Issues in DirectViewController.php - All Issues - Inspection of "Merge pull request #1039 from nextcloud/release/3...." - nextcloud/richdocuments - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( b5fad3...ebe77a )

by Julius

created 2020-06-23 11:35 UTC

lib/Controller/DirectViewController.php (1 issue)

Labels

Severity

Minor 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * @copyright Copyright (c) 2018, Roeland Jago Douma <[email protected]>
 *
 * @author Roeland Jago Douma <[email protected]>
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 */
namespace OCA\Richdocuments\Controller;

use OCA\Richdocuments\AppConfig;
use OCA\Richdocuments\Db\DirectMapper;
use OCA\Richdocuments\Service\FederationService;
use OCA\Richdocuments\TemplateManager;
use OCA\Richdocuments\TokenManager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\ContentSecurityPolicy;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\Files\IRootFolder;
use OCP\Files\Node;
use OCP\Files\NotFoundException;
use OCP\IConfig;
use OCP\IRequest;

class DirectViewController extends Controller {
	/** @var IRootFolder */
	private $rootFolder;

	/** @var TokenManager */
	private $tokenManager;

	/** @var DirectMapper */
	private $directMapper;

	/** @var IConfig */
	private $config;

	/** @var AppConfig */
	private $appConfig;

	/** @var TemplateManager */
	private $templateManager;

	/** @var FederationService */
	private $federationService;

	public function __construct(
		$appName,
		IRequest $request,
		IRootFolder $rootFolder,
		TokenManager $tokenManager,
		DirectMapper $directMapper,
		IConfig $config,
		AppConfig $appConfig,
		TemplateManager $templateManager,
		FederationService $federationService
	) {
		parent::__construct($appName, $request);

		$this->rootFolder = $rootFolder;
		$this->tokenManager = $tokenManager;
		$this->directMapper = $directMapper;
		$this->config = $config;
		$this->appConfig = $appConfig;
		$this->templateManager = $templateManager;
		$this->federationService = $federationService;
	}

	/**
	 * @NoAdminRequired
	 * @NoCSRFRequired
	 * @PublicPage
	 *
	 * @param string $token
	 * @return JSONResponse|RedirectResponse|TemplateResponse
	 * @throws NotFoundException
	 */
	public function show($token) {
		try {
			$direct = $this->directMapper->getByToken($token);
		} catch (DoesNotExistException $e) {
			$params = [
				'errors' => [['error' => $e->getMessage()]]
			];
			return new TemplateResponse('core', 'error', $params, 'guest');
		}

		// Delete the token. They are for 1 time use only
		$this->directMapper->delete($direct);

		$folder = $this->rootFolder->getUserFolder($direct->getUid());
		if ($this->templateManager->isTemplate($direct->getFileid())) {
			$item = $this->templateManager->get($direct->getFileid());
			if ($direct->getTemplateDestination() === 0 || $direct->getTemplateDestination() === null) {
				return new JSONResponse([], Http::STATUS_BAD_REQUEST);
			}

			try {

				list($urlSrc, $wopi) = $this->tokenManager->getTokenForTemplate($item, $direct->getUid(), $direct->getTemplateDestination(), true);
			} catch (\Exception $e) {
				return new JSONResponse([], Http::STATUS_BAD_REQUEST);
			}

			$relativePath = '/new.odt';

		} else {
			try {
				$item = $folder->getById($direct->getFileid())[0];
				if(!($item instanceof Node)) {
					throw new \Exception();
				}

				/** Open file from remote collabora */
				$federatedUrl = $this->federationService->getRemoteRedirectURL($item, $direct);
				if ($federatedUrl !== null) {
					$response = new RedirectResponse($federatedUrl);
					$response->addHeader('X-Frame-Options', 'ALLOW');
					return $response;
				}

				list($urlSrc, $token, $wopi) = $this->tokenManager->getToken($item->getId(), null, $direct->getUid(), true);
<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;
			} catch (\Exception $e) {
				$params = [
					'errors' => [['error' => $e->getMessage()]]
				];
				return new TemplateResponse('core', 'error', $params, 'guest');
			}

			$relativePath = $folder->getRelativePath($item->getPath());
		}

		try {
			$params = [
				'permissions' => $item->getPermissions(),
				'title' => $item->getName(),
				'fileId' => $wopi->getFileid() . '_' . $this->config->getSystemValue('instanceid'),
				'token' => $wopi->getToken(),
				'urlsrc' => $urlSrc,
				'path' => $relativePath,
				'instanceId' => $this->config->getSystemValue('instanceid'),
				'canonical_webroot' => $this->appConfig->getAppValue('canonical_webroot'),
				'direct' => true,
			];

			$response = new TemplateResponse('richdocuments', 'documents', $params, 'empty');
			$policy = new ContentSecurityPolicy();
			$policy->allowInlineScript(true);
			$policy->addAllowedFrameDomain($this->appConfig->getAppValue('public_wopi_url'));
			$response->setContentSecurityPolicy($policy);
			return $response;
		} catch (\Exception $e) {
			$params = [
				'errors' => [['error' => $e->getMessage()]]
			];
			return new TemplateResponse('core', 'error', $params, 'guest');
		}

	}
}


1		<?php
2		/**
3		* @copyright Copyright (c) 2018, Roeland Jago Douma <[email protected]>
4		*
5		* @author Roeland Jago Douma <[email protected]>
6		*
7		* @license GNU AGPL version 3 or any later version
8		*
9		* This program is free software: you can redistribute it and/or modify
10		* it under the terms of the GNU Affero General Public License as
11		* published by the Free Software Foundation, either version 3 of the
12		* License, or (at your option) any later version.
13		*
14		* This program is distributed in the hope that it will be useful,
15		* but WITHOUT ANY WARRANTY; without even the implied warranty of
16		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17		* GNU Affero General Public License for more details.
18		*
19		* You should have received a copy of the GNU Affero General Public License
20		* along with this program. If not, see <http://www.gnu.org/licenses/>.
21		*
22		*/
23		namespace OCA\Richdocuments\Controller;
24
25		use OCA\Richdocuments\AppConfig;
26		use OCA\Richdocuments\Db\DirectMapper;
27		use OCA\Richdocuments\Service\FederationService;
28		use OCA\Richdocuments\TemplateManager;
29		use OCA\Richdocuments\TokenManager;
30		use OCP\AppFramework\Controller;
31		use OCP\AppFramework\Db\DoesNotExistException;
32		use OCP\AppFramework\Http;
33		use OCP\AppFramework\Http\ContentSecurityPolicy;
34		use OCP\AppFramework\Http\JSONResponse;
35		use OCP\AppFramework\Http\RedirectResponse;
36		use OCP\AppFramework\Http\TemplateResponse;
37		use OCP\Files\IRootFolder;
38		use OCP\Files\Node;
39		use OCP\Files\NotFoundException;
40		use OCP\IConfig;
41		use OCP\IRequest;
42
43		class DirectViewController extends Controller {
44		/** @var IRootFolder */
45		private $rootFolder;
46
47		/** @var TokenManager */
48		private $tokenManager;
49
50		/** @var DirectMapper */
51		private $directMapper;
52
53		/** @var IConfig */
54		private $config;
55
56		/** @var AppConfig */
57		private $appConfig;
58
59		/** @var TemplateManager */
60		private $templateManager;
61
62		/** @var FederationService */
63		private $federationService;
64
65	View Code Duplication	public function __construct(
66		$appName,
67		IRequest $request,
68		IRootFolder $rootFolder,
69		TokenManager $tokenManager,
70		DirectMapper $directMapper,
71		IConfig $config,
72		AppConfig $appConfig,
73		TemplateManager $templateManager,
74		FederationService $federationService
75		) {
76		parent::__construct($appName, $request);
77
78		$this->rootFolder = $rootFolder;
79		$this->tokenManager = $tokenManager;
80		$this->directMapper = $directMapper;
81		$this->config = $config;
82		$this->appConfig = $appConfig;
83		$this->templateManager = $templateManager;
84		$this->federationService = $federationService;
85		}
86
87		/**
88		* @NoAdminRequired
89		* @NoCSRFRequired
90		* @PublicPage
91		*
92		* @param string $token
93		* @return JSONResponse\|RedirectResponse\|TemplateResponse
94		* @throws NotFoundException
95		*/
96		public function show($token) {
97		try {
98		$direct = $this->directMapper->getByToken($token);
99		} catch (DoesNotExistException $e) {
100		$params = [
101		'errors' => [['error' => $e->getMessage()]]
102		];
103		return new TemplateResponse('core', 'error', $params, 'guest');
104		}
105
106		// Delete the token. They are for 1 time use only
107		$this->directMapper->delete($direct);
108
109		$folder = $this->rootFolder->getUserFolder($direct->getUid());
110		if ($this->templateManager->isTemplate($direct->getFileid())) {
111		$item = $this->templateManager->get($direct->getFileid());
112		if ($direct->getTemplateDestination() === 0 \|\| $direct->getTemplateDestination() === null) {
113		return new JSONResponse([], Http::STATUS_BAD_REQUEST);
114		}
115
116		try {
117
118		list($urlSrc, $wopi) = $this->tokenManager->getTokenForTemplate($item, $direct->getUid(), $direct->getTemplateDestination(), true);
119		} catch (\Exception $e) {
120		return new JSONResponse([], Http::STATUS_BAD_REQUEST);
121		}
122
123		$relativePath = '/new.odt';
124
125		} else {
126		try {
127		$item = $folder->getById($direct->getFileid())[0];
128		if(!($item instanceof Node)) {
129		throw new \Exception();
130		}
131
132		/** Open file from remote collabora */
133		$federatedUrl = $this->federationService->getRemoteRedirectURL($item, $direct);
134	View Code Duplication	if ($federatedUrl !== null) {
135		$response = new RedirectResponse($federatedUrl);
136		$response->addHeader('X-Frame-Options', 'ALLOW');
137		return $response;
138		}
139
140		list($urlSrc, $token, $wopi) = $this->tokenManager->getToken($item->getId(), null, $direct->getUid(), true);
		0 ignored issues – show Unused Code introduced 2019-12-16 16:19 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$token` is unused. Consider omitting it like so `list($first,,$third)`. This checks looks for assignemnts to variables using the `list(...)` function, where not all assigned variables are subsequently used. Consider the following code example. <?php function returnThreeValues() { return array('a', 'b', 'c'); } list($a, $b, $c) = returnThreeValues(); print $a . " - " . $c; Only the variables `$a` and `$c` are used. There was no need to assign `$b`. Instead, the list call could have been. list($a,, $c) = returnThreeValues(); Loading history...
141		} catch (\Exception $e) {
142		$params = [
143		'errors' => [['error' => $e->getMessage()]]
144		];
145		return new TemplateResponse('core', 'error', $params, 'guest');
146		}
147
148		$relativePath = $folder->getRelativePath($item->getPath());
149		}
150
151		try {
152		$params = [
153		'permissions' => $item->getPermissions(),
154		'title' => $item->getName(),
155		'fileId' => $wopi->getFileid() . '_' . $this->config->getSystemValue('instanceid'),
156		'token' => $wopi->getToken(),
157		'urlsrc' => $urlSrc,
158		'path' => $relativePath,
159		'instanceId' => $this->config->getSystemValue('instanceid'),
160		'canonical_webroot' => $this->appConfig->getAppValue('canonical_webroot'),
161		'direct' => true,
162		];
163
164		$response = new TemplateResponse('richdocuments', 'documents', $params, 'empty');
165		$policy = new ContentSecurityPolicy();
166		$policy->allowInlineScript(true);
167		$policy->addAllowedFrameDomain($this->appConfig->getAppValue('public_wopi_url'));
168		$response->setContentSecurityPolicy($policy);
169		return $response;
170		} catch (\Exception $e) {
171		$params = [
172		'errors' => [['error' => $e->getMessage()]]
173		];
174		return new TemplateResponse('core', 'error', $params, 'guest');
175		}
176
177		}
178		}
179

nextcloud / richdocuments

Push — master ( b5fad3...ebe77a )

lib/Controller/DirectViewController.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like