nextcloud /
passman
@@ -81,7 +81,7 @@ discard block |
||
| 81 | 81 | |
| 82 | 82 | /** |
| 83 | 83 | * Get credentials by vault id |
| 84 | - * @param $vault_id |
|
| 84 | + * @param integer $vault_id |
|
| 85 | 85 | * @param $user_id |
| 86 | 86 | * @return \OCA\Passman\Db\Vault[] |
| 87 | 87 | */ |
@@ -91,7 +91,7 @@ discard block |
||
| 91 | 91 | |
| 92 | 92 | /** |
| 93 | 93 | * Get a random credential from given vault |
| 94 | - * @param $vault_id |
|
| 94 | + * @param integer $vault_id |
|
| 95 | 95 | * @param $user_id |
| 96 | 96 | * @return mixed |
| 97 | 97 | */ |
@@ -102,7 +102,7 @@ discard block |
||
| 102 | 102 | |
| 103 | 103 | /** |
| 104 | 104 | * Get expired credentials. |
| 105 | - * @param $timestamp |
|
| 105 | + * @param integer $timestamp |
|
| 106 | 106 | * @return \OCA\Passman\Db\Credential[] |
| 107 | 107 | */ |
| 108 | 108 | public function getExpiredCredentials($timestamp) { |
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | |
| 133 | 133 | /** |
| 134 | 134 | * Get credential label by credential id. |
| 135 | - * @param $credential_id |
|
| 135 | + * @param integer $credential_id |
|
| 136 | 136 | * @return Credential |
| 137 | 137 | */ |
| 138 | 138 | public function getCredentialLabelById($credential_id){ |
@@ -36,14 +36,14 @@ discard block |
||
| 36 | 36 | class CredentialService { |
| 37 | 37 | |
| 38 | 38 | private $credentialMapper; |
| 39 | - private $sharingACL; |
|
| 39 | + private $sharingACL; |
|
| 40 | 40 | private $encryptService; |
| 41 | 41 | private $server_key; |
| 42 | 42 | |
| 43 | 43 | public function __construct(CredentialMapper $credentialMapper, SharingACLMapper $sharingACL, EncryptService $encryptService) { |
| 44 | 44 | $this->credentialMapper = $credentialMapper; |
| 45 | - $this->sharingACL = $sharingACL; |
|
| 46 | - $this->encryptService = $encryptService; |
|
| 45 | + $this->sharingACL = $sharingACL; |
|
| 46 | + $this->encryptService = $encryptService; |
|
| 47 | 47 | $this->server_key = \OC::$server->getConfig()->getSystemValue('passwordsalt', ''); |
| 48 | 48 | } |
| 49 | 49 | |
@@ -136,18 +136,18 @@ discard block |
||
| 136 | 136 | * @throws DoesNotExistException |
| 137 | 137 | */ |
| 138 | 138 | public function getCredentialById($credential_id, $user_id){ |
| 139 | - $credential = $this->credentialMapper->getCredentialById($credential_id); |
|
| 140 | - if ($credential->getUserId() === $user_id){ |
|
| 141 | - return $credential; |
|
| 142 | - } |
|
| 143 | - else { |
|
| 144 | - $acl = $this->sharingACL->getItemACL($user_id, $credential->getGuid()); |
|
| 145 | - if ($acl->hasPermission(SharingACL::READ)) { |
|
| 139 | + $credential = $this->credentialMapper->getCredentialById($credential_id); |
|
| 140 | + if ($credential->getUserId() === $user_id){ |
|
| 141 | + return $credential; |
|
| 142 | + } |
|
| 143 | + else { |
|
| 144 | + $acl = $this->sharingACL->getItemACL($user_id, $credential->getGuid()); |
|
| 145 | + if ($acl->hasPermission(SharingACL::READ)) { |
|
| 146 | 146 | return $this->encryptService->decryptCredential($credential); |
| 147 | 147 | } else { |
| 148 | 148 | throw new DoesNotExistException("Did expect one result but found none when executing"); |
| 149 | 149 | } |
| 150 | - } |
|
| 150 | + } |
|
| 151 | 151 | } |
| 152 | 152 | |
| 153 | 153 | /** |
@@ -169,5 +169,5 @@ discard block |
||
| 169 | 169 | public function getCredentialByGUID($credential_guid, $user_id = null){ |
| 170 | 170 | $credential = $this->credentialMapper->getCredentialByGUID($credential_guid); |
| 171 | 171 | return $this->encryptService->decryptCredential($credential); |
| 172 | - } |
|
| 172 | + } |
|
| 173 | 173 | } |
| 174 | 174 | \ No newline at end of file |
@@ -213,6 +213,10 @@ discard block |
||
| 213 | 213 | return array($cipherKey, $macKey, $iv); |
| 214 | 214 | } |
| 215 | 215 | |
| 216 | + /** |
|
| 217 | + * @param string $a |
|
| 218 | + * @param string $b |
|
| 219 | + */ |
|
| 216 | 220 | function hash_equals($a, $b) { |
| 217 | 221 | $key = openssl_random_pseudo_bytes(128); |
| 218 | 222 | return hash_hmac('sha512', $a, $key) === hash_hmac('sha512', $b, $key); |
@@ -250,7 +254,7 @@ discard block |
||
| 250 | 254 | /** |
| 251 | 255 | * Pad the data with a random char chosen by the pad amount. |
| 252 | 256 | * |
| 253 | - * @param $data |
|
| 257 | + * @param string $data |
|
| 254 | 258 | * @return string |
| 255 | 259 | */ |
| 256 | 260 | protected function pad($data) { |
@@ -266,8 +270,8 @@ discard block |
||
| 266 | 270 | /** |
| 267 | 271 | * Unpad the the data |
| 268 | 272 | * |
| 269 | - * @param $data |
|
| 270 | - * @return bool|string |
|
| 273 | + * @param string $data |
|
| 274 | + * @return false|string |
|
| 271 | 275 | */ |
| 272 | 276 | protected function unpad($data) { |
| 273 | 277 | $length = $this->getKeySize(); |
@@ -284,7 +288,7 @@ discard block |
||
| 284 | 288 | * Encrypt a credential |
| 285 | 289 | * |
| 286 | 290 | * @param array|Credential $credential the credential to decrypt |
| 287 | - * @return Credential|array |
|
| 291 | + * @return string |
|
| 288 | 292 | */ |
| 289 | 293 | public function decryptCredential($credential) { |
| 290 | 294 | |
@@ -380,7 +384,7 @@ discard block |
||
| 380 | 384 | /** |
| 381 | 385 | * Decrypt a file |
| 382 | 386 | * |
| 383 | - * @param File|array $file |
|
| 387 | + * @param File $file |
|
| 384 | 388 | * @return File|array |
| 385 | 389 | */ |
| 386 | 390 | |
@@ -47,7 +47,7 @@ discard block |
||
| 47 | 47 | ShareRequestMapper $shareRequest, |
| 48 | 48 | CredentialMapper $credentials, |
| 49 | 49 | CredentialRevisionService $revisions, |
| 50 | - EncryptService $encryptService |
|
| 50 | + EncryptService $encryptService |
|
| 51 | 51 | ) { |
| 52 | 52 | $this->sharingACL = $sharingACL; |
| 53 | 53 | $this->shareRequest = $shareRequest; |
@@ -200,31 +200,31 @@ discard block |
||
| 200 | 200 | } |
| 201 | 201 | |
| 202 | 202 | |
| 203 | - /** |
|
| 204 | - * Deletes a share request by the item ID |
|
| 205 | - * @param ShareRequest $request |
|
| 206 | - * @return \PDOStatement |
|
| 207 | - */ |
|
| 203 | + /** |
|
| 204 | + * Deletes a share request by the item ID |
|
| 205 | + * @param ShareRequest $request |
|
| 206 | + * @return \PDOStatement |
|
| 207 | + */ |
|
| 208 | 208 | public function cleanItemRequestsForUser(ShareRequest $request) { |
| 209 | 209 | return $this->shareRequest->cleanItemRequestsForUser($request->getItemId(), $request->getTargetUserId()); |
| 210 | 210 | } |
| 211 | 211 | |
| 212 | - /** |
|
| 213 | - * Get an share request by id |
|
| 214 | - * @param $id |
|
| 215 | - * @return ShareRequest |
|
| 216 | - */ |
|
| 212 | + /** |
|
| 213 | + * Get an share request by id |
|
| 214 | + * @param $id |
|
| 215 | + * @return ShareRequest |
|
| 216 | + */ |
|
| 217 | 217 | public function getShareRequestById($id) { |
| 218 | 218 | return $this->shareRequest->getShareRequestById($id); |
| 219 | 219 | } |
| 220 | 220 | |
| 221 | - /** |
|
| 222 | - * Get an share request by $item_guid and $target_vault_guid |
|
| 223 | - * |
|
| 224 | - * @param $item_guid |
|
| 225 | - * @param $target_vault_guid |
|
| 226 | - * @return ShareRequest |
|
| 227 | - */ |
|
| 221 | + /** |
|
| 222 | + * Get an share request by $item_guid and $target_vault_guid |
|
| 223 | + * |
|
| 224 | + * @param $item_guid |
|
| 225 | + * @param $target_vault_guid |
|
| 226 | + * @return ShareRequest |
|
| 227 | + */ |
|
| 228 | 228 | public function getRequestByGuid($item_guid, $target_vault_guid) { |
| 229 | 229 | return $this->shareRequest->getRequestByItemAndVaultGuid($item_guid, $target_vault_guid); |
| 230 | 230 | } |
@@ -284,11 +284,11 @@ discard block |
||
| 284 | 284 | return $this->sharingACL->deleteShareACL($ACL); |
| 285 | 285 | } |
| 286 | 286 | |
| 287 | - /** |
|
| 288 | - * Updates the given ACL entry |
|
| 289 | - * @param SharingACL $sharingACL |
|
| 290 | - * @return SharingACL |
|
| 291 | - */ |
|
| 287 | + /** |
|
| 288 | + * Updates the given ACL entry |
|
| 289 | + * @param SharingACL $sharingACL |
|
| 290 | + * @return SharingACL |
|
| 291 | + */ |
|
| 292 | 292 | public function updateCredentialACL(SharingACL $sharingACL) { |
| 293 | 293 | return $this->sharingACL->updateCredentialACL($sharingACL); |
| 294 | 294 | } |
@@ -310,6 +310,6 @@ discard block |
||
| 310 | 310 | |
| 311 | 311 | |
| 312 | 312 | public function updatePendingShareRequestsForCredential($item_guid, $user_id, $permissions){ |
| 313 | - return $this->shareRequest->updatePendingRequestPermissions($item_guid, $user_id, $permissions); |
|
| 314 | - } |
|
| 313 | + return $this->shareRequest->updatePendingRequestPermissions($item_guid, $user_id, $permissions); |
|
| 314 | + } |
|
| 315 | 315 | } |
| 316 | 316 | \ No newline at end of file |
