Inspection of "Merge pull request #14457 from nextcloud/refactor/..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( ba155a...1cfa87 )

by Roeland

created 2019-03-01 21:49 UTC

Status

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

@@ -45,136 +45,136 @@
 block discarded – undo
 
 class Security implements ISettings {
 
-	/** @var IUserManager */
-	private $userManager;
-
-	/** @var TwoFactorManager */
-	private $twoFactorManager;
-
-	/** @var IAuthTokenProvider */
-	private $tokenProvider;
-
-	/** @var ProviderLoader */
-	private $providerLoader;
-
-	/** @var IUserSession */
-	private $userSession;
-
-	/** @var ISession */
-	private $session;
-
-	/** @var IInitialStateService */
-	private $initialStateService;
-	/**
-	 * @var string|null
-	 */
-	private $uid;
-
-	public function __construct(IUserManager $userManager,
-								TwoFactorManager $providerManager,
-								IAuthTokenProvider $tokenProvider,
-								ProviderLoader $providerLoader,
-								IUserSession $userSession,
-								ISession $session,
-								IInitialStateService $initialStateService,
-								?string $UserId) {
-		$this->userManager = $userManager;
-		$this->twoFactorManager = $providerManager;
-		$this->tokenProvider = $tokenProvider;
-		$this->providerLoader = $providerLoader;
-		$this->userSession = $userSession;
-		$this->session = $session;
-		$this->initialStateService = $initialStateService;
-		$this->uid = $UserId;
-	}
-
-	/**
-	 * @return TemplateResponse returns the instance with all parameters set, ready to be rendered
-	 * @since 9.1
-	 */
-	public function getForm() {
-		$user = $this->userManager->get($this->uid);
-		$passwordChangeSupported = false;
-		if ($user !== null) {
-			$passwordChangeSupported = $user->canChangePassword();
-		}
-
-		$this->initialStateService->provideInitialState(
-			'settings',
-			'app_tokens',
-			$this->getAppTokens()
-		);
-
-		return new TemplateResponse('settings', 'settings/personal/security', [
-			'passwordChangeSupported' => $passwordChangeSupported,
-			'twoFactorProviderData' => $this->getTwoFactorProviderData(),
-		]);
-	}
-
-	/**
-	 * @return string the section ID, e.g. 'sharing'
-	 * @since 9.1
-	 */
-	public function getSection() {
-		return 'security';
-	}
-
-	/**
-	 * @return int whether the form should be rather on the top or bottom of
-	 * the admin section. The forms are arranged in ascending order of the
-	 * priority values. It is required to return a value between 0 and 100.
-	 *
-	 * E.g.: 70
-	 * @since 9.1
-	 */
-	public function getPriority() {
-		return 10;
-	}
-
-	private function getTwoFactorProviderData(): array {
-		$user = $this->userSession->getUser();
-		if (is_null($user)) {
-			// Actually impossible, but still …
-			return [];
-		}
-
-		return [
-			'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) {
-				return [
-					'provider' => $provider,
-					'settings' => $provider->getPersonalSettings($user)
-				];
-			}, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) {
-				return $provider instanceof IProvidesPersonalSettings;
-			}))
-		];
-	}
-
-	private function getAppTokens(): array {
-		$tokens = $this->tokenProvider->getTokenByUser($this->uid);
-
-		try {
-			$sessionId = $this->session->getId();
-		} catch (SessionNotAvailableException $ex) {
-			return [];
-		}
-		try {
-			$sessionToken = $this->tokenProvider->getToken($sessionId);
-		} catch (InvalidTokenException $ex) {
-			return [];
-		}
-
-		return array_map(function (IToken $token) use ($sessionToken) {
-			$data = $token->jsonSerialize();
-			$data['canDelete'] = true;
-			$data['canRename'] = $token instanceof INamedToken;
-			if ($sessionToken->getId() === $token->getId()) {
-				$data['canDelete'] = false;
-				$data['canRename'] = false;
-				$data['current'] = true;
-			}
-			return $data;
-		}, $tokens);
-	}
+    /** @var IUserManager */
+    private $userManager;
+
+    /** @var TwoFactorManager */
+    private $twoFactorManager;
+
+    /** @var IAuthTokenProvider */
+    private $tokenProvider;
+
+    /** @var ProviderLoader */
+    private $providerLoader;
+
+    /** @var IUserSession */
+    private $userSession;
+
+    /** @var ISession */
+    private $session;
+
+    /** @var IInitialStateService */
+    private $initialStateService;
+    /**
+     * @var string|null
+     */
+    private $uid;
+
+    public function __construct(IUserManager $userManager,
+                                TwoFactorManager $providerManager,
+                                IAuthTokenProvider $tokenProvider,
+                                ProviderLoader $providerLoader,
+                                IUserSession $userSession,
+                                ISession $session,
+                                IInitialStateService $initialStateService,
+                                ?string $UserId) {
+        $this->userManager = $userManager;
+        $this->twoFactorManager = $providerManager;
+        $this->tokenProvider = $tokenProvider;
+        $this->providerLoader = $providerLoader;
+        $this->userSession = $userSession;
+        $this->session = $session;
+        $this->initialStateService = $initialStateService;
+        $this->uid = $UserId;
+    }
+
+    /**
+     * @return TemplateResponse returns the instance with all parameters set, ready to be rendered
+     * @since 9.1
+     */
+    public function getForm() {
+        $user = $this->userManager->get($this->uid);
+        $passwordChangeSupported = false;
+        if ($user !== null) {
+            $passwordChangeSupported = $user->canChangePassword();
+        }
+
+        $this->initialStateService->provideInitialState(
+            'settings',
+            'app_tokens',
+            $this->getAppTokens()
+        );
+
+        return new TemplateResponse('settings', 'settings/personal/security', [
+            'passwordChangeSupported' => $passwordChangeSupported,
+            'twoFactorProviderData' => $this->getTwoFactorProviderData(),
+        ]);
+    }
+
+    /**
+     * @return string the section ID, e.g. 'sharing'
+     * @since 9.1
+     */
+    public function getSection() {
+        return 'security';
+    }
+
+    /**
+     * @return int whether the form should be rather on the top or bottom of
+     * the admin section. The forms are arranged in ascending order of the
+     * priority values. It is required to return a value between 0 and 100.
+     *
+     * E.g.: 70
+     * @since 9.1
+     */
+    public function getPriority() {
+        return 10;
+    }
+
+    private function getTwoFactorProviderData(): array {
+        $user = $this->userSession->getUser();
+        if (is_null($user)) {
+            // Actually impossible, but still …
+            return [];
+        }
+
+        return [
+            'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) {
+                return [
+                    'provider' => $provider,
+                    'settings' => $provider->getPersonalSettings($user)
+                ];
+            }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) {
+                return $provider instanceof IProvidesPersonalSettings;
+            }))
+        ];
+    }
+
+    private function getAppTokens(): array {
+        $tokens = $this->tokenProvider->getTokenByUser($this->uid);
+
+        try {
+            $sessionId = $this->session->getId();
+        } catch (SessionNotAvailableException $ex) {
+            return [];
+        }
+        try {
+            $sessionToken = $this->tokenProvider->getToken($sessionId);
+        } catch (InvalidTokenException $ex) {
+            return [];
+        }
+
+        return array_map(function (IToken $token) use ($sessionToken) {
+            $data = $token->jsonSerialize();
+            $data['canDelete'] = true;
+            $data['canRename'] = $token instanceof INamedToken;
+            if ($sessionToken->getId() === $token->getId()) {
+                $data['canDelete'] = false;
+                $data['canRename'] = false;
+                $data['current'] = true;
+            }
+            return $data;
+        }, $tokens);
+    }
 
 }

Please login to merge, or discard this patch.

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

@@ -139,12 +139,12 @@  discard block
 block discarded – undo
 		}
 
 		return [
-			'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) {
+			'providers' => array_map(function(IProvidesPersonalSettings $provider) use ($user) {
 				return [
 					'provider' => $provider,
 					'settings' => $provider->getPersonalSettings($user)
 				];
-			}, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) {
+			}, array_filter($this->providerLoader->getProviders($user), function(IProvider $provider) {
 				return $provider instanceof IProvidesPersonalSettings;
 			}))
 		];
@@ -164,7 +164,7 @@  discard block
 block discarded – undo
 			return [];
 		}
 
-		return array_map(function (IToken $token) use ($sessionToken) {
+		return array_map(function(IToken $token) use ($sessionToken) {
 			$data = $token->jsonSerialize();
 			$data['canDelete'] = true;
 			$data['canRename'] = $token instanceof INamedToken;

Please login to merge, or discard this patch.

settings/Controller/AuthSettingsController.php 1 patch

Indentation +199 added lines, -199 removed lines patch added patch discarded remove patch

@@ -47,203 +47,203 @@
 block discarded – undo
 
 class AuthSettingsController extends Controller {
 
-	/** @var IProvider */
-	private $tokenProvider;
-
-	/** @var ISession */
-	private $session;
-
-	/** @var string */
-	private $uid;
-
-	/** @var ISecureRandom */
-	private $random;
-
-	/** @var IManager */
-	private $activityManager;
-
-	/** @var ILogger */
-	private $logger;
-
-	/**
-	 * @param string $appName
-	 * @param IRequest $request
-	 * @param IProvider $tokenProvider
-	 * @param ISession $session
-	 * @param ISecureRandom $random
-	 * @param string|null $userId
-	 * @param IManager $activityManager
-	 * @param ILogger $logger
-	 */
-	public function __construct(string $appName,
-								IRequest $request,
-								IProvider $tokenProvider,
-								ISession $session,
-								ISecureRandom $random,
-								?string $userId,
-								IManager $activityManager,
-								ILogger $logger) {
-		parent::__construct($appName, $request);
-		$this->tokenProvider = $tokenProvider;
-		$this->uid = $userId;
-		$this->session = $session;
-		$this->random = $random;
-		$this->activityManager = $activityManager;
-		$this->logger = $logger;
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 * @PasswordConfirmationRequired
-	 *
-	 * @param string $name
-	 * @return JSONResponse
-	 */
-	public function create($name) {
-		try {
-			$sessionId = $this->session->getId();
-		} catch (SessionNotAvailableException $ex) {
-			return $this->getServiceNotAvailableResponse();
-		}
-
-		try {
-			$sessionToken = $this->tokenProvider->getToken($sessionId);
-			$loginName = $sessionToken->getLoginName();
-			try {
-				$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
-			} catch (PasswordlessTokenException $ex) {
-				$password = null;
-			}
-		} catch (InvalidTokenException $ex) {
-			return $this->getServiceNotAvailableResponse();
-		}
-
-		$token = $this->generateRandomDeviceToken();
-		$deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
-		$tokenData = $deviceToken->jsonSerialize();
-		$tokenData['canDelete'] = true;
-		$tokenData['canRename'] = true;
-
-		$this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), ['name' => $deviceToken->getName()]);
-
-		return new JSONResponse([
-			'token' => $token,
-			'loginName' => $loginName,
-			'deviceToken' => $tokenData,
-		]);
-	}
-
-	/**
-	 * @return JSONResponse
-	 */
-	private function getServiceNotAvailableResponse() {
-		$resp = new JSONResponse();
-		$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
-		return $resp;
-	}
-
-	/**
-	 * Return a 25 digit device password
-	 *
-	 * Example: AbCdE-fGhJk-MnPqR-sTwXy-23456
-	 *
-	 * @return string
-	 */
-	private function generateRandomDeviceToken() {
-		$groups = [];
-		for ($i = 0; $i < 5; $i++) {
-			$groups[] = $this->random->generate(5, ISecureRandom::CHAR_HUMAN_READABLE);
-		}
-		return implode('-', $groups);
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 *
-	 * @param int $id
-	 * @return array|JSONResponse
-	 */
-	public function destroy($id) {
-		try {
-			$token = $this->findTokenByIdAndUser($id);
-		} catch (InvalidTokenException $e) {
-			return new JSONResponse([], Http::STATUS_NOT_FOUND);
-		}
-
-		$this->tokenProvider->invalidateTokenById($this->uid, $token->getId());
-		$this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), ['name' => $token->getName()]);
-		return [];
-	}
-
-	/**
-	 * @NoAdminRequired
-	 * @NoSubadminRequired
-	 *
-	 * @param int $id
-	 * @param array $scope
-	 * @param string $name
-	 * @return array|JSONResponse
-	 */
-	public function update($id, array $scope, string $name) {
-		try {
-			$token = $this->findTokenByIdAndUser($id);
-		} catch (InvalidTokenException $e) {
-			return new JSONResponse([], Http::STATUS_NOT_FOUND);
-		}
-
-		$currentName = $token->getName();
-
-		if ($scope !== $token->getScopeAsArray()) {
-			$token->setScope(['filesystem' => $scope['filesystem']]);
-			$this->publishActivity($scope['filesystem'] ? Provider::APP_TOKEN_FILESYSTEM_GRANTED : Provider::APP_TOKEN_FILESYSTEM_REVOKED, $token->getId(), ['name' => $currentName]);
-		}
-
-		if ($token instanceof INamedToken && $name !== $currentName) {
-			$token->setName($name);
-			$this->publishActivity(Provider::APP_TOKEN_RENAMED, $token->getId(), ['name' => $currentName, 'newName' => $name]);
-		}
-
-		$this->tokenProvider->updateToken($token);
-		return [];
-	}
-
-	/**
-	 * @param string $subject
-	 * @param int $id
-	 * @param array $parameters
-	 */
-	private function publishActivity(string $subject, int $id, array $parameters = []): void {
-		$event = $this->activityManager->generateEvent();
-		$event->setApp('settings')
-			->setType('security')
-			->setAffectedUser($this->uid)
-			->setAuthor($this->uid)
-			->setSubject($subject, $parameters)
-			->setObject('app_token', $id, 'App Password');
-
-		try {
-			$this->activityManager->publish($event);
-		} catch (BadMethodCallException $e) {
-			$this->logger->warning('could not publish activity');
-			$this->logger->logException($e);
-		}
-	}
-
-	/**
-	 * Find a token by given id and check if uid for current session belongs to this token
-	 *
-	 * @param int $id
-	 * @return IToken
-	 * @throws InvalidTokenException
-	 * @throws \OC\Authentication\Exceptions\ExpiredTokenException
-	 */
-	private function findTokenByIdAndUser(int $id): IToken {
-		$token = $this->tokenProvider->getTokenById($id);
-		if ($token->getUID() !== $this->uid) {
-			throw new InvalidTokenException('This token does not belong to you!');
-		}
-		return $token;
-	}
+    /** @var IProvider */
+    private $tokenProvider;
+
+    /** @var ISession */
+    private $session;
+
+    /** @var string */
+    private $uid;
+
+    /** @var ISecureRandom */
+    private $random;
+
+    /** @var IManager */
+    private $activityManager;
+
+    /** @var ILogger */
+    private $logger;
+
+    /**
+     * @param string $appName
+     * @param IRequest $request
+     * @param IProvider $tokenProvider
+     * @param ISession $session
+     * @param ISecureRandom $random
+     * @param string|null $userId
+     * @param IManager $activityManager
+     * @param ILogger $logger
+     */
+    public function __construct(string $appName,
+                                IRequest $request,
+                                IProvider $tokenProvider,
+                                ISession $session,
+                                ISecureRandom $random,
+                                ?string $userId,
+                                IManager $activityManager,
+                                ILogger $logger) {
+        parent::__construct($appName, $request);
+        $this->tokenProvider = $tokenProvider;
+        $this->uid = $userId;
+        $this->session = $session;
+        $this->random = $random;
+        $this->activityManager = $activityManager;
+        $this->logger = $logger;
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     * @PasswordConfirmationRequired
+     *
+     * @param string $name
+     * @return JSONResponse
+     */
+    public function create($name) {
+        try {
+            $sessionId = $this->session->getId();
+        } catch (SessionNotAvailableException $ex) {
+            return $this->getServiceNotAvailableResponse();
+        }
+
+        try {
+            $sessionToken = $this->tokenProvider->getToken($sessionId);
+            $loginName = $sessionToken->getLoginName();
+            try {
+                $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
+            } catch (PasswordlessTokenException $ex) {
+                $password = null;
+            }
+        } catch (InvalidTokenException $ex) {
+            return $this->getServiceNotAvailableResponse();
+        }
+
+        $token = $this->generateRandomDeviceToken();
+        $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
+        $tokenData = $deviceToken->jsonSerialize();
+        $tokenData['canDelete'] = true;
+        $tokenData['canRename'] = true;
+
+        $this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), ['name' => $deviceToken->getName()]);
+
+        return new JSONResponse([
+            'token' => $token,
+            'loginName' => $loginName,
+            'deviceToken' => $tokenData,
+        ]);
+    }
+
+    /**
+     * @return JSONResponse
+     */
+    private function getServiceNotAvailableResponse() {
+        $resp = new JSONResponse();
+        $resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
+        return $resp;
+    }
+
+    /**
+     * Return a 25 digit device password
+     *
+     * Example: AbCdE-fGhJk-MnPqR-sTwXy-23456
+     *
+     * @return string
+     */
+    private function generateRandomDeviceToken() {
+        $groups = [];
+        for ($i = 0; $i < 5; $i++) {
+            $groups[] = $this->random->generate(5, ISecureRandom::CHAR_HUMAN_READABLE);
+        }
+        return implode('-', $groups);
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     *
+     * @param int $id
+     * @return array|JSONResponse
+     */
+    public function destroy($id) {
+        try {
+            $token = $this->findTokenByIdAndUser($id);
+        } catch (InvalidTokenException $e) {
+            return new JSONResponse([], Http::STATUS_NOT_FOUND);
+        }
+
+        $this->tokenProvider->invalidateTokenById($this->uid, $token->getId());
+        $this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), ['name' => $token->getName()]);
+        return [];
+    }
+
+    /**
+     * @NoAdminRequired
+     * @NoSubadminRequired
+     *
+     * @param int $id
+     * @param array $scope
+     * @param string $name
+     * @return array|JSONResponse
+     */
+    public function update($id, array $scope, string $name) {
+        try {
+            $token = $this->findTokenByIdAndUser($id);
+        } catch (InvalidTokenException $e) {
+            return new JSONResponse([], Http::STATUS_NOT_FOUND);
+        }
+
+        $currentName = $token->getName();
+
+        if ($scope !== $token->getScopeAsArray()) {
+            $token->setScope(['filesystem' => $scope['filesystem']]);
+            $this->publishActivity($scope['filesystem'] ? Provider::APP_TOKEN_FILESYSTEM_GRANTED : Provider::APP_TOKEN_FILESYSTEM_REVOKED, $token->getId(), ['name' => $currentName]);
+        }
+
+        if ($token instanceof INamedToken && $name !== $currentName) {
+            $token->setName($name);
+            $this->publishActivity(Provider::APP_TOKEN_RENAMED, $token->getId(), ['name' => $currentName, 'newName' => $name]);
+        }
+
+        $this->tokenProvider->updateToken($token);
+        return [];
+    }
+
+    /**
+     * @param string $subject
+     * @param int $id
+     * @param array $parameters
+     */
+    private function publishActivity(string $subject, int $id, array $parameters = []): void {
+        $event = $this->activityManager->generateEvent();
+        $event->setApp('settings')
+            ->setType('security')
+            ->setAffectedUser($this->uid)
+            ->setAuthor($this->uid)
+            ->setSubject($subject, $parameters)
+            ->setObject('app_token', $id, 'App Password');
+
+        try {
+            $this->activityManager->publish($event);
+        } catch (BadMethodCallException $e) {
+            $this->logger->warning('could not publish activity');
+            $this->logger->logException($e);
+        }
+    }
+
+    /**
+     * Find a token by given id and check if uid for current session belongs to this token
+     *
+     * @param int $id
+     * @return IToken
+     * @throws InvalidTokenException
+     * @throws \OC\Authentication\Exceptions\ExpiredTokenException
+     */
+    private function findTokenByIdAndUser(int $id): IToken {
+        $token = $this->tokenProvider->getTokenById($id);
+        if ($token->getUID() !== $this->uid) {
+            throw new InvalidTokenException('This token does not belong to you!');
+        }
+        return $token;
+    }
 }

Please login to merge, or discard this patch.

		@@ -139,12 +139,12 @@ discard block
		block discarded – undo
139	139	}
140	140
141	141	return [
142		- 'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) {
	142	+ 'providers' => array_map(function(IProvidesPersonalSettings $provider) use ($user) {
143	143	return [
144	144	'provider' => $provider,
145	145	'settings' => $provider->getPersonalSettings($user)
146	146	];
147		- }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) {
	147	+ }, array_filter($this->providerLoader->getProviders($user), function(IProvider $provider) {
148	148	return $provider instanceof IProvidesPersonalSettings;
149	149	}))
150	150	];
		@@ -164,7 +164,7 @@ discard block
		block discarded – undo
164	164	return [];
165	165	}
166	166
167		- return array_map(function (IToken $token) use ($sessionToken) {
	167	+ return array_map(function(IToken $token) use ($sessionToken) {
168	168	$data = $token->jsonSerialize();
169	169	$data['canDelete'] = true;
170	170	$data['canRename'] = $token instanceof INamedToken;

		@@ -45,136 +45,136 @@
		block discarded – undo
45	45
46	46	class Security implements ISettings {
47	47
48		- /** @var IUserManager */
49		- private $userManager;
50		-
51		- /** @var TwoFactorManager */
52		- private $twoFactorManager;
53		-
54		- /** @var IAuthTokenProvider */
55		- private $tokenProvider;
56		-
57		- /** @var ProviderLoader */
58		- private $providerLoader;
59		-
60		- /** @var IUserSession */
61		- private $userSession;
62		-
63		- /** @var ISession */
64		- private $session;
65		-
66		- /** @var IInitialStateService */
67		- private $initialStateService;
68		- /**
69		- * @var string\|null
70		- */
71		- private $uid;
72		-
73		- public function __construct(IUserManager $userManager,
74		- TwoFactorManager $providerManager,
75		- IAuthTokenProvider $tokenProvider,
76		- ProviderLoader $providerLoader,
77		- IUserSession $userSession,
78		- ISession $session,
79		- IInitialStateService $initialStateService,
80		- ?string $UserId) {
81		- $this->userManager = $userManager;
82		- $this->twoFactorManager = $providerManager;
83		- $this->tokenProvider = $tokenProvider;
84		- $this->providerLoader = $providerLoader;
85		- $this->userSession = $userSession;
86		- $this->session = $session;
87		- $this->initialStateService = $initialStateService;
88		- $this->uid = $UserId;
89		- }
90		-
91		- /**
92		- * @return TemplateResponse returns the instance with all parameters set, ready to be rendered
93		- * @since 9.1
94		- */
95		- public function getForm() {
96		- $user = $this->userManager->get($this->uid);
97		- $passwordChangeSupported = false;
98		- if ($user !== null) {
99		- $passwordChangeSupported = $user->canChangePassword();
100		- }
101		-
102		- $this->initialStateService->provideInitialState(
103		- 'settings',
104		- 'app_tokens',
105		- $this->getAppTokens()
106		- );
107		-
108		- return new TemplateResponse('settings', 'settings/personal/security', [
109		- 'passwordChangeSupported' => $passwordChangeSupported,
110		- 'twoFactorProviderData' => $this->getTwoFactorProviderData(),
111		- ]);
112		- }
113		-
114		- /**
115		- * @return string the section ID, e.g. 'sharing'
116		- * @since 9.1
117		- */
118		- public function getSection() {
119		- return 'security';
120		- }
121		-
122		- /**
123		- * @return int whether the form should be rather on the top or bottom of
124		- * the admin section. The forms are arranged in ascending order of the
125		- * priority values. It is required to return a value between 0 and 100.
126		- *
127		- * E.g.: 70
128		- * @since 9.1
129		- */
130		- public function getPriority() {
131		- return 10;
132		- }
133		-
134		- private function getTwoFactorProviderData(): array {
135		- $user = $this->userSession->getUser();
136		- if (is_null($user)) {
137		- // Actually impossible, but still …
138		- return [];
139		- }
140		-
141		- return [
142		- 'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) {
143		- return [
144		- 'provider' => $provider,
145		- 'settings' => $provider->getPersonalSettings($user)
146		- ];
147		- }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) {
148		- return $provider instanceof IProvidesPersonalSettings;
149		- }))
150		- ];
151		- }
152		-
153		- private function getAppTokens(): array {
154		- $tokens = $this->tokenProvider->getTokenByUser($this->uid);
155		-
156		- try {
157		- $sessionId = $this->session->getId();
158		- } catch (SessionNotAvailableException $ex) {
159		- return [];
160		- }
161		- try {
162		- $sessionToken = $this->tokenProvider->getToken($sessionId);
163		- } catch (InvalidTokenException $ex) {
164		- return [];
165		- }
166		-
167		- return array_map(function (IToken $token) use ($sessionToken) {
168		- $data = $token->jsonSerialize();
169		- $data['canDelete'] = true;
170		- $data['canRename'] = $token instanceof INamedToken;
171		- if ($sessionToken->getId() === $token->getId()) {
172		- $data['canDelete'] = false;
173		- $data['canRename'] = false;
174		- $data['current'] = true;
175		- }
176		- return $data;
177		- }, $tokens);
178		- }
	48	+ /** @var IUserManager */
	49	+ private $userManager;
	50	+
	51	+ /** @var TwoFactorManager */
	52	+ private $twoFactorManager;
	53	+
	54	+ /** @var IAuthTokenProvider */
	55	+ private $tokenProvider;
	56	+
	57	+ /** @var ProviderLoader */
	58	+ private $providerLoader;
	59	+
	60	+ /** @var IUserSession */
	61	+ private $userSession;
	62	+
	63	+ /** @var ISession */
	64	+ private $session;
	65	+
	66	+ /** @var IInitialStateService */
	67	+ private $initialStateService;
	68	+ /**
	69	+ * @var string\|null
	70	+ */
	71	+ private $uid;
	72	+
	73	+ public function __construct(IUserManager $userManager,
	74	+ TwoFactorManager $providerManager,
	75	+ IAuthTokenProvider $tokenProvider,
	76	+ ProviderLoader $providerLoader,
	77	+ IUserSession $userSession,
	78	+ ISession $session,
	79	+ IInitialStateService $initialStateService,
	80	+ ?string $UserId) {
	81	+ $this->userManager = $userManager;
	82	+ $this->twoFactorManager = $providerManager;
	83	+ $this->tokenProvider = $tokenProvider;
	84	+ $this->providerLoader = $providerLoader;
	85	+ $this->userSession = $userSession;
	86	+ $this->session = $session;
	87	+ $this->initialStateService = $initialStateService;
	88	+ $this->uid = $UserId;
	89	+ }
	90	+
	91	+ /**
	92	+ * @return TemplateResponse returns the instance with all parameters set, ready to be rendered
	93	+ * @since 9.1
	94	+ */
	95	+ public function getForm() {
	96	+ $user = $this->userManager->get($this->uid);
	97	+ $passwordChangeSupported = false;
	98	+ if ($user !== null) {
	99	+ $passwordChangeSupported = $user->canChangePassword();
	100	+ }
	101	+
	102	+ $this->initialStateService->provideInitialState(
	103	+ 'settings',
	104	+ 'app_tokens',
	105	+ $this->getAppTokens()
	106	+ );
	107	+
	108	+ return new TemplateResponse('settings', 'settings/personal/security', [
	109	+ 'passwordChangeSupported' => $passwordChangeSupported,
	110	+ 'twoFactorProviderData' => $this->getTwoFactorProviderData(),
	111	+ ]);
	112	+ }
	113	+
	114	+ /**
	115	+ * @return string the section ID, e.g. 'sharing'
	116	+ * @since 9.1
	117	+ */
	118	+ public function getSection() {
	119	+ return 'security';
	120	+ }
	121	+
	122	+ /**
	123	+ * @return int whether the form should be rather on the top or bottom of
	124	+ * the admin section. The forms are arranged in ascending order of the
	125	+ * priority values. It is required to return a value between 0 and 100.
	126	+ *
	127	+ * E.g.: 70
	128	+ * @since 9.1
	129	+ */
	130	+ public function getPriority() {
	131	+ return 10;
	132	+ }
	133	+
	134	+ private function getTwoFactorProviderData(): array {
	135	+ $user = $this->userSession->getUser();
	136	+ if (is_null($user)) {
	137	+ // Actually impossible, but still …
	138	+ return [];
	139	+ }
	140	+
	141	+ return [
	142	+ 'providers' => array_map(function (IProvidesPersonalSettings $provider) use ($user) {
	143	+ return [
	144	+ 'provider' => $provider,
	145	+ 'settings' => $provider->getPersonalSettings($user)
	146	+ ];
	147	+ }, array_filter($this->providerLoader->getProviders($user), function (IProvider $provider) {
	148	+ return $provider instanceof IProvidesPersonalSettings;
	149	+ }))
	150	+ ];
	151	+ }
	152	+
	153	+ private function getAppTokens(): array {
	154	+ $tokens = $this->tokenProvider->getTokenByUser($this->uid);
	155	+
	156	+ try {
	157	+ $sessionId = $this->session->getId();
	158	+ } catch (SessionNotAvailableException $ex) {
	159	+ return [];
	160	+ }
	161	+ try {
	162	+ $sessionToken = $this->tokenProvider->getToken($sessionId);
	163	+ } catch (InvalidTokenException $ex) {
	164	+ return [];
	165	+ }
	166	+
	167	+ return array_map(function (IToken $token) use ($sessionToken) {
	168	+ $data = $token->jsonSerialize();
	169	+ $data['canDelete'] = true;
	170	+ $data['canRename'] = $token instanceof INamedToken;
	171	+ if ($sessionToken->getId() === $token->getId()) {
	172	+ $data['canDelete'] = false;
	173	+ $data['canRename'] = false;
	174	+ $data['current'] = true;
	175	+ }
	176	+ return $data;
	177	+ }, $tokens);
	178	+ }
179	179
180	180	}

		@@ -47,203 +47,203 @@
		block discarded – undo
47	47
48	48	class AuthSettingsController extends Controller {
49	49
50		- /** @var IProvider */
51		- private $tokenProvider;
52		-
53		- /** @var ISession */
54		- private $session;
55		-
56		- /** @var string */
57		- private $uid;
58		-
59		- /** @var ISecureRandom */
60		- private $random;
61		-
62		- /** @var IManager */
63		- private $activityManager;
64		-
65		- /** @var ILogger */
66		- private $logger;
67		-
68		- /**
69		- * @param string $appName
70		- * @param IRequest $request
71		- * @param IProvider $tokenProvider
72		- * @param ISession $session
73		- * @param ISecureRandom $random
74		- * @param string\|null $userId
75		- * @param IManager $activityManager
76		- * @param ILogger $logger
77		- */
78		- public function __construct(string $appName,
79		- IRequest $request,
80		- IProvider $tokenProvider,
81		- ISession $session,
82		- ISecureRandom $random,
83		- ?string $userId,
84		- IManager $activityManager,
85		- ILogger $logger) {
86		- parent::__construct($appName, $request);
87		- $this->tokenProvider = $tokenProvider;
88		- $this->uid = $userId;
89		- $this->session = $session;
90		- $this->random = $random;
91		- $this->activityManager = $activityManager;
92		- $this->logger = $logger;
93		- }
94		-
95		- /**
96		- * @NoAdminRequired
97		- * @NoSubadminRequired
98		- * @PasswordConfirmationRequired
99		- *
100		- * @param string $name
101		- * @return JSONResponse
102		- */
103		- public function create($name) {
104		- try {
105		- $sessionId = $this->session->getId();
106		- } catch (SessionNotAvailableException $ex) {
107		- return $this->getServiceNotAvailableResponse();
108		- }
109		-
110		- try {
111		- $sessionToken = $this->tokenProvider->getToken($sessionId);
112		- $loginName = $sessionToken->getLoginName();
113		- try {
114		- $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
115		- } catch (PasswordlessTokenException $ex) {
116		- $password = null;
117		- }
118		- } catch (InvalidTokenException $ex) {
119		- return $this->getServiceNotAvailableResponse();
120		- }
121		-
122		- $token = $this->generateRandomDeviceToken();
123		- $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
124		- $tokenData = $deviceToken->jsonSerialize();
125		- $tokenData['canDelete'] = true;
126		- $tokenData['canRename'] = true;
127		-
128		- $this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), ['name' => $deviceToken->getName()]);
129		-
130		- return new JSONResponse([
131		- 'token' => $token,
132		- 'loginName' => $loginName,
133		- 'deviceToken' => $tokenData,
134		- ]);
135		- }
136		-
137		- /**
138		- * @return JSONResponse
139		- */
140		- private function getServiceNotAvailableResponse() {
141		- $resp = new JSONResponse();
142		- $resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
143		- return $resp;
144		- }
145		-
146		- /**
147		- * Return a 25 digit device password
148		- *
149		- * Example: AbCdE-fGhJk-MnPqR-sTwXy-23456
150		- *
151		- * @return string
152		- */
153		- private function generateRandomDeviceToken() {
154		- $groups = [];
155		- for ($i = 0; $i < 5; $i++) {
156		- $groups[] = $this->random->generate(5, ISecureRandom::CHAR_HUMAN_READABLE);
157		- }
158		- return implode('-', $groups);
159		- }
160		-
161		- /**
162		- * @NoAdminRequired
163		- * @NoSubadminRequired
164		- *
165		- * @param int $id
166		- * @return array\|JSONResponse
167		- */
168		- public function destroy($id) {
169		- try {
170		- $token = $this->findTokenByIdAndUser($id);
171		- } catch (InvalidTokenException $e) {
172		- return new JSONResponse([], Http::STATUS_NOT_FOUND);
173		- }
174		-
175		- $this->tokenProvider->invalidateTokenById($this->uid, $token->getId());
176		- $this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), ['name' => $token->getName()]);
177		- return [];
178		- }
179		-
180		- /**
181		- * @NoAdminRequired
182		- * @NoSubadminRequired
183		- *
184		- * @param int $id
185		- * @param array $scope
186		- * @param string $name
187		- * @return array\|JSONResponse
188		- */
189		- public function update($id, array $scope, string $name) {
190		- try {
191		- $token = $this->findTokenByIdAndUser($id);
192		- } catch (InvalidTokenException $e) {
193		- return new JSONResponse([], Http::STATUS_NOT_FOUND);
194		- }
195		-
196		- $currentName = $token->getName();
197		-
198		- if ($scope !== $token->getScopeAsArray()) {
199		- $token->setScope(['filesystem' => $scope['filesystem']]);
200		- $this->publishActivity($scope['filesystem'] ? Provider::APP_TOKEN_FILESYSTEM_GRANTED : Provider::APP_TOKEN_FILESYSTEM_REVOKED, $token->getId(), ['name' => $currentName]);
201		- }
202		-
203		- if ($token instanceof INamedToken && $name !== $currentName) {
204		- $token->setName($name);
205		- $this->publishActivity(Provider::APP_TOKEN_RENAMED, $token->getId(), ['name' => $currentName, 'newName' => $name]);
206		- }
207		-
208		- $this->tokenProvider->updateToken($token);
209		- return [];
210		- }
211		-
212		- /**
213		- * @param string $subject
214		- * @param int $id
215		- * @param array $parameters
216		- */
217		- private function publishActivity(string $subject, int $id, array $parameters = []): void {
218		- $event = $this->activityManager->generateEvent();
219		- $event->setApp('settings')
220		- ->setType('security')
221		- ->setAffectedUser($this->uid)
222		- ->setAuthor($this->uid)
223		- ->setSubject($subject, $parameters)
224		- ->setObject('app_token', $id, 'App Password');
225		-
226		- try {
227		- $this->activityManager->publish($event);
228		- } catch (BadMethodCallException $e) {
229		- $this->logger->warning('could not publish activity');
230		- $this->logger->logException($e);
231		- }
232		- }
233		-
234		- /**
235		- * Find a token by given id and check if uid for current session belongs to this token
236		- *
237		- * @param int $id
238		- * @return IToken
239		- * @throws InvalidTokenException
240		- * @throws \OC\Authentication\Exceptions\ExpiredTokenException
241		- */
242		- private function findTokenByIdAndUser(int $id): IToken {
243		- $token = $this->tokenProvider->getTokenById($id);
244		- if ($token->getUID() !== $this->uid) {
245		- throw new InvalidTokenException('This token does not belong to you!');
246		- }
247		- return $token;
248		- }
	50	+ /** @var IProvider */
	51	+ private $tokenProvider;
	52	+
	53	+ /** @var ISession */
	54	+ private $session;
	55	+
	56	+ /** @var string */
	57	+ private $uid;
	58	+
	59	+ /** @var ISecureRandom */
	60	+ private $random;
	61	+
	62	+ /** @var IManager */
	63	+ private $activityManager;
	64	+
	65	+ /** @var ILogger */
	66	+ private $logger;
	67	+
	68	+ /**
	69	+ * @param string $appName
	70	+ * @param IRequest $request
	71	+ * @param IProvider $tokenProvider
	72	+ * @param ISession $session
	73	+ * @param ISecureRandom $random
	74	+ * @param string\|null $userId
	75	+ * @param IManager $activityManager
	76	+ * @param ILogger $logger
	77	+ */
	78	+ public function __construct(string $appName,
	79	+ IRequest $request,
	80	+ IProvider $tokenProvider,
	81	+ ISession $session,
	82	+ ISecureRandom $random,
	83	+ ?string $userId,
	84	+ IManager $activityManager,
	85	+ ILogger $logger) {
	86	+ parent::__construct($appName, $request);
	87	+ $this->tokenProvider = $tokenProvider;
	88	+ $this->uid = $userId;
	89	+ $this->session = $session;
	90	+ $this->random = $random;
	91	+ $this->activityManager = $activityManager;
	92	+ $this->logger = $logger;
	93	+ }
	94	+
	95	+ /**
	96	+ * @NoAdminRequired
	97	+ * @NoSubadminRequired
	98	+ * @PasswordConfirmationRequired
	99	+ *
	100	+ * @param string $name
	101	+ * @return JSONResponse
	102	+ */
	103	+ public function create($name) {
	104	+ try {
	105	+ $sessionId = $this->session->getId();
	106	+ } catch (SessionNotAvailableException $ex) {
	107	+ return $this->getServiceNotAvailableResponse();
	108	+ }
	109	+
	110	+ try {
	111	+ $sessionToken = $this->tokenProvider->getToken($sessionId);
	112	+ $loginName = $sessionToken->getLoginName();
	113	+ try {
	114	+ $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
	115	+ } catch (PasswordlessTokenException $ex) {
	116	+ $password = null;
	117	+ }
	118	+ } catch (InvalidTokenException $ex) {
	119	+ return $this->getServiceNotAvailableResponse();
	120	+ }
	121	+
	122	+ $token = $this->generateRandomDeviceToken();
	123	+ $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
	124	+ $tokenData = $deviceToken->jsonSerialize();
	125	+ $tokenData['canDelete'] = true;
	126	+ $tokenData['canRename'] = true;
	127	+
	128	+ $this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), ['name' => $deviceToken->getName()]);
	129	+
	130	+ return new JSONResponse([
	131	+ 'token' => $token,
	132	+ 'loginName' => $loginName,
	133	+ 'deviceToken' => $tokenData,
	134	+ ]);
	135	+ }
	136	+
	137	+ /**
	138	+ * @return JSONResponse
	139	+ */
	140	+ private function getServiceNotAvailableResponse() {
	141	+ $resp = new JSONResponse();
	142	+ $resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
	143	+ return $resp;
	144	+ }
	145	+
	146	+ /**
	147	+ * Return a 25 digit device password
	148	+ *
	149	+ * Example: AbCdE-fGhJk-MnPqR-sTwXy-23456
	150	+ *
	151	+ * @return string
	152	+ */
	153	+ private function generateRandomDeviceToken() {
	154	+ $groups = [];
	155	+ for ($i = 0; $i < 5; $i++) {
	156	+ $groups[] = $this->random->generate(5, ISecureRandom::CHAR_HUMAN_READABLE);
	157	+ }
	158	+ return implode('-', $groups);
	159	+ }
	160	+
	161	+ /**
	162	+ * @NoAdminRequired
	163	+ * @NoSubadminRequired
	164	+ *
	165	+ * @param int $id
	166	+ * @return array\|JSONResponse
	167	+ */
	168	+ public function destroy($id) {
	169	+ try {
	170	+ $token = $this->findTokenByIdAndUser($id);
	171	+ } catch (InvalidTokenException $e) {
	172	+ return new JSONResponse([], Http::STATUS_NOT_FOUND);
	173	+ }
	174	+
	175	+ $this->tokenProvider->invalidateTokenById($this->uid, $token->getId());
	176	+ $this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), ['name' => $token->getName()]);
	177	+ return [];
	178	+ }
	179	+
	180	+ /**
	181	+ * @NoAdminRequired
	182	+ * @NoSubadminRequired
	183	+ *
	184	+ * @param int $id
	185	+ * @param array $scope
	186	+ * @param string $name
	187	+ * @return array\|JSONResponse
	188	+ */
	189	+ public function update($id, array $scope, string $name) {
	190	+ try {
	191	+ $token = $this->findTokenByIdAndUser($id);
	192	+ } catch (InvalidTokenException $e) {
	193	+ return new JSONResponse([], Http::STATUS_NOT_FOUND);
	194	+ }
	195	+
	196	+ $currentName = $token->getName();
	197	+
	198	+ if ($scope !== $token->getScopeAsArray()) {
	199	+ $token->setScope(['filesystem' => $scope['filesystem']]);
	200	+ $this->publishActivity($scope['filesystem'] ? Provider::APP_TOKEN_FILESYSTEM_GRANTED : Provider::APP_TOKEN_FILESYSTEM_REVOKED, $token->getId(), ['name' => $currentName]);
	201	+ }
	202	+
	203	+ if ($token instanceof INamedToken && $name !== $currentName) {
	204	+ $token->setName($name);
	205	+ $this->publishActivity(Provider::APP_TOKEN_RENAMED, $token->getId(), ['name' => $currentName, 'newName' => $name]);
	206	+ }
	207	+
	208	+ $this->tokenProvider->updateToken($token);
	209	+ return [];
	210	+ }
	211	+
	212	+ /**
	213	+ * @param string $subject
	214	+ * @param int $id
	215	+ * @param array $parameters
	216	+ */
	217	+ private function publishActivity(string $subject, int $id, array $parameters = []): void {
	218	+ $event = $this->activityManager->generateEvent();
	219	+ $event->setApp('settings')
	220	+ ->setType('security')
	221	+ ->setAffectedUser($this->uid)
	222	+ ->setAuthor($this->uid)
	223	+ ->setSubject($subject, $parameters)
	224	+ ->setObject('app_token', $id, 'App Password');
	225	+
	226	+ try {
	227	+ $this->activityManager->publish($event);
	228	+ } catch (BadMethodCallException $e) {
	229	+ $this->logger->warning('could not publish activity');
	230	+ $this->logger->logException($e);
	231	+ }
	232	+ }
	233	+
	234	+ /**
	235	+ * Find a token by given id and check if uid for current session belongs to this token
	236	+ *
	237	+ * @param int $id
	238	+ * @return IToken
	239	+ * @throws InvalidTokenException
	240	+ * @throws \OC\Authentication\Exceptions\ExpiredTokenException
	241	+ */
	242	+ private function findTokenByIdAndUser(int $id): IToken {
	243	+ $token = $this->tokenProvider->getTokenById($id);
	244	+ if ($token->getUID() !== $this->uid) {
	245	+ throw new InvalidTokenException('This token does not belong to you!');
	246	+ }
	247	+ return $token;
	248	+ }
249	249	}

nextcloud / server

Push — master ( ba155a...1cfa87 )

Status

Category

Indentation +131 added lines, -131 removed lines patch added patch discarded remove patch

Spacing +3 added lines, -3 removed lines patch added patch discarded remove patch

Indentation +199 added lines, -199 removed lines patch added patch discarded remove patch