 		$this->assertSame(true, $config->isSensitive('feed', 'string'));
+
+		$this->assertConfigValueNotEquals('feed', 'string', 'value-1');
+		$this->assertConfigValueNotEquals('feed', 'string', 'value-2');
 	}
 
 	public function testSetSensitiveValueStringAsNonSensitiveStaysSensitive(): void {
 		$config = $this->generateAppConfig();
 		$config->setValueString('feed', 'string', 'value-1', sensitive: true);
 		$config->setValueString('feed', 'string', 'value-2', sensitive: false);
 		$this->assertSame(true, $config->isSensitive('feed', 'string'));
+
+		$this->assertConfigValueNotEquals('feed', 'string', 'value-1');
+		$this->assertConfigValueNotEquals('feed', 'string', 'value-2');
 	}
 
 	public function testSetSensitiveValueStringAsNonSensitiveAreStillUpdated(): void {
 		$config = $this->generateAppConfig();
 		$config->setValueString('feed', 'string', 'value-1', sensitive: true);
 		$config->setValueString('feed', 'string', 'value-2', sensitive: false);
 		$this->assertSame('value-2', $config->getValueString('feed', 'string', ''));
+
+		$this->assertConfigValueNotEquals('feed', 'string', 'value-1');
+		$this->assertConfigValueNotEquals('feed', 'string', 'value-2');
 	}
 
 	public function testSetLazyValueInt(): void {
