From 4781921336cb7ed89d0e362e9b69675c19dd3e8f Mon Sep 17 00:00:00 2001
From: Nicola Murino <nicola.murino@gmail.com>
Date: Thu, 29 Jul 2021 00:54:22 +0200
Subject: [PATCH] fix loading enabled_ssh_commands config key

---
 config/config.go      |  4 ++--
 config/config_test.go | 48 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 50 insertions(+), 2 deletions(-)

diff --git a/config/config.go b/config/config.go
index e607940c..b6447962 100644
--- a/config/config.go
+++ b/config/config.go
@@ -150,7 +150,7 @@ func Init() {
 			MACs:                    []string{},
 			TrustedUserCAKeys:       []string{},
 			LoginBannerFile:         "",
-			EnabledSSHCommands:      sftpd.GetDefaultSSHCommands(),
+			EnabledSSHCommands:      []string{},
 			KeyboardInteractiveHook: "",
 			PasswordAuthentication:  true,
 			FolderPrefix:            "",
@@ -975,7 +975,7 @@ func setViperDefaults() {
 	viper.SetDefault("sftpd.macs", globalConf.SFTPD.MACs)
 	viper.SetDefault("sftpd.trusted_user_ca_keys", globalConf.SFTPD.TrustedUserCAKeys)
 	viper.SetDefault("sftpd.login_banner_file", globalConf.SFTPD.LoginBannerFile)
-	viper.SetDefault("sftpd.enabled_ssh_commands", globalConf.SFTPD.EnabledSSHCommands)
+	viper.SetDefault("sftpd.enabled_ssh_commands", sftpd.GetDefaultSSHCommands())
 	viper.SetDefault("sftpd.keyboard_interactive_auth_hook", globalConf.SFTPD.KeyboardInteractiveHook)
 	viper.SetDefault("sftpd.password_authentication", globalConf.SFTPD.PasswordAuthentication)
 	viper.SetDefault("sftpd.folder_prefix", globalConf.SFTPD.FolderPrefix)
diff --git a/config/config_test.go b/config/config_test.go
index 3721911b..3d92222c 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -102,6 +102,35 @@ func TestEmptyBanner(t *testing.T) {
 	assert.NoError(t, err)
 }
 
+func TestEnabledSSHCommands(t *testing.T) {
+	reset()
+
+	configDir := ".."
+	confName := tempConfigName + ".json"
+	configFilePath := filepath.Join(configDir, confName)
+	err := config.LoadConfig(configDir, "")
+	assert.NoError(t, err)
+
+	reset()
+
+	sftpdConf := config.GetSFTPDConfig()
+	sftpdConf.EnabledSSHCommands = []string{"scp"}
+	c := make(map[string]sftpd.Configuration)
+	c["sftpd"] = sftpdConf
+	jsonConf, err := json.Marshal(c)
+	assert.NoError(t, err)
+	err = os.WriteFile(configFilePath, jsonConf, os.ModePerm)
+	assert.NoError(t, err)
+	err = config.LoadConfig(configDir, confName)
+	assert.NoError(t, err)
+	sftpdConf = config.GetSFTPDConfig()
+	if assert.Len(t, sftpdConf.EnabledSSHCommands, 1) {
+		assert.Equal(t, "scp", sftpdConf.EnabledSSHCommands[0])
+	}
+	err = os.Remove(configFilePath)
+	assert.NoError(t, err)
+}
+
 func TestInvalidUploadMode(t *testing.T) {
 	reset()
 
@@ -291,6 +320,25 @@ func TestServiceToStart(t *testing.T) {
 	assert.True(t, config.HasServicesToStart())
 }
 
+func TestSSHCommandsFromEnv(t *testing.T) {
+	reset()
+
+	os.Setenv("SFTPGO_SFTPD__ENABLED_SSH_COMMANDS", "cd,scp")
+	t.Cleanup(func() {
+		os.Unsetenv("SFTPGO_SFTPD__ENABLED_SSH_COMMANDS")
+	})
+
+	configDir := ".."
+	err := config.LoadConfig(configDir, "")
+	assert.NoError(t, err)
+
+	sftpdConf := config.GetSFTPDConfig()
+	if assert.Len(t, sftpdConf.EnabledSSHCommands, 2) {
+		assert.Equal(t, "cd", sftpdConf.EnabledSSHCommands[0])
+		assert.Equal(t, "scp", sftpdConf.EnabledSSHCommands[1])
+	}
+}
+
 func TestPluginsFromEnv(t *testing.T) {
 	reset()