Inspection of "Merge pull request #26681 from nextcloud/techdebt/..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( bb40e6...385330 )

by Julius

created 2021-07-01 06:35 UTC

Status

Indentation +45 added lines, -45 removed lines patch added patch discarded remove patch

@@ -31,59 +31,59 @@
 block discarded – undo
 require_once __DIR__ . '/lib/versioncheck.php';
 
 try {
-	require_once __DIR__ . '/lib/base.php';
+    require_once __DIR__ . '/lib/base.php';
 
-	OC::handleRequest();
+    OC::handleRequest();
 } catch (\OC\ServiceUnavailableException $ex) {
-	\OC::$server->getLogger()->logException($ex, ['app' => 'index']);
+    \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
 
-	//show the user a detailed error page
-	OC_Template::printExceptionErrorPage($ex, 503);
+    //show the user a detailed error page
+    OC_Template::printExceptionErrorPage($ex, 503);
 } catch (\OCP\HintException $ex) {
-	try {
-		OC_Template::printErrorPage($ex->getMessage(), $ex->getHint(), 503);
-	} catch (Exception $ex2) {
-		try {
-			\OC::$server->getLogger()->logException($ex, ['app' => 'index']);
-			\OC::$server->getLogger()->logException($ex2, ['app' => 'index']);
-		} catch (Throwable $e) {
-			// no way to log it properly - but to avoid a white page of death we try harder and ignore this one here
-		}
+    try {
+        OC_Template::printErrorPage($ex->getMessage(), $ex->getHint(), 503);
+    } catch (Exception $ex2) {
+        try {
+            \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
+            \OC::$server->getLogger()->logException($ex2, ['app' => 'index']);
+        } catch (Throwable $e) {
+            // no way to log it properly - but to avoid a white page of death we try harder and ignore this one here
+        }
 
-		//show the user a detailed error page
-		OC_Template::printExceptionErrorPage($ex, 500);
-	}
+        //show the user a detailed error page
+        OC_Template::printExceptionErrorPage($ex, 500);
+    }
 } catch (\OC\User\LoginException $ex) {
-	$request = \OC::$server->getRequest();
-	/**
-	 * Routes with the @CORS annotation and other API endpoints should
-	 * not return a webpage, so we only print the error page when html is accepted,
-	 * otherwise we reply with a JSON array like the SecurityMiddleware would do.
-	 */
-	if (stripos($request->getHeader('Accept'),'html') === false) {
-		http_response_code(401);
-		header('Content-Type: application/json; charset=utf-8');
-		echo json_encode(['message' => $ex->getMessage()]);
-		exit();
-	}
-	OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 401);
+    $request = \OC::$server->getRequest();
+    /**
+     * Routes with the @CORS annotation and other API endpoints should
+     * not return a webpage, so we only print the error page when html is accepted,
+     * otherwise we reply with a JSON array like the SecurityMiddleware would do.
+     */
+    if (stripos($request->getHeader('Accept'),'html') === false) {
+        http_response_code(401);
+        header('Content-Type: application/json; charset=utf-8');
+        echo json_encode(['message' => $ex->getMessage()]);
+        exit();
+    }
+    OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 401);
 } catch (Exception $ex) {
-	\OC::$server->getLogger()->logException($ex, ['app' => 'index']);
+    \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
 
-	//show the user a detailed error page
-	OC_Template::printExceptionErrorPage($ex, 500);
+    //show the user a detailed error page
+    OC_Template::printExceptionErrorPage($ex, 500);
 } catch (Error $ex) {
-	try {
-		\OC::$server->getLogger()->logException($ex, ['app' => 'index']);
-	} catch (Error $e) {
-		http_response_code(500);
-		header('Content-Type: text/plain; charset=utf-8');
-		print("Internal Server Error\n\n");
-		print("The server encountered an internal error and was unable to complete your request.\n");
-		print("Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n");
-		print("More details can be found in the webserver log.\n");
+    try {
+        \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
+    } catch (Error $e) {
+        http_response_code(500);
+        header('Content-Type: text/plain; charset=utf-8');
+        print("Internal Server Error\n\n");
+        print("The server encountered an internal error and was unable to complete your request.\n");
+        print("Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n");
+        print("More details can be found in the webserver log.\n");
 
-		throw $ex;
-	}
-	OC_Template::printExceptionErrorPage($ex, 500);
+        throw $ex;
+    }
+    OC_Template::printExceptionErrorPage($ex, 500);
 }

Please login to merge, or discard this patch.

lib/public/HintException.php 1 patch

Indentation +42 added lines, -42 removed lines patch added patch discarded remove patch

@@ -34,49 +34,49 @@
 block discarded – undo
  * @since 23.0.0
  */
 class HintException extends \Exception {
-	private $hint;
+    private $hint;
 
-	/**
-	 * HintException constructor.
-	 *
-	 * @since 23.0.0
-	 * @param string $message  The error message. It will be not revealed to the
-	 *                         the user (unless the hint is empty) and thus
-	 *                         should be not translated.
-	 * @param string $hint     A useful message that is presented to the end
-	 *                         user. It should be translated, but must not
-	 *                         contain sensitive data.
-	 * @param int $code
-	 * @param \Exception|null $previous
-	 */
-	public function __construct($message, $hint = '', $code = 0, \Exception $previous = null) {
-		$this->hint = $hint;
-		parent::__construct($message, $code, $previous);
-	}
+    /**
+     * HintException constructor.
+     *
+     * @since 23.0.0
+     * @param string $message  The error message. It will be not revealed to the
+     *                         the user (unless the hint is empty) and thus
+     *                         should be not translated.
+     * @param string $hint     A useful message that is presented to the end
+     *                         user. It should be translated, but must not
+     *                         contain sensitive data.
+     * @param int $code
+     * @param \Exception|null $previous
+     */
+    public function __construct($message, $hint = '', $code = 0, \Exception $previous = null) {
+        $this->hint = $hint;
+        parent::__construct($message, $code, $previous);
+    }
 
-	/**
-	 * Returns a string representation of this Exception that includes the error
-	 * code, the message and the hint.
-	 *
-	 * @since 23.0.0
-	 * @return string
-	 */
-	public function __toString(): string {
-		return __CLASS__ . ": [{$this->code}]: {$this->message} ({$this->hint})\n";
-	}
+    /**
+     * Returns a string representation of this Exception that includes the error
+     * code, the message and the hint.
+     *
+     * @since 23.0.0
+     * @return string
+     */
+    public function __toString(): string {
+        return __CLASS__ . ": [{$this->code}]: {$this->message} ({$this->hint})\n";
+    }
 
-	/**
-	 * Returns the hint with the intention to be presented to the end user. If
-	 * an empty hint was specified upon instatiation, the message is returned
-	 * instead.
-	 *
-	 * @since 23.0.0
-	 * @return string
-	 */
-	public function getHint(): string {
-		if (empty($this->hint)) {
-			return $this->message;
-		}
-		return $this->hint;
-	}
+    /**
+     * Returns the hint with the intention to be presented to the end user. If
+     * an empty hint was specified upon instatiation, the message is returned
+     * instead.
+     *
+     * @since 23.0.0
+     * @return string
+     */
+    public function getHint(): string {
+        if (empty($this->hint)) {
+            return $this->message;
+        }
+        return $this->hint;
+    }
 }

Please login to merge, or discard this patch.

lib/private/AppFramework/App.php 1 patch

Indentation +177 added lines, -177 removed lines patch added patch discarded remove patch

@@ -49,186 +49,186 @@
 block discarded – undo
  */
 class App {
 
-	/** @var string[] */
-	private static $nameSpaceCache = [];
-
-	/**
-	 * Turns an app id into a namespace by either reading the appinfo.xml's
-	 * namespace tag or uppercasing the appid's first letter
-	 * @param string $appId the app id
-	 * @param string $topNamespace the namespace which should be prepended to
-	 * the transformed app id, defaults to OCA\
-	 * @return string the starting namespace for the app
-	 */
-	public static function buildAppNamespace(string $appId, string $topNamespace = 'OCA\\'): string {
-		// Hit the cache!
-		if (isset(self::$nameSpaceCache[$appId])) {
-			return $topNamespace . self::$nameSpaceCache[$appId];
-		}
-
-		$appInfo = \OC_App::getAppInfo($appId);
-		if (isset($appInfo['namespace'])) {
-			self::$nameSpaceCache[$appId] = trim($appInfo['namespace']);
-		} else {
-			if ($appId !== 'spreed') {
-				// if the tag is not found, fall back to uppercasing the first letter
-				self::$nameSpaceCache[$appId] = ucfirst($appId);
-			} else {
-				// For the Talk app (appid spreed) the above fallback doesn't work.
-				// This leads to a problem when trying to install it freshly,
-				// because the apps namespace is already registered before the
-				// app is downloaded from the appstore, because of the hackish
-				// global route index.php/call/{token} which is registered via
-				// the core/routes.php so it does not have the app namespace.
-				// @ref https://github.com/nextcloud/server/pull/19433
-				self::$nameSpaceCache[$appId] = 'Talk';
-			}
-		}
-
-		return $topNamespace . self::$nameSpaceCache[$appId];
-	}
-
-	public static function getAppIdForClass(string $className, string $topNamespace = 'OCA\\'): ?string {
-		if (strpos($className, $topNamespace) !== 0) {
-			return null;
-		}
-
-		foreach (self::$nameSpaceCache as $appId => $namespace) {
-			if (strpos($className, $topNamespace . $namespace . '\\') === 0) {
-				return $appId;
-			}
-		}
-
-		return null;
-	}
-
-
-	/**
-	 * Shortcut for calling a controller method and printing the result
-	 *
-	 * @param string $controllerName the name of the controller under which it is
-	 *                               stored in the DI container
-	 * @param string $methodName the method that you want to call
-	 * @param DIContainer $container an instance of a pimple container.
-	 * @param array $urlParams list of URL parameters (optional)
-	 * @throws HintException
-	 */
-	public static function main(string $controllerName, string $methodName, DIContainer $container, array $urlParams = null) {
-		if (!is_null($urlParams)) {
-			/** @var Request $request */
-			$request = $container->query(IRequest::class);
-			$request->setUrlParameters($urlParams);
-		} elseif (isset($container['urlParams']) && !is_null($container['urlParams'])) {
-			/** @var Request $request */
-			$request = $container->query(IRequest::class);
-			$request->setUrlParameters($container['urlParams']);
-		}
-		$appName = $container['AppName'];
-
-		// first try $controllerName then go for \OCA\AppName\Controller\$controllerName
-		try {
-			$controller = $container->query($controllerName);
-		} catch (QueryException $e) {
-			if (strpos($controllerName, '\\Controller\\') !== false) {
-				// This is from a global registered app route that is not enabled.
-				[/*OC(A)*/, $app, /* Controller/Name*/] = explode('\\', $controllerName, 3);
-				throw new HintException('App ' . strtolower($app) . ' is not enabled');
-			}
-
-			if ($appName === 'core') {
-				$appNameSpace = 'OC\\Core';
-			} else {
-				$appNameSpace = self::buildAppNamespace($appName);
-			}
-			$controllerName = $appNameSpace . '\\Controller\\' . $controllerName;
-			$controller = $container->query($controllerName);
-		}
-
-		// initialize the dispatcher and run all the middleware before the controller
-		/** @var Dispatcher $dispatcher */
-		$dispatcher = $container['Dispatcher'];
-
-		[
-			$httpHeaders,
-			$responseHeaders,
-			$responseCookies,
-			$output,
-			$response
-		] = $dispatcher->dispatch($controller, $methodName);
-
-		$io = $container[IOutput::class];
-
-		if (!is_null($httpHeaders)) {
-			$io->setHeader($httpHeaders);
-		}
-
-		foreach ($responseHeaders as $name => $value) {
-			$io->setHeader($name . ': ' . $value);
-		}
-
-		foreach ($responseCookies as $name => $value) {
-			$expireDate = null;
-			if ($value['expireDate'] instanceof \DateTime) {
-				$expireDate = $value['expireDate']->getTimestamp();
-			}
-			$sameSite = $value['sameSite'] ?? 'Lax';
-
-			$io->setCookie(
-				$name,
-				$value['value'],
-				$expireDate,
-				$container->getServer()->getWebRoot(),
-				null,
-				$container->getServer()->getRequest()->getServerProtocol() === 'https',
-				true,
-				$sameSite
-			);
-		}
-
-		/*
+    /** @var string[] */
+    private static $nameSpaceCache = [];
+
+    /**
+     * Turns an app id into a namespace by either reading the appinfo.xml's
+     * namespace tag or uppercasing the appid's first letter
+     * @param string $appId the app id
+     * @param string $topNamespace the namespace which should be prepended to
+     * the transformed app id, defaults to OCA\
+     * @return string the starting namespace for the app
+     */
+    public static function buildAppNamespace(string $appId, string $topNamespace = 'OCA\\'): string {
+        // Hit the cache!
+        if (isset(self::$nameSpaceCache[$appId])) {
+            return $topNamespace . self::$nameSpaceCache[$appId];
+        }
+
+        $appInfo = \OC_App::getAppInfo($appId);
+        if (isset($appInfo['namespace'])) {
+            self::$nameSpaceCache[$appId] = trim($appInfo['namespace']);
+        } else {
+            if ($appId !== 'spreed') {
+                // if the tag is not found, fall back to uppercasing the first letter
+                self::$nameSpaceCache[$appId] = ucfirst($appId);
+            } else {
+                // For the Talk app (appid spreed) the above fallback doesn't work.
+                // This leads to a problem when trying to install it freshly,
+                // because the apps namespace is already registered before the
+                // app is downloaded from the appstore, because of the hackish
+                // global route index.php/call/{token} which is registered via
+                // the core/routes.php so it does not have the app namespace.
+                // @ref https://github.com/nextcloud/server/pull/19433
+                self::$nameSpaceCache[$appId] = 'Talk';
+            }
+        }
+
+        return $topNamespace . self::$nameSpaceCache[$appId];
+    }
+
+    public static function getAppIdForClass(string $className, string $topNamespace = 'OCA\\'): ?string {
+        if (strpos($className, $topNamespace) !== 0) {
+            return null;
+        }
+
+        foreach (self::$nameSpaceCache as $appId => $namespace) {
+            if (strpos($className, $topNamespace . $namespace . '\\') === 0) {
+                return $appId;
+            }
+        }
+
+        return null;
+    }
+
+
+    /**
+     * Shortcut for calling a controller method and printing the result
+     *
+     * @param string $controllerName the name of the controller under which it is
+     *                               stored in the DI container
+     * @param string $methodName the method that you want to call
+     * @param DIContainer $container an instance of a pimple container.
+     * @param array $urlParams list of URL parameters (optional)
+     * @throws HintException
+     */
+    public static function main(string $controllerName, string $methodName, DIContainer $container, array $urlParams = null) {
+        if (!is_null($urlParams)) {
+            /** @var Request $request */
+            $request = $container->query(IRequest::class);
+            $request->setUrlParameters($urlParams);
+        } elseif (isset($container['urlParams']) && !is_null($container['urlParams'])) {
+            /** @var Request $request */
+            $request = $container->query(IRequest::class);
+            $request->setUrlParameters($container['urlParams']);
+        }
+        $appName = $container['AppName'];
+
+        // first try $controllerName then go for \OCA\AppName\Controller\$controllerName
+        try {
+            $controller = $container->query($controllerName);
+        } catch (QueryException $e) {
+            if (strpos($controllerName, '\\Controller\\') !== false) {
+                // This is from a global registered app route that is not enabled.
+                [/*OC(A)*/, $app, /* Controller/Name*/] = explode('\\', $controllerName, 3);
+                throw new HintException('App ' . strtolower($app) . ' is not enabled');
+            }
+
+            if ($appName === 'core') {
+                $appNameSpace = 'OC\\Core';
+            } else {
+                $appNameSpace = self::buildAppNamespace($appName);
+            }
+            $controllerName = $appNameSpace . '\\Controller\\' . $controllerName;
+            $controller = $container->query($controllerName);
+        }
+
+        // initialize the dispatcher and run all the middleware before the controller
+        /** @var Dispatcher $dispatcher */
+        $dispatcher = $container['Dispatcher'];
+
+        [
+            $httpHeaders,
+            $responseHeaders,
+            $responseCookies,
+            $output,
+            $response
+        ] = $dispatcher->dispatch($controller, $methodName);
+
+        $io = $container[IOutput::class];
+
+        if (!is_null($httpHeaders)) {
+            $io->setHeader($httpHeaders);
+        }
+
+        foreach ($responseHeaders as $name => $value) {
+            $io->setHeader($name . ': ' . $value);
+        }
+
+        foreach ($responseCookies as $name => $value) {
+            $expireDate = null;
+            if ($value['expireDate'] instanceof \DateTime) {
+                $expireDate = $value['expireDate']->getTimestamp();
+            }
+            $sameSite = $value['sameSite'] ?? 'Lax';
+
+            $io->setCookie(
+                $name,
+                $value['value'],
+                $expireDate,
+                $container->getServer()->getWebRoot(),
+                null,
+                $container->getServer()->getRequest()->getServerProtocol() === 'https',
+                true,
+                $sameSite
+            );
+        }
+
+        /*
 		 * Status 204 does not have a body and no Content Length
 		 * Status 304 does not have a body and does not need a Content Length
 		 * https://tools.ietf.org/html/rfc7230#section-3.3
 		 * https://tools.ietf.org/html/rfc7230#section-3.3.2
 		 */
-		$emptyResponse = false;
-		if (preg_match('/^HTTP\/\d\.\d (\d{3}) .*$/', $httpHeaders, $matches)) {
-			$status = (int)$matches[1];
-			if ($status === Http::STATUS_NO_CONTENT || $status === Http::STATUS_NOT_MODIFIED) {
-				$emptyResponse = true;
-			}
-		}
-
-		if (!$emptyResponse) {
-			if ($response instanceof ICallbackResponse) {
-				$response->callback($io);
-			} elseif (!is_null($output)) {
-				$io->setHeader('Content-Length: ' . strlen($output));
-				$io->setOutput($output);
-			}
-		}
-	}
-
-	/**
-	 * Shortcut for calling a controller method and printing the result.
-	 * Similar to App:main except that no headers will be sent.
-	 * This should be used for example when registering sections via
-	 * \OC\AppFramework\Core\API::registerAdmin()
-	 *
-	 * @param string $controllerName the name of the controller under which it is
-	 *                               stored in the DI container
-	 * @param string $methodName the method that you want to call
-	 * @param array $urlParams an array with variables extracted from the routes
-	 * @param DIContainer $container an instance of a pimple container.
-	 */
-	public static function part(string $controllerName, string $methodName, array $urlParams,
-								DIContainer $container) {
-		$container['urlParams'] = $urlParams;
-		$controller = $container[$controllerName];
-
-		$dispatcher = $container['Dispatcher'];
-
-		[, , $output] = $dispatcher->dispatch($controller, $methodName);
-		return $output;
-	}
+        $emptyResponse = false;
+        if (preg_match('/^HTTP\/\d\.\d (\d{3}) .*$/', $httpHeaders, $matches)) {
+            $status = (int)$matches[1];
+            if ($status === Http::STATUS_NO_CONTENT || $status === Http::STATUS_NOT_MODIFIED) {
+                $emptyResponse = true;
+            }
+        }
+
+        if (!$emptyResponse) {
+            if ($response instanceof ICallbackResponse) {
+                $response->callback($io);
+            } elseif (!is_null($output)) {
+                $io->setHeader('Content-Length: ' . strlen($output));
+                $io->setOutput($output);
+            }
+        }
+    }
+
+    /**
+     * Shortcut for calling a controller method and printing the result.
+     * Similar to App:main except that no headers will be sent.
+     * This should be used for example when registering sections via
+     * \OC\AppFramework\Core\API::registerAdmin()
+     *
+     * @param string $controllerName the name of the controller under which it is
+     *                               stored in the DI container
+     * @param string $methodName the method that you want to call
+     * @param array $urlParams an array with variables extracted from the routes
+     * @param DIContainer $container an instance of a pimple container.
+     */
+    public static function part(string $controllerName, string $methodName, array $urlParams,
+                                DIContainer $container) {
+        $container['urlParams'] = $urlParams;
+        $controller = $container[$controllerName];
+
+        $dispatcher = $container['Dispatcher'];
+
+        [, , $output] = $dispatcher->dispatch($controller, $methodName);
+        return $output;
+    }
 }

Please login to merge, or discard this patch.

lib/private/Log/ExceptionSerializer.php 1 patch

Indentation +173 added lines, -173 removed lines patch added patch discarded remove patch

@@ -35,177 +35,177 @@
 block discarded – undo
 use OCP\HintException;
 
 class ExceptionSerializer {
-	public const methodsWithSensitiveParameters = [
-		// Session/User
-		'completeLogin',
-		'login',
-		'checkPassword',
-		'checkPasswordNoLogging',
-		'loginWithPassword',
-		'updatePrivateKeyPassword',
-		'validateUserPass',
-		'loginWithToken',
-		'{closure}',
-		'createSessionToken',
-
-		// Provisioning
-		'addUser',
-
-		// TokenProvider
-		'getToken',
-		'isTokenPassword',
-		'getPassword',
-		'decryptPassword',
-		'logClientIn',
-		'generateToken',
-		'validateToken',
-
-		// TwoFactorAuth
-		'solveChallenge',
-		'verifyChallenge',
-
-		// ICrypto
-		'calculateHMAC',
-		'encrypt',
-		'decrypt',
-
-		// LoginController
-		'tryLogin',
-		'confirmPassword',
-
-		// LDAP
-		'bind',
-		'areCredentialsValid',
-		'invokeLDAPMethod',
-
-		// Encryption
-		'storeKeyPair',
-		'setupUser',
-		'checkSignature',
-
-		// files_external: OCA\Files_External\MountConfig
-		'getBackendStatus',
-
-		// files_external: UserStoragesController
-		'update',
-
-		// Preview providers, don't log big data strings
-		'imagecreatefromstring',
-	];
-
-	/** @var SystemConfig */
-	private $systemConfig;
-
-	public function __construct(SystemConfig $systemConfig) {
-		$this->systemConfig = $systemConfig;
-	}
-
-	public const methodsWithSensitiveParametersByClass = [
-		SetupController::class => [
-			'run',
-			'display',
-			'loadAutoConfig',
-		],
-		Setup::class => [
-			'install'
-		],
-		Key::class => [
-			'__construct'
-		],
-	];
-
-	private function editTrace(array &$sensitiveValues, array $traceLine): array {
-		if (isset($traceLine['args'])) {
-			$sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
-		}
-		$traceLine['args'] = ['*** sensitive parameters replaced ***'];
-		return $traceLine;
-	}
-
-	private function filterTrace(array $trace) {
-		$sensitiveValues = [];
-		$trace = array_map(function (array $traceLine) use (&$sensitiveValues) {
-			$className = $traceLine['class'] ?? '';
-			if ($className && isset(self::methodsWithSensitiveParametersByClass[$className])
-				&& in_array($traceLine['function'], self::methodsWithSensitiveParametersByClass[$className], true)) {
-				return $this->editTrace($sensitiveValues, $traceLine);
-			}
-			foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
-				if (strpos($traceLine['function'], $sensitiveMethod) !== false) {
-					return $this->editTrace($sensitiveValues, $traceLine);
-				}
-			}
-			return $traceLine;
-		}, $trace);
-		return array_map(function (array $traceLine) use ($sensitiveValues) {
-			if (isset($traceLine['args'])) {
-				$traceLine['args'] = $this->removeValuesFromArgs($traceLine['args'], $sensitiveValues);
-			}
-			return $traceLine;
-		}, $trace);
-	}
-
-	private function removeValuesFromArgs($args, $values) {
-		foreach ($args as &$arg) {
-			if (in_array($arg, $values, true)) {
-				$arg = '*** sensitive parameter replaced ***';
-			} elseif (is_array($arg)) {
-				$arg = $this->removeValuesFromArgs($arg, $values);
-			}
-		}
-		return $args;
-	}
-
-	private function encodeTrace($trace) {
-		$filteredTrace = $this->filterTrace($trace);
-		return array_map(function (array $line) {
-			if (isset($line['args'])) {
-				$line['args'] = array_map([$this, 'encodeArg'], $line['args']);
-			}
-			return $line;
-		}, $filteredTrace);
-	}
-
-	private function encodeArg($arg) {
-		if (is_object($arg)) {
-			$data = get_object_vars($arg);
-			$data['__class__'] = get_class($arg);
-			return array_map([$this, 'encodeArg'], $data);
-		}
-
-		if (is_array($arg)) {
-			// Only log the first 5 elements of an array unless we are on debug
-			if ((int)$this->systemConfig->getValue('loglevel', 2) !== 0) {
-				$elemCount = count($arg);
-				if ($elemCount > 5) {
-					$arg = array_slice($arg, 0, 5);
-					$arg[] = 'And ' . ($elemCount - 5) . ' more entries, set log level to debug to see all entries';
-				}
-			}
-			return array_map([$this, 'encodeArg'], $arg);
-		}
-
-		return $arg;
-	}
-
-	public function serializeException(\Throwable $exception) {
-		$data = [
-			'Exception' => get_class($exception),
-			'Message' => $exception->getMessage(),
-			'Code' => $exception->getCode(),
-			'Trace' => $this->encodeTrace($exception->getTrace()),
-			'File' => $exception->getFile(),
-			'Line' => $exception->getLine(),
-		];
-
-		if ($exception instanceof HintException) {
-			$data['Hint'] = $exception->getHint();
-		}
-
-		if ($exception->getPrevious()) {
-			$data['Previous'] = $this->serializeException($exception->getPrevious());
-		}
-
-		return $data;
-	}
+    public const methodsWithSensitiveParameters = [
+        // Session/User
+        'completeLogin',
+        'login',
+        'checkPassword',
+        'checkPasswordNoLogging',
+        'loginWithPassword',
+        'updatePrivateKeyPassword',
+        'validateUserPass',
+        'loginWithToken',
+        '{closure}',
+        'createSessionToken',
+
+        // Provisioning
+        'addUser',
+
+        // TokenProvider
+        'getToken',
+        'isTokenPassword',
+        'getPassword',
+        'decryptPassword',
+        'logClientIn',
+        'generateToken',
+        'validateToken',
+
+        // TwoFactorAuth
+        'solveChallenge',
+        'verifyChallenge',
+
+        // ICrypto
+        'calculateHMAC',
+        'encrypt',
+        'decrypt',
+
+        // LoginController
+        'tryLogin',
+        'confirmPassword',
+
+        // LDAP
+        'bind',
+        'areCredentialsValid',
+        'invokeLDAPMethod',
+
+        // Encryption
+        'storeKeyPair',
+        'setupUser',
+        'checkSignature',
+
+        // files_external: OCA\Files_External\MountConfig
+        'getBackendStatus',
+
+        // files_external: UserStoragesController
+        'update',
+
+        // Preview providers, don't log big data strings
+        'imagecreatefromstring',
+    ];
+
+    /** @var SystemConfig */
+    private $systemConfig;
+
+    public function __construct(SystemConfig $systemConfig) {
+        $this->systemConfig = $systemConfig;
+    }
+
+    public const methodsWithSensitiveParametersByClass = [
+        SetupController::class => [
+            'run',
+            'display',
+            'loadAutoConfig',
+        ],
+        Setup::class => [
+            'install'
+        ],
+        Key::class => [
+            '__construct'
+        ],
+    ];
+
+    private function editTrace(array &$sensitiveValues, array $traceLine): array {
+        if (isset($traceLine['args'])) {
+            $sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
+        }
+        $traceLine['args'] = ['*** sensitive parameters replaced ***'];
+        return $traceLine;
+    }
+
+    private function filterTrace(array $trace) {
+        $sensitiveValues = [];
+        $trace = array_map(function (array $traceLine) use (&$sensitiveValues) {
+            $className = $traceLine['class'] ?? '';
+            if ($className && isset(self::methodsWithSensitiveParametersByClass[$className])
+                && in_array($traceLine['function'], self::methodsWithSensitiveParametersByClass[$className], true)) {
+                return $this->editTrace($sensitiveValues, $traceLine);
+            }
+            foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
+                if (strpos($traceLine['function'], $sensitiveMethod) !== false) {
+                    return $this->editTrace($sensitiveValues, $traceLine);
+                }
+            }
+            return $traceLine;
+        }, $trace);
+        return array_map(function (array $traceLine) use ($sensitiveValues) {
+            if (isset($traceLine['args'])) {
+                $traceLine['args'] = $this->removeValuesFromArgs($traceLine['args'], $sensitiveValues);
+            }
+            return $traceLine;
+        }, $trace);
+    }
+
+    private function removeValuesFromArgs($args, $values) {
+        foreach ($args as &$arg) {
+            if (in_array($arg, $values, true)) {
+                $arg = '*** sensitive parameter replaced ***';
+            } elseif (is_array($arg)) {
+                $arg = $this->removeValuesFromArgs($arg, $values);
+            }
+        }
+        return $args;
+    }
+
+    private function encodeTrace($trace) {
+        $filteredTrace = $this->filterTrace($trace);
+        return array_map(function (array $line) {
+            if (isset($line['args'])) {
+                $line['args'] = array_map([$this, 'encodeArg'], $line['args']);
+            }
+            return $line;
+        }, $filteredTrace);
+    }
+
+    private function encodeArg($arg) {
+        if (is_object($arg)) {
+            $data = get_object_vars($arg);
+            $data['__class__'] = get_class($arg);
+            return array_map([$this, 'encodeArg'], $data);
+        }
+
+        if (is_array($arg)) {
+            // Only log the first 5 elements of an array unless we are on debug
+            if ((int)$this->systemConfig->getValue('loglevel', 2) !== 0) {
+                $elemCount = count($arg);
+                if ($elemCount > 5) {
+                    $arg = array_slice($arg, 0, 5);
+                    $arg[] = 'And ' . ($elemCount - 5) . ' more entries, set log level to debug to see all entries';
+                }
+            }
+            return array_map([$this, 'encodeArg'], $arg);
+        }
+
+        return $arg;
+    }
+
+    public function serializeException(\Throwable $exception) {
+        $data = [
+            'Exception' => get_class($exception),
+            'Message' => $exception->getMessage(),
+            'Code' => $exception->getCode(),
+            'Trace' => $this->encodeTrace($exception->getTrace()),
+            'File' => $exception->getFile(),
+            'Line' => $exception->getLine(),
+        ];
+
+        if ($exception instanceof HintException) {
+            $data['Hint'] = $exception->getHint();
+        }
+
+        if ($exception->getPrevious()) {
+            $data['Previous'] = $this->serializeException($exception->getPrevious());
+        }
+
+        return $data;
+    }
 }

Please login to merge, or discard this patch.

lib/private/Setup.php 1 patch

Indentation +534 added lines, -534 removed lines patch added patch discarded remove patch

@@ -64,538 +64,538 @@
 block discarded – undo
 use Psr\Log\LoggerInterface;
 
 class Setup {
-	/** @var SystemConfig */
-	protected $config;
-	/** @var IniGetWrapper */
-	protected $iniWrapper;
-	/** @var IL10N */
-	protected $l10n;
-	/** @var Defaults */
-	protected $defaults;
-	/** @var LoggerInterface */
-	protected $logger;
-	/** @var ISecureRandom */
-	protected $random;
-	/** @var Installer */
-	protected $installer;
-
-	public function __construct(
-		SystemConfig $config,
-		IniGetWrapper $iniWrapper,
-		IL10N $l10n,
-		Defaults $defaults,
-		LoggerInterface $logger,
-		ISecureRandom $random,
-		Installer $installer
-	) {
-		$this->config = $config;
-		$this->iniWrapper = $iniWrapper;
-		$this->l10n = $l10n;
-		$this->defaults = $defaults;
-		$this->logger = $logger;
-		$this->random = $random;
-		$this->installer = $installer;
-	}
-
-	protected static $dbSetupClasses = [
-		'mysql' => \OC\Setup\MySQL::class,
-		'pgsql' => \OC\Setup\PostgreSQL::class,
-		'oci' => \OC\Setup\OCI::class,
-		'sqlite' => \OC\Setup\Sqlite::class,
-		'sqlite3' => \OC\Setup\Sqlite::class,
-	];
-
-	/**
-	 * Wrapper around the "class_exists" PHP function to be able to mock it
-	 *
-	 * @param string $name
-	 * @return bool
-	 */
-	protected function class_exists($name) {
-		return class_exists($name);
-	}
-
-	/**
-	 * Wrapper around the "is_callable" PHP function to be able to mock it
-	 *
-	 * @param string $name
-	 * @return bool
-	 */
-	protected function is_callable($name) {
-		return is_callable($name);
-	}
-
-	/**
-	 * Wrapper around \PDO::getAvailableDrivers
-	 *
-	 * @return array
-	 */
-	protected function getAvailableDbDriversForPdo() {
-		return \PDO::getAvailableDrivers();
-	}
-
-	/**
-	 * Get the available and supported databases of this instance
-	 *
-	 * @param bool $allowAllDatabases
-	 * @return array
-	 * @throws Exception
-	 */
-	public function getSupportedDatabases($allowAllDatabases = false) {
-		$availableDatabases = [
-			'sqlite' => [
-				'type' => 'pdo',
-				'call' => 'sqlite',
-				'name' => 'SQLite',
-			],
-			'mysql' => [
-				'type' => 'pdo',
-				'call' => 'mysql',
-				'name' => 'MySQL/MariaDB',
-			],
-			'pgsql' => [
-				'type' => 'pdo',
-				'call' => 'pgsql',
-				'name' => 'PostgreSQL',
-			],
-			'oci' => [
-				'type' => 'function',
-				'call' => 'oci_connect',
-				'name' => 'Oracle',
-			],
-		];
-		if ($allowAllDatabases) {
-			$configuredDatabases = array_keys($availableDatabases);
-		} else {
-			$configuredDatabases = $this->config->getValue('supportedDatabases',
-				['sqlite', 'mysql', 'pgsql']);
-		}
-		if (!is_array($configuredDatabases)) {
-			throw new Exception('Supported databases are not properly configured.');
-		}
-
-		$supportedDatabases = [];
-
-		foreach ($configuredDatabases as $database) {
-			if (array_key_exists($database, $availableDatabases)) {
-				$working = false;
-				$type = $availableDatabases[$database]['type'];
-				$call = $availableDatabases[$database]['call'];
-
-				if ($type === 'function') {
-					$working = $this->is_callable($call);
-				} elseif ($type === 'pdo') {
-					$working = in_array($call, $this->getAvailableDbDriversForPdo(), true);
-				}
-				if ($working) {
-					$supportedDatabases[$database] = $availableDatabases[$database]['name'];
-				}
-			}
-		}
-
-		return $supportedDatabases;
-	}
-
-	/**
-	 * Gathers system information like database type and does
-	 * a few system checks.
-	 *
-	 * @return array of system info, including an "errors" value
-	 * in case of errors/warnings
-	 */
-	public function getSystemInfo($allowAllDatabases = false) {
-		$databases = $this->getSupportedDatabases($allowAllDatabases);
-
-		$dataDir = $this->config->getValue('datadirectory', \OC::$SERVERROOT . '/data');
-
-		$errors = [];
-
-		// Create data directory to test whether the .htaccess works
-		// Notice that this is not necessarily the same data directory as the one
-		// that will effectively be used.
-		if (!file_exists($dataDir)) {
-			@mkdir($dataDir);
-		}
-		$htAccessWorking = true;
-		if (is_dir($dataDir) && is_writable($dataDir)) {
-			// Protect data directory here, so we can test if the protection is working
-			self::protectDataDirectory();
-
-			try {
-				$util = new \OC_Util();
-				$htAccessWorking = $util->isHtaccessWorking(\OC::$server->getConfig());
-			} catch (\OCP\HintException $e) {
-				$errors[] = [
-					'error' => $e->getMessage(),
-					'exception' => $e,
-					'hint' => $e->getHint(),
-				];
-				$htAccessWorking = false;
-			}
-		}
-
-		if (\OC_Util::runningOnMac()) {
-			$errors[] = [
-				'error' => $this->l10n->t(
-					'Mac OS X is not supported and %s will not work properly on this platform. ' .
-					'Use it at your own risk! ',
-					[$this->defaults->getProductName()]
-				),
-				'hint' => $this->l10n->t('For the best results, please consider using a GNU/Linux server instead.'),
-			];
-		}
-
-		if ($this->iniWrapper->getString('open_basedir') !== '' && PHP_INT_SIZE === 4) {
-			$errors[] = [
-				'error' => $this->l10n->t(
-					'It seems that this %s instance is running on a 32-bit PHP environment and the open_basedir has been configured in php.ini. ' .
-					'This will lead to problems with files over 4 GB and is highly discouraged.',
-					[$this->defaults->getProductName()]
-				),
-				'hint' => $this->l10n->t('Please remove the open_basedir setting within your php.ini or switch to 64-bit PHP.'),
-			];
-		}
-
-		return [
-			'hasSQLite' => isset($databases['sqlite']),
-			'hasMySQL' => isset($databases['mysql']),
-			'hasPostgreSQL' => isset($databases['pgsql']),
-			'hasOracle' => isset($databases['oci']),
-			'databases' => $databases,
-			'directory' => $dataDir,
-			'htaccessWorking' => $htAccessWorking,
-			'errors' => $errors,
-		];
-	}
-
-	/**
-	 * @param $options
-	 * @return array
-	 */
-	public function install($options) {
-		$l = $this->l10n;
-
-		$error = [];
-		$dbType = $options['dbtype'];
-
-		if (empty($options['adminlogin'])) {
-			$error[] = $l->t('Set an admin username.');
-		}
-		if (empty($options['adminpass'])) {
-			$error[] = $l->t('Set an admin password.');
-		}
-		if (empty($options['directory'])) {
-			$options['directory'] = \OC::$SERVERROOT . "/data";
-		}
-
-		if (!isset(self::$dbSetupClasses[$dbType])) {
-			$dbType = 'sqlite';
-		}
-
-		$username = htmlspecialchars_decode($options['adminlogin']);
-		$password = htmlspecialchars_decode($options['adminpass']);
-		$dataDir = htmlspecialchars_decode($options['directory']);
-
-		$class = self::$dbSetupClasses[$dbType];
-		/** @var \OC\Setup\AbstractDatabase $dbSetup */
-		$dbSetup = new $class($l, $this->config, $this->logger, $this->random);
-		$error = array_merge($error, $dbSetup->validate($options));
-
-		// validate the data directory
-		if ((!is_dir($dataDir) && !mkdir($dataDir)) || !is_writable($dataDir)) {
-			$error[] = $l->t("Cannot create or write into the data directory %s", [$dataDir]);
-		}
-
-		if (!empty($error)) {
-			return $error;
-		}
-
-		$request = \OC::$server->getRequest();
-
-		//no errors, good
-		if (isset($options['trusted_domains'])
-			&& is_array($options['trusted_domains'])) {
-			$trustedDomains = $options['trusted_domains'];
-		} else {
-			$trustedDomains = [$request->getInsecureServerHost()];
-		}
-
-		//use sqlite3 when available, otherwise sqlite2 will be used.
-		if ($dbType === 'sqlite' && class_exists('SQLite3')) {
-			$dbType = 'sqlite3';
-		}
-
-		//generate a random salt that is used to salt the local user passwords
-		$salt = $this->random->generate(30);
-		// generate a secret
-		$secret = $this->random->generate(48);
-
-		//write the config file
-		$newConfigValues = [
-			'passwordsalt' => $salt,
-			'secret' => $secret,
-			'trusted_domains' => $trustedDomains,
-			'datadirectory' => $dataDir,
-			'dbtype' => $dbType,
-			'version' => implode('.', \OCP\Util::getVersion()),
-		];
-
-		if ($this->config->getValue('overwrite.cli.url', null) === null) {
-			$newConfigValues['overwrite.cli.url'] = $request->getServerProtocol() . '://' . $request->getInsecureServerHost() . \OC::$WEBROOT;
-		}
-
-		$this->config->setValues($newConfigValues);
-
-		$dbSetup->initialize($options);
-		try {
-			$dbSetup->setupDatabase($username);
-		} catch (\OC\DatabaseSetupException $e) {
-			$error[] = [
-				'error' => $e->getMessage(),
-				'exception' => $e,
-				'hint' => $e->getHint(),
-			];
-			return $error;
-		} catch (Exception $e) {
-			$error[] = [
-				'error' => 'Error while trying to create admin user: ' . $e->getMessage(),
-				'exception' => $e,
-				'hint' => '',
-			];
-			return $error;
-		}
-		try {
-			// apply necessary migrations
-			$dbSetup->runMigrations();
-		} catch (Exception $e) {
-			$error[] = [
-				'error' => 'Error while trying to initialise the database: ' . $e->getMessage(),
-				'exception' => $e,
-				'hint' => '',
-			];
-			return $error;
-		}
-
-		//create the user and group
-		$user = null;
-		try {
-			$user = \OC::$server->getUserManager()->createUser($username, $password);
-			if (!$user) {
-				$error[] = "User <$username> could not be created.";
-			}
-		} catch (Exception $exception) {
-			$error[] = $exception->getMessage();
-		}
-
-		if (empty($error)) {
-			$config = \OC::$server->getConfig();
-			$config->setAppValue('core', 'installedat', microtime(true));
-			$config->setAppValue('core', 'lastupdatedat', microtime(true));
-			$config->setAppValue('core', 'vendor', $this->getVendor());
-
-			$group = \OC::$server->getGroupManager()->createGroup('admin');
-			if ($group instanceof IGroup) {
-				$group->addUser($user);
-			}
-
-			// Install shipped apps and specified app bundles
-			Installer::installShippedApps();
-			$bundleFetcher = new BundleFetcher(\OC::$server->getL10N('lib'));
-			$defaultInstallationBundles = $bundleFetcher->getDefaultInstallationBundle();
-			foreach ($defaultInstallationBundles as $bundle) {
-				try {
-					$this->installer->installAppBundle($bundle);
-				} catch (Exception $e) {
-				}
-			}
-
-			// create empty file in data dir, so we can later find
-			// out that this is indeed an ownCloud data directory
-			file_put_contents($config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', '');
-
-			// Update .htaccess files
-			self::updateHtaccess();
-			self::protectDataDirectory();
-
-			self::installBackgroundJobs();
-
-			//and we are done
-			$config->setSystemValue('installed', true);
-
-			// Create a session token for the newly created user
-			// The token provider requires a working db, so it's not injected on setup
-			/* @var $userSession User\Session */
-			$userSession = \OC::$server->getUserSession();
-			$defaultTokenProvider = \OC::$server->query(DefaultTokenProvider::class);
-			$userSession->setTokenProvider($defaultTokenProvider);
-			$userSession->login($username, $password);
-			$userSession->createSessionToken($request, $userSession->getUser()->getUID(), $username, $password);
-
-			$session = $userSession->getSession();
-			$session->set('last-password-confirm', \OC::$server->query(ITimeFactory::class)->getTime());
-
-			// Set email for admin
-			if (!empty($options['adminemail'])) {
-				$config->setUserValue($user->getUID(), 'settings', 'email', $options['adminemail']);
-			}
-		}
-
-		return $error;
-	}
-
-	public static function installBackgroundJobs() {
-		$jobList = \OC::$server->getJobList();
-		$jobList->add(DefaultTokenCleanupJob::class);
-		$jobList->add(Rotate::class);
-		$jobList->add(BackgroundCleanupJob::class);
-	}
-
-	/**
-	 * @return string Absolute path to htaccess
-	 */
-	private function pathToHtaccess() {
-		return \OC::$SERVERROOT . '/.htaccess';
-	}
-
-	/**
-	 * Find webroot from config
-	 *
-	 * @param SystemConfig $config
-	 * @return string
-	 * @throws InvalidArgumentException when invalid value for overwrite.cli.url
-	 */
-	private static function findWebRoot(SystemConfig $config): string {
-		// For CLI read the value from overwrite.cli.url
-		if (\OC::$CLI) {
-			$webRoot = $config->getValue('overwrite.cli.url', '');
-			if ($webRoot === '') {
-				throw new InvalidArgumentException('overwrite.cli.url is empty');
-			}
-			if (!filter_var($webRoot, FILTER_VALIDATE_URL)) {
-				throw new InvalidArgumentException('invalid value for overwrite.cli.url');
-			}
-			$webRoot = rtrim(parse_url($webRoot, PHP_URL_PATH), '/');
-		} else {
-			$webRoot = !empty(\OC::$WEBROOT) ? \OC::$WEBROOT : '/';
-		}
-
-		return $webRoot;
-	}
-
-	/**
-	 * Append the correct ErrorDocument path for Apache hosts
-	 *
-	 * @return bool True when success, False otherwise
-	 * @throws \OCP\AppFramework\QueryException
-	 */
-	public static function updateHtaccess() {
-		$config = \OC::$server->getSystemConfig();
-
-		try {
-			$webRoot = self::findWebRoot($config);
-		} catch (InvalidArgumentException $e) {
-			return false;
-		}
-
-		$setupHelper = new \OC\Setup(
-			$config,
-			\OC::$server->get(IniGetWrapper::class),
-			\OC::$server->getL10N('lib'),
-			\OC::$server->query(Defaults::class),
-			\OC::$server->get(LoggerInterface::class),
-			\OC::$server->getSecureRandom(),
-			\OC::$server->query(Installer::class)
-		);
-
-		$htaccessContent = file_get_contents($setupHelper->pathToHtaccess());
-		$content = "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####\n";
-		$htaccessContent = explode($content, $htaccessContent, 2)[0];
-
-		//custom 403 error page
-		$content .= "\nErrorDocument 403 " . $webRoot . '/';
-
-		//custom 404 error page
-		$content .= "\nErrorDocument 404 " . $webRoot . '/';
-
-		// Add rewrite rules if the RewriteBase is configured
-		$rewriteBase = $config->getValue('htaccess.RewriteBase', '');
-		if ($rewriteBase !== '') {
-			$content .= "\n<IfModule mod_rewrite.c>";
-			$content .= "\n  Options -MultiViews";
-			$content .= "\n  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]";
-			$content .= "\n  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !\\.(css|js|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav)$";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\\.php";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\\.ico|manifest\\.json)$";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\\.php";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\\.php";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/robots\\.txt";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/(ocm-provider|ocs-provider|updater)/";
-			$content .= "\n  RewriteCond %{REQUEST_URI} !^/\\.well-known/(acme-challenge|pki-validation)/.*";
-			$content .= "\n  RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$";
-			$content .= "\n  RewriteRule . index.php [PT,E=PATH_INFO:$1]";
-			$content .= "\n  RewriteBase " . $rewriteBase;
-			$content .= "\n  <IfModule mod_env.c>";
-			$content .= "\n    SetEnv front_controller_active true";
-			$content .= "\n    <IfModule mod_dir.c>";
-			$content .= "\n      DirectorySlash off";
-			$content .= "\n    </IfModule>";
-			$content .= "\n  </IfModule>";
-			$content .= "\n</IfModule>";
-		}
-
-		if ($content !== '') {
-			//suppress errors in case we don't have permissions for it
-			return (bool)@file_put_contents($setupHelper->pathToHtaccess(), $htaccessContent . $content . "\n");
-		}
-
-		return false;
-	}
-
-	public static function protectDataDirectory() {
-		//Require all denied
-		$now = date('Y-m-d H:i:s');
-		$content = "# Generated by Nextcloud on $now\n";
-		$content .= "# Section for Apache 2.4 to 2.6\n";
-		$content .= "<IfModule mod_authz_core.c>\n";
-		$content .= "  Require all denied\n";
-		$content .= "</IfModule>\n";
-		$content .= "<IfModule mod_access_compat.c>\n";
-		$content .= "  Order Allow,Deny\n";
-		$content .= "  Deny from all\n";
-		$content .= "  Satisfy All\n";
-		$content .= "</IfModule>\n\n";
-		$content .= "# Section for Apache 2.2\n";
-		$content .= "<IfModule !mod_authz_core.c>\n";
-		$content .= "  <IfModule !mod_access_compat.c>\n";
-		$content .= "    <IfModule mod_authz_host.c>\n";
-		$content .= "      Order Allow,Deny\n";
-		$content .= "      Deny from all\n";
-		$content .= "    </IfModule>\n";
-		$content .= "    Satisfy All\n";
-		$content .= "  </IfModule>\n";
-		$content .= "</IfModule>\n\n";
-		$content .= "# Section for Apache 2.2 to 2.6\n";
-		$content .= "<IfModule mod_autoindex.c>\n";
-		$content .= "  IndexIgnore *\n";
-		$content .= "</IfModule>";
-
-		$baseDir = \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data');
-		file_put_contents($baseDir . '/.htaccess', $content);
-		file_put_contents($baseDir . '/index.html', '');
-	}
-
-	/**
-	 * Return vendor from which this version was published
-	 *
-	 * @return string Get the vendor
-	 *
-	 * Copy of \OC\Updater::getVendor()
-	 */
-	private function getVendor() {
-		// this should really be a JSON file
-		require \OC::$SERVERROOT . '/version.php';
-		/** @var string $vendor */
-		return (string)$vendor;
-	}
+    /** @var SystemConfig */
+    protected $config;
+    /** @var IniGetWrapper */
+    protected $iniWrapper;
+    /** @var IL10N */
+    protected $l10n;
+    /** @var Defaults */
+    protected $defaults;
+    /** @var LoggerInterface */
+    protected $logger;
+    /** @var ISecureRandom */
+    protected $random;
+    /** @var Installer */
+    protected $installer;
+
+    public function __construct(
+        SystemConfig $config,
+        IniGetWrapper $iniWrapper,
+        IL10N $l10n,
+        Defaults $defaults,
+        LoggerInterface $logger,
+        ISecureRandom $random,
+        Installer $installer
+    ) {
+        $this->config = $config;
+        $this->iniWrapper = $iniWrapper;
+        $this->l10n = $l10n;
+        $this->defaults = $defaults;
+        $this->logger = $logger;
+        $this->random = $random;
+        $this->installer = $installer;
+    }
+
+    protected static $dbSetupClasses = [
+        'mysql' => \OC\Setup\MySQL::class,
+        'pgsql' => \OC\Setup\PostgreSQL::class,
+        'oci' => \OC\Setup\OCI::class,
+        'sqlite' => \OC\Setup\Sqlite::class,
+        'sqlite3' => \OC\Setup\Sqlite::class,
+    ];
+
+    /**
+     * Wrapper around the "class_exists" PHP function to be able to mock it
+     *
+     * @param string $name
+     * @return bool
+     */
+    protected function class_exists($name) {
+        return class_exists($name);
+    }
+
+    /**
+     * Wrapper around the "is_callable" PHP function to be able to mock it
+     *
+     * @param string $name
+     * @return bool
+     */
+    protected function is_callable($name) {
+        return is_callable($name);
+    }
+
+    /**
+     * Wrapper around \PDO::getAvailableDrivers
+     *
+     * @return array
+     */
+    protected function getAvailableDbDriversForPdo() {
+        return \PDO::getAvailableDrivers();
+    }
+
+    /**
+     * Get the available and supported databases of this instance
+     *
+     * @param bool $allowAllDatabases
+     * @return array
+     * @throws Exception
+     */
+    public function getSupportedDatabases($allowAllDatabases = false) {
+        $availableDatabases = [
+            'sqlite' => [
+                'type' => 'pdo',
+                'call' => 'sqlite',
+                'name' => 'SQLite',
+            ],
+            'mysql' => [
+                'type' => 'pdo',
+                'call' => 'mysql',
+                'name' => 'MySQL/MariaDB',
+            ],
+            'pgsql' => [
+                'type' => 'pdo',
+                'call' => 'pgsql',
+                'name' => 'PostgreSQL',
+            ],
+            'oci' => [
+                'type' => 'function',
+                'call' => 'oci_connect',
+                'name' => 'Oracle',
+            ],
+        ];
+        if ($allowAllDatabases) {
+            $configuredDatabases = array_keys($availableDatabases);
+        } else {
+            $configuredDatabases = $this->config->getValue('supportedDatabases',
+                ['sqlite', 'mysql', 'pgsql']);
+        }
+        if (!is_array($configuredDatabases)) {
+            throw new Exception('Supported databases are not properly configured.');
+        }
+
+        $supportedDatabases = [];
+
+        foreach ($configuredDatabases as $database) {
+            if (array_key_exists($database, $availableDatabases)) {
+                $working = false;
+                $type = $availableDatabases[$database]['type'];
+                $call = $availableDatabases[$database]['call'];
+
+                if ($type === 'function') {
+                    $working = $this->is_callable($call);
+                } elseif ($type === 'pdo') {
+                    $working = in_array($call, $this->getAvailableDbDriversForPdo(), true);
+                }
+                if ($working) {
+                    $supportedDatabases[$database] = $availableDatabases[$database]['name'];
+                }
+            }
+        }
+
+        return $supportedDatabases;
+    }
+
+    /**
+     * Gathers system information like database type and does
+     * a few system checks.
+     *
+     * @return array of system info, including an "errors" value
+     * in case of errors/warnings
+     */
+    public function getSystemInfo($allowAllDatabases = false) {
+        $databases = $this->getSupportedDatabases($allowAllDatabases);
+
+        $dataDir = $this->config->getValue('datadirectory', \OC::$SERVERROOT . '/data');
+
+        $errors = [];
+
+        // Create data directory to test whether the .htaccess works
+        // Notice that this is not necessarily the same data directory as the one
+        // that will effectively be used.
+        if (!file_exists($dataDir)) {
+            @mkdir($dataDir);
+        }
+        $htAccessWorking = true;
+        if (is_dir($dataDir) && is_writable($dataDir)) {
+            // Protect data directory here, so we can test if the protection is working
+            self::protectDataDirectory();
+
+            try {
+                $util = new \OC_Util();
+                $htAccessWorking = $util->isHtaccessWorking(\OC::$server->getConfig());
+            } catch (\OCP\HintException $e) {
+                $errors[] = [
+                    'error' => $e->getMessage(),
+                    'exception' => $e,
+                    'hint' => $e->getHint(),
+                ];
+                $htAccessWorking = false;
+            }
+        }
+
+        if (\OC_Util::runningOnMac()) {
+            $errors[] = [
+                'error' => $this->l10n->t(
+                    'Mac OS X is not supported and %s will not work properly on this platform. ' .
+                    'Use it at your own risk! ',
+                    [$this->defaults->getProductName()]
+                ),
+                'hint' => $this->l10n->t('For the best results, please consider using a GNU/Linux server instead.'),
+            ];
+        }
+
+        if ($this->iniWrapper->getString('open_basedir') !== '' && PHP_INT_SIZE === 4) {
+            $errors[] = [
+                'error' => $this->l10n->t(
+                    'It seems that this %s instance is running on a 32-bit PHP environment and the open_basedir has been configured in php.ini. ' .
+                    'This will lead to problems with files over 4 GB and is highly discouraged.',
+                    [$this->defaults->getProductName()]
+                ),
+                'hint' => $this->l10n->t('Please remove the open_basedir setting within your php.ini or switch to 64-bit PHP.'),
+            ];
+        }
+
+        return [
+            'hasSQLite' => isset($databases['sqlite']),
+            'hasMySQL' => isset($databases['mysql']),
+            'hasPostgreSQL' => isset($databases['pgsql']),
+            'hasOracle' => isset($databases['oci']),
+            'databases' => $databases,
+            'directory' => $dataDir,
+            'htaccessWorking' => $htAccessWorking,
+            'errors' => $errors,
+        ];
+    }
+
+    /**
+     * @param $options
+     * @return array
+     */
+    public function install($options) {
+        $l = $this->l10n;
+
+        $error = [];
+        $dbType = $options['dbtype'];
+
+        if (empty($options['adminlogin'])) {
+            $error[] = $l->t('Set an admin username.');
+        }
+        if (empty($options['adminpass'])) {
+            $error[] = $l->t('Set an admin password.');
+        }
+        if (empty($options['directory'])) {
+            $options['directory'] = \OC::$SERVERROOT . "/data";
+        }
+
+        if (!isset(self::$dbSetupClasses[$dbType])) {
+            $dbType = 'sqlite';
+        }
+
+        $username = htmlspecialchars_decode($options['adminlogin']);
+        $password = htmlspecialchars_decode($options['adminpass']);
+        $dataDir = htmlspecialchars_decode($options['directory']);
+
+        $class = self::$dbSetupClasses[$dbType];
+        /** @var \OC\Setup\AbstractDatabase $dbSetup */
+        $dbSetup = new $class($l, $this->config, $this->logger, $this->random);
+        $error = array_merge($error, $dbSetup->validate($options));
+
+        // validate the data directory
+        if ((!is_dir($dataDir) && !mkdir($dataDir)) || !is_writable($dataDir)) {
+            $error[] = $l->t("Cannot create or write into the data directory %s", [$dataDir]);
+        }
+
+        if (!empty($error)) {
+            return $error;
+        }
+
+        $request = \OC::$server->getRequest();
+
+        //no errors, good
+        if (isset($options['trusted_domains'])
+            && is_array($options['trusted_domains'])) {
+            $trustedDomains = $options['trusted_domains'];
+        } else {
+            $trustedDomains = [$request->getInsecureServerHost()];
+        }
+
+        //use sqlite3 when available, otherwise sqlite2 will be used.
+        if ($dbType === 'sqlite' && class_exists('SQLite3')) {
+            $dbType = 'sqlite3';
+        }
+
+        //generate a random salt that is used to salt the local user passwords
+        $salt = $this->random->generate(30);
+        // generate a secret
+        $secret = $this->random->generate(48);
+
+        //write the config file
+        $newConfigValues = [
+            'passwordsalt' => $salt,
+            'secret' => $secret,
+            'trusted_domains' => $trustedDomains,
+            'datadirectory' => $dataDir,
+            'dbtype' => $dbType,
+            'version' => implode('.', \OCP\Util::getVersion()),
+        ];
+
+        if ($this->config->getValue('overwrite.cli.url', null) === null) {
+            $newConfigValues['overwrite.cli.url'] = $request->getServerProtocol() . '://' . $request->getInsecureServerHost() . \OC::$WEBROOT;
+        }
+
+        $this->config->setValues($newConfigValues);
+
+        $dbSetup->initialize($options);
+        try {
+            $dbSetup->setupDatabase($username);
+        } catch (\OC\DatabaseSetupException $e) {
+            $error[] = [
+                'error' => $e->getMessage(),
+                'exception' => $e,
+                'hint' => $e->getHint(),
+            ];
+            return $error;
+        } catch (Exception $e) {
+            $error[] = [
+                'error' => 'Error while trying to create admin user: ' . $e->getMessage(),
+                'exception' => $e,
+                'hint' => '',
+            ];
+            return $error;
+        }
+        try {
+            // apply necessary migrations
+            $dbSetup->runMigrations();
+        } catch (Exception $e) {
+            $error[] = [
+                'error' => 'Error while trying to initialise the database: ' . $e->getMessage(),
+                'exception' => $e,
+                'hint' => '',
+            ];
+            return $error;
+        }
+
+        //create the user and group
+        $user = null;
+        try {
+            $user = \OC::$server->getUserManager()->createUser($username, $password);
+            if (!$user) {
+                $error[] = "User <$username> could not be created.";
+            }
+        } catch (Exception $exception) {
+            $error[] = $exception->getMessage();
+        }
+
+        if (empty($error)) {
+            $config = \OC::$server->getConfig();
+            $config->setAppValue('core', 'installedat', microtime(true));
+            $config->setAppValue('core', 'lastupdatedat', microtime(true));
+            $config->setAppValue('core', 'vendor', $this->getVendor());
+
+            $group = \OC::$server->getGroupManager()->createGroup('admin');
+            if ($group instanceof IGroup) {
+                $group->addUser($user);
+            }
+
+            // Install shipped apps and specified app bundles
+            Installer::installShippedApps();
+            $bundleFetcher = new BundleFetcher(\OC::$server->getL10N('lib'));
+            $defaultInstallationBundles = $bundleFetcher->getDefaultInstallationBundle();
+            foreach ($defaultInstallationBundles as $bundle) {
+                try {
+                    $this->installer->installAppBundle($bundle);
+                } catch (Exception $e) {
+                }
+            }
+
+            // create empty file in data dir, so we can later find
+            // out that this is indeed an ownCloud data directory
+            file_put_contents($config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/.ocdata', '');
+
+            // Update .htaccess files
+            self::updateHtaccess();
+            self::protectDataDirectory();
+
+            self::installBackgroundJobs();
+
+            //and we are done
+            $config->setSystemValue('installed', true);
+
+            // Create a session token for the newly created user
+            // The token provider requires a working db, so it's not injected on setup
+            /* @var $userSession User\Session */
+            $userSession = \OC::$server->getUserSession();
+            $defaultTokenProvider = \OC::$server->query(DefaultTokenProvider::class);
+            $userSession->setTokenProvider($defaultTokenProvider);
+            $userSession->login($username, $password);
+            $userSession->createSessionToken($request, $userSession->getUser()->getUID(), $username, $password);
+
+            $session = $userSession->getSession();
+            $session->set('last-password-confirm', \OC::$server->query(ITimeFactory::class)->getTime());
+
+            // Set email for admin
+            if (!empty($options['adminemail'])) {
+                $config->setUserValue($user->getUID(), 'settings', 'email', $options['adminemail']);
+            }
+        }
+
+        return $error;
+    }
+
+    public static function installBackgroundJobs() {
+        $jobList = \OC::$server->getJobList();
+        $jobList->add(DefaultTokenCleanupJob::class);
+        $jobList->add(Rotate::class);
+        $jobList->add(BackgroundCleanupJob::class);
+    }
+
+    /**
+     * @return string Absolute path to htaccess
+     */
+    private function pathToHtaccess() {
+        return \OC::$SERVERROOT . '/.htaccess';
+    }
+
+    /**
+     * Find webroot from config
+     *
+     * @param SystemConfig $config
+     * @return string
+     * @throws InvalidArgumentException when invalid value for overwrite.cli.url
+     */
+    private static function findWebRoot(SystemConfig $config): string {
+        // For CLI read the value from overwrite.cli.url
+        if (\OC::$CLI) {
+            $webRoot = $config->getValue('overwrite.cli.url', '');
+            if ($webRoot === '') {
+                throw new InvalidArgumentException('overwrite.cli.url is empty');
+            }
+            if (!filter_var($webRoot, FILTER_VALIDATE_URL)) {
+                throw new InvalidArgumentException('invalid value for overwrite.cli.url');
+            }
+            $webRoot = rtrim(parse_url($webRoot, PHP_URL_PATH), '/');
+        } else {
+            $webRoot = !empty(\OC::$WEBROOT) ? \OC::$WEBROOT : '/';
+        }
+
+        return $webRoot;
+    }
+
+    /**
+     * Append the correct ErrorDocument path for Apache hosts
+     *
+     * @return bool True when success, False otherwise
+     * @throws \OCP\AppFramework\QueryException
+     */
+    public static function updateHtaccess() {
+        $config = \OC::$server->getSystemConfig();
+
+        try {
+            $webRoot = self::findWebRoot($config);
+        } catch (InvalidArgumentException $e) {
+            return false;
+        }
+
+        $setupHelper = new \OC\Setup(
+            $config,
+            \OC::$server->get(IniGetWrapper::class),
+            \OC::$server->getL10N('lib'),
+            \OC::$server->query(Defaults::class),
+            \OC::$server->get(LoggerInterface::class),
+            \OC::$server->getSecureRandom(),
+            \OC::$server->query(Installer::class)
+        );
+
+        $htaccessContent = file_get_contents($setupHelper->pathToHtaccess());
+        $content = "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE ####\n";
+        $htaccessContent = explode($content, $htaccessContent, 2)[0];
+
+        //custom 403 error page
+        $content .= "\nErrorDocument 403 " . $webRoot . '/';
+
+        //custom 404 error page
+        $content .= "\nErrorDocument 404 " . $webRoot . '/';
+
+        // Add rewrite rules if the RewriteBase is configured
+        $rewriteBase = $config->getValue('htaccess.RewriteBase', '');
+        if ($rewriteBase !== '') {
+            $content .= "\n<IfModule mod_rewrite.c>";
+            $content .= "\n  Options -MultiViews";
+            $content .= "\n  RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1]";
+            $content .= "\n  RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1]";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !\\.(css|js|svg|gif|png|html|ttf|woff2?|ico|jpg|jpeg|map|webm|mp4|mp3|ogg|wav)$";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/core/ajax/update\\.php";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/core/img/(favicon\\.ico|manifest\\.json)$";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/(cron|public|remote|status)\\.php";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/ocs/v(1|2)\\.php";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/robots\\.txt";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/(ocm-provider|ocs-provider|updater)/";
+            $content .= "\n  RewriteCond %{REQUEST_URI} !^/\\.well-known/(acme-challenge|pki-validation)/.*";
+            $content .= "\n  RewriteCond %{REQUEST_FILENAME} !/richdocumentscode(_arm64)?/proxy.php$";
+            $content .= "\n  RewriteRule . index.php [PT,E=PATH_INFO:$1]";
+            $content .= "\n  RewriteBase " . $rewriteBase;
+            $content .= "\n  <IfModule mod_env.c>";
+            $content .= "\n    SetEnv front_controller_active true";
+            $content .= "\n    <IfModule mod_dir.c>";
+            $content .= "\n      DirectorySlash off";
+            $content .= "\n    </IfModule>";
+            $content .= "\n  </IfModule>";
+            $content .= "\n</IfModule>";
+        }
+
+        if ($content !== '') {
+            //suppress errors in case we don't have permissions for it
+            return (bool)@file_put_contents($setupHelper->pathToHtaccess(), $htaccessContent . $content . "\n");
+        }
+
+        return false;
+    }
+
+    public static function protectDataDirectory() {
+        //Require all denied
+        $now = date('Y-m-d H:i:s');
+        $content = "# Generated by Nextcloud on $now\n";
+        $content .= "# Section for Apache 2.4 to 2.6\n";
+        $content .= "<IfModule mod_authz_core.c>\n";
+        $content .= "  Require all denied\n";
+        $content .= "</IfModule>\n";
+        $content .= "<IfModule mod_access_compat.c>\n";
+        $content .= "  Order Allow,Deny\n";
+        $content .= "  Deny from all\n";
+        $content .= "  Satisfy All\n";
+        $content .= "</IfModule>\n\n";
+        $content .= "# Section for Apache 2.2\n";
+        $content .= "<IfModule !mod_authz_core.c>\n";
+        $content .= "  <IfModule !mod_access_compat.c>\n";
+        $content .= "    <IfModule mod_authz_host.c>\n";
+        $content .= "      Order Allow,Deny\n";
+        $content .= "      Deny from all\n";
+        $content .= "    </IfModule>\n";
+        $content .= "    Satisfy All\n";
+        $content .= "  </IfModule>\n";
+        $content .= "</IfModule>\n\n";
+        $content .= "# Section for Apache 2.2 to 2.6\n";
+        $content .= "<IfModule mod_autoindex.c>\n";
+        $content .= "  IndexIgnore *\n";
+        $content .= "</IfModule>";
+
+        $baseDir = \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data');
+        file_put_contents($baseDir . '/.htaccess', $content);
+        file_put_contents($baseDir . '/index.html', '');
+    }
+
+    /**
+     * Return vendor from which this version was published
+     *
+     * @return string Get the vendor
+     *
+     * Copy of \OC\Updater::getVendor()
+     */
+    private function getVendor() {
+        // this should really be a JSON file
+        require \OC::$SERVERROOT . '/version.php';
+        /** @var string $vendor */
+        return (string)$vendor;
+    }
 }

Please login to merge, or discard this patch.

lib/private/legacy/OC_Util.php 1 patch

Indentation +1396 added lines, -1396 removed lines patch added patch discarded remove patch

@@ -77,1405 +77,1405 @@
 block discarded – undo
 use Psr\Log\LoggerInterface;
 
 class OC_Util {
-	public static $scripts = [];
-	public static $styles = [];
-	public static $headers = [];
-	private static $rootMounted = false;
-	private static $fsSetup = false;
-
-	/** @var array Local cache of version.php */
-	private static $versionCache = null;
-
-	protected static function getAppManager() {
-		return \OC::$server->getAppManager();
-	}
-
-	private static function initLocalStorageRootFS() {
-		// mount local file backend as root
-		$configDataDirectory = \OC::$server->getSystemConfig()->getValue("datadirectory", OC::$SERVERROOT . "/data");
-		//first set up the local "root" storage
-		\OC\Files\Filesystem::initMountManager();
-		if (!self::$rootMounted) {
-			\OC\Files\Filesystem::mount(LocalRootStorage::class, ['datadir' => $configDataDirectory], '/');
-			self::$rootMounted = true;
-		}
-	}
-
-	/**
-	 * mounting an object storage as the root fs will in essence remove the
-	 * necessity of a data folder being present.
-	 * TODO make home storage aware of this and use the object storage instead of local disk access
-	 *
-	 * @param array $config containing 'class' and optional 'arguments'
-	 * @suppress PhanDeprecatedFunction
-	 */
-	private static function initObjectStoreRootFS($config) {
-		// check misconfiguration
-		if (empty($config['class'])) {
-			\OCP\Util::writeLog('files', 'No class given for objectstore', ILogger::ERROR);
-		}
-		if (!isset($config['arguments'])) {
-			$config['arguments'] = [];
-		}
-
-		// instantiate object store implementation
-		$name = $config['class'];
-		if (strpos($name, 'OCA\\') === 0 && substr_count($name, '\\') >= 2) {
-			$segments = explode('\\', $name);
-			OC_App::loadApp(strtolower($segments[1]));
-		}
-		$config['arguments']['objectstore'] = new $config['class']($config['arguments']);
-		// mount with plain / root object store implementation
-		$config['class'] = '\OC\Files\ObjectStore\ObjectStoreStorage';
-
-		// mount object storage as root
-		\OC\Files\Filesystem::initMountManager();
-		if (!self::$rootMounted) {
-			\OC\Files\Filesystem::mount($config['class'], $config['arguments'], '/');
-			self::$rootMounted = true;
-		}
-	}
-
-	/**
-	 * mounting an object storage as the root fs will in essence remove the
-	 * necessity of a data folder being present.
-	 *
-	 * @param array $config containing 'class' and optional 'arguments'
-	 * @suppress PhanDeprecatedFunction
-	 */
-	private static function initObjectStoreMultibucketRootFS($config) {
-		// check misconfiguration
-		if (empty($config['class'])) {
-			\OCP\Util::writeLog('files', 'No class given for objectstore', ILogger::ERROR);
-		}
-		if (!isset($config['arguments'])) {
-			$config['arguments'] = [];
-		}
-
-		// instantiate object store implementation
-		$name = $config['class'];
-		if (strpos($name, 'OCA\\') === 0 && substr_count($name, '\\') >= 2) {
-			$segments = explode('\\', $name);
-			OC_App::loadApp(strtolower($segments[1]));
-		}
-
-		if (!isset($config['arguments']['bucket'])) {
-			$config['arguments']['bucket'] = '';
-		}
-		// put the root FS always in first bucket for multibucket configuration
-		$config['arguments']['bucket'] .= '0';
-
-		$config['arguments']['objectstore'] = new $config['class']($config['arguments']);
-		// mount with plain / root object store implementation
-		$config['class'] = '\OC\Files\ObjectStore\ObjectStoreStorage';
-
-		// mount object storage as root
-		\OC\Files\Filesystem::initMountManager();
-		if (!self::$rootMounted) {
-			\OC\Files\Filesystem::mount($config['class'], $config['arguments'], '/');
-			self::$rootMounted = true;
-		}
-	}
-
-	/**
-	 * Can be set up
-	 *
-	 * @param string $user
-	 * @return boolean
-	 * @description configure the initial filesystem based on the configuration
-	 * @suppress PhanDeprecatedFunction
-	 * @suppress PhanAccessMethodInternal
-	 */
-	public static function setupFS($user = '') {
-		//setting up the filesystem twice can only lead to trouble
-		if (self::$fsSetup) {
-			return false;
-		}
-
-		\OC::$server->getEventLogger()->start('setup_fs', 'Setup filesystem');
-
-		// If we are not forced to load a specific user we load the one that is logged in
-		if ($user === null) {
-			$user = '';
-		} elseif ($user == "" && \OC::$server->getUserSession()->isLoggedIn()) {
-			$user = OC_User::getUser();
-		}
-
-		// load all filesystem apps before, so no setup-hook gets lost
-		OC_App::loadApps(['filesystem']);
-
-		// the filesystem will finish when $user is not empty,
-		// mark fs setup here to avoid doing the setup from loading
-		// OC_Filesystem
-		if ($user != '') {
-			self::$fsSetup = true;
-		}
-
-		\OC\Files\Filesystem::initMountManager();
-
-		$prevLogging = \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper(false);
-		\OC\Files\Filesystem::addStorageWrapper('mount_options', function ($mountPoint, \OCP\Files\Storage $storage, \OCP\Files\Mount\IMountPoint $mount) {
-			if ($storage->instanceOfStorage('\OC\Files\Storage\Common')) {
-				/** @var \OC\Files\Storage\Common $storage */
-				$storage->setMountOptions($mount->getOptions());
-			}
-			return $storage;
-		});
-
-		\OC\Files\Filesystem::addStorageWrapper('enable_sharing', function ($mountPoint, \OCP\Files\Storage\IStorage $storage, \OCP\Files\Mount\IMountPoint $mount) {
-			if (!$mount->getOption('enable_sharing', true)) {
-				return new \OC\Files\Storage\Wrapper\PermissionsMask([
-					'storage' => $storage,
-					'mask' => \OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_SHARE
-				]);
-			}
-			return $storage;
-		});
-
-		// install storage availability wrapper, before most other wrappers
-		\OC\Files\Filesystem::addStorageWrapper('oc_availability', function ($mountPoint, \OCP\Files\Storage\IStorage $storage) {
-			if (!$storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage') && !$storage->isLocal()) {
-				return new \OC\Files\Storage\Wrapper\Availability(['storage' => $storage]);
-			}
-			return $storage;
-		});
-
-		\OC\Files\Filesystem::addStorageWrapper('oc_encoding', function ($mountPoint, \OCP\Files\Storage $storage, \OCP\Files\Mount\IMountPoint $mount) {
-			if ($mount->getOption('encoding_compatibility', false) && !$storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage') && !$storage->isLocal()) {
-				return new \OC\Files\Storage\Wrapper\Encoding(['storage' => $storage]);
-			}
-			return $storage;
-		});
-
-		\OC\Files\Filesystem::addStorageWrapper('oc_quota', function ($mountPoint, $storage) {
-			// set up quota for home storages, even for other users
-			// which can happen when using sharing
-
-			/**
-			 * @var \OC\Files\Storage\Storage $storage
-			 */
-			if ($storage->instanceOfStorage('\OC\Files\Storage\Home')
-				|| $storage->instanceOfStorage('\OC\Files\ObjectStore\HomeObjectStoreStorage')
-			) {
-				/** @var \OC\Files\Storage\Home $storage */
-				if (is_object($storage->getUser())) {
-					$quota = OC_Util::getUserQuota($storage->getUser());
-					if ($quota !== \OCP\Files\FileInfo::SPACE_UNLIMITED) {
-						return new \OC\Files\Storage\Wrapper\Quota(['storage' => $storage, 'quota' => $quota, 'root' => 'files']);
-					}
-				}
-			}
-
-			return $storage;
-		});
-
-		\OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, \OCP\Files\Storage\IStorage $storage, \OCP\Files\Mount\IMountPoint $mount) {
-			/*
+    public static $scripts = [];
+    public static $styles = [];
+    public static $headers = [];
+    private static $rootMounted = false;
+    private static $fsSetup = false;
+
+    /** @var array Local cache of version.php */
+    private static $versionCache = null;
+
+    protected static function getAppManager() {
+        return \OC::$server->getAppManager();
+    }
+
+    private static function initLocalStorageRootFS() {
+        // mount local file backend as root
+        $configDataDirectory = \OC::$server->getSystemConfig()->getValue("datadirectory", OC::$SERVERROOT . "/data");
+        //first set up the local "root" storage
+        \OC\Files\Filesystem::initMountManager();
+        if (!self::$rootMounted) {
+            \OC\Files\Filesystem::mount(LocalRootStorage::class, ['datadir' => $configDataDirectory], '/');
+            self::$rootMounted = true;
+        }
+    }
+
+    /**
+     * mounting an object storage as the root fs will in essence remove the
+     * necessity of a data folder being present.
+     * TODO make home storage aware of this and use the object storage instead of local disk access
+     *
+     * @param array $config containing 'class' and optional 'arguments'
+     * @suppress PhanDeprecatedFunction
+     */
+    private static function initObjectStoreRootFS($config) {
+        // check misconfiguration
+        if (empty($config['class'])) {
+            \OCP\Util::writeLog('files', 'No class given for objectstore', ILogger::ERROR);
+        }
+        if (!isset($config['arguments'])) {
+            $config['arguments'] = [];
+        }
+
+        // instantiate object store implementation
+        $name = $config['class'];
+        if (strpos($name, 'OCA\\') === 0 && substr_count($name, '\\') >= 2) {
+            $segments = explode('\\', $name);
+            OC_App::loadApp(strtolower($segments[1]));
+        }
+        $config['arguments']['objectstore'] = new $config['class']($config['arguments']);
+        // mount with plain / root object store implementation
+        $config['class'] = '\OC\Files\ObjectStore\ObjectStoreStorage';
+
+        // mount object storage as root
+        \OC\Files\Filesystem::initMountManager();
+        if (!self::$rootMounted) {
+            \OC\Files\Filesystem::mount($config['class'], $config['arguments'], '/');
+            self::$rootMounted = true;
+        }
+    }
+
+    /**
+     * mounting an object storage as the root fs will in essence remove the
+     * necessity of a data folder being present.
+     *
+     * @param array $config containing 'class' and optional 'arguments'
+     * @suppress PhanDeprecatedFunction
+     */
+    private static function initObjectStoreMultibucketRootFS($config) {
+        // check misconfiguration
+        if (empty($config['class'])) {
+            \OCP\Util::writeLog('files', 'No class given for objectstore', ILogger::ERROR);
+        }
+        if (!isset($config['arguments'])) {
+            $config['arguments'] = [];
+        }
+
+        // instantiate object store implementation
+        $name = $config['class'];
+        if (strpos($name, 'OCA\\') === 0 && substr_count($name, '\\') >= 2) {
+            $segments = explode('\\', $name);
+            OC_App::loadApp(strtolower($segments[1]));
+        }
+
+        if (!isset($config['arguments']['bucket'])) {
+            $config['arguments']['bucket'] = '';
+        }
+        // put the root FS always in first bucket for multibucket configuration
+        $config['arguments']['bucket'] .= '0';
+
+        $config['arguments']['objectstore'] = new $config['class']($config['arguments']);
+        // mount with plain / root object store implementation
+        $config['class'] = '\OC\Files\ObjectStore\ObjectStoreStorage';
+
+        // mount object storage as root
+        \OC\Files\Filesystem::initMountManager();
+        if (!self::$rootMounted) {
+            \OC\Files\Filesystem::mount($config['class'], $config['arguments'], '/');
+            self::$rootMounted = true;
+        }
+    }
+
+    /**
+     * Can be set up
+     *
+     * @param string $user
+     * @return boolean
+     * @description configure the initial filesystem based on the configuration
+     * @suppress PhanDeprecatedFunction
+     * @suppress PhanAccessMethodInternal
+     */
+    public static function setupFS($user = '') {
+        //setting up the filesystem twice can only lead to trouble
+        if (self::$fsSetup) {
+            return false;
+        }
+
+        \OC::$server->getEventLogger()->start('setup_fs', 'Setup filesystem');
+
+        // If we are not forced to load a specific user we load the one that is logged in
+        if ($user === null) {
+            $user = '';
+        } elseif ($user == "" && \OC::$server->getUserSession()->isLoggedIn()) {
+            $user = OC_User::getUser();
+        }
+
+        // load all filesystem apps before, so no setup-hook gets lost
+        OC_App::loadApps(['filesystem']);
+
+        // the filesystem will finish when $user is not empty,
+        // mark fs setup here to avoid doing the setup from loading
+        // OC_Filesystem
+        if ($user != '') {
+            self::$fsSetup = true;
+        }
+
+        \OC\Files\Filesystem::initMountManager();
+
+        $prevLogging = \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper(false);
+        \OC\Files\Filesystem::addStorageWrapper('mount_options', function ($mountPoint, \OCP\Files\Storage $storage, \OCP\Files\Mount\IMountPoint $mount) {
+            if ($storage->instanceOfStorage('\OC\Files\Storage\Common')) {
+                /** @var \OC\Files\Storage\Common $storage */
+                $storage->setMountOptions($mount->getOptions());
+            }
+            return $storage;
+        });
+
+        \OC\Files\Filesystem::addStorageWrapper('enable_sharing', function ($mountPoint, \OCP\Files\Storage\IStorage $storage, \OCP\Files\Mount\IMountPoint $mount) {
+            if (!$mount->getOption('enable_sharing', true)) {
+                return new \OC\Files\Storage\Wrapper\PermissionsMask([
+                    'storage' => $storage,
+                    'mask' => \OCP\Constants::PERMISSION_ALL - \OCP\Constants::PERMISSION_SHARE
+                ]);
+            }
+            return $storage;
+        });
+
+        // install storage availability wrapper, before most other wrappers
+        \OC\Files\Filesystem::addStorageWrapper('oc_availability', function ($mountPoint, \OCP\Files\Storage\IStorage $storage) {
+            if (!$storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage') && !$storage->isLocal()) {
+                return new \OC\Files\Storage\Wrapper\Availability(['storage' => $storage]);
+            }
+            return $storage;
+        });
+
+        \OC\Files\Filesystem::addStorageWrapper('oc_encoding', function ($mountPoint, \OCP\Files\Storage $storage, \OCP\Files\Mount\IMountPoint $mount) {
+            if ($mount->getOption('encoding_compatibility', false) && !$storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage') && !$storage->isLocal()) {
+                return new \OC\Files\Storage\Wrapper\Encoding(['storage' => $storage]);
+            }
+            return $storage;
+        });
+
+        \OC\Files\Filesystem::addStorageWrapper('oc_quota', function ($mountPoint, $storage) {
+            // set up quota for home storages, even for other users
+            // which can happen when using sharing
+
+            /**
+             * @var \OC\Files\Storage\Storage $storage
+             */
+            if ($storage->instanceOfStorage('\OC\Files\Storage\Home')
+                || $storage->instanceOfStorage('\OC\Files\ObjectStore\HomeObjectStoreStorage')
+            ) {
+                /** @var \OC\Files\Storage\Home $storage */
+                if (is_object($storage->getUser())) {
+                    $quota = OC_Util::getUserQuota($storage->getUser());
+                    if ($quota !== \OCP\Files\FileInfo::SPACE_UNLIMITED) {
+                        return new \OC\Files\Storage\Wrapper\Quota(['storage' => $storage, 'quota' => $quota, 'root' => 'files']);
+                    }
+                }
+            }
+
+            return $storage;
+        });
+
+        \OC\Files\Filesystem::addStorageWrapper('readonly', function ($mountPoint, \OCP\Files\Storage\IStorage $storage, \OCP\Files\Mount\IMountPoint $mount) {
+            /*
 			 * Do not allow any operations that modify the storage
 			 */
-			if ($mount->getOption('readonly', false)) {
-				return new \OC\Files\Storage\Wrapper\PermissionsMask([
-					'storage' => $storage,
-					'mask' => \OCP\Constants::PERMISSION_ALL & ~(
-						\OCP\Constants::PERMISSION_UPDATE |
-						\OCP\Constants::PERMISSION_CREATE |
-						\OCP\Constants::PERMISSION_DELETE
-					),
-				]);
-			}
-			return $storage;
-		});
-
-		OC_Hook::emit('OC_Filesystem', 'preSetup', ['user' => $user]);
-
-		\OC\Files\Filesystem::logWarningWhenAddingStorageWrapper($prevLogging);
-
-		//check if we are using an object storage
-		$objectStore = \OC::$server->getSystemConfig()->getValue('objectstore', null);
-		$objectStoreMultibucket = \OC::$server->getSystemConfig()->getValue('objectstore_multibucket', null);
-
-		// use the same order as in ObjectHomeMountProvider
-		if (isset($objectStoreMultibucket)) {
-			self::initObjectStoreMultibucketRootFS($objectStoreMultibucket);
-		} elseif (isset($objectStore)) {
-			self::initObjectStoreRootFS($objectStore);
-		} else {
-			self::initLocalStorageRootFS();
-		}
-
-		/** @var \OCP\Files\Config\IMountProviderCollection $mountProviderCollection */
-		$mountProviderCollection = \OC::$server->query(\OCP\Files\Config\IMountProviderCollection::class);
-		$rootMountProviders = $mountProviderCollection->getRootMounts();
-
-		/** @var \OC\Files\Mount\Manager $mountManager */
-		$mountManager = \OC\Files\Filesystem::getMountManager();
-		foreach ($rootMountProviders as $rootMountProvider) {
-			$mountManager->addMount($rootMountProvider);
-		}
-
-		if ($user != '' && !\OC::$server->getUserManager()->userExists($user)) {
-			\OC::$server->getEventLogger()->end('setup_fs');
-			return false;
-		}
-
-		//if we aren't logged in, there is no use to set up the filesystem
-		if ($user != "") {
-			$userDir = '/' . $user . '/files';
-
-			//jail the user into his "home" directory
-			\OC\Files\Filesystem::init($user, $userDir);
-
-			OC_Hook::emit('OC_Filesystem', 'setup', ['user' => $user, 'user_dir' => $userDir]);
-		}
-		\OC::$server->getEventLogger()->end('setup_fs');
-		return true;
-	}
-
-	/**
-	 * check if a password is required for each public link
-	 *
-	 * @return boolean
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function isPublicLinkPasswordRequired() {
-		/** @var IManager $shareManager */
-		$shareManager = \OC::$server->get(IManager::class);
-		return $shareManager->shareApiLinkEnforcePassword();
-	}
-
-	/**
-	 * check if sharing is disabled for the current user
-	 * @param IConfig $config
-	 * @param IGroupManager $groupManager
-	 * @param IUser|null $user
-	 * @return bool
-	 */
-	public static function isSharingDisabledForUser(IConfig $config, IGroupManager $groupManager, $user) {
-		/** @var IManager $shareManager */
-		$shareManager = \OC::$server->get(IManager::class);
-		$userId = $user ? $user->getUID() : null;
-		return $shareManager->sharingDisabledForUser($userId);
-	}
-
-	/**
-	 * check if share API enforces a default expire date
-	 *
-	 * @return boolean
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function isDefaultExpireDateEnforced() {
-		/** @var IManager $shareManager */
-		$shareManager = \OC::$server->get(IManager::class);
-		return $shareManager->shareApiLinkDefaultExpireDateEnforced();
-	}
-
-	/**
-	 * Get the quota of a user
-	 *
-	 * @param IUser|null $user
-	 * @return float Quota bytes
-	 */
-	public static function getUserQuota(?IUser $user) {
-		if (is_null($user)) {
-			return \OCP\Files\FileInfo::SPACE_UNLIMITED;
-		}
-		$userQuota = $user->getQuota();
-		if ($userQuota === 'none') {
-			return \OCP\Files\FileInfo::SPACE_UNLIMITED;
-		}
-		return OC_Helper::computerFileSize($userQuota);
-	}
-
-	/**
-	 * copies the skeleton to the users /files
-	 *
-	 * @param string $userId
-	 * @param \OCP\Files\Folder $userDirectory
-	 * @throws \OCP\Files\NotFoundException
-	 * @throws \OCP\Files\NotPermittedException
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function copySkeleton($userId, \OCP\Files\Folder $userDirectory) {
-		/** @var LoggerInterface $logger */
-		$logger = \OC::$server->get(LoggerInterface::class);
-
-		$plainSkeletonDirectory = \OC::$server->getConfig()->getSystemValue('skeletondirectory', \OC::$SERVERROOT . '/core/skeleton');
-		$userLang = \OC::$server->getL10NFactory()->findLanguage();
-		$skeletonDirectory = str_replace('{lang}', $userLang, $plainSkeletonDirectory);
-
-		if (!file_exists($skeletonDirectory)) {
-			$dialectStart = strpos($userLang, '_');
-			if ($dialectStart !== false) {
-				$skeletonDirectory = str_replace('{lang}', substr($userLang, 0, $dialectStart), $plainSkeletonDirectory);
-			}
-			if ($dialectStart === false || !file_exists($skeletonDirectory)) {
-				$skeletonDirectory = str_replace('{lang}', 'default', $plainSkeletonDirectory);
-			}
-			if (!file_exists($skeletonDirectory)) {
-				$skeletonDirectory = '';
-			}
-		}
-
-		$instanceId = \OC::$server->getConfig()->getSystemValue('instanceid', '');
-
-		if ($instanceId === null) {
-			throw new \RuntimeException('no instance id!');
-		}
-		$appdata = 'appdata_' . $instanceId;
-		if ($userId === $appdata) {
-			throw new \RuntimeException('username is reserved name: ' . $appdata);
-		}
-
-		if (!empty($skeletonDirectory)) {
-			$logger->debug('copying skeleton for '.$userId.' from '.$skeletonDirectory.' to '.$userDirectory->getFullPath('/'), ['app' => 'files_skeleton']);
-			self::copyr($skeletonDirectory, $userDirectory);
-			// update the file cache
-			$userDirectory->getStorage()->getScanner()->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE);
-
-			/** @var ITemplateManager $templateManager */
-			$templateManager = \OC::$server->get(ITemplateManager::class);
-			$templateManager->initializeTemplateDirectory(null, $userId);
-		}
-	}
-
-	/**
-	 * copies a directory recursively by using streams
-	 *
-	 * @param string $source
-	 * @param \OCP\Files\Folder $target
-	 * @return void
-	 */
-	public static function copyr($source, \OCP\Files\Folder $target) {
-		$logger = \OC::$server->getLogger();
-
-		// Verify if folder exists
-		$dir = opendir($source);
-		if ($dir === false) {
-			$logger->error(sprintf('Could not opendir "%s"', $source), ['app' => 'core']);
-			return;
-		}
-
-		// Copy the files
-		while (false !== ($file = readdir($dir))) {
-			if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
-				if (is_dir($source . '/' . $file)) {
-					$child = $target->newFolder($file);
-					self::copyr($source . '/' . $file, $child);
-				} else {
-					$child = $target->newFile($file);
-					$sourceStream = fopen($source . '/' . $file, 'r');
-					if ($sourceStream === false) {
-						$logger->error(sprintf('Could not fopen "%s"', $source . '/' . $file), ['app' => 'core']);
-						closedir($dir);
-						return;
-					}
-					stream_copy_to_stream($sourceStream, $child->fopen('w'));
-				}
-			}
-		}
-		closedir($dir);
-	}
-
-	/**
-	 * @return void
-	 * @suppress PhanUndeclaredMethod
-	 */
-	public static function tearDownFS() {
-		\OC\Files\Filesystem::tearDown();
-		\OC::$server->getRootFolder()->clearCache();
-		self::$fsSetup = false;
-		self::$rootMounted = false;
-	}
-
-	/**
-	 * get the current installed version of ownCloud
-	 *
-	 * @return array
-	 */
-	public static function getVersion() {
-		OC_Util::loadVersion();
-		return self::$versionCache['OC_Version'];
-	}
-
-	/**
-	 * get the current installed version string of ownCloud
-	 *
-	 * @return string
-	 */
-	public static function getVersionString() {
-		OC_Util::loadVersion();
-		return self::$versionCache['OC_VersionString'];
-	}
-
-	/**
-	 * @deprecated the value is of no use anymore
-	 * @return string
-	 */
-	public static function getEditionString() {
-		return '';
-	}
-
-	/**
-	 * @description get the update channel of the current installed of ownCloud.
-	 * @return string
-	 */
-	public static function getChannel() {
-		OC_Util::loadVersion();
-		return \OC::$server->getConfig()->getSystemValue('updater.release.channel', self::$versionCache['OC_Channel']);
-	}
-
-	/**
-	 * @description get the build number of the current installed of ownCloud.
-	 * @return string
-	 */
-	public static function getBuild() {
-		OC_Util::loadVersion();
-		return self::$versionCache['OC_Build'];
-	}
-
-	/**
-	 * @description load the version.php into the session as cache
-	 * @suppress PhanUndeclaredVariable
-	 */
-	private static function loadVersion() {
-		if (self::$versionCache !== null) {
-			return;
-		}
-
-		$timestamp = filemtime(OC::$SERVERROOT . '/version.php');
-		require OC::$SERVERROOT . '/version.php';
-		/** @var int $timestamp */
-		self::$versionCache['OC_Version_Timestamp'] = $timestamp;
-		/** @var string $OC_Version */
-		self::$versionCache['OC_Version'] = $OC_Version;
-		/** @var string $OC_VersionString */
-		self::$versionCache['OC_VersionString'] = $OC_VersionString;
-		/** @var string $OC_Build */
-		self::$versionCache['OC_Build'] = $OC_Build;
-
-		/** @var string $OC_Channel */
-		self::$versionCache['OC_Channel'] = $OC_Channel;
-	}
-
-	/**
-	 * generates a path for JS/CSS files. If no application is provided it will create the path for core.
-	 *
-	 * @param string $application application to get the files from
-	 * @param string $directory directory within this application (css, js, vendor, etc)
-	 * @param string $file the file inside of the above folder
-	 * @return string the path
-	 */
-	private static function generatePath($application, $directory, $file) {
-		if (is_null($file)) {
-			$file = $application;
-			$application = "";
-		}
-		if (!empty($application)) {
-			return "$application/$directory/$file";
-		} else {
-			return "$directory/$file";
-		}
-	}
-
-	/**
-	 * add a javascript file
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Script to the beginning of the list
-	 * @return void
-	 */
-	public static function addScript($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'js', $file);
-
-		// core js files need separate handling
-		if ($application !== 'core' && $file !== null) {
-			self::addTranslations($application);
-		}
-		self::addExternalResource($application, $prepend, $path, "script");
-	}
-
-	/**
-	 * add a javascript file from the vendor sub folder
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Script to the beginning of the list
-	 * @return void
-	 */
-	public static function addVendorScript($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'vendor', $file);
-		self::addExternalResource($application, $prepend, $path, "script");
-	}
-
-	/**
-	 * add a translation JS file
-	 *
-	 * @param string $application application id
-	 * @param string|null $languageCode language code, defaults to the current language
-	 * @param bool|null $prepend prepend the Script to the beginning of the list
-	 */
-	public static function addTranslations($application, $languageCode = null, $prepend = false) {
-		if (is_null($languageCode)) {
-			$languageCode = \OC::$server->getL10NFactory()->findLanguage($application);
-		}
-		if (!empty($application)) {
-			$path = "$application/l10n/$languageCode";
-		} else {
-			$path = "l10n/$languageCode";
-		}
-		self::addExternalResource($application, $prepend, $path, "script");
-	}
-
-	/**
-	 * add a css file
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Style to the beginning of the list
-	 * @return void
-	 */
-	public static function addStyle($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'css', $file);
-		self::addExternalResource($application, $prepend, $path, "style");
-	}
-
-	/**
-	 * add a css file from the vendor sub folder
-	 *
-	 * @param string $application application id
-	 * @param string|null $file filename
-	 * @param bool $prepend prepend the Style to the beginning of the list
-	 * @return void
-	 */
-	public static function addVendorStyle($application, $file = null, $prepend = false) {
-		$path = OC_Util::generatePath($application, 'vendor', $file);
-		self::addExternalResource($application, $prepend, $path, "style");
-	}
-
-	/**
-	 * add an external resource css/js file
-	 *
-	 * @param string $application application id
-	 * @param bool $prepend prepend the file to the beginning of the list
-	 * @param string $path
-	 * @param string $type (script or style)
-	 * @return void
-	 */
-	private static function addExternalResource($application, $prepend, $path, $type = "script") {
-		if ($type === "style") {
-			if (!in_array($path, self::$styles)) {
-				if ($prepend === true) {
-					array_unshift(self::$styles, $path);
-				} else {
-					self::$styles[] = $path;
-				}
-			}
-		} elseif ($type === "script") {
-			if (!in_array($path, self::$scripts)) {
-				if ($prepend === true) {
-					array_unshift(self::$scripts, $path);
-				} else {
-					self::$scripts [] = $path;
-				}
-			}
-		}
-	}
-
-	/**
-	 * Add a custom element to the header
-	 * If $text is null then the element will be written as empty element.
-	 * So use "" to get a closing tag.
-	 * @param string $tag tag name of the element
-	 * @param array $attributes array of attributes for the element
-	 * @param string $text the text content for the element
-	 * @param bool $prepend prepend the header to the beginning of the list
-	 */
-	public static function addHeader($tag, $attributes, $text = null, $prepend = false) {
-		$header = [
-			'tag' => $tag,
-			'attributes' => $attributes,
-			'text' => $text
-		];
-		if ($prepend === true) {
-			array_unshift(self::$headers, $header);
-		} else {
-			self::$headers[] = $header;
-		}
-	}
-
-	/**
-	 * check if the current server configuration is suitable for ownCloud
-	 *
-	 * @param \OC\SystemConfig $config
-	 * @return array arrays with error messages and hints
-	 */
-	public static function checkServer(\OC\SystemConfig $config) {
-		$l = \OC::$server->getL10N('lib');
-		$errors = [];
-		$CONFIG_DATADIRECTORY = $config->getValue('datadirectory', OC::$SERVERROOT . '/data');
-
-		if (!self::needUpgrade($config) && $config->getValue('installed', false)) {
-			// this check needs to be done every time
-			$errors = self::checkDataDirectoryValidity($CONFIG_DATADIRECTORY);
-		}
-
-		// Assume that if checkServer() succeeded before in this session, then all is fine.
-		if (\OC::$server->getSession()->exists('checkServer_succeeded') && \OC::$server->getSession()->get('checkServer_succeeded')) {
-			return $errors;
-		}
-
-		$webServerRestart = false;
-		$setup = new \OC\Setup(
-			$config,
-			\OC::$server->get(IniGetWrapper::class),
-			\OC::$server->getL10N('lib'),
-			\OC::$server->get(\OCP\Defaults::class),
-			\OC::$server->get(LoggerInterface::class),
-			\OC::$server->getSecureRandom(),
-			\OC::$server->get(\OC\Installer::class)
-		);
-
-		$urlGenerator = \OC::$server->getURLGenerator();
-
-		$availableDatabases = $setup->getSupportedDatabases();
-		if (empty($availableDatabases)) {
-			$errors[] = [
-				'error' => $l->t('No database drivers (sqlite, mysql, or postgresql) installed.'),
-				'hint' => '' //TODO: sane hint
-			];
-			$webServerRestart = true;
-		}
-
-		// Check if config folder is writable.
-		if (!OC_Helper::isReadOnlyConfigEnabled()) {
-			if (!is_writable(OC::$configDir) or !is_readable(OC::$configDir)) {
-				$errors[] = [
-					'error' => $l->t('Cannot write into "config" directory'),
-					'hint' => $l->t('This can usually be fixed by giving the webserver write access to the config directory. See %s',
-						[ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. '
-						. $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s',
-						[ $urlGenerator->linkToDocs('admin-config') ])
-				];
-			}
-		}
-
-		// Check if there is a writable install folder.
-		if ($config->getValue('appstoreenabled', true)) {
-			if (OC_App::getInstallPath() === null
-				|| !is_writable(OC_App::getInstallPath())
-				|| !is_readable(OC_App::getInstallPath())
-			) {
-				$errors[] = [
-					'error' => $l->t('Cannot write into "apps" directory'),
-					'hint' => $l->t('This can usually be fixed by giving the webserver write access to the apps directory'
-						. ' or disabling the App Store in the config file.')
-				];
-			}
-		}
-		// Create root dir.
-		if ($config->getValue('installed', false)) {
-			if (!is_dir($CONFIG_DATADIRECTORY)) {
-				$success = @mkdir($CONFIG_DATADIRECTORY);
-				if ($success) {
-					$errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
-				} else {
-					$errors[] = [
-						'error' => $l->t('Cannot create "data" directory'),
-						'hint' => $l->t('This can usually be fixed by giving the webserver write access to the root directory. See %s',
-							[$urlGenerator->linkToDocs('admin-dir_permissions')])
-					];
-				}
-			} elseif (!is_writable($CONFIG_DATADIRECTORY) or !is_readable($CONFIG_DATADIRECTORY)) {
-				// is_writable doesn't work for NFS mounts, so try to write a file and check if it exists.
-				$testFile = sprintf('%s/%s.tmp', $CONFIG_DATADIRECTORY, uniqid('data_dir_writability_test_'));
-				$handle = fopen($testFile, 'w');
-				if (!$handle || fwrite($handle, 'Test write operation') === false) {
-					$permissionsHint = $l->t('Permissions can usually be fixed by giving the webserver write access to the root directory. See %s.',
-						[$urlGenerator->linkToDocs('admin-dir_permissions')]);
-					$errors[] = [
-						'error' => 'Your data directory is not writable',
-						'hint' => $permissionsHint
-					];
-				} else {
-					fclose($handle);
-					unlink($testFile);
-				}
-			} else {
-				$errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
-			}
-		}
-
-		if (!OC_Util::isSetLocaleWorking()) {
-			$errors[] = [
-				'error' => $l->t('Setting locale to %s failed',
-					['en_US.UTF-8/fr_FR.UTF-8/es_ES.UTF-8/de_DE.UTF-8/ru_RU.UTF-8/'
-						. 'pt_BR.UTF-8/it_IT.UTF-8/ja_JP.UTF-8/zh_CN.UTF-8']),
-				'hint' => $l->t('Please install one of these locales on your system and restart your webserver.')
-			];
-		}
-
-		// Contains the dependencies that should be checked against
-		// classes = class_exists
-		// functions = function_exists
-		// defined = defined
-		// ini = ini_get
-		// If the dependency is not found the missing module name is shown to the EndUser
-		// When adding new checks always verify that they pass on Travis as well
-		// for ini settings, see https://github.com/owncloud/administration/blob/master/travis-ci/custom.ini
-		$dependencies = [
-			'classes' => [
-				'ZipArchive' => 'zip',
-				'DOMDocument' => 'dom',
-				'XMLWriter' => 'XMLWriter',
-				'XMLReader' => 'XMLReader',
-			],
-			'functions' => [
-				'xml_parser_create' => 'libxml',
-				'mb_strcut' => 'mbstring',
-				'ctype_digit' => 'ctype',
-				'json_encode' => 'JSON',
-				'gd_info' => 'GD',
-				'gzencode' => 'zlib',
-				'iconv' => 'iconv',
-				'simplexml_load_string' => 'SimpleXML',
-				'hash' => 'HASH Message Digest Framework',
-				'curl_init' => 'cURL',
-				'openssl_verify' => 'OpenSSL',
-			],
-			'defined' => [
-				'PDO::ATTR_DRIVER_NAME' => 'PDO'
-			],
-			'ini' => [
-				'default_charset' => 'UTF-8',
-			],
-		];
-		$missingDependencies = [];
-		$invalidIniSettings = [];
-
-		$iniWrapper = \OC::$server->get(IniGetWrapper::class);
-		foreach ($dependencies['classes'] as $class => $module) {
-			if (!class_exists($class)) {
-				$missingDependencies[] = $module;
-			}
-		}
-		foreach ($dependencies['functions'] as $function => $module) {
-			if (!function_exists($function)) {
-				$missingDependencies[] = $module;
-			}
-		}
-		foreach ($dependencies['defined'] as $defined => $module) {
-			if (!defined($defined)) {
-				$missingDependencies[] = $module;
-			}
-		}
-		foreach ($dependencies['ini'] as $setting => $expected) {
-			if (is_bool($expected)) {
-				if ($iniWrapper->getBool($setting) !== $expected) {
-					$invalidIniSettings[] = [$setting, $expected];
-				}
-			}
-			if (is_int($expected)) {
-				if ($iniWrapper->getNumeric($setting) !== $expected) {
-					$invalidIniSettings[] = [$setting, $expected];
-				}
-			}
-			if (is_string($expected)) {
-				if (strtolower($iniWrapper->getString($setting)) !== strtolower($expected)) {
-					$invalidIniSettings[] = [$setting, $expected];
-				}
-			}
-		}
-
-		foreach ($missingDependencies as $missingDependency) {
-			$errors[] = [
-				'error' => $l->t('PHP module %s not installed.', [$missingDependency]),
-				'hint' => $l->t('Please ask your server administrator to install the module.'),
-			];
-			$webServerRestart = true;
-		}
-		foreach ($invalidIniSettings as $setting) {
-			if (is_bool($setting[1])) {
-				$setting[1] = $setting[1] ? 'on' : 'off';
-			}
-			$errors[] = [
-				'error' => $l->t('PHP setting "%s" is not set to "%s".', [$setting[0], var_export($setting[1], true)]),
-				'hint' => $l->t('Adjusting this setting in php.ini will make Nextcloud run again')
-			];
-			$webServerRestart = true;
-		}
-
-		/**
-		 * The mbstring.func_overload check can only be performed if the mbstring
-		 * module is installed as it will return null if the checking setting is
-		 * not available and thus a check on the boolean value fails.
-		 *
-		 * TODO: Should probably be implemented in the above generic dependency
-		 *       check somehow in the long-term.
-		 */
-		if ($iniWrapper->getBool('mbstring.func_overload') !== null &&
-			$iniWrapper->getBool('mbstring.func_overload') === true) {
-			$errors[] = [
-				'error' => $l->t('mbstring.func_overload is set to "%s" instead of the expected value "0"', [$iniWrapper->getString('mbstring.func_overload')]),
-				'hint' => $l->t('To fix this issue set <code>mbstring.func_overload</code> to <code>0</code> in your php.ini')
-			];
-		}
-
-		if (function_exists('xml_parser_create') &&
-			LIBXML_LOADED_VERSION < 20700) {
-			$version = LIBXML_LOADED_VERSION;
-			$major = floor($version / 10000);
-			$version -= ($major * 10000);
-			$minor = floor($version / 100);
-			$version -= ($minor * 100);
-			$patch = $version;
-			$errors[] = [
-				'error' => $l->t('libxml2 2.7.0 is at least required. Currently %s is installed.', [$major . '.' . $minor . '.' . $patch]),
-				'hint' => $l->t('To fix this issue update your libxml2 version and restart your web server.')
-			];
-		}
-
-		if (!self::isAnnotationsWorking()) {
-			$errors[] = [
-				'error' => $l->t('PHP is apparently set up to strip inline doc blocks. This will make several core apps inaccessible.'),
-				'hint' => $l->t('This is probably caused by a cache/accelerator such as Zend OPcache or eAccelerator.')
-			];
-		}
-
-		if (!\OC::$CLI && $webServerRestart) {
-			$errors[] = [
-				'error' => $l->t('PHP modules have been installed, but they are still listed as missing?'),
-				'hint' => $l->t('Please ask your server administrator to restart the web server.')
-			];
-		}
-
-		$errors = array_merge($errors, self::checkDatabaseVersion());
-
-		// Cache the result of this function
-		\OC::$server->getSession()->set('checkServer_succeeded', count($errors) == 0);
-
-		return $errors;
-	}
-
-	/**
-	 * Check the database version
-	 *
-	 * @return array errors array
-	 */
-	public static function checkDatabaseVersion() {
-		$l = \OC::$server->getL10N('lib');
-		$errors = [];
-		$dbType = \OC::$server->getSystemConfig()->getValue('dbtype', 'sqlite');
-		if ($dbType === 'pgsql') {
-			// check PostgreSQL version
-			try {
-				$result = \OC_DB::executeAudited('SHOW SERVER_VERSION');
-				$data = $result->fetchRow();
-				$result->closeCursor();
-				if (isset($data['server_version'])) {
-					$version = $data['server_version'];
-					if (version_compare($version, '9.0.0', '<')) {
-						$errors[] = [
-							'error' => $l->t('PostgreSQL >= 9 required'),
-							'hint' => $l->t('Please upgrade your database version')
-						];
-					}
-				}
-			} catch (\Doctrine\DBAL\Exception $e) {
-				$logger = \OC::$server->getLogger();
-				$logger->warning('Error occurred while checking PostgreSQL version, assuming >= 9');
-				$logger->logException($e);
-			}
-		}
-		return $errors;
-	}
-
-	/**
-	 * Check for correct file permissions of data directory
-	 *
-	 * @param string $dataDirectory
-	 * @return array arrays with error messages and hints
-	 */
-	public static function checkDataDirectoryPermissions($dataDirectory) {
-		if (\OC::$server->getConfig()->getSystemValue('check_data_directory_permissions', true) === false) {
-			return  [];
-		}
-
-		$perms = substr(decoct(@fileperms($dataDirectory)), -3);
-		if (substr($perms, -1) !== '0') {
-			chmod($dataDirectory, 0770);
-			clearstatcache();
-			$perms = substr(decoct(@fileperms($dataDirectory)), -3);
-			if ($perms[2] !== '0') {
-				$l = \OC::$server->getL10N('lib');
-				return [[
-					'error' => $l->t('Your data directory is readable by other users'),
-					'hint' => $l->t('Please change the permissions to 0770 so that the directory cannot be listed by other users.'),
-				]];
-			}
-		}
-		return [];
-	}
-
-	/**
-	 * Check that the data directory exists and is valid by
-	 * checking the existence of the ".ocdata" file.
-	 *
-	 * @param string $dataDirectory data directory path
-	 * @return array errors found
-	 */
-	public static function checkDataDirectoryValidity($dataDirectory) {
-		$l = \OC::$server->getL10N('lib');
-		$errors = [];
-		if ($dataDirectory[0] !== '/') {
-			$errors[] = [
-				'error' => $l->t('Your data directory must be an absolute path'),
-				'hint' => $l->t('Check the value of "datadirectory" in your configuration')
-			];
-		}
-		if (!file_exists($dataDirectory . '/.ocdata')) {
-			$errors[] = [
-				'error' => $l->t('Your data directory is invalid'),
-				'hint' => $l->t('Ensure there is a file called ".ocdata"' .
-					' in the root of the data directory.')
-			];
-		}
-		return $errors;
-	}
-
-	/**
-	 * Check if the user is logged in, redirects to home if not. With
-	 * redirect URL parameter to the request URI.
-	 *
-	 * @return void
-	 */
-	public static function checkLoggedIn() {
-		// Check if we are a user
-		if (!\OC::$server->getUserSession()->isLoggedIn()) {
-			header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute(
-						'core.login.showLoginForm',
-						[
-							'redirect_url' => \OC::$server->getRequest()->getRequestUri(),
-						]
-					)
-			);
-			exit();
-		}
-		// Redirect to 2FA challenge selection if 2FA challenge was not solved yet
-		if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
-			header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
-			exit();
-		}
-	}
-
-	/**
-	 * Check if the user is a admin, redirects to home if not
-	 *
-	 * @return void
-	 */
-	public static function checkAdminUser() {
-		OC_Util::checkLoggedIn();
-		if (!OC_User::isAdminUser(OC_User::getUser())) {
-			header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
-			exit();
-		}
-	}
-
-	/**
-	 * Returns the URL of the default page
-	 * based on the system configuration and
-	 * the apps visible for the current user
-	 *
-	 * @return string URL
-	 * @suppress PhanDeprecatedFunction
-	 */
-	public static function getDefaultPageUrl() {
-		/** @var IConfig $config */
-		$config = \OC::$server->get(IConfig::class);
-		$urlGenerator = \OC::$server->getURLGenerator();
-		// Deny the redirect if the URL contains a @
-		// This prevents unvalidated redirects like ?redirect_url=:[email protected]
-		if (isset($_REQUEST['redirect_url']) && strpos($_REQUEST['redirect_url'], '@') === false) {
-			$location = $urlGenerator->getAbsoluteURL(urldecode($_REQUEST['redirect_url']));
-		} else {
-			$defaultPage = \OC::$server->getConfig()->getAppValue('core', 'defaultpage');
-			if ($defaultPage) {
-				$location = $urlGenerator->getAbsoluteURL($defaultPage);
-			} else {
-				$appId = 'files';
-				$defaultApps = explode(',', $config->getSystemValue('defaultapp', 'dashboard,files'));
-
-				/** @var IUserSession $userSession */
-				$userSession = \OC::$server->get(IUserSession::class);
-				$user = $userSession->getUser();
-				if ($user) {
-					$userDefaultApps = explode(',', $config->getUserValue($user->getUID(), 'core', 'defaultapp'));
-					$defaultApps = array_filter(array_merge($userDefaultApps, $defaultApps));
-				}
-
-				// find the first app that is enabled for the current user
-				foreach ($defaultApps as $defaultApp) {
-					$defaultApp = OC_App::cleanAppId(strip_tags($defaultApp));
-					if (static::getAppManager()->isEnabledForUser($defaultApp)) {
-						$appId = $defaultApp;
-						break;
-					}
-				}
-
-				if ($config->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true') {
-					$location = $urlGenerator->getAbsoluteURL('/apps/' . $appId . '/');
-				} else {
-					$location = $urlGenerator->getAbsoluteURL('/index.php/apps/' . $appId . '/');
-				}
-			}
-		}
-		return $location;
-	}
-
-	/**
-	 * Redirect to the user default page
-	 *
-	 * @return void
-	 */
-	public static function redirectToDefaultPage() {
-		$location = self::getDefaultPageUrl();
-		header('Location: ' . $location);
-		exit();
-	}
-
-	/**
-	 * get an id unique for this instance
-	 *
-	 * @return string
-	 */
-	public static function getInstanceId() {
-		$id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
-		if (is_null($id)) {
-			// We need to guarantee at least one letter in instanceid so it can be used as the session_name
-			$id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
-			\OC::$server->getSystemConfig()->setValue('instanceid', $id);
-		}
-		return $id;
-	}
-
-	/**
-	 * Public function to sanitize HTML
-	 *
-	 * This function is used to sanitize HTML and should be applied on any
-	 * string or array of strings before displaying it on a web page.
-	 *
-	 * @param string|array $value
-	 * @return string|array an array of sanitized strings or a single sanitized string, depends on the input parameter.
-	 */
-	public static function sanitizeHTML($value) {
-		if (is_array($value)) {
-			$value = array_map(function ($value) {
-				return self::sanitizeHTML($value);
-			}, $value);
-		} else {
-			// Specify encoding for PHP<5.4
-			$value = htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
-		}
-		return $value;
-	}
-
-	/**
-	 * Public function to encode url parameters
-	 *
-	 * This function is used to encode path to file before output.
-	 * Encoding is done according to RFC 3986 with one exception:
-	 * Character '/' is preserved as is.
-	 *
-	 * @param string $component part of URI to encode
-	 * @return string
-	 */
-	public static function encodePath($component) {
-		$encoded = rawurlencode($component);
-		$encoded = str_replace('%2F', '/', $encoded);
-		return $encoded;
-	}
-
-
-	public function createHtaccessTestFile(\OCP\IConfig $config) {
-		// php dev server does not support htaccess
-		if (php_sapi_name() === 'cli-server') {
-			return false;
-		}
-
-		// testdata
-		$fileName = '/htaccesstest.txt';
-		$testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.';
-
-		// creating a test file
-		$testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
-
-		if (file_exists($testFile)) {// already running this test, possible recursive call
-			return false;
-		}
-
-		$fp = @fopen($testFile, 'w');
-		if (!$fp) {
-			throw new \OCP\HintException('Can\'t create test file to check for working .htaccess file.',
-				'Make sure it is possible for the webserver to write to ' . $testFile);
-		}
-		fwrite($fp, $testContent);
-		fclose($fp);
-
-		return $testContent;
-	}
-
-	/**
-	 * Check if the .htaccess file is working
-	 *
-	 * @param \OCP\IConfig $config
-	 * @return bool
-	 * @throws Exception
-	 * @throws \OCP\HintException If the test file can't get written.
-	 */
-	public function isHtaccessWorking(\OCP\IConfig $config) {
-		if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) {
-			return true;
-		}
-
-		$testContent = $this->createHtaccessTestFile($config);
-		if ($testContent === false) {
-			return false;
-		}
-
-		$fileName = '/htaccesstest.txt';
-		$testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
-
-		// accessing the file via http
-		$url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName);
-		try {
-			$content = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
-		} catch (\Exception $e) {
-			$content = false;
-		}
-
-		if (strpos($url, 'https:') === 0) {
-			$url = 'http:' . substr($url, 6);
-		} else {
-			$url = 'https:' . substr($url, 5);
-		}
-
-		try {
-			$fallbackContent = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
-		} catch (\Exception $e) {
-			$fallbackContent = false;
-		}
-
-		// cleanup
-		@unlink($testFile);
-
-		/*
+            if ($mount->getOption('readonly', false)) {
+                return new \OC\Files\Storage\Wrapper\PermissionsMask([
+                    'storage' => $storage,
+                    'mask' => \OCP\Constants::PERMISSION_ALL & ~(
+                        \OCP\Constants::PERMISSION_UPDATE |
+                        \OCP\Constants::PERMISSION_CREATE |
+                        \OCP\Constants::PERMISSION_DELETE
+                    ),
+                ]);
+            }
+            return $storage;
+        });
+
+        OC_Hook::emit('OC_Filesystem', 'preSetup', ['user' => $user]);
+
+        \OC\Files\Filesystem::logWarningWhenAddingStorageWrapper($prevLogging);
+
+        //check if we are using an object storage
+        $objectStore = \OC::$server->getSystemConfig()->getValue('objectstore', null);
+        $objectStoreMultibucket = \OC::$server->getSystemConfig()->getValue('objectstore_multibucket', null);
+
+        // use the same order as in ObjectHomeMountProvider
+        if (isset($objectStoreMultibucket)) {
+            self::initObjectStoreMultibucketRootFS($objectStoreMultibucket);
+        } elseif (isset($objectStore)) {
+            self::initObjectStoreRootFS($objectStore);
+        } else {
+            self::initLocalStorageRootFS();
+        }
+
+        /** @var \OCP\Files\Config\IMountProviderCollection $mountProviderCollection */
+        $mountProviderCollection = \OC::$server->query(\OCP\Files\Config\IMountProviderCollection::class);
+        $rootMountProviders = $mountProviderCollection->getRootMounts();
+
+        /** @var \OC\Files\Mount\Manager $mountManager */
+        $mountManager = \OC\Files\Filesystem::getMountManager();
+        foreach ($rootMountProviders as $rootMountProvider) {
+            $mountManager->addMount($rootMountProvider);
+        }
+
+        if ($user != '' && !\OC::$server->getUserManager()->userExists($user)) {
+            \OC::$server->getEventLogger()->end('setup_fs');
+            return false;
+        }
+
+        //if we aren't logged in, there is no use to set up the filesystem
+        if ($user != "") {
+            $userDir = '/' . $user . '/files';
+
+            //jail the user into his "home" directory
+            \OC\Files\Filesystem::init($user, $userDir);
+
+            OC_Hook::emit('OC_Filesystem', 'setup', ['user' => $user, 'user_dir' => $userDir]);
+        }
+        \OC::$server->getEventLogger()->end('setup_fs');
+        return true;
+    }
+
+    /**
+     * check if a password is required for each public link
+     *
+     * @return boolean
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function isPublicLinkPasswordRequired() {
+        /** @var IManager $shareManager */
+        $shareManager = \OC::$server->get(IManager::class);
+        return $shareManager->shareApiLinkEnforcePassword();
+    }
+
+    /**
+     * check if sharing is disabled for the current user
+     * @param IConfig $config
+     * @param IGroupManager $groupManager
+     * @param IUser|null $user
+     * @return bool
+     */
+    public static function isSharingDisabledForUser(IConfig $config, IGroupManager $groupManager, $user) {
+        /** @var IManager $shareManager */
+        $shareManager = \OC::$server->get(IManager::class);
+        $userId = $user ? $user->getUID() : null;
+        return $shareManager->sharingDisabledForUser($userId);
+    }
+
+    /**
+     * check if share API enforces a default expire date
+     *
+     * @return boolean
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function isDefaultExpireDateEnforced() {
+        /** @var IManager $shareManager */
+        $shareManager = \OC::$server->get(IManager::class);
+        return $shareManager->shareApiLinkDefaultExpireDateEnforced();
+    }
+
+    /**
+     * Get the quota of a user
+     *
+     * @param IUser|null $user
+     * @return float Quota bytes
+     */
+    public static function getUserQuota(?IUser $user) {
+        if (is_null($user)) {
+            return \OCP\Files\FileInfo::SPACE_UNLIMITED;
+        }
+        $userQuota = $user->getQuota();
+        if ($userQuota === 'none') {
+            return \OCP\Files\FileInfo::SPACE_UNLIMITED;
+        }
+        return OC_Helper::computerFileSize($userQuota);
+    }
+
+    /**
+     * copies the skeleton to the users /files
+     *
+     * @param string $userId
+     * @param \OCP\Files\Folder $userDirectory
+     * @throws \OCP\Files\NotFoundException
+     * @throws \OCP\Files\NotPermittedException
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function copySkeleton($userId, \OCP\Files\Folder $userDirectory) {
+        /** @var LoggerInterface $logger */
+        $logger = \OC::$server->get(LoggerInterface::class);
+
+        $plainSkeletonDirectory = \OC::$server->getConfig()->getSystemValue('skeletondirectory', \OC::$SERVERROOT . '/core/skeleton');
+        $userLang = \OC::$server->getL10NFactory()->findLanguage();
+        $skeletonDirectory = str_replace('{lang}', $userLang, $plainSkeletonDirectory);
+
+        if (!file_exists($skeletonDirectory)) {
+            $dialectStart = strpos($userLang, '_');
+            if ($dialectStart !== false) {
+                $skeletonDirectory = str_replace('{lang}', substr($userLang, 0, $dialectStart), $plainSkeletonDirectory);
+            }
+            if ($dialectStart === false || !file_exists($skeletonDirectory)) {
+                $skeletonDirectory = str_replace('{lang}', 'default', $plainSkeletonDirectory);
+            }
+            if (!file_exists($skeletonDirectory)) {
+                $skeletonDirectory = '';
+            }
+        }
+
+        $instanceId = \OC::$server->getConfig()->getSystemValue('instanceid', '');
+
+        if ($instanceId === null) {
+            throw new \RuntimeException('no instance id!');
+        }
+        $appdata = 'appdata_' . $instanceId;
+        if ($userId === $appdata) {
+            throw new \RuntimeException('username is reserved name: ' . $appdata);
+        }
+
+        if (!empty($skeletonDirectory)) {
+            $logger->debug('copying skeleton for '.$userId.' from '.$skeletonDirectory.' to '.$userDirectory->getFullPath('/'), ['app' => 'files_skeleton']);
+            self::copyr($skeletonDirectory, $userDirectory);
+            // update the file cache
+            $userDirectory->getStorage()->getScanner()->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE);
+
+            /** @var ITemplateManager $templateManager */
+            $templateManager = \OC::$server->get(ITemplateManager::class);
+            $templateManager->initializeTemplateDirectory(null, $userId);
+        }
+    }
+
+    /**
+     * copies a directory recursively by using streams
+     *
+     * @param string $source
+     * @param \OCP\Files\Folder $target
+     * @return void
+     */
+    public static function copyr($source, \OCP\Files\Folder $target) {
+        $logger = \OC::$server->getLogger();
+
+        // Verify if folder exists
+        $dir = opendir($source);
+        if ($dir === false) {
+            $logger->error(sprintf('Could not opendir "%s"', $source), ['app' => 'core']);
+            return;
+        }
+
+        // Copy the files
+        while (false !== ($file = readdir($dir))) {
+            if (!\OC\Files\Filesystem::isIgnoredDir($file)) {
+                if (is_dir($source . '/' . $file)) {
+                    $child = $target->newFolder($file);
+                    self::copyr($source . '/' . $file, $child);
+                } else {
+                    $child = $target->newFile($file);
+                    $sourceStream = fopen($source . '/' . $file, 'r');
+                    if ($sourceStream === false) {
+                        $logger->error(sprintf('Could not fopen "%s"', $source . '/' . $file), ['app' => 'core']);
+                        closedir($dir);
+                        return;
+                    }
+                    stream_copy_to_stream($sourceStream, $child->fopen('w'));
+                }
+            }
+        }
+        closedir($dir);
+    }
+
+    /**
+     * @return void
+     * @suppress PhanUndeclaredMethod
+     */
+    public static function tearDownFS() {
+        \OC\Files\Filesystem::tearDown();
+        \OC::$server->getRootFolder()->clearCache();
+        self::$fsSetup = false;
+        self::$rootMounted = false;
+    }
+
+    /**
+     * get the current installed version of ownCloud
+     *
+     * @return array
+     */
+    public static function getVersion() {
+        OC_Util::loadVersion();
+        return self::$versionCache['OC_Version'];
+    }
+
+    /**
+     * get the current installed version string of ownCloud
+     *
+     * @return string
+     */
+    public static function getVersionString() {
+        OC_Util::loadVersion();
+        return self::$versionCache['OC_VersionString'];
+    }
+
+    /**
+     * @deprecated the value is of no use anymore
+     * @return string
+     */
+    public static function getEditionString() {
+        return '';
+    }
+
+    /**
+     * @description get the update channel of the current installed of ownCloud.
+     * @return string
+     */
+    public static function getChannel() {
+        OC_Util::loadVersion();
+        return \OC::$server->getConfig()->getSystemValue('updater.release.channel', self::$versionCache['OC_Channel']);
+    }
+
+    /**
+     * @description get the build number of the current installed of ownCloud.
+     * @return string
+     */
+    public static function getBuild() {
+        OC_Util::loadVersion();
+        return self::$versionCache['OC_Build'];
+    }
+
+    /**
+     * @description load the version.php into the session as cache
+     * @suppress PhanUndeclaredVariable
+     */
+    private static function loadVersion() {
+        if (self::$versionCache !== null) {
+            return;
+        }
+
+        $timestamp = filemtime(OC::$SERVERROOT . '/version.php');
+        require OC::$SERVERROOT . '/version.php';
+        /** @var int $timestamp */
+        self::$versionCache['OC_Version_Timestamp'] = $timestamp;
+        /** @var string $OC_Version */
+        self::$versionCache['OC_Version'] = $OC_Version;
+        /** @var string $OC_VersionString */
+        self::$versionCache['OC_VersionString'] = $OC_VersionString;
+        /** @var string $OC_Build */
+        self::$versionCache['OC_Build'] = $OC_Build;
+
+        /** @var string $OC_Channel */
+        self::$versionCache['OC_Channel'] = $OC_Channel;
+    }
+
+    /**
+     * generates a path for JS/CSS files. If no application is provided it will create the path for core.
+     *
+     * @param string $application application to get the files from
+     * @param string $directory directory within this application (css, js, vendor, etc)
+     * @param string $file the file inside of the above folder
+     * @return string the path
+     */
+    private static function generatePath($application, $directory, $file) {
+        if (is_null($file)) {
+            $file = $application;
+            $application = "";
+        }
+        if (!empty($application)) {
+            return "$application/$directory/$file";
+        } else {
+            return "$directory/$file";
+        }
+    }
+
+    /**
+     * add a javascript file
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Script to the beginning of the list
+     * @return void
+     */
+    public static function addScript($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'js', $file);
+
+        // core js files need separate handling
+        if ($application !== 'core' && $file !== null) {
+            self::addTranslations($application);
+        }
+        self::addExternalResource($application, $prepend, $path, "script");
+    }
+
+    /**
+     * add a javascript file from the vendor sub folder
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Script to the beginning of the list
+     * @return void
+     */
+    public static function addVendorScript($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'vendor', $file);
+        self::addExternalResource($application, $prepend, $path, "script");
+    }
+
+    /**
+     * add a translation JS file
+     *
+     * @param string $application application id
+     * @param string|null $languageCode language code, defaults to the current language
+     * @param bool|null $prepend prepend the Script to the beginning of the list
+     */
+    public static function addTranslations($application, $languageCode = null, $prepend = false) {
+        if (is_null($languageCode)) {
+            $languageCode = \OC::$server->getL10NFactory()->findLanguage($application);
+        }
+        if (!empty($application)) {
+            $path = "$application/l10n/$languageCode";
+        } else {
+            $path = "l10n/$languageCode";
+        }
+        self::addExternalResource($application, $prepend, $path, "script");
+    }
+
+    /**
+     * add a css file
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Style to the beginning of the list
+     * @return void
+     */
+    public static function addStyle($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'css', $file);
+        self::addExternalResource($application, $prepend, $path, "style");
+    }
+
+    /**
+     * add a css file from the vendor sub folder
+     *
+     * @param string $application application id
+     * @param string|null $file filename
+     * @param bool $prepend prepend the Style to the beginning of the list
+     * @return void
+     */
+    public static function addVendorStyle($application, $file = null, $prepend = false) {
+        $path = OC_Util::generatePath($application, 'vendor', $file);
+        self::addExternalResource($application, $prepend, $path, "style");
+    }
+
+    /**
+     * add an external resource css/js file
+     *
+     * @param string $application application id
+     * @param bool $prepend prepend the file to the beginning of the list
+     * @param string $path
+     * @param string $type (script or style)
+     * @return void
+     */
+    private static function addExternalResource($application, $prepend, $path, $type = "script") {
+        if ($type === "style") {
+            if (!in_array($path, self::$styles)) {
+                if ($prepend === true) {
+                    array_unshift(self::$styles, $path);
+                } else {
+                    self::$styles[] = $path;
+                }
+            }
+        } elseif ($type === "script") {
+            if (!in_array($path, self::$scripts)) {
+                if ($prepend === true) {
+                    array_unshift(self::$scripts, $path);
+                } else {
+                    self::$scripts [] = $path;
+                }
+            }
+        }
+    }
+
+    /**
+     * Add a custom element to the header
+     * If $text is null then the element will be written as empty element.
+     * So use "" to get a closing tag.
+     * @param string $tag tag name of the element
+     * @param array $attributes array of attributes for the element
+     * @param string $text the text content for the element
+     * @param bool $prepend prepend the header to the beginning of the list
+     */
+    public static function addHeader($tag, $attributes, $text = null, $prepend = false) {
+        $header = [
+            'tag' => $tag,
+            'attributes' => $attributes,
+            'text' => $text
+        ];
+        if ($prepend === true) {
+            array_unshift(self::$headers, $header);
+        } else {
+            self::$headers[] = $header;
+        }
+    }
+
+    /**
+     * check if the current server configuration is suitable for ownCloud
+     *
+     * @param \OC\SystemConfig $config
+     * @return array arrays with error messages and hints
+     */
+    public static function checkServer(\OC\SystemConfig $config) {
+        $l = \OC::$server->getL10N('lib');
+        $errors = [];
+        $CONFIG_DATADIRECTORY = $config->getValue('datadirectory', OC::$SERVERROOT . '/data');
+
+        if (!self::needUpgrade($config) && $config->getValue('installed', false)) {
+            // this check needs to be done every time
+            $errors = self::checkDataDirectoryValidity($CONFIG_DATADIRECTORY);
+        }
+
+        // Assume that if checkServer() succeeded before in this session, then all is fine.
+        if (\OC::$server->getSession()->exists('checkServer_succeeded') && \OC::$server->getSession()->get('checkServer_succeeded')) {
+            return $errors;
+        }
+
+        $webServerRestart = false;
+        $setup = new \OC\Setup(
+            $config,
+            \OC::$server->get(IniGetWrapper::class),
+            \OC::$server->getL10N('lib'),
+            \OC::$server->get(\OCP\Defaults::class),
+            \OC::$server->get(LoggerInterface::class),
+            \OC::$server->getSecureRandom(),
+            \OC::$server->get(\OC\Installer::class)
+        );
+
+        $urlGenerator = \OC::$server->getURLGenerator();
+
+        $availableDatabases = $setup->getSupportedDatabases();
+        if (empty($availableDatabases)) {
+            $errors[] = [
+                'error' => $l->t('No database drivers (sqlite, mysql, or postgresql) installed.'),
+                'hint' => '' //TODO: sane hint
+            ];
+            $webServerRestart = true;
+        }
+
+        // Check if config folder is writable.
+        if (!OC_Helper::isReadOnlyConfigEnabled()) {
+            if (!is_writable(OC::$configDir) or !is_readable(OC::$configDir)) {
+                $errors[] = [
+                    'error' => $l->t('Cannot write into "config" directory'),
+                    'hint' => $l->t('This can usually be fixed by giving the webserver write access to the config directory. See %s',
+                        [ $urlGenerator->linkToDocs('admin-dir_permissions') ]) . '. '
+                        . $l->t('Or, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it. See %s',
+                        [ $urlGenerator->linkToDocs('admin-config') ])
+                ];
+            }
+        }
+
+        // Check if there is a writable install folder.
+        if ($config->getValue('appstoreenabled', true)) {
+            if (OC_App::getInstallPath() === null
+                || !is_writable(OC_App::getInstallPath())
+                || !is_readable(OC_App::getInstallPath())
+            ) {
+                $errors[] = [
+                    'error' => $l->t('Cannot write into "apps" directory'),
+                    'hint' => $l->t('This can usually be fixed by giving the webserver write access to the apps directory'
+                        . ' or disabling the App Store in the config file.')
+                ];
+            }
+        }
+        // Create root dir.
+        if ($config->getValue('installed', false)) {
+            if (!is_dir($CONFIG_DATADIRECTORY)) {
+                $success = @mkdir($CONFIG_DATADIRECTORY);
+                if ($success) {
+                    $errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
+                } else {
+                    $errors[] = [
+                        'error' => $l->t('Cannot create "data" directory'),
+                        'hint' => $l->t('This can usually be fixed by giving the webserver write access to the root directory. See %s',
+                            [$urlGenerator->linkToDocs('admin-dir_permissions')])
+                    ];
+                }
+            } elseif (!is_writable($CONFIG_DATADIRECTORY) or !is_readable($CONFIG_DATADIRECTORY)) {
+                // is_writable doesn't work for NFS mounts, so try to write a file and check if it exists.
+                $testFile = sprintf('%s/%s.tmp', $CONFIG_DATADIRECTORY, uniqid('data_dir_writability_test_'));
+                $handle = fopen($testFile, 'w');
+                if (!$handle || fwrite($handle, 'Test write operation') === false) {
+                    $permissionsHint = $l->t('Permissions can usually be fixed by giving the webserver write access to the root directory. See %s.',
+                        [$urlGenerator->linkToDocs('admin-dir_permissions')]);
+                    $errors[] = [
+                        'error' => 'Your data directory is not writable',
+                        'hint' => $permissionsHint
+                    ];
+                } else {
+                    fclose($handle);
+                    unlink($testFile);
+                }
+            } else {
+                $errors = array_merge($errors, self::checkDataDirectoryPermissions($CONFIG_DATADIRECTORY));
+            }
+        }
+
+        if (!OC_Util::isSetLocaleWorking()) {
+            $errors[] = [
+                'error' => $l->t('Setting locale to %s failed',
+                    ['en_US.UTF-8/fr_FR.UTF-8/es_ES.UTF-8/de_DE.UTF-8/ru_RU.UTF-8/'
+                        . 'pt_BR.UTF-8/it_IT.UTF-8/ja_JP.UTF-8/zh_CN.UTF-8']),
+                'hint' => $l->t('Please install one of these locales on your system and restart your webserver.')
+            ];
+        }
+
+        // Contains the dependencies that should be checked against
+        // classes = class_exists
+        // functions = function_exists
+        // defined = defined
+        // ini = ini_get
+        // If the dependency is not found the missing module name is shown to the EndUser
+        // When adding new checks always verify that they pass on Travis as well
+        // for ini settings, see https://github.com/owncloud/administration/blob/master/travis-ci/custom.ini
+        $dependencies = [
+            'classes' => [
+                'ZipArchive' => 'zip',
+                'DOMDocument' => 'dom',
+                'XMLWriter' => 'XMLWriter',
+                'XMLReader' => 'XMLReader',
+            ],
+            'functions' => [
+                'xml_parser_create' => 'libxml',
+                'mb_strcut' => 'mbstring',
+                'ctype_digit' => 'ctype',
+                'json_encode' => 'JSON',
+                'gd_info' => 'GD',
+                'gzencode' => 'zlib',
+                'iconv' => 'iconv',
+                'simplexml_load_string' => 'SimpleXML',
+                'hash' => 'HASH Message Digest Framework',
+                'curl_init' => 'cURL',
+                'openssl_verify' => 'OpenSSL',
+            ],
+            'defined' => [
+                'PDO::ATTR_DRIVER_NAME' => 'PDO'
+            ],
+            'ini' => [
+                'default_charset' => 'UTF-8',
+            ],
+        ];
+        $missingDependencies = [];
+        $invalidIniSettings = [];
+
+        $iniWrapper = \OC::$server->get(IniGetWrapper::class);
+        foreach ($dependencies['classes'] as $class => $module) {
+            if (!class_exists($class)) {
+                $missingDependencies[] = $module;
+            }
+        }
+        foreach ($dependencies['functions'] as $function => $module) {
+            if (!function_exists($function)) {
+                $missingDependencies[] = $module;
+            }
+        }
+        foreach ($dependencies['defined'] as $defined => $module) {
+            if (!defined($defined)) {
+                $missingDependencies[] = $module;
+            }
+        }
+        foreach ($dependencies['ini'] as $setting => $expected) {
+            if (is_bool($expected)) {
+                if ($iniWrapper->getBool($setting) !== $expected) {
+                    $invalidIniSettings[] = [$setting, $expected];
+                }
+            }
+            if (is_int($expected)) {
+                if ($iniWrapper->getNumeric($setting) !== $expected) {
+                    $invalidIniSettings[] = [$setting, $expected];
+                }
+            }
+            if (is_string($expected)) {
+                if (strtolower($iniWrapper->getString($setting)) !== strtolower($expected)) {
+                    $invalidIniSettings[] = [$setting, $expected];
+                }
+            }
+        }
+
+        foreach ($missingDependencies as $missingDependency) {
+            $errors[] = [
+                'error' => $l->t('PHP module %s not installed.', [$missingDependency]),
+                'hint' => $l->t('Please ask your server administrator to install the module.'),
+            ];
+            $webServerRestart = true;
+        }
+        foreach ($invalidIniSettings as $setting) {
+            if (is_bool($setting[1])) {
+                $setting[1] = $setting[1] ? 'on' : 'off';
+            }
+            $errors[] = [
+                'error' => $l->t('PHP setting "%s" is not set to "%s".', [$setting[0], var_export($setting[1], true)]),
+                'hint' => $l->t('Adjusting this setting in php.ini will make Nextcloud run again')
+            ];
+            $webServerRestart = true;
+        }
+
+        /**
+         * The mbstring.func_overload check can only be performed if the mbstring
+         * module is installed as it will return null if the checking setting is
+         * not available and thus a check on the boolean value fails.
+         *
+         * TODO: Should probably be implemented in the above generic dependency
+         *       check somehow in the long-term.
+         */
+        if ($iniWrapper->getBool('mbstring.func_overload') !== null &&
+            $iniWrapper->getBool('mbstring.func_overload') === true) {
+            $errors[] = [
+                'error' => $l->t('mbstring.func_overload is set to "%s" instead of the expected value "0"', [$iniWrapper->getString('mbstring.func_overload')]),
+                'hint' => $l->t('To fix this issue set <code>mbstring.func_overload</code> to <code>0</code> in your php.ini')
+            ];
+        }
+
+        if (function_exists('xml_parser_create') &&
+            LIBXML_LOADED_VERSION < 20700) {
+            $version = LIBXML_LOADED_VERSION;
+            $major = floor($version / 10000);
+            $version -= ($major * 10000);
+            $minor = floor($version / 100);
+            $version -= ($minor * 100);
+            $patch = $version;
+            $errors[] = [
+                'error' => $l->t('libxml2 2.7.0 is at least required. Currently %s is installed.', [$major . '.' . $minor . '.' . $patch]),
+                'hint' => $l->t('To fix this issue update your libxml2 version and restart your web server.')
+            ];
+        }
+
+        if (!self::isAnnotationsWorking()) {
+            $errors[] = [
+                'error' => $l->t('PHP is apparently set up to strip inline doc blocks. This will make several core apps inaccessible.'),
+                'hint' => $l->t('This is probably caused by a cache/accelerator such as Zend OPcache or eAccelerator.')
+            ];
+        }
+
+        if (!\OC::$CLI && $webServerRestart) {
+            $errors[] = [
+                'error' => $l->t('PHP modules have been installed, but they are still listed as missing?'),
+                'hint' => $l->t('Please ask your server administrator to restart the web server.')
+            ];
+        }
+
+        $errors = array_merge($errors, self::checkDatabaseVersion());
+
+        // Cache the result of this function
+        \OC::$server->getSession()->set('checkServer_succeeded', count($errors) == 0);
+
+        return $errors;
+    }
+
+    /**
+     * Check the database version
+     *
+     * @return array errors array
+     */
+    public static function checkDatabaseVersion() {
+        $l = \OC::$server->getL10N('lib');
+        $errors = [];
+        $dbType = \OC::$server->getSystemConfig()->getValue('dbtype', 'sqlite');
+        if ($dbType === 'pgsql') {
+            // check PostgreSQL version
+            try {
+                $result = \OC_DB::executeAudited('SHOW SERVER_VERSION');
+                $data = $result->fetchRow();
+                $result->closeCursor();
+                if (isset($data['server_version'])) {
+                    $version = $data['server_version'];
+                    if (version_compare($version, '9.0.0', '<')) {
+                        $errors[] = [
+                            'error' => $l->t('PostgreSQL >= 9 required'),
+                            'hint' => $l->t('Please upgrade your database version')
+                        ];
+                    }
+                }
+            } catch (\Doctrine\DBAL\Exception $e) {
+                $logger = \OC::$server->getLogger();
+                $logger->warning('Error occurred while checking PostgreSQL version, assuming >= 9');
+                $logger->logException($e);
+            }
+        }
+        return $errors;
+    }
+
+    /**
+     * Check for correct file permissions of data directory
+     *
+     * @param string $dataDirectory
+     * @return array arrays with error messages and hints
+     */
+    public static function checkDataDirectoryPermissions($dataDirectory) {
+        if (\OC::$server->getConfig()->getSystemValue('check_data_directory_permissions', true) === false) {
+            return  [];
+        }
+
+        $perms = substr(decoct(@fileperms($dataDirectory)), -3);
+        if (substr($perms, -1) !== '0') {
+            chmod($dataDirectory, 0770);
+            clearstatcache();
+            $perms = substr(decoct(@fileperms($dataDirectory)), -3);
+            if ($perms[2] !== '0') {
+                $l = \OC::$server->getL10N('lib');
+                return [[
+                    'error' => $l->t('Your data directory is readable by other users'),
+                    'hint' => $l->t('Please change the permissions to 0770 so that the directory cannot be listed by other users.'),
+                ]];
+            }
+        }
+        return [];
+    }
+
+    /**
+     * Check that the data directory exists and is valid by
+     * checking the existence of the ".ocdata" file.
+     *
+     * @param string $dataDirectory data directory path
+     * @return array errors found
+     */
+    public static function checkDataDirectoryValidity($dataDirectory) {
+        $l = \OC::$server->getL10N('lib');
+        $errors = [];
+        if ($dataDirectory[0] !== '/') {
+            $errors[] = [
+                'error' => $l->t('Your data directory must be an absolute path'),
+                'hint' => $l->t('Check the value of "datadirectory" in your configuration')
+            ];
+        }
+        if (!file_exists($dataDirectory . '/.ocdata')) {
+            $errors[] = [
+                'error' => $l->t('Your data directory is invalid'),
+                'hint' => $l->t('Ensure there is a file called ".ocdata"' .
+                    ' in the root of the data directory.')
+            ];
+        }
+        return $errors;
+    }
+
+    /**
+     * Check if the user is logged in, redirects to home if not. With
+     * redirect URL parameter to the request URI.
+     *
+     * @return void
+     */
+    public static function checkLoggedIn() {
+        // Check if we are a user
+        if (!\OC::$server->getUserSession()->isLoggedIn()) {
+            header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute(
+                        'core.login.showLoginForm',
+                        [
+                            'redirect_url' => \OC::$server->getRequest()->getRequestUri(),
+                        ]
+                    )
+            );
+            exit();
+        }
+        // Redirect to 2FA challenge selection if 2FA challenge was not solved yet
+        if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
+            header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
+            exit();
+        }
+    }
+
+    /**
+     * Check if the user is a admin, redirects to home if not
+     *
+     * @return void
+     */
+    public static function checkAdminUser() {
+        OC_Util::checkLoggedIn();
+        if (!OC_User::isAdminUser(OC_User::getUser())) {
+            header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
+            exit();
+        }
+    }
+
+    /**
+     * Returns the URL of the default page
+     * based on the system configuration and
+     * the apps visible for the current user
+     *
+     * @return string URL
+     * @suppress PhanDeprecatedFunction
+     */
+    public static function getDefaultPageUrl() {
+        /** @var IConfig $config */
+        $config = \OC::$server->get(IConfig::class);
+        $urlGenerator = \OC::$server->getURLGenerator();
+        // Deny the redirect if the URL contains a @
+        // This prevents unvalidated redirects like ?redirect_url=:[email protected]
+        if (isset($_REQUEST['redirect_url']) && strpos($_REQUEST['redirect_url'], '@') === false) {
+            $location = $urlGenerator->getAbsoluteURL(urldecode($_REQUEST['redirect_url']));
+        } else {
+            $defaultPage = \OC::$server->getConfig()->getAppValue('core', 'defaultpage');
+            if ($defaultPage) {
+                $location = $urlGenerator->getAbsoluteURL($defaultPage);
+            } else {
+                $appId = 'files';
+                $defaultApps = explode(',', $config->getSystemValue('defaultapp', 'dashboard,files'));
+
+                /** @var IUserSession $userSession */
+                $userSession = \OC::$server->get(IUserSession::class);
+                $user = $userSession->getUser();
+                if ($user) {
+                    $userDefaultApps = explode(',', $config->getUserValue($user->getUID(), 'core', 'defaultapp'));
+                    $defaultApps = array_filter(array_merge($userDefaultApps, $defaultApps));
+                }
+
+                // find the first app that is enabled for the current user
+                foreach ($defaultApps as $defaultApp) {
+                    $defaultApp = OC_App::cleanAppId(strip_tags($defaultApp));
+                    if (static::getAppManager()->isEnabledForUser($defaultApp)) {
+                        $appId = $defaultApp;
+                        break;
+                    }
+                }
+
+                if ($config->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true') {
+                    $location = $urlGenerator->getAbsoluteURL('/apps/' . $appId . '/');
+                } else {
+                    $location = $urlGenerator->getAbsoluteURL('/index.php/apps/' . $appId . '/');
+                }
+            }
+        }
+        return $location;
+    }
+
+    /**
+     * Redirect to the user default page
+     *
+     * @return void
+     */
+    public static function redirectToDefaultPage() {
+        $location = self::getDefaultPageUrl();
+        header('Location: ' . $location);
+        exit();
+    }
+
+    /**
+     * get an id unique for this instance
+     *
+     * @return string
+     */
+    public static function getInstanceId() {
+        $id = \OC::$server->getSystemConfig()->getValue('instanceid', null);
+        if (is_null($id)) {
+            // We need to guarantee at least one letter in instanceid so it can be used as the session_name
+            $id = 'oc' . \OC::$server->getSecureRandom()->generate(10, \OCP\Security\ISecureRandom::CHAR_LOWER.\OCP\Security\ISecureRandom::CHAR_DIGITS);
+            \OC::$server->getSystemConfig()->setValue('instanceid', $id);
+        }
+        return $id;
+    }
+
+    /**
+     * Public function to sanitize HTML
+     *
+     * This function is used to sanitize HTML and should be applied on any
+     * string or array of strings before displaying it on a web page.
+     *
+     * @param string|array $value
+     * @return string|array an array of sanitized strings or a single sanitized string, depends on the input parameter.
+     */
+    public static function sanitizeHTML($value) {
+        if (is_array($value)) {
+            $value = array_map(function ($value) {
+                return self::sanitizeHTML($value);
+            }, $value);
+        } else {
+            // Specify encoding for PHP<5.4
+            $value = htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
+        }
+        return $value;
+    }
+
+    /**
+     * Public function to encode url parameters
+     *
+     * This function is used to encode path to file before output.
+     * Encoding is done according to RFC 3986 with one exception:
+     * Character '/' is preserved as is.
+     *
+     * @param string $component part of URI to encode
+     * @return string
+     */
+    public static function encodePath($component) {
+        $encoded = rawurlencode($component);
+        $encoded = str_replace('%2F', '/', $encoded);
+        return $encoded;
+    }
+
+
+    public function createHtaccessTestFile(\OCP\IConfig $config) {
+        // php dev server does not support htaccess
+        if (php_sapi_name() === 'cli-server') {
+            return false;
+        }
+
+        // testdata
+        $fileName = '/htaccesstest.txt';
+        $testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.';
+
+        // creating a test file
+        $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
+
+        if (file_exists($testFile)) {// already running this test, possible recursive call
+            return false;
+        }
+
+        $fp = @fopen($testFile, 'w');
+        if (!$fp) {
+            throw new \OCP\HintException('Can\'t create test file to check for working .htaccess file.',
+                'Make sure it is possible for the webserver to write to ' . $testFile);
+        }
+        fwrite($fp, $testContent);
+        fclose($fp);
+
+        return $testContent;
+    }
+
+    /**
+     * Check if the .htaccess file is working
+     *
+     * @param \OCP\IConfig $config
+     * @return bool
+     * @throws Exception
+     * @throws \OCP\HintException If the test file can't get written.
+     */
+    public function isHtaccessWorking(\OCP\IConfig $config) {
+        if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) {
+            return true;
+        }
+
+        $testContent = $this->createHtaccessTestFile($config);
+        if ($testContent === false) {
+            return false;
+        }
+
+        $fileName = '/htaccesstest.txt';
+        $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName;
+
+        // accessing the file via http
+        $url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName);
+        try {
+            $content = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
+        } catch (\Exception $e) {
+            $content = false;
+        }
+
+        if (strpos($url, 'https:') === 0) {
+            $url = 'http:' . substr($url, 6);
+        } else {
+            $url = 'https:' . substr($url, 5);
+        }
+
+        try {
+            $fallbackContent = \OC::$server->getHTTPClientService()->newClient()->get($url)->getBody();
+        } catch (\Exception $e) {
+            $fallbackContent = false;
+        }
+
+        // cleanup
+        @unlink($testFile);
+
+        /*
 		 * If the content is not equal to test content our .htaccess
 		 * is working as required
 		 */
-		return $content !== $testContent && $fallbackContent !== $testContent;
-	}
-
-	/**
-	 * Check if the setlocal call does not work. This can happen if the right
-	 * local packages are not available on the server.
-	 *
-	 * @return bool
-	 */
-	public static function isSetLocaleWorking() {
-		if ('' === basename('§')) {
-			// Borrowed from \Patchwork\Utf8\Bootup::initLocale
-			setlocale(LC_ALL, 'C.UTF-8', 'C');
-			setlocale(LC_CTYPE, 'en_US.UTF-8', 'fr_FR.UTF-8', 'es_ES.UTF-8', 'de_DE.UTF-8', 'ru_RU.UTF-8', 'pt_BR.UTF-8', 'it_IT.UTF-8', 'ja_JP.UTF-8', 'zh_CN.UTF-8', '0');
-		}
-
-		// Check again
-		if ('' === basename('§')) {
-			return false;
-		}
-		return true;
-	}
-
-	/**
-	 * Check if it's possible to get the inline annotations
-	 *
-	 * @return bool
-	 */
-	public static function isAnnotationsWorking() {
-		$reflection = new \ReflectionMethod(__METHOD__);
-		$docs = $reflection->getDocComment();
-
-		return (is_string($docs) && strlen($docs) > 50);
-	}
-
-	/**
-	 * Check if the PHP module fileinfo is loaded.
-	 *
-	 * @return bool
-	 */
-	public static function fileInfoLoaded() {
-		return function_exists('finfo_open');
-	}
-
-	/**
-	 * clear all levels of output buffering
-	 *
-	 * @return void
-	 */
-	public static function obEnd() {
-		while (ob_get_level()) {
-			ob_end_clean();
-		}
-	}
-
-	/**
-	 * Checks whether the server is running on Mac OS X
-	 *
-	 * @return bool true if running on Mac OS X, false otherwise
-	 */
-	public static function runningOnMac() {
-		return (strtoupper(substr(PHP_OS, 0, 6)) === 'DARWIN');
-	}
-
-	/**
-	 * Handles the case that there may not be a theme, then check if a "default"
-	 * theme exists and take that one
-	 *
-	 * @return string the theme
-	 */
-	public static function getTheme() {
-		$theme = \OC::$server->getSystemConfig()->getValue("theme", '');
-
-		if ($theme === '') {
-			if (is_dir(OC::$SERVERROOT . '/themes/default')) {
-				$theme = 'default';
-			}
-		}
-
-		return $theme;
-	}
-
-	/**
-	 * Normalize a unicode string
-	 *
-	 * @param string $value a not normalized string
-	 * @return bool|string
-	 */
-	public static function normalizeUnicode($value) {
-		if (Normalizer::isNormalized($value)) {
-			return $value;
-		}
-
-		$normalizedValue = Normalizer::normalize($value);
-		if ($normalizedValue === null || $normalizedValue === false) {
-			\OC::$server->getLogger()->warning('normalizing failed for "' . $value . '"', ['app' => 'core']);
-			return $value;
-		}
-
-		return $normalizedValue;
-	}
-
-	/**
-	 * A human readable string is generated based on version and build number
-	 *
-	 * @return string
-	 */
-	public static function getHumanVersion() {
-		$version = OC_Util::getVersionString();
-		$build = OC_Util::getBuild();
-		if (!empty($build) and OC_Util::getChannel() === 'daily') {
-			$version .= ' Build:' . $build;
-		}
-		return $version;
-	}
-
-	/**
-	 * Returns whether the given file name is valid
-	 *
-	 * @param string $file file name to check
-	 * @return bool true if the file name is valid, false otherwise
-	 * @deprecated use \OC\Files\View::verifyPath()
-	 */
-	public static function isValidFileName($file) {
-		$trimmed = trim($file);
-		if ($trimmed === '') {
-			return false;
-		}
-		if (\OC\Files\Filesystem::isIgnoredDir($trimmed)) {
-			return false;
-		}
-
-		// detect part files
-		if (preg_match('/' . \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX . '/', $trimmed) !== 0) {
-			return false;
-		}
-
-		foreach (str_split($trimmed) as $char) {
-			if (strpos(\OCP\Constants::FILENAME_INVALID_CHARS, $char) !== false) {
-				return false;
-			}
-		}
-		return true;
-	}
-
-	/**
-	 * Check whether the instance needs to perform an upgrade,
-	 * either when the core version is higher or any app requires
-	 * an upgrade.
-	 *
-	 * @param \OC\SystemConfig $config
-	 * @return bool whether the core or any app needs an upgrade
-	 * @throws \OCP\HintException When the upgrade from the given version is not allowed
-	 */
-	public static function needUpgrade(\OC\SystemConfig $config) {
-		if ($config->getValue('installed', false)) {
-			$installedVersion = $config->getValue('version', '0.0.0');
-			$currentVersion = implode('.', \OCP\Util::getVersion());
-			$versionDiff = version_compare($currentVersion, $installedVersion);
-			if ($versionDiff > 0) {
-				return true;
-			} elseif ($config->getValue('debug', false) && $versionDiff < 0) {
-				// downgrade with debug
-				$installedMajor = explode('.', $installedVersion);
-				$installedMajor = $installedMajor[0] . '.' . $installedMajor[1];
-				$currentMajor = explode('.', $currentVersion);
-				$currentMajor = $currentMajor[0] . '.' . $currentMajor[1];
-				if ($installedMajor === $currentMajor) {
-					// Same major, allow downgrade for developers
-					return true;
-				} else {
-					// downgrade attempt, throw exception
-					throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
-				}
-			} elseif ($versionDiff < 0) {
-				// downgrade attempt, throw exception
-				throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
-			}
-
-			// also check for upgrades for apps (independently from the user)
-			$apps = \OC_App::getEnabledApps(false, true);
-			$shouldUpgrade = false;
-			foreach ($apps as $app) {
-				if (\OC_App::shouldUpgrade($app)) {
-					$shouldUpgrade = true;
-					break;
-				}
-			}
-			return $shouldUpgrade;
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * is this Internet explorer ?
-	 *
-	 * @return boolean
-	 */
-	public static function isIe() {
-		if (!isset($_SERVER['HTTP_USER_AGENT'])) {
-			return false;
-		}
-
-		return preg_match(Request::USER_AGENT_IE, $_SERVER['HTTP_USER_AGENT']) === 1;
-	}
+        return $content !== $testContent && $fallbackContent !== $testContent;
+    }
+
+    /**
+     * Check if the setlocal call does not work. This can happen if the right
+     * local packages are not available on the server.
+     *
+     * @return bool
+     */
+    public static function isSetLocaleWorking() {
+        if ('' === basename('§')) {
+            // Borrowed from \Patchwork\Utf8\Bootup::initLocale
+            setlocale(LC_ALL, 'C.UTF-8', 'C');
+            setlocale(LC_CTYPE, 'en_US.UTF-8', 'fr_FR.UTF-8', 'es_ES.UTF-8', 'de_DE.UTF-8', 'ru_RU.UTF-8', 'pt_BR.UTF-8', 'it_IT.UTF-8', 'ja_JP.UTF-8', 'zh_CN.UTF-8', '0');
+        }
+
+        // Check again
+        if ('' === basename('§')) {
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * Check if it's possible to get the inline annotations
+     *
+     * @return bool
+     */
+    public static function isAnnotationsWorking() {
+        $reflection = new \ReflectionMethod(__METHOD__);
+        $docs = $reflection->getDocComment();
+
+        return (is_string($docs) && strlen($docs) > 50);
+    }
+
+    /**
+     * Check if the PHP module fileinfo is loaded.
+     *
+     * @return bool
+     */
+    public static function fileInfoLoaded() {
+        return function_exists('finfo_open');
+    }
+
+    /**
+     * clear all levels of output buffering
+     *
+     * @return void
+     */
+    public static function obEnd() {
+        while (ob_get_level()) {
+            ob_end_clean();
+        }
+    }
+
+    /**
+     * Checks whether the server is running on Mac OS X
+     *
+     * @return bool true if running on Mac OS X, false otherwise
+     */
+    public static function runningOnMac() {
+        return (strtoupper(substr(PHP_OS, 0, 6)) === 'DARWIN');
+    }
+
+    /**
+     * Handles the case that there may not be a theme, then check if a "default"
+     * theme exists and take that one
+     *
+     * @return string the theme
+     */
+    public static function getTheme() {
+        $theme = \OC::$server->getSystemConfig()->getValue("theme", '');
+
+        if ($theme === '') {
+            if (is_dir(OC::$SERVERROOT . '/themes/default')) {
+                $theme = 'default';
+            }
+        }
+
+        return $theme;
+    }
+
+    /**
+     * Normalize a unicode string
+     *
+     * @param string $value a not normalized string
+     * @return bool|string
+     */
+    public static function normalizeUnicode($value) {
+        if (Normalizer::isNormalized($value)) {
+            return $value;
+        }
+
+        $normalizedValue = Normalizer::normalize($value);
+        if ($normalizedValue === null || $normalizedValue === false) {
+            \OC::$server->getLogger()->warning('normalizing failed for "' . $value . '"', ['app' => 'core']);
+            return $value;
+        }
+
+        return $normalizedValue;
+    }
+
+    /**
+     * A human readable string is generated based on version and build number
+     *
+     * @return string
+     */
+    public static function getHumanVersion() {
+        $version = OC_Util::getVersionString();
+        $build = OC_Util::getBuild();
+        if (!empty($build) and OC_Util::getChannel() === 'daily') {
+            $version .= ' Build:' . $build;
+        }
+        return $version;
+    }
+
+    /**
+     * Returns whether the given file name is valid
+     *
+     * @param string $file file name to check
+     * @return bool true if the file name is valid, false otherwise
+     * @deprecated use \OC\Files\View::verifyPath()
+     */
+    public static function isValidFileName($file) {
+        $trimmed = trim($file);
+        if ($trimmed === '') {
+            return false;
+        }
+        if (\OC\Files\Filesystem::isIgnoredDir($trimmed)) {
+            return false;
+        }
+
+        // detect part files
+        if (preg_match('/' . \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX . '/', $trimmed) !== 0) {
+            return false;
+        }
+
+        foreach (str_split($trimmed) as $char) {
+            if (strpos(\OCP\Constants::FILENAME_INVALID_CHARS, $char) !== false) {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * Check whether the instance needs to perform an upgrade,
+     * either when the core version is higher or any app requires
+     * an upgrade.
+     *
+     * @param \OC\SystemConfig $config
+     * @return bool whether the core or any app needs an upgrade
+     * @throws \OCP\HintException When the upgrade from the given version is not allowed
+     */
+    public static function needUpgrade(\OC\SystemConfig $config) {
+        if ($config->getValue('installed', false)) {
+            $installedVersion = $config->getValue('version', '0.0.0');
+            $currentVersion = implode('.', \OCP\Util::getVersion());
+            $versionDiff = version_compare($currentVersion, $installedVersion);
+            if ($versionDiff > 0) {
+                return true;
+            } elseif ($config->getValue('debug', false) && $versionDiff < 0) {
+                // downgrade with debug
+                $installedMajor = explode('.', $installedVersion);
+                $installedMajor = $installedMajor[0] . '.' . $installedMajor[1];
+                $currentMajor = explode('.', $currentVersion);
+                $currentMajor = $currentMajor[0] . '.' . $currentMajor[1];
+                if ($installedMajor === $currentMajor) {
+                    // Same major, allow downgrade for developers
+                    return true;
+                } else {
+                    // downgrade attempt, throw exception
+                    throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
+                }
+            } elseif ($versionDiff < 0) {
+                // downgrade attempt, throw exception
+                throw new \OCP\HintException('Downgrading is not supported and is likely to cause unpredictable issues (from ' . $installedVersion . ' to ' . $currentVersion . ')');
+            }
+
+            // also check for upgrades for apps (independently from the user)
+            $apps = \OC_App::getEnabledApps(false, true);
+            $shouldUpgrade = false;
+            foreach ($apps as $app) {
+                if (\OC_App::shouldUpgrade($app)) {
+                    $shouldUpgrade = true;
+                    break;
+                }
+            }
+            return $shouldUpgrade;
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * is this Internet explorer ?
+     *
+     * @return boolean
+     */
+    public static function isIe() {
+        if (!isset($_SERVER['HTTP_USER_AGENT'])) {
+            return false;
+        }
+
+        return preg_match(Request::USER_AGENT_IE, $_SERVER['HTTP_USER_AGENT']) === 1;
+    }
 }

Please login to merge, or discard this patch.

lib/private/legacy/OC_Hook.php 1 patch

Indentation +103 added lines, -103 removed lines patch added patch discarded remove patch

@@ -29,118 +29,118 @@
 block discarded – undo
  *
  */
 class OC_Hook {
-	public static $thrownExceptions = [];
+    public static $thrownExceptions = [];
 
-	private static $registered = [];
+    private static $registered = [];
 
-	/**
-	 * connects a function to a hook
-	 *
-	 * @param string $signalClass class name of emitter
-	 * @param string $signalName name of signal
-	 * @param string|object $slotClass class name of slot
-	 * @param string $slotName name of slot
-	 * @return bool
-	 *
-	 * This function makes it very easy to connect to use hooks.
-	 *
-	 * TODO: write example
-	 */
-	public static function connect($signalClass, $signalName, $slotClass, $slotName) {
-		// If we're trying to connect to an emitting class that isn't
-		// yet registered, register it
-		if (!array_key_exists($signalClass, self::$registered)) {
-			self::$registered[$signalClass] = [];
-		}
-		// If we're trying to connect to an emitting method that isn't
-		// yet registered, register it with the emitting class
-		if (!array_key_exists($signalName, self::$registered[$signalClass])) {
-			self::$registered[$signalClass][$signalName] = [];
-		}
+    /**
+     * connects a function to a hook
+     *
+     * @param string $signalClass class name of emitter
+     * @param string $signalName name of signal
+     * @param string|object $slotClass class name of slot
+     * @param string $slotName name of slot
+     * @return bool
+     *
+     * This function makes it very easy to connect to use hooks.
+     *
+     * TODO: write example
+     */
+    public static function connect($signalClass, $signalName, $slotClass, $slotName) {
+        // If we're trying to connect to an emitting class that isn't
+        // yet registered, register it
+        if (!array_key_exists($signalClass, self::$registered)) {
+            self::$registered[$signalClass] = [];
+        }
+        // If we're trying to connect to an emitting method that isn't
+        // yet registered, register it with the emitting class
+        if (!array_key_exists($signalName, self::$registered[$signalClass])) {
+            self::$registered[$signalClass][$signalName] = [];
+        }
 
-		// don't connect hooks twice
-		foreach (self::$registered[$signalClass][$signalName] as $hook) {
-			if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
-				return false;
-			}
-		}
-		// Connect the hook handler to the requested emitter
-		self::$registered[$signalClass][$signalName][] = [
-			"class" => $slotClass,
-			"name" => $slotName
-		];
+        // don't connect hooks twice
+        foreach (self::$registered[$signalClass][$signalName] as $hook) {
+            if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
+                return false;
+            }
+        }
+        // Connect the hook handler to the requested emitter
+        self::$registered[$signalClass][$signalName][] = [
+            "class" => $slotClass,
+            "name" => $slotName
+        ];
 
-		// No chance for failure ;-)
-		return true;
-	}
+        // No chance for failure ;-)
+        return true;
+    }
 
-	/**
-	 * emits a signal
-	 *
-	 * @param string $signalClass class name of emitter
-	 * @param string $signalName name of signal
-	 * @param mixed $params default: array() array with additional data
-	 * @return bool true if slots exists or false if not
-	 * @throws \OCP\HintException
-	 * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
-	 *
-	 * TODO: write example
-	 */
-	public static function emit($signalClass, $signalName, $params = []) {
+    /**
+     * emits a signal
+     *
+     * @param string $signalClass class name of emitter
+     * @param string $signalName name of signal
+     * @param mixed $params default: array() array with additional data
+     * @return bool true if slots exists or false if not
+     * @throws \OCP\HintException
+     * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
+     *
+     * TODO: write example
+     */
+    public static function emit($signalClass, $signalName, $params = []) {
 
-		// Return false if no hook handlers are listening to this
-		// emitting class
-		if (!array_key_exists($signalClass, self::$registered)) {
-			return false;
-		}
+        // Return false if no hook handlers are listening to this
+        // emitting class
+        if (!array_key_exists($signalClass, self::$registered)) {
+            return false;
+        }
 
-		// Return false if no hook handlers are listening to this
-		// emitting method
-		if (!array_key_exists($signalName, self::$registered[$signalClass])) {
-			return false;
-		}
+        // Return false if no hook handlers are listening to this
+        // emitting method
+        if (!array_key_exists($signalName, self::$registered[$signalClass])) {
+            return false;
+        }
 
-		// Call all slots
-		foreach (self::$registered[$signalClass][$signalName] as $i) {
-			try {
-				call_user_func([ $i["class"], $i["name"] ], $params);
-			} catch (Exception $e) {
-				self::$thrownExceptions[] = $e;
-				\OC::$server->getLogger()->logException($e);
-				if ($e instanceof \OCP\HintException) {
-					throw $e;
-				}
-				if ($e instanceof \OC\ServerNotAvailableException) {
-					throw $e;
-				}
-			}
-		}
+        // Call all slots
+        foreach (self::$registered[$signalClass][$signalName] as $i) {
+            try {
+                call_user_func([ $i["class"], $i["name"] ], $params);
+            } catch (Exception $e) {
+                self::$thrownExceptions[] = $e;
+                \OC::$server->getLogger()->logException($e);
+                if ($e instanceof \OCP\HintException) {
+                    throw $e;
+                }
+                if ($e instanceof \OC\ServerNotAvailableException) {
+                    throw $e;
+                }
+            }
+        }
 
-		return true;
-	}
+        return true;
+    }
 
-	/**
-	 * clear hooks
-	 * @param string $signalClass
-	 * @param string $signalName
-	 */
-	public static function clear($signalClass = '', $signalName = '') {
-		if ($signalClass) {
-			if ($signalName) {
-				self::$registered[$signalClass][$signalName] = [];
-			} else {
-				self::$registered[$signalClass] = [];
-			}
-		} else {
-			self::$registered = [];
-		}
-	}
+    /**
+     * clear hooks
+     * @param string $signalClass
+     * @param string $signalName
+     */
+    public static function clear($signalClass = '', $signalName = '') {
+        if ($signalClass) {
+            if ($signalName) {
+                self::$registered[$signalClass][$signalName] = [];
+            } else {
+                self::$registered[$signalClass] = [];
+            }
+        } else {
+            self::$registered = [];
+        }
+    }
 
-	/**
-	 * DO NOT USE!
-	 * For unit tests ONLY!
-	 */
-	public static function getHooks() {
-		return self::$registered;
-	}
+    /**
+     * DO NOT USE!
+     * For unit tests ONLY!
+     */
+    public static function getHooks() {
+        return self::$registered;
+    }
 }

Please login to merge, or discard this patch.

lib/private/Memcache/Factory.php 1 patch

Indentation +124 added lines, -124 removed lines patch added patch discarded remove patch

@@ -37,128 +37,128 @@
 block discarded – undo
 use OCP\IMemcache;
 
 class Factory implements ICacheFactory {
-	public const NULL_CACHE = NullCache::class;
-
-	/**
-	 * @var string $globalPrefix
-	 */
-	private $globalPrefix;
-
-	/**
-	 * @var ILogger $logger
-	 */
-	private $logger;
-
-	/**
-	 * @var string $localCacheClass
-	 */
-	private $localCacheClass;
-
-	/**
-	 * @var string $distributedCacheClass
-	 */
-	private $distributedCacheClass;
-
-	/**
-	 * @var string $lockingCacheClass
-	 */
-	private $lockingCacheClass;
-
-	/**
-	 * @param string $globalPrefix
-	 * @param ILogger $logger
-	 * @param string|null $localCacheClass
-	 * @param string|null $distributedCacheClass
-	 * @param string|null $lockingCacheClass
-	 */
-	public function __construct(string $globalPrefix, ILogger $logger,
-		$localCacheClass = null, $distributedCacheClass = null, $lockingCacheClass = null) {
-		$this->logger = $logger;
-		$this->globalPrefix = $globalPrefix;
-
-		if (!$localCacheClass) {
-			$localCacheClass = self::NULL_CACHE;
-		}
-		if (!$distributedCacheClass) {
-			$distributedCacheClass = $localCacheClass;
-		}
-
-		$missingCacheMessage = 'Memcache {class} not available for {use} cache';
-		$missingCacheHint = 'Is the matching PHP module installed and enabled?';
-		if (!class_exists($localCacheClass) || !$localCacheClass::isAvailable()) {
-			throw new \OCP\HintException(strtr($missingCacheMessage, [
-				'{class}' => $localCacheClass, '{use}' => 'local'
-			]), $missingCacheHint);
-		}
-		if (!class_exists($distributedCacheClass) || !$distributedCacheClass::isAvailable()) {
-			throw new \OCP\HintException(strtr($missingCacheMessage, [
-				'{class}' => $distributedCacheClass, '{use}' => 'distributed'
-			]), $missingCacheHint);
-		}
-		if (!($lockingCacheClass && class_exists($distributedCacheClass) && $lockingCacheClass::isAvailable())) {
-			// don't fallback since the fallback might not be suitable for storing lock
-			$lockingCacheClass = self::NULL_CACHE;
-		}
-
-		$this->localCacheClass = $localCacheClass;
-		$this->distributedCacheClass = $distributedCacheClass;
-		$this->lockingCacheClass = $lockingCacheClass;
-	}
-
-	/**
-	 * create a cache instance for storing locks
-	 *
-	 * @param string $prefix
-	 * @return IMemcache
-	 */
-	public function createLocking(string $prefix = ''): IMemcache {
-		return new $this->lockingCacheClass($this->globalPrefix . '/' . $prefix);
-	}
-
-	/**
-	 * create a distributed cache instance
-	 *
-	 * @param string $prefix
-	 * @return ICache
-	 */
-	public function createDistributed(string $prefix = ''): ICache {
-		return new $this->distributedCacheClass($this->globalPrefix . '/' . $prefix);
-	}
-
-	/**
-	 * create a local cache instance
-	 *
-	 * @param string $prefix
-	 * @return ICache
-	 */
-	public function createLocal(string $prefix = ''): ICache {
-		return new $this->localCacheClass($this->globalPrefix . '/' . $prefix);
-	}
-
-	/**
-	 * check memcache availability
-	 *
-	 * @return bool
-	 */
-	public function isAvailable(): bool {
-		return ($this->distributedCacheClass !== self::NULL_CACHE);
-	}
-
-	/**
-	 * @see \OC\Memcache\Factory::createLocal()
-	 * @param string $prefix
-	 * @return ICache
-	 */
-	public function createLowLatency(string $prefix = ''): ICache {
-		return $this->createLocal($prefix);
-	}
-
-	/**
-	 * Check if a local memory cache backend is available
-	 *
-	 * @return bool
-	 */
-	public function isLocalCacheAvailable(): bool {
-		return ($this->localCacheClass !== self::NULL_CACHE);
-	}
+    public const NULL_CACHE = NullCache::class;
+
+    /**
+     * @var string $globalPrefix
+     */
+    private $globalPrefix;
+
+    /**
+     * @var ILogger $logger
+     */
+    private $logger;
+
+    /**
+     * @var string $localCacheClass
+     */
+    private $localCacheClass;
+
+    /**
+     * @var string $distributedCacheClass
+     */
+    private $distributedCacheClass;
+
+    /**
+     * @var string $lockingCacheClass
+     */
+    private $lockingCacheClass;
+
+    /**
+     * @param string $globalPrefix
+     * @param ILogger $logger
+     * @param string|null $localCacheClass
+     * @param string|null $distributedCacheClass
+     * @param string|null $lockingCacheClass
+     */
+    public function __construct(string $globalPrefix, ILogger $logger,
+        $localCacheClass = null, $distributedCacheClass = null, $lockingCacheClass = null) {
+        $this->logger = $logger;
+        $this->globalPrefix = $globalPrefix;
+
+        if (!$localCacheClass) {
+            $localCacheClass = self::NULL_CACHE;
+        }
+        if (!$distributedCacheClass) {
+            $distributedCacheClass = $localCacheClass;
+        }
+
+        $missingCacheMessage = 'Memcache {class} not available for {use} cache';
+        $missingCacheHint = 'Is the matching PHP module installed and enabled?';
+        if (!class_exists($localCacheClass) || !$localCacheClass::isAvailable()) {
+            throw new \OCP\HintException(strtr($missingCacheMessage, [
+                '{class}' => $localCacheClass, '{use}' => 'local'
+            ]), $missingCacheHint);
+        }
+        if (!class_exists($distributedCacheClass) || !$distributedCacheClass::isAvailable()) {
+            throw new \OCP\HintException(strtr($missingCacheMessage, [
+                '{class}' => $distributedCacheClass, '{use}' => 'distributed'
+            ]), $missingCacheHint);
+        }
+        if (!($lockingCacheClass && class_exists($distributedCacheClass) && $lockingCacheClass::isAvailable())) {
+            // don't fallback since the fallback might not be suitable for storing lock
+            $lockingCacheClass = self::NULL_CACHE;
+        }
+
+        $this->localCacheClass = $localCacheClass;
+        $this->distributedCacheClass = $distributedCacheClass;
+        $this->lockingCacheClass = $lockingCacheClass;
+    }
+
+    /**
+     * create a cache instance for storing locks
+     *
+     * @param string $prefix
+     * @return IMemcache
+     */
+    public function createLocking(string $prefix = ''): IMemcache {
+        return new $this->lockingCacheClass($this->globalPrefix . '/' . $prefix);
+    }
+
+    /**
+     * create a distributed cache instance
+     *
+     * @param string $prefix
+     * @return ICache
+     */
+    public function createDistributed(string $prefix = ''): ICache {
+        return new $this->distributedCacheClass($this->globalPrefix . '/' . $prefix);
+    }
+
+    /**
+     * create a local cache instance
+     *
+     * @param string $prefix
+     * @return ICache
+     */
+    public function createLocal(string $prefix = ''): ICache {
+        return new $this->localCacheClass($this->globalPrefix . '/' . $prefix);
+    }
+
+    /**
+     * check memcache availability
+     *
+     * @return bool
+     */
+    public function isAvailable(): bool {
+        return ($this->distributedCacheClass !== self::NULL_CACHE);
+    }
+
+    /**
+     * @see \OC\Memcache\Factory::createLocal()
+     * @param string $prefix
+     * @return ICache
+     */
+    public function createLowLatency(string $prefix = ''): ICache {
+        return $this->createLocal($prefix);
+    }
+
+    /**
+     * Check if a local memory cache backend is available
+     *
+     * @return bool
+     */
+    public function isLocalCacheAvailable(): bool {
+        return ($this->localCacheClass !== self::NULL_CACHE);
+    }
 }

Please login to merge, or discard this patch.

lib/base.php 1 patch

Indentation +1000 added lines, -1000 removed lines patch added patch discarded remove patch

@@ -78,1006 +78,1006 @@
 block discarded – undo
  * OC_autoload!
  */
 class OC {
-	/**
-	 * Associative array for autoloading. classname => filename
-	 */
-	public static $CLASSPATH = [];
-	/**
-	 * The installation path for Nextcloud  on the server (e.g. /srv/http/nextcloud)
-	 */
-	public static $SERVERROOT = '';
-	/**
-	 * the current request path relative to the Nextcloud root (e.g. files/index.php)
-	 */
-	private static $SUBURI = '';
-	/**
-	 * the Nextcloud root path for http requests (e.g. nextcloud/)
-	 */
-	public static $WEBROOT = '';
-	/**
-	 * The installation path array of the apps folder on the server (e.g. /srv/http/nextcloud) 'path' and
-	 * web path in 'url'
-	 */
-	public static $APPSROOTS = [];
-
-	/**
-	 * @var string
-	 */
-	public static $configDir;
-
-	/**
-	 * requested app
-	 */
-	public static $REQUESTEDAPP = '';
-
-	/**
-	 * check if Nextcloud runs in cli mode
-	 */
-	public static $CLI = false;
-
-	/**
-	 * @var \OC\Autoloader $loader
-	 */
-	public static $loader = null;
-
-	/** @var \Composer\Autoload\ClassLoader $composerAutoloader */
-	public static $composerAutoloader = null;
-
-	/**
-	 * @var \OC\Server
-	 */
-	public static $server = null;
-
-	/**
-	 * @var \OC\Config
-	 */
-	private static $config = null;
-
-	/**
-	 * @throws \RuntimeException when the 3rdparty directory is missing or
-	 * the app path list is empty or contains an invalid path
-	 */
-	public static function initPaths() {
-		if (defined('PHPUNIT_CONFIG_DIR')) {
-			self::$configDir = OC::$SERVERROOT . '/' . PHPUNIT_CONFIG_DIR . '/';
-		} elseif (defined('PHPUNIT_RUN') and PHPUNIT_RUN and is_dir(OC::$SERVERROOT . '/tests/config/')) {
-			self::$configDir = OC::$SERVERROOT . '/tests/config/';
-		} elseif ($dir = getenv('NEXTCLOUD_CONFIG_DIR')) {
-			self::$configDir = rtrim($dir, '/') . '/';
-		} else {
-			self::$configDir = OC::$SERVERROOT . '/config/';
-		}
-		self::$config = new \OC\Config(self::$configDir);
-
-		OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
-		/**
-		 * FIXME: The following lines are required because we can't yet instantiate
-		 *        \OC::$server->getRequest() since \OC::$server does not yet exist.
-		 */
-		$params = [
-			'server' => [
-				'SCRIPT_NAME' => $_SERVER['SCRIPT_NAME'],
-				'SCRIPT_FILENAME' => $_SERVER['SCRIPT_FILENAME'],
-			],
-		];
-		$fakeRequest = new \OC\AppFramework\Http\Request($params, new \OC\Security\SecureRandom(), new \OC\AllConfig(new \OC\SystemConfig(self::$config)));
-		$scriptName = $fakeRequest->getScriptName();
-		if (substr($scriptName, -1) == '/') {
-			$scriptName .= 'index.php';
-			//make sure suburi follows the same rules as scriptName
-			if (substr(OC::$SUBURI, -9) != 'index.php') {
-				if (substr(OC::$SUBURI, -1) != '/') {
-					OC::$SUBURI = OC::$SUBURI . '/';
-				}
-				OC::$SUBURI = OC::$SUBURI . 'index.php';
-			}
-		}
-
-
-		if (OC::$CLI) {
-			OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
-		} else {
-			if (substr($scriptName, 0 - strlen(OC::$SUBURI)) === OC::$SUBURI) {
-				OC::$WEBROOT = substr($scriptName, 0, 0 - strlen(OC::$SUBURI));
-
-				if (OC::$WEBROOT != '' && OC::$WEBROOT[0] !== '/') {
-					OC::$WEBROOT = '/' . OC::$WEBROOT;
-				}
-			} else {
-				// The scriptName is not ending with OC::$SUBURI
-				// This most likely means that we are calling from CLI.
-				// However some cron jobs still need to generate
-				// a web URL, so we use overwritewebroot as a fallback.
-				OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
-			}
-
-			// Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
-			// slash which is required by URL generation.
-			if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
-					substr($_SERVER['REQUEST_URI'], -1) !== '/') {
-				header('Location: '.\OC::$WEBROOT.'/');
-				exit();
-			}
-		}
-
-		// search the apps folder
-		$config_paths = self::$config->getValue('apps_paths', []);
-		if (!empty($config_paths)) {
-			foreach ($config_paths as $paths) {
-				if (isset($paths['url']) && isset($paths['path'])) {
-					$paths['url'] = rtrim($paths['url'], '/');
-					$paths['path'] = rtrim($paths['path'], '/');
-					OC::$APPSROOTS[] = $paths;
-				}
-			}
-		} elseif (file_exists(OC::$SERVERROOT . '/apps')) {
-			OC::$APPSROOTS[] = ['path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true];
-		}
-
-		if (empty(OC::$APPSROOTS)) {
-			throw new \RuntimeException('apps directory not found! Please put the Nextcloud apps folder in the Nextcloud folder'
-				. '. You can also configure the location in the config.php file.');
-		}
-		$paths = [];
-		foreach (OC::$APPSROOTS as $path) {
-			$paths[] = $path['path'];
-			if (!is_dir($path['path'])) {
-				throw new \RuntimeException(sprintf('App directory "%s" not found! Please put the Nextcloud apps folder in the'
-					. ' Nextcloud folder. You can also configure the location in the config.php file.', $path['path']));
-			}
-		}
-
-		// set the right include path
-		set_include_path(
-			implode(PATH_SEPARATOR, $paths)
-		);
-	}
-
-	public static function checkConfig() {
-		$l = \OC::$server->getL10N('lib');
-
-		// Create config if it does not already exist
-		$configFilePath = self::$configDir .'/config.php';
-		if (!file_exists($configFilePath)) {
-			@touch($configFilePath);
-		}
-
-		// Check if config is writable
-		$configFileWritable = is_writable($configFilePath);
-		if (!$configFileWritable && !OC_Helper::isReadOnlyConfigEnabled()
-			|| !$configFileWritable && \OCP\Util::needUpgrade()) {
-			$urlGenerator = \OC::$server->getURLGenerator();
-
-			if (self::$CLI) {
-				echo $l->t('Cannot write into "config" directory!')."\n";
-				echo $l->t('This can usually be fixed by giving the webserver write access to the config directory.')."\n";
-				echo "\n";
-				echo $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.')."\n";
-				echo $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ])."\n";
-				exit;
-			} else {
-				OC_Template::printErrorPage(
-					$l->t('Cannot write into "config" directory!'),
-					$l->t('This can usually be fixed by giving the webserver write access to the config directory.') . ' '
-					. $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.') . ' '
-					. $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ]),
-					503
-				);
-			}
-		}
-	}
-
-	public static function checkInstalled(\OC\SystemConfig $systemConfig) {
-		if (defined('OC_CONSOLE')) {
-			return;
-		}
-		// Redirect to installer if not installed
-		if (!$systemConfig->getValue('installed', false) && OC::$SUBURI !== '/index.php' && OC::$SUBURI !== '/status.php') {
-			if (OC::$CLI) {
-				throw new Exception('Not installed');
-			} else {
-				$url = OC::$WEBROOT . '/index.php';
-				header('Location: ' . $url);
-			}
-			exit();
-		}
-	}
-
-	public static function checkMaintenanceMode(\OC\SystemConfig $systemConfig) {
-		// Allow ajax update script to execute without being stopped
-		if (((bool) $systemConfig->getValue('maintenance', false)) && OC::$SUBURI != '/core/ajax/update.php') {
-			// send http status 503
-			http_response_code(503);
-			header('Retry-After: 120');
-
-			// render error page
-			$template = new OC_Template('', 'update.user', 'guest');
-			OC_Util::addScript('dist/maintenance');
-			OC_Util::addStyle('core', 'guest');
-			$template->printPage();
-			die();
-		}
-	}
-
-	/**
-	 * Prints the upgrade page
-	 *
-	 * @param \OC\SystemConfig $systemConfig
-	 */
-	private static function printUpgradePage(\OC\SystemConfig $systemConfig) {
-		$disableWebUpdater = $systemConfig->getValue('upgrade.disable-web', false);
-		$tooBig = false;
-		if (!$disableWebUpdater) {
-			$apps = \OC::$server->getAppManager();
-			if ($apps->isInstalled('user_ldap')) {
-				$qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-
-				$result = $qb->select($qb->func()->count('*', 'user_count'))
-					->from('ldap_user_mapping')
-					->execute();
-				$row = $result->fetch();
-				$result->closeCursor();
-
-				$tooBig = ($row['user_count'] > 50);
-			}
-			if (!$tooBig && $apps->isInstalled('user_saml')) {
-				$qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
-
-				$result = $qb->select($qb->func()->count('*', 'user_count'))
-					->from('user_saml_users')
-					->execute();
-				$row = $result->fetch();
-				$result->closeCursor();
-
-				$tooBig = ($row['user_count'] > 50);
-			}
-			if (!$tooBig) {
-				// count users
-				$stats = \OC::$server->getUserManager()->countUsers();
-				$totalUsers = array_sum($stats);
-				$tooBig = ($totalUsers > 50);
-			}
-		}
-		$ignoreTooBigWarning = isset($_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup']) &&
-			$_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup'] === 'IAmSuperSureToDoThis';
-
-		if ($disableWebUpdater || ($tooBig && !$ignoreTooBigWarning)) {
-			// send http status 503
-			http_response_code(503);
-			header('Retry-After: 120');
-
-			// render error page
-			$template = new OC_Template('', 'update.use-cli', 'guest');
-			$template->assign('productName', 'nextcloud'); // for now
-			$template->assign('version', OC_Util::getVersionString());
-			$template->assign('tooBig', $tooBig);
-
-			$template->printPage();
-			die();
-		}
-
-		// check whether this is a core update or apps update
-		$installedVersion = $systemConfig->getValue('version', '0.0.0');
-		$currentVersion = implode('.', \OCP\Util::getVersion());
-
-		// if not a core upgrade, then it's apps upgrade
-		$isAppsOnlyUpgrade = version_compare($currentVersion, $installedVersion, '=');
-
-		$oldTheme = $systemConfig->getValue('theme');
-		$systemConfig->setValue('theme', '');
-		OC_Util::addScript('update');
-
-		/** @var \OC\App\AppManager $appManager */
-		$appManager = \OC::$server->getAppManager();
-
-		$tmpl = new OC_Template('', 'update.admin', 'guest');
-		$tmpl->assign('version', OC_Util::getVersionString());
-		$tmpl->assign('isAppsOnlyUpgrade', $isAppsOnlyUpgrade);
-
-		// get third party apps
-		$ocVersion = \OCP\Util::getVersion();
-		$ocVersion = implode('.', $ocVersion);
-		$incompatibleApps = $appManager->getIncompatibleApps($ocVersion);
-		$incompatibleShippedApps = [];
-		foreach ($incompatibleApps as $appInfo) {
-			if ($appManager->isShipped($appInfo['id'])) {
-				$incompatibleShippedApps[] = $appInfo['name'] . ' (' . $appInfo['id'] . ')';
-			}
-		}
-
-		if (!empty($incompatibleShippedApps)) {
-			$l = \OC::$server->getL10N('core');
-			$hint = $l->t('The files of the app %1$s were not replaced correctly. Make sure it is a version compatible with the server.', [implode(', ', $incompatibleShippedApps)]);
-			throw new \OCP\HintException('The files of the app ' . implode(', ', $incompatibleShippedApps) . ' were not replaced correctly. Make sure it is a version compatible with the server.', $hint);
-		}
-
-		$tmpl->assign('appsToUpgrade', $appManager->getAppsNeedingUpgrade($ocVersion));
-		$tmpl->assign('incompatibleAppsList', $incompatibleApps);
-		try {
-			$defaults = new \OC_Defaults();
-			$tmpl->assign('productName', $defaults->getName());
-		} catch (Throwable $error) {
-			$tmpl->assign('productName', 'Nextcloud');
-		}
-		$tmpl->assign('oldTheme', $oldTheme);
-		$tmpl->printPage();
-	}
-
-	public static function initSession() {
-		if (self::$server->getRequest()->getServerProtocol() === 'https') {
-			ini_set('session.cookie_secure', 'true');
-		}
-
-		// prevents javascript from accessing php session cookies
-		ini_set('session.cookie_httponly', 'true');
-
-		// set the cookie path to the Nextcloud directory
-		$cookie_path = OC::$WEBROOT ? : '/';
-		ini_set('session.cookie_path', $cookie_path);
-
-		// Let the session name be changed in the initSession Hook
-		$sessionName = OC_Util::getInstanceId();
-
-		try {
-			// set the session name to the instance id - which is unique
-			$session = new \OC\Session\Internal($sessionName);
-
-			$cryptoWrapper = \OC::$server->getSessionCryptoWrapper();
-			$session = $cryptoWrapper->wrapSession($session);
-			self::$server->setSession($session);
-
-			// if session can't be started break with http 500 error
-		} catch (Exception $e) {
-			\OC::$server->getLogger()->logException($e, ['app' => 'base']);
-			//show the user a detailed error page
-			OC_Template::printExceptionErrorPage($e, 500);
-			die();
-		}
-
-		$sessionLifeTime = self::getSessionLifeTime();
-
-		// session timeout
-		if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) {
-			if (isset($_COOKIE[session_name()])) {
-				setcookie(session_name(), '', -1, self::$WEBROOT ? : '/');
-			}
-			\OC::$server->getUserSession()->logout();
-		}
-
-		$session->set('LAST_ACTIVITY', time());
-	}
-
-	/**
-	 * @return string
-	 */
-	private static function getSessionLifeTime() {
-		return \OC::$server->getConfig()->getSystemValue('session_lifetime', 60 * 60 * 24);
-	}
-
-	/**
-	 * Try to set some values to the required Nextcloud default
-	 */
-	public static function setRequiredIniValues() {
-		@ini_set('default_charset', 'UTF-8');
-		@ini_set('gd.jpeg_ignore_warning', '1');
-	}
-
-	/**
-	 * Send the same site cookies
-	 */
-	private static function sendSameSiteCookies() {
-		$cookieParams = session_get_cookie_params();
-		$secureCookie = ($cookieParams['secure'] === true) ? 'secure; ' : '';
-		$policies = [
-			'lax',
-			'strict',
-		];
-
-		// Append __Host to the cookie if it meets the requirements
-		$cookiePrefix = '';
-		if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') {
-			$cookiePrefix = '__Host-';
-		}
-
-		foreach ($policies as $policy) {
-			header(
-				sprintf(
-					'Set-Cookie: %snc_sameSiteCookie%s=true; path=%s; httponly;' . $secureCookie . 'expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=%s',
-					$cookiePrefix,
-					$policy,
-					$cookieParams['path'],
-					$policy
-				),
-				false
-			);
-		}
-	}
-
-	/**
-	 * Same Site cookie to further mitigate CSRF attacks. This cookie has to
-	 * be set in every request if cookies are sent to add a second level of
-	 * defense against CSRF.
-	 *
-	 * If the cookie is not sent this will set the cookie and reload the page.
-	 * We use an additional cookie since we want to protect logout CSRF and
-	 * also we can't directly interfere with PHP's session mechanism.
-	 */
-	private static function performSameSiteCookieProtection(\OCP\IConfig $config) {
-		$request = \OC::$server->getRequest();
-
-		// Some user agents are notorious and don't really properly follow HTTP
-		// specifications. For those, have an automated opt-out. Since the protection
-		// for remote.php is applied in base.php as starting point we need to opt out
-		// here.
-		$incompatibleUserAgents = $config->getSystemValue('csrf.optout');
-
-		// Fallback, if csrf.optout is unset
-		if (!is_array($incompatibleUserAgents)) {
-			$incompatibleUserAgents = [
-				// OS X Finder
-				'/^WebDAVFS/',
-				// Windows webdav drive
-				'/^Microsoft-WebDAV-MiniRedir/',
-			];
-		}
-
-		if ($request->isUserAgent($incompatibleUserAgents)) {
-			return;
-		}
-
-		if (count($_COOKIE) > 0) {
-			$requestUri = $request->getScriptName();
-			$processingScript = explode('/', $requestUri);
-			$processingScript = $processingScript[count($processingScript) - 1];
-
-			// index.php routes are handled in the middleware
-			if ($processingScript === 'index.php') {
-				return;
-			}
-
-			// All other endpoints require the lax and the strict cookie
-			if (!$request->passesStrictCookieCheck()) {
-				self::sendSameSiteCookies();
-				// Debug mode gets access to the resources without strict cookie
-				// due to the fact that the SabreDAV browser also lives there.
-				if (!$config->getSystemValue('debug', false)) {
-					http_response_code(\OCP\AppFramework\Http::STATUS_SERVICE_UNAVAILABLE);
-					exit();
-				}
-			}
-		} elseif (!isset($_COOKIE['nc_sameSiteCookielax']) || !isset($_COOKIE['nc_sameSiteCookiestrict'])) {
-			self::sendSameSiteCookies();
-		}
-	}
-
-	public static function init() {
-		// calculate the root directories
-		OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
-
-		// register autoloader
-		$loaderStart = microtime(true);
-		require_once __DIR__ . '/autoloader.php';
-		self::$loader = new \OC\Autoloader([
-			OC::$SERVERROOT . '/lib/private/legacy',
-		]);
-		if (defined('PHPUNIT_RUN')) {
-			self::$loader->addValidRoot(OC::$SERVERROOT . '/tests');
-		}
-		spl_autoload_register([self::$loader, 'load']);
-		$loaderEnd = microtime(true);
-
-		self::$CLI = (php_sapi_name() == 'cli');
-
-		// Add default composer PSR-4 autoloader
-		self::$composerAutoloader = require_once OC::$SERVERROOT . '/lib/composer/autoload.php';
-
-		try {
-			self::initPaths();
-			// setup 3rdparty autoloader
-			$vendorAutoLoad = OC::$SERVERROOT. '/3rdparty/autoload.php';
-			if (!file_exists($vendorAutoLoad)) {
-				throw new \RuntimeException('Composer autoloader not found, unable to continue. Check the folder "3rdparty". Running "git submodule update --init" will initialize the git submodule that handles the subfolder "3rdparty".');
-			}
-			require_once $vendorAutoLoad;
-		} catch (\RuntimeException $e) {
-			if (!self::$CLI) {
-				http_response_code(503);
-			}
-			// we can't use the template error page here, because this needs the
-			// DI container which isn't available yet
-			print($e->getMessage());
-			exit();
-		}
-
-		// setup the basic server
-		self::$server = new \OC\Server(\OC::$WEBROOT, self::$config);
-		self::$server->boot();
-		$eventLogger = \OC::$server->getEventLogger();
-		$eventLogger->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
-		$eventLogger->start('boot', 'Initialize');
-
-		// Override php.ini and log everything if we're troubleshooting
-		if (self::$config->getValue('loglevel') === ILogger::DEBUG) {
-			error_reporting(E_ALL);
-		}
-
-		// Don't display errors and log them
-		@ini_set('display_errors', '0');
-		@ini_set('log_errors', '1');
-
-		if (!date_default_timezone_set('UTC')) {
-			throw new \RuntimeException('Could not set timezone to UTC');
-		}
-
-		//try to configure php to enable big file uploads.
-		//this doesn´t work always depending on the webserver and php configuration.
-		//Let´s try to overwrite some defaults anyway
-
-		//try to set the maximum execution time to 60min
-		if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-			@set_time_limit(3600);
-		}
-		@ini_set('max_execution_time', '3600');
-		@ini_set('max_input_time', '3600');
-
-		self::setRequiredIniValues();
-		self::handleAuthHeaders();
-		$systemConfig = \OC::$server->get(\OC\SystemConfig::class);
-		self::registerAutoloaderCache($systemConfig);
-
-		// initialize intl fallback if necessary
-		OC_Util::isSetLocaleWorking();
-
-		$config = \OC::$server->get(\OCP\IConfig::class);
-		if (!defined('PHPUNIT_RUN')) {
-			OC\Log\ErrorHandler::setLogger(\OC::$server->getLogger());
-			$debug = $config->getSystemValue('debug', false);
-			OC\Log\ErrorHandler::register($debug);
-		}
-
-		/** @var \OC\AppFramework\Bootstrap\Coordinator $bootstrapCoordinator */
-		$bootstrapCoordinator = \OC::$server->query(\OC\AppFramework\Bootstrap\Coordinator::class);
-		$bootstrapCoordinator->runInitialRegistration();
-
-		$eventLogger->start('init_session', 'Initialize session');
-		OC_App::loadApps(['session']);
-		if (!self::$CLI) {
-			self::initSession();
-		}
-		$eventLogger->end('init_session');
-		self::checkConfig();
-		self::checkInstalled($systemConfig);
-
-		OC_Response::addSecurityHeaders();
-
-		self::performSameSiteCookieProtection($config);
-
-		if (!defined('OC_CONSOLE')) {
-			$errors = OC_Util::checkServer($systemConfig);
-			if (count($errors) > 0) {
-				if (!self::$CLI) {
-					http_response_code(503);
-					OC_Util::addStyle('guest');
-					try {
-						OC_Template::printGuestPage('', 'error', ['errors' => $errors]);
-						exit;
-					} catch (\Exception $e) {
-						// In case any error happens when showing the error page, we simply fall back to posting the text.
-						// This might be the case when e.g. the data directory is broken and we can not load/write SCSS to/from it.
-					}
-				}
-
-				// Convert l10n string into regular string for usage in database
-				$staticErrors = [];
-				foreach ($errors as $error) {
-					echo $error['error'] . "\n";
-					echo $error['hint'] . "\n\n";
-					$staticErrors[] = [
-						'error' => (string)$error['error'],
-						'hint' => (string)$error['hint'],
-					];
-				}
-
-				try {
-					$config->setAppValue('core', 'cronErrors', json_encode($staticErrors));
-				} catch (\Exception $e) {
-					echo('Writing to database failed');
-				}
-				exit(1);
-			} elseif (self::$CLI && $config->getSystemValue('installed', false)) {
-				$config->deleteAppValue('core', 'cronErrors');
-			}
-		}
-		//try to set the session lifetime
-		$sessionLifeTime = self::getSessionLifeTime();
-		@ini_set('gc_maxlifetime', (string)$sessionLifeTime);
-
-		// User and Groups
-		if (!$systemConfig->getValue("installed", false)) {
-			self::$server->getSession()->set('user_id', '');
-		}
-
-		OC_User::useBackend(new \OC\User\Database());
-		\OC::$server->getGroupManager()->addBackend(new \OC\Group\Database());
-
-		// Subscribe to the hook
-		\OCP\Util::connectHook(
-			'\OCA\Files_Sharing\API\Server2Server',
-			'preLoginNameUsedAsUserName',
-			'\OC\User\Database',
-			'preLoginNameUsedAsUserName'
-		);
-
-		//setup extra user backends
-		if (!\OCP\Util::needUpgrade()) {
-			OC_User::setupBackends();
-		} else {
-			// Run upgrades in incognito mode
-			OC_User::setIncognitoMode(true);
-		}
-
-		self::registerCleanupHooks($systemConfig);
-		self::registerFilesystemHooks();
-		self::registerShareHooks($systemConfig);
-		self::registerEncryptionWrapperAndHooks();
-		self::registerAccountHooks();
-		self::registerResourceCollectionHooks();
-		self::registerAppRestrictionsHooks();
-
-		// Make sure that the application class is not loaded before the database is setup
-		if ($systemConfig->getValue("installed", false)) {
-			OC_App::loadApp('settings');
-		}
-
-		//make sure temporary files are cleaned up
-		$tmpManager = \OC::$server->getTempManager();
-		register_shutdown_function([$tmpManager, 'clean']);
-		$lockProvider = \OC::$server->getLockingProvider();
-		register_shutdown_function([$lockProvider, 'releaseAll']);
-
-		// Check whether the sample configuration has been copied
-		if ($systemConfig->getValue('copied_sample_config', false)) {
-			$l = \OC::$server->getL10N('lib');
-			OC_Template::printErrorPage(
-				$l->t('Sample configuration detected'),
-				$l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php'),
-				503
-			);
-			return;
-		}
-
-		$request = \OC::$server->getRequest();
-		$host = $request->getInsecureServerHost();
-		/**
-		 * if the host passed in headers isn't trusted
-		 * FIXME: Should not be in here at all :see_no_evil:
-		 */
-		if (!OC::$CLI
-			&& !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host)
-			&& $config->getSystemValue('installed', false)
-		) {
-			// Allow access to CSS resources
-			$isScssRequest = false;
-			if (strpos($request->getPathInfo(), '/css/') === 0) {
-				$isScssRequest = true;
-			}
-
-			if (substr($request->getRequestUri(), -11) === '/status.php') {
-				http_response_code(400);
-				header('Content-Type: application/json');
-				echo '{"error": "Trusted domain error.", "code": 15}';
-				exit();
-			}
-
-			if (!$isScssRequest) {
-				http_response_code(400);
-
-				\OC::$server->getLogger()->info(
-					'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.',
-					[
-						'app' => 'core',
-						'remoteAddress' => $request->getRemoteAddress(),
-						'host' => $host,
-					]
-				);
-
-				$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
-				$tmpl->assign('docUrl', \OC::$server->getURLGenerator()->linkToDocs('admin-trusted-domains'));
-				$tmpl->printPage();
-
-				exit();
-			}
-		}
-		$eventLogger->end('boot');
-	}
-
-	/**
-	 * register hooks for the cleanup of cache and bruteforce protection
-	 */
-	public static function registerCleanupHooks(\OC\SystemConfig $systemConfig) {
-		//don't try to do this before we are properly setup
-		if ($systemConfig->getValue('installed', false) && !\OCP\Util::needUpgrade()) {
-
-			// NOTE: This will be replaced to use OCP
-			$userSession = self::$server->getUserSession();
-			$userSession->listen('\OC\User', 'postLogin', function () use ($userSession) {
-				if (!defined('PHPUNIT_RUN') && $userSession->isLoggedIn()) {
-					// reset brute force delay for this IP address and username
-					$uid = \OC::$server->getUserSession()->getUser()->getUID();
-					$request = \OC::$server->getRequest();
-					$throttler = \OC::$server->getBruteForceThrottler();
-					$throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
-				}
-
-				try {
-					$cache = new \OC\Cache\File();
-					$cache->gc();
-				} catch (\OC\ServerNotAvailableException $e) {
-					// not a GC exception, pass it on
-					throw $e;
-				} catch (\OC\ForbiddenException $e) {
-					// filesystem blocked for this request, ignore
-				} catch (\Exception $e) {
-					// a GC exception should not prevent users from using OC,
-					// so log the exception
-					\OC::$server->getLogger()->logException($e, [
-						'message' => 'Exception when running cache gc.',
-						'level' => ILogger::WARN,
-						'app' => 'core',
-					]);
-				}
-			});
-		}
-	}
-
-	private static function registerEncryptionWrapperAndHooks() {
-		$manager = self::$server->getEncryptionManager();
-		\OCP\Util::connectHook('OC_Filesystem', 'preSetup', $manager, 'setupStorage');
-
-		$enabled = $manager->isEnabled();
-		if ($enabled) {
-			\OCP\Util::connectHook(Share::class, 'post_shared', HookManager::class, 'postShared');
-			\OCP\Util::connectHook(Share::class, 'post_unshare', HookManager::class, 'postUnshared');
-			\OCP\Util::connectHook('OC_Filesystem', 'post_rename', HookManager::class, 'postRename');
-			\OCP\Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', HookManager::class, 'postRestore');
-		}
-	}
-
-	private static function registerAccountHooks() {
-		/** @var IEventDispatcher $dispatcher */
-		$dispatcher = \OC::$server->get(IEventDispatcher::class);
-		$dispatcher->addServiceListener(UserChangedEvent::class, \OC\Accounts\Hooks::class);
-	}
-
-	private static function registerAppRestrictionsHooks() {
-		/** @var \OC\Group\Manager $groupManager */
-		$groupManager = self::$server->query(\OCP\IGroupManager::class);
-		$groupManager->listen('\OC\Group', 'postDelete', function (\OCP\IGroup $group) {
-			$appManager = self::$server->getAppManager();
-			$apps = $appManager->getEnabledAppsForGroup($group);
-			foreach ($apps as $appId) {
-				$restrictions = $appManager->getAppRestriction($appId);
-				if (empty($restrictions)) {
-					continue;
-				}
-				$key = array_search($group->getGID(), $restrictions);
-				unset($restrictions[$key]);
-				$restrictions = array_values($restrictions);
-				if (empty($restrictions)) {
-					$appManager->disableApp($appId);
-				} else {
-					$appManager->enableAppForGroups($appId, $restrictions);
-				}
-			}
-		});
-	}
-
-	private static function registerResourceCollectionHooks() {
-		\OC\Collaboration\Resources\Listener::register(\OC::$server->getEventDispatcher());
-	}
-
-	/**
-	 * register hooks for the filesystem
-	 */
-	public static function registerFilesystemHooks() {
-		// Check for blacklisted files
-		OC_Hook::connect('OC_Filesystem', 'write', Filesystem::class, 'isBlacklisted');
-		OC_Hook::connect('OC_Filesystem', 'rename', Filesystem::class, 'isBlacklisted');
-	}
-
-	/**
-	 * register hooks for sharing
-	 */
-	public static function registerShareHooks(\OC\SystemConfig $systemConfig) {
-		if ($systemConfig->getValue('installed')) {
-			OC_Hook::connect('OC_User', 'post_deleteUser', Hooks::class, 'post_deleteUser');
-			OC_Hook::connect('OC_User', 'post_deleteGroup', Hooks::class, 'post_deleteGroup');
-
-			/** @var IEventDispatcher $dispatcher */
-			$dispatcher = \OC::$server->get(IEventDispatcher::class);
-			$dispatcher->addServiceListener(UserRemovedEvent::class, \OC\Share20\UserRemovedListener::class);
-		}
-	}
-
-	protected static function registerAutoloaderCache(\OC\SystemConfig $systemConfig) {
-		// The class loader takes an optional low-latency cache, which MUST be
-		// namespaced. The instanceid is used for namespacing, but might be
-		// unavailable at this point. Furthermore, it might not be possible to
-		// generate an instanceid via \OC_Util::getInstanceId() because the
-		// config file may not be writable. As such, we only register a class
-		// loader cache if instanceid is available without trying to create one.
-		$instanceId = $systemConfig->getValue('instanceid', null);
-		if ($instanceId) {
-			try {
-				$memcacheFactory = \OC::$server->getMemCacheFactory();
-				self::$loader->setMemoryCache($memcacheFactory->createLocal('Autoloader'));
-			} catch (\Exception $ex) {
-			}
-		}
-	}
-
-	/**
-	 * Handle the request
-	 */
-	public static function handleRequest() {
-		\OC::$server->getEventLogger()->start('handle_request', 'Handle request');
-		$systemConfig = \OC::$server->getSystemConfig();
-
-		// Check if Nextcloud is installed or in maintenance (update) mode
-		if (!$systemConfig->getValue('installed', false)) {
-			\OC::$server->getSession()->clear();
-			$setupHelper = new OC\Setup(
-				$systemConfig,
-				\OC::$server->get(\bantu\IniGetWrapper\IniGetWrapper::class),
-				\OC::$server->getL10N('lib'),
-				\OC::$server->query(\OCP\Defaults::class),
-				\OC::$server->get(\Psr\Log\LoggerInterface::class),
-				\OC::$server->getSecureRandom(),
-				\OC::$server->query(\OC\Installer::class)
-			);
-			$controller = new OC\Core\Controller\SetupController($setupHelper);
-			$controller->run($_POST);
-			exit();
-		}
-
-		$request = \OC::$server->getRequest();
-		$requestPath = $request->getRawPathInfo();
-		if ($requestPath === '/heartbeat') {
-			return;
-		}
-		if (substr($requestPath, -3) !== '.js') { // we need these files during the upgrade
-			self::checkMaintenanceMode($systemConfig);
-
-			if (\OCP\Util::needUpgrade()) {
-				if (function_exists('opcache_reset')) {
-					opcache_reset();
-				}
-				if (!((bool) $systemConfig->getValue('maintenance', false))) {
-					self::printUpgradePage($systemConfig);
-					exit();
-				}
-			}
-		}
-
-		// emergency app disabling
-		if ($requestPath === '/disableapp'
-			&& $request->getMethod() === 'POST'
-			&& ((array)$request->getParam('appid')) !== ''
-		) {
-			\OC_JSON::callCheck();
-			\OC_JSON::checkAdminUser();
-			$appIds = (array)$request->getParam('appid');
-			foreach ($appIds as $appId) {
-				$appId = \OC_App::cleanAppId($appId);
-				\OC::$server->getAppManager()->disableApp($appId);
-			}
-			\OC_JSON::success();
-			exit();
-		}
-
-		// Always load authentication apps
-		OC_App::loadApps(['authentication']);
-
-		// Load minimum set of apps
-		if (!\OCP\Util::needUpgrade()
-			&& !((bool) $systemConfig->getValue('maintenance', false))) {
-			// For logged-in users: Load everything
-			if (\OC::$server->getUserSession()->isLoggedIn()) {
-				OC_App::loadApps();
-			} else {
-				// For guests: Load only filesystem and logging
-				OC_App::loadApps(['filesystem', 'logging']);
-				self::handleLogin($request);
-			}
-		}
-
-		if (!self::$CLI) {
-			try {
-				if (!((bool) $systemConfig->getValue('maintenance', false)) && !\OCP\Util::needUpgrade()) {
-					OC_App::loadApps(['filesystem', 'logging']);
-					OC_App::loadApps();
-				}
-				OC::$server->get(\OC\Route\Router::class)->match($request->getRawPathInfo());
-				return;
-			} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
-				//header('HTTP/1.0 404 Not Found');
-			} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
-				http_response_code(405);
-				return;
-			}
-		}
-
-		// Handle WebDAV
-		if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'PROPFIND') {
-			// not allowed any more to prevent people
-			// mounting this root directly.
-			// Users need to mount remote.php/webdav instead.
-			http_response_code(405);
-			return;
-		}
-
-		// Someone is logged in
-		if (\OC::$server->getUserSession()->isLoggedIn()) {
-			OC_App::loadApps();
-			OC_User::setupBackends();
-			OC_Util::setupFS();
-			// FIXME
-			// Redirect to default application
-			OC_Util::redirectToDefaultPage();
-		} else {
-			// Not handled and not logged in
-			header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute('core.login.showLoginForm'));
-		}
-	}
-
-	/**
-	 * Check login: apache auth, auth token, basic auth
-	 *
-	 * @param OCP\IRequest $request
-	 * @return boolean
-	 */
-	public static function handleLogin(OCP\IRequest $request) {
-		$userSession = self::$server->getUserSession();
-		if (OC_User::handleApacheAuth()) {
-			return true;
-		}
-		if ($userSession->tryTokenLogin($request)) {
-			return true;
-		}
-		if (isset($_COOKIE['nc_username'])
-			&& isset($_COOKIE['nc_token'])
-			&& isset($_COOKIE['nc_session_id'])
-			&& $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) {
-			return true;
-		}
-		if ($userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
-			return true;
-		}
-		return false;
-	}
-
-	protected static function handleAuthHeaders() {
-		//copy http auth headers for apache+php-fcgid work around
-		if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
-			$_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
-		}
-
-		// Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
-		$vars = [
-			'HTTP_AUTHORIZATION', // apache+php-cgi work around
-			'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
-		];
-		foreach ($vars as $var) {
-			if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
-				$credentials = explode(':', base64_decode($matches[1]), 2);
-				if (count($credentials) === 2) {
-					$_SERVER['PHP_AUTH_USER'] = $credentials[0];
-					$_SERVER['PHP_AUTH_PW'] = $credentials[1];
-					break;
-				}
-			}
-		}
-	}
+    /**
+     * Associative array for autoloading. classname => filename
+     */
+    public static $CLASSPATH = [];
+    /**
+     * The installation path for Nextcloud  on the server (e.g. /srv/http/nextcloud)
+     */
+    public static $SERVERROOT = '';
+    /**
+     * the current request path relative to the Nextcloud root (e.g. files/index.php)
+     */
+    private static $SUBURI = '';
+    /**
+     * the Nextcloud root path for http requests (e.g. nextcloud/)
+     */
+    public static $WEBROOT = '';
+    /**
+     * The installation path array of the apps folder on the server (e.g. /srv/http/nextcloud) 'path' and
+     * web path in 'url'
+     */
+    public static $APPSROOTS = [];
+
+    /**
+     * @var string
+     */
+    public static $configDir;
+
+    /**
+     * requested app
+     */
+    public static $REQUESTEDAPP = '';
+
+    /**
+     * check if Nextcloud runs in cli mode
+     */
+    public static $CLI = false;
+
+    /**
+     * @var \OC\Autoloader $loader
+     */
+    public static $loader = null;
+
+    /** @var \Composer\Autoload\ClassLoader $composerAutoloader */
+    public static $composerAutoloader = null;
+
+    /**
+     * @var \OC\Server
+     */
+    public static $server = null;
+
+    /**
+     * @var \OC\Config
+     */
+    private static $config = null;
+
+    /**
+     * @throws \RuntimeException when the 3rdparty directory is missing or
+     * the app path list is empty or contains an invalid path
+     */
+    public static function initPaths() {
+        if (defined('PHPUNIT_CONFIG_DIR')) {
+            self::$configDir = OC::$SERVERROOT . '/' . PHPUNIT_CONFIG_DIR . '/';
+        } elseif (defined('PHPUNIT_RUN') and PHPUNIT_RUN and is_dir(OC::$SERVERROOT . '/tests/config/')) {
+            self::$configDir = OC::$SERVERROOT . '/tests/config/';
+        } elseif ($dir = getenv('NEXTCLOUD_CONFIG_DIR')) {
+            self::$configDir = rtrim($dir, '/') . '/';
+        } else {
+            self::$configDir = OC::$SERVERROOT . '/config/';
+        }
+        self::$config = new \OC\Config(self::$configDir);
+
+        OC::$SUBURI = str_replace("\\", "/", substr(realpath($_SERVER["SCRIPT_FILENAME"]), strlen(OC::$SERVERROOT)));
+        /**
+         * FIXME: The following lines are required because we can't yet instantiate
+         *        \OC::$server->getRequest() since \OC::$server does not yet exist.
+         */
+        $params = [
+            'server' => [
+                'SCRIPT_NAME' => $_SERVER['SCRIPT_NAME'],
+                'SCRIPT_FILENAME' => $_SERVER['SCRIPT_FILENAME'],
+            ],
+        ];
+        $fakeRequest = new \OC\AppFramework\Http\Request($params, new \OC\Security\SecureRandom(), new \OC\AllConfig(new \OC\SystemConfig(self::$config)));
+        $scriptName = $fakeRequest->getScriptName();
+        if (substr($scriptName, -1) == '/') {
+            $scriptName .= 'index.php';
+            //make sure suburi follows the same rules as scriptName
+            if (substr(OC::$SUBURI, -9) != 'index.php') {
+                if (substr(OC::$SUBURI, -1) != '/') {
+                    OC::$SUBURI = OC::$SUBURI . '/';
+                }
+                OC::$SUBURI = OC::$SUBURI . 'index.php';
+            }
+        }
+
+
+        if (OC::$CLI) {
+            OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
+        } else {
+            if (substr($scriptName, 0 - strlen(OC::$SUBURI)) === OC::$SUBURI) {
+                OC::$WEBROOT = substr($scriptName, 0, 0 - strlen(OC::$SUBURI));
+
+                if (OC::$WEBROOT != '' && OC::$WEBROOT[0] !== '/') {
+                    OC::$WEBROOT = '/' . OC::$WEBROOT;
+                }
+            } else {
+                // The scriptName is not ending with OC::$SUBURI
+                // This most likely means that we are calling from CLI.
+                // However some cron jobs still need to generate
+                // a web URL, so we use overwritewebroot as a fallback.
+                OC::$WEBROOT = self::$config->getValue('overwritewebroot', '');
+            }
+
+            // Resolve /nextcloud to /nextcloud/ to ensure to always have a trailing
+            // slash which is required by URL generation.
+            if (isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] === \OC::$WEBROOT &&
+                    substr($_SERVER['REQUEST_URI'], -1) !== '/') {
+                header('Location: '.\OC::$WEBROOT.'/');
+                exit();
+            }
+        }
+
+        // search the apps folder
+        $config_paths = self::$config->getValue('apps_paths', []);
+        if (!empty($config_paths)) {
+            foreach ($config_paths as $paths) {
+                if (isset($paths['url']) && isset($paths['path'])) {
+                    $paths['url'] = rtrim($paths['url'], '/');
+                    $paths['path'] = rtrim($paths['path'], '/');
+                    OC::$APPSROOTS[] = $paths;
+                }
+            }
+        } elseif (file_exists(OC::$SERVERROOT . '/apps')) {
+            OC::$APPSROOTS[] = ['path' => OC::$SERVERROOT . '/apps', 'url' => '/apps', 'writable' => true];
+        }
+
+        if (empty(OC::$APPSROOTS)) {
+            throw new \RuntimeException('apps directory not found! Please put the Nextcloud apps folder in the Nextcloud folder'
+                . '. You can also configure the location in the config.php file.');
+        }
+        $paths = [];
+        foreach (OC::$APPSROOTS as $path) {
+            $paths[] = $path['path'];
+            if (!is_dir($path['path'])) {
+                throw new \RuntimeException(sprintf('App directory "%s" not found! Please put the Nextcloud apps folder in the'
+                    . ' Nextcloud folder. You can also configure the location in the config.php file.', $path['path']));
+            }
+        }
+
+        // set the right include path
+        set_include_path(
+            implode(PATH_SEPARATOR, $paths)
+        );
+    }
+
+    public static function checkConfig() {
+        $l = \OC::$server->getL10N('lib');
+
+        // Create config if it does not already exist
+        $configFilePath = self::$configDir .'/config.php';
+        if (!file_exists($configFilePath)) {
+            @touch($configFilePath);
+        }
+
+        // Check if config is writable
+        $configFileWritable = is_writable($configFilePath);
+        if (!$configFileWritable && !OC_Helper::isReadOnlyConfigEnabled()
+            || !$configFileWritable && \OCP\Util::needUpgrade()) {
+            $urlGenerator = \OC::$server->getURLGenerator();
+
+            if (self::$CLI) {
+                echo $l->t('Cannot write into "config" directory!')."\n";
+                echo $l->t('This can usually be fixed by giving the webserver write access to the config directory.')."\n";
+                echo "\n";
+                echo $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.')."\n";
+                echo $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ])."\n";
+                exit;
+            } else {
+                OC_Template::printErrorPage(
+                    $l->t('Cannot write into "config" directory!'),
+                    $l->t('This can usually be fixed by giving the webserver write access to the config directory.') . ' '
+                    . $l->t('But, if you prefer to keep config.php file read only, set the option "config_is_read_only" to true in it.') . ' '
+                    . $l->t('See %s', [ $urlGenerator->linkToDocs('admin-config') ]),
+                    503
+                );
+            }
+        }
+    }
+
+    public static function checkInstalled(\OC\SystemConfig $systemConfig) {
+        if (defined('OC_CONSOLE')) {
+            return;
+        }
+        // Redirect to installer if not installed
+        if (!$systemConfig->getValue('installed', false) && OC::$SUBURI !== '/index.php' && OC::$SUBURI !== '/status.php') {
+            if (OC::$CLI) {
+                throw new Exception('Not installed');
+            } else {
+                $url = OC::$WEBROOT . '/index.php';
+                header('Location: ' . $url);
+            }
+            exit();
+        }
+    }
+
+    public static function checkMaintenanceMode(\OC\SystemConfig $systemConfig) {
+        // Allow ajax update script to execute without being stopped
+        if (((bool) $systemConfig->getValue('maintenance', false)) && OC::$SUBURI != '/core/ajax/update.php') {
+            // send http status 503
+            http_response_code(503);
+            header('Retry-After: 120');
+
+            // render error page
+            $template = new OC_Template('', 'update.user', 'guest');
+            OC_Util::addScript('dist/maintenance');
+            OC_Util::addStyle('core', 'guest');
+            $template->printPage();
+            die();
+        }
+    }
+
+    /**
+     * Prints the upgrade page
+     *
+     * @param \OC\SystemConfig $systemConfig
+     */
+    private static function printUpgradePage(\OC\SystemConfig $systemConfig) {
+        $disableWebUpdater = $systemConfig->getValue('upgrade.disable-web', false);
+        $tooBig = false;
+        if (!$disableWebUpdater) {
+            $apps = \OC::$server->getAppManager();
+            if ($apps->isInstalled('user_ldap')) {
+                $qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+
+                $result = $qb->select($qb->func()->count('*', 'user_count'))
+                    ->from('ldap_user_mapping')
+                    ->execute();
+                $row = $result->fetch();
+                $result->closeCursor();
+
+                $tooBig = ($row['user_count'] > 50);
+            }
+            if (!$tooBig && $apps->isInstalled('user_saml')) {
+                $qb = \OC::$server->getDatabaseConnection()->getQueryBuilder();
+
+                $result = $qb->select($qb->func()->count('*', 'user_count'))
+                    ->from('user_saml_users')
+                    ->execute();
+                $row = $result->fetch();
+                $result->closeCursor();
+
+                $tooBig = ($row['user_count'] > 50);
+            }
+            if (!$tooBig) {
+                // count users
+                $stats = \OC::$server->getUserManager()->countUsers();
+                $totalUsers = array_sum($stats);
+                $tooBig = ($totalUsers > 50);
+            }
+        }
+        $ignoreTooBigWarning = isset($_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup']) &&
+            $_GET['IKnowThatThisIsABigInstanceAndTheUpdateRequestCouldRunIntoATimeoutAndHowToRestoreABackup'] === 'IAmSuperSureToDoThis';
+
+        if ($disableWebUpdater || ($tooBig && !$ignoreTooBigWarning)) {
+            // send http status 503
+            http_response_code(503);
+            header('Retry-After: 120');
+
+            // render error page
+            $template = new OC_Template('', 'update.use-cli', 'guest');
+            $template->assign('productName', 'nextcloud'); // for now
+            $template->assign('version', OC_Util::getVersionString());
+            $template->assign('tooBig', $tooBig);
+
+            $template->printPage();
+            die();
+        }
+
+        // check whether this is a core update or apps update
+        $installedVersion = $systemConfig->getValue('version', '0.0.0');
+        $currentVersion = implode('.', \OCP\Util::getVersion());
+
+        // if not a core upgrade, then it's apps upgrade
+        $isAppsOnlyUpgrade = version_compare($currentVersion, $installedVersion, '=');
+
+        $oldTheme = $systemConfig->getValue('theme');
+        $systemConfig->setValue('theme', '');
+        OC_Util::addScript('update');
+
+        /** @var \OC\App\AppManager $appManager */
+        $appManager = \OC::$server->getAppManager();
+
+        $tmpl = new OC_Template('', 'update.admin', 'guest');
+        $tmpl->assign('version', OC_Util::getVersionString());
+        $tmpl->assign('isAppsOnlyUpgrade', $isAppsOnlyUpgrade);
+
+        // get third party apps
+        $ocVersion = \OCP\Util::getVersion();
+        $ocVersion = implode('.', $ocVersion);
+        $incompatibleApps = $appManager->getIncompatibleApps($ocVersion);
+        $incompatibleShippedApps = [];
+        foreach ($incompatibleApps as $appInfo) {
+            if ($appManager->isShipped($appInfo['id'])) {
+                $incompatibleShippedApps[] = $appInfo['name'] . ' (' . $appInfo['id'] . ')';
+            }
+        }
+
+        if (!empty($incompatibleShippedApps)) {
+            $l = \OC::$server->getL10N('core');
+            $hint = $l->t('The files of the app %1$s were not replaced correctly. Make sure it is a version compatible with the server.', [implode(', ', $incompatibleShippedApps)]);
+            throw new \OCP\HintException('The files of the app ' . implode(', ', $incompatibleShippedApps) . ' were not replaced correctly. Make sure it is a version compatible with the server.', $hint);
+        }
+
+        $tmpl->assign('appsToUpgrade', $appManager->getAppsNeedingUpgrade($ocVersion));
+        $tmpl->assign('incompatibleAppsList', $incompatibleApps);
+        try {
+            $defaults = new \OC_Defaults();
+            $tmpl->assign('productName', $defaults->getName());
+        } catch (Throwable $error) {
+            $tmpl->assign('productName', 'Nextcloud');
+        }
+        $tmpl->assign('oldTheme', $oldTheme);
+        $tmpl->printPage();
+    }
+
+    public static function initSession() {
+        if (self::$server->getRequest()->getServerProtocol() === 'https') {
+            ini_set('session.cookie_secure', 'true');
+        }
+
+        // prevents javascript from accessing php session cookies
+        ini_set('session.cookie_httponly', 'true');
+
+        // set the cookie path to the Nextcloud directory
+        $cookie_path = OC::$WEBROOT ? : '/';
+        ini_set('session.cookie_path', $cookie_path);
+
+        // Let the session name be changed in the initSession Hook
+        $sessionName = OC_Util::getInstanceId();
+
+        try {
+            // set the session name to the instance id - which is unique
+            $session = new \OC\Session\Internal($sessionName);
+
+            $cryptoWrapper = \OC::$server->getSessionCryptoWrapper();
+            $session = $cryptoWrapper->wrapSession($session);
+            self::$server->setSession($session);
+
+            // if session can't be started break with http 500 error
+        } catch (Exception $e) {
+            \OC::$server->getLogger()->logException($e, ['app' => 'base']);
+            //show the user a detailed error page
+            OC_Template::printExceptionErrorPage($e, 500);
+            die();
+        }
+
+        $sessionLifeTime = self::getSessionLifeTime();
+
+        // session timeout
+        if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) {
+            if (isset($_COOKIE[session_name()])) {
+                setcookie(session_name(), '', -1, self::$WEBROOT ? : '/');
+            }
+            \OC::$server->getUserSession()->logout();
+        }
+
+        $session->set('LAST_ACTIVITY', time());
+    }
+
+    /**
+     * @return string
+     */
+    private static function getSessionLifeTime() {
+        return \OC::$server->getConfig()->getSystemValue('session_lifetime', 60 * 60 * 24);
+    }
+
+    /**
+     * Try to set some values to the required Nextcloud default
+     */
+    public static function setRequiredIniValues() {
+        @ini_set('default_charset', 'UTF-8');
+        @ini_set('gd.jpeg_ignore_warning', '1');
+    }
+
+    /**
+     * Send the same site cookies
+     */
+    private static function sendSameSiteCookies() {
+        $cookieParams = session_get_cookie_params();
+        $secureCookie = ($cookieParams['secure'] === true) ? 'secure; ' : '';
+        $policies = [
+            'lax',
+            'strict',
+        ];
+
+        // Append __Host to the cookie if it meets the requirements
+        $cookiePrefix = '';
+        if ($cookieParams['secure'] === true && $cookieParams['path'] === '/') {
+            $cookiePrefix = '__Host-';
+        }
+
+        foreach ($policies as $policy) {
+            header(
+                sprintf(
+                    'Set-Cookie: %snc_sameSiteCookie%s=true; path=%s; httponly;' . $secureCookie . 'expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=%s',
+                    $cookiePrefix,
+                    $policy,
+                    $cookieParams['path'],
+                    $policy
+                ),
+                false
+            );
+        }
+    }
+
+    /**
+     * Same Site cookie to further mitigate CSRF attacks. This cookie has to
+     * be set in every request if cookies are sent to add a second level of
+     * defense against CSRF.
+     *
+     * If the cookie is not sent this will set the cookie and reload the page.
+     * We use an additional cookie since we want to protect logout CSRF and
+     * also we can't directly interfere with PHP's session mechanism.
+     */
+    private static function performSameSiteCookieProtection(\OCP\IConfig $config) {
+        $request = \OC::$server->getRequest();
+
+        // Some user agents are notorious and don't really properly follow HTTP
+        // specifications. For those, have an automated opt-out. Since the protection
+        // for remote.php is applied in base.php as starting point we need to opt out
+        // here.
+        $incompatibleUserAgents = $config->getSystemValue('csrf.optout');
+
+        // Fallback, if csrf.optout is unset
+        if (!is_array($incompatibleUserAgents)) {
+            $incompatibleUserAgents = [
+                // OS X Finder
+                '/^WebDAVFS/',
+                // Windows webdav drive
+                '/^Microsoft-WebDAV-MiniRedir/',
+            ];
+        }
+
+        if ($request->isUserAgent($incompatibleUserAgents)) {
+            return;
+        }
+
+        if (count($_COOKIE) > 0) {
+            $requestUri = $request->getScriptName();
+            $processingScript = explode('/', $requestUri);
+            $processingScript = $processingScript[count($processingScript) - 1];
+
+            // index.php routes are handled in the middleware
+            if ($processingScript === 'index.php') {
+                return;
+            }
+
+            // All other endpoints require the lax and the strict cookie
+            if (!$request->passesStrictCookieCheck()) {
+                self::sendSameSiteCookies();
+                // Debug mode gets access to the resources without strict cookie
+                // due to the fact that the SabreDAV browser also lives there.
+                if (!$config->getSystemValue('debug', false)) {
+                    http_response_code(\OCP\AppFramework\Http::STATUS_SERVICE_UNAVAILABLE);
+                    exit();
+                }
+            }
+        } elseif (!isset($_COOKIE['nc_sameSiteCookielax']) || !isset($_COOKIE['nc_sameSiteCookiestrict'])) {
+            self::sendSameSiteCookies();
+        }
+    }
+
+    public static function init() {
+        // calculate the root directories
+        OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
+
+        // register autoloader
+        $loaderStart = microtime(true);
+        require_once __DIR__ . '/autoloader.php';
+        self::$loader = new \OC\Autoloader([
+            OC::$SERVERROOT . '/lib/private/legacy',
+        ]);
+        if (defined('PHPUNIT_RUN')) {
+            self::$loader->addValidRoot(OC::$SERVERROOT . '/tests');
+        }
+        spl_autoload_register([self::$loader, 'load']);
+        $loaderEnd = microtime(true);
+
+        self::$CLI = (php_sapi_name() == 'cli');
+
+        // Add default composer PSR-4 autoloader
+        self::$composerAutoloader = require_once OC::$SERVERROOT . '/lib/composer/autoload.php';
+
+        try {
+            self::initPaths();
+            // setup 3rdparty autoloader
+            $vendorAutoLoad = OC::$SERVERROOT. '/3rdparty/autoload.php';
+            if (!file_exists($vendorAutoLoad)) {
+                throw new \RuntimeException('Composer autoloader not found, unable to continue. Check the folder "3rdparty". Running "git submodule update --init" will initialize the git submodule that handles the subfolder "3rdparty".');
+            }
+            require_once $vendorAutoLoad;
+        } catch (\RuntimeException $e) {
+            if (!self::$CLI) {
+                http_response_code(503);
+            }
+            // we can't use the template error page here, because this needs the
+            // DI container which isn't available yet
+            print($e->getMessage());
+            exit();
+        }
+
+        // setup the basic server
+        self::$server = new \OC\Server(\OC::$WEBROOT, self::$config);
+        self::$server->boot();
+        $eventLogger = \OC::$server->getEventLogger();
+        $eventLogger->log('autoloader', 'Autoloader', $loaderStart, $loaderEnd);
+        $eventLogger->start('boot', 'Initialize');
+
+        // Override php.ini and log everything if we're troubleshooting
+        if (self::$config->getValue('loglevel') === ILogger::DEBUG) {
+            error_reporting(E_ALL);
+        }
+
+        // Don't display errors and log them
+        @ini_set('display_errors', '0');
+        @ini_set('log_errors', '1');
+
+        if (!date_default_timezone_set('UTC')) {
+            throw new \RuntimeException('Could not set timezone to UTC');
+        }
+
+        //try to configure php to enable big file uploads.
+        //this doesn´t work always depending on the webserver and php configuration.
+        //Let´s try to overwrite some defaults anyway
+
+        //try to set the maximum execution time to 60min
+        if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
+            @set_time_limit(3600);
+        }
+        @ini_set('max_execution_time', '3600');
+        @ini_set('max_input_time', '3600');
+
+        self::setRequiredIniValues();
+        self::handleAuthHeaders();
+        $systemConfig = \OC::$server->get(\OC\SystemConfig::class);
+        self::registerAutoloaderCache($systemConfig);
+
+        // initialize intl fallback if necessary
+        OC_Util::isSetLocaleWorking();
+
+        $config = \OC::$server->get(\OCP\IConfig::class);
+        if (!defined('PHPUNIT_RUN')) {
+            OC\Log\ErrorHandler::setLogger(\OC::$server->getLogger());
+            $debug = $config->getSystemValue('debug', false);
+            OC\Log\ErrorHandler::register($debug);
+        }
+
+        /** @var \OC\AppFramework\Bootstrap\Coordinator $bootstrapCoordinator */
+        $bootstrapCoordinator = \OC::$server->query(\OC\AppFramework\Bootstrap\Coordinator::class);
+        $bootstrapCoordinator->runInitialRegistration();
+
+        $eventLogger->start('init_session', 'Initialize session');
+        OC_App::loadApps(['session']);
+        if (!self::$CLI) {
+            self::initSession();
+        }
+        $eventLogger->end('init_session');
+        self::checkConfig();
+        self::checkInstalled($systemConfig);
+
+        OC_Response::addSecurityHeaders();
+
+        self::performSameSiteCookieProtection($config);
+
+        if (!defined('OC_CONSOLE')) {
+            $errors = OC_Util::checkServer($systemConfig);
+            if (count($errors) > 0) {
+                if (!self::$CLI) {
+                    http_response_code(503);
+                    OC_Util::addStyle('guest');
+                    try {
+                        OC_Template::printGuestPage('', 'error', ['errors' => $errors]);
+                        exit;
+                    } catch (\Exception $e) {
+                        // In case any error happens when showing the error page, we simply fall back to posting the text.
+                        // This might be the case when e.g. the data directory is broken and we can not load/write SCSS to/from it.
+                    }
+                }
+
+                // Convert l10n string into regular string for usage in database
+                $staticErrors = [];
+                foreach ($errors as $error) {
+                    echo $error['error'] . "\n";
+                    echo $error['hint'] . "\n\n";
+                    $staticErrors[] = [
+                        'error' => (string)$error['error'],
+                        'hint' => (string)$error['hint'],
+                    ];
+                }
+
+                try {
+                    $config->setAppValue('core', 'cronErrors', json_encode($staticErrors));
+                } catch (\Exception $e) {
+                    echo('Writing to database failed');
+                }
+                exit(1);
+            } elseif (self::$CLI && $config->getSystemValue('installed', false)) {
+                $config->deleteAppValue('core', 'cronErrors');
+            }
+        }
+        //try to set the session lifetime
+        $sessionLifeTime = self::getSessionLifeTime();
+        @ini_set('gc_maxlifetime', (string)$sessionLifeTime);
+
+        // User and Groups
+        if (!$systemConfig->getValue("installed", false)) {
+            self::$server->getSession()->set('user_id', '');
+        }
+
+        OC_User::useBackend(new \OC\User\Database());
+        \OC::$server->getGroupManager()->addBackend(new \OC\Group\Database());
+
+        // Subscribe to the hook
+        \OCP\Util::connectHook(
+            '\OCA\Files_Sharing\API\Server2Server',
+            'preLoginNameUsedAsUserName',
+            '\OC\User\Database',
+            'preLoginNameUsedAsUserName'
+        );
+
+        //setup extra user backends
+        if (!\OCP\Util::needUpgrade()) {
+            OC_User::setupBackends();
+        } else {
+            // Run upgrades in incognito mode
+            OC_User::setIncognitoMode(true);
+        }
+
+        self::registerCleanupHooks($systemConfig);
+        self::registerFilesystemHooks();
+        self::registerShareHooks($systemConfig);
+        self::registerEncryptionWrapperAndHooks();
+        self::registerAccountHooks();
+        self::registerResourceCollectionHooks();
+        self::registerAppRestrictionsHooks();
+
+        // Make sure that the application class is not loaded before the database is setup
+        if ($systemConfig->getValue("installed", false)) {
+            OC_App::loadApp('settings');
+        }
+
+        //make sure temporary files are cleaned up
+        $tmpManager = \OC::$server->getTempManager();
+        register_shutdown_function([$tmpManager, 'clean']);
+        $lockProvider = \OC::$server->getLockingProvider();
+        register_shutdown_function([$lockProvider, 'releaseAll']);
+
+        // Check whether the sample configuration has been copied
+        if ($systemConfig->getValue('copied_sample_config', false)) {
+            $l = \OC::$server->getL10N('lib');
+            OC_Template::printErrorPage(
+                $l->t('Sample configuration detected'),
+                $l->t('It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php'),
+                503
+            );
+            return;
+        }
+
+        $request = \OC::$server->getRequest();
+        $host = $request->getInsecureServerHost();
+        /**
+         * if the host passed in headers isn't trusted
+         * FIXME: Should not be in here at all :see_no_evil:
+         */
+        if (!OC::$CLI
+            && !\OC::$server->getTrustedDomainHelper()->isTrustedDomain($host)
+            && $config->getSystemValue('installed', false)
+        ) {
+            // Allow access to CSS resources
+            $isScssRequest = false;
+            if (strpos($request->getPathInfo(), '/css/') === 0) {
+                $isScssRequest = true;
+            }
+
+            if (substr($request->getRequestUri(), -11) === '/status.php') {
+                http_response_code(400);
+                header('Content-Type: application/json');
+                echo '{"error": "Trusted domain error.", "code": 15}';
+                exit();
+            }
+
+            if (!$isScssRequest) {
+                http_response_code(400);
+
+                \OC::$server->getLogger()->info(
+                    'Trusted domain error. "{remoteAddress}" tried to access using "{host}" as host.',
+                    [
+                        'app' => 'core',
+                        'remoteAddress' => $request->getRemoteAddress(),
+                        'host' => $host,
+                    ]
+                );
+
+                $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
+                $tmpl->assign('docUrl', \OC::$server->getURLGenerator()->linkToDocs('admin-trusted-domains'));
+                $tmpl->printPage();
+
+                exit();
+            }
+        }
+        $eventLogger->end('boot');
+    }
+
+    /**
+     * register hooks for the cleanup of cache and bruteforce protection
+     */
+    public static function registerCleanupHooks(\OC\SystemConfig $systemConfig) {
+        //don't try to do this before we are properly setup
+        if ($systemConfig->getValue('installed', false) && !\OCP\Util::needUpgrade()) {
+
+            // NOTE: This will be replaced to use OCP
+            $userSession = self::$server->getUserSession();
+            $userSession->listen('\OC\User', 'postLogin', function () use ($userSession) {
+                if (!defined('PHPUNIT_RUN') && $userSession->isLoggedIn()) {
+                    // reset brute force delay for this IP address and username
+                    $uid = \OC::$server->getUserSession()->getUser()->getUID();
+                    $request = \OC::$server->getRequest();
+                    $throttler = \OC::$server->getBruteForceThrottler();
+                    $throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
+                }
+
+                try {
+                    $cache = new \OC\Cache\File();
+                    $cache->gc();
+                } catch (\OC\ServerNotAvailableException $e) {
+                    // not a GC exception, pass it on
+                    throw $e;
+                } catch (\OC\ForbiddenException $e) {
+                    // filesystem blocked for this request, ignore
+                } catch (\Exception $e) {
+                    // a GC exception should not prevent users from using OC,
+                    // so log the exception
+                    \OC::$server->getLogger()->logException($e, [
+                        'message' => 'Exception when running cache gc.',
+                        'level' => ILogger::WARN,
+                        'app' => 'core',
+                    ]);
+                }
+            });
+        }
+    }
+
+    private static function registerEncryptionWrapperAndHooks() {
+        $manager = self::$server->getEncryptionManager();
+        \OCP\Util::connectHook('OC_Filesystem', 'preSetup', $manager, 'setupStorage');
+
+        $enabled = $manager->isEnabled();
+        if ($enabled) {
+            \OCP\Util::connectHook(Share::class, 'post_shared', HookManager::class, 'postShared');
+            \OCP\Util::connectHook(Share::class, 'post_unshare', HookManager::class, 'postUnshared');
+            \OCP\Util::connectHook('OC_Filesystem', 'post_rename', HookManager::class, 'postRename');
+            \OCP\Util::connectHook('\OCA\Files_Trashbin\Trashbin', 'post_restore', HookManager::class, 'postRestore');
+        }
+    }
+
+    private static function registerAccountHooks() {
+        /** @var IEventDispatcher $dispatcher */
+        $dispatcher = \OC::$server->get(IEventDispatcher::class);
+        $dispatcher->addServiceListener(UserChangedEvent::class, \OC\Accounts\Hooks::class);
+    }
+
+    private static function registerAppRestrictionsHooks() {
+        /** @var \OC\Group\Manager $groupManager */
+        $groupManager = self::$server->query(\OCP\IGroupManager::class);
+        $groupManager->listen('\OC\Group', 'postDelete', function (\OCP\IGroup $group) {
+            $appManager = self::$server->getAppManager();
+            $apps = $appManager->getEnabledAppsForGroup($group);
+            foreach ($apps as $appId) {
+                $restrictions = $appManager->getAppRestriction($appId);
+                if (empty($restrictions)) {
+                    continue;
+                }
+                $key = array_search($group->getGID(), $restrictions);
+                unset($restrictions[$key]);
+                $restrictions = array_values($restrictions);
+                if (empty($restrictions)) {
+                    $appManager->disableApp($appId);
+                } else {
+                    $appManager->enableAppForGroups($appId, $restrictions);
+                }
+            }
+        });
+    }
+
+    private static function registerResourceCollectionHooks() {
+        \OC\Collaboration\Resources\Listener::register(\OC::$server->getEventDispatcher());
+    }
+
+    /**
+     * register hooks for the filesystem
+     */
+    public static function registerFilesystemHooks() {
+        // Check for blacklisted files
+        OC_Hook::connect('OC_Filesystem', 'write', Filesystem::class, 'isBlacklisted');
+        OC_Hook::connect('OC_Filesystem', 'rename', Filesystem::class, 'isBlacklisted');
+    }
+
+    /**
+     * register hooks for sharing
+     */
+    public static function registerShareHooks(\OC\SystemConfig $systemConfig) {
+        if ($systemConfig->getValue('installed')) {
+            OC_Hook::connect('OC_User', 'post_deleteUser', Hooks::class, 'post_deleteUser');
+            OC_Hook::connect('OC_User', 'post_deleteGroup', Hooks::class, 'post_deleteGroup');
+
+            /** @var IEventDispatcher $dispatcher */
+            $dispatcher = \OC::$server->get(IEventDispatcher::class);
+            $dispatcher->addServiceListener(UserRemovedEvent::class, \OC\Share20\UserRemovedListener::class);
+        }
+    }
+
+    protected static function registerAutoloaderCache(\OC\SystemConfig $systemConfig) {
+        // The class loader takes an optional low-latency cache, which MUST be
+        // namespaced. The instanceid is used for namespacing, but might be
+        // unavailable at this point. Furthermore, it might not be possible to
+        // generate an instanceid via \OC_Util::getInstanceId() because the
+        // config file may not be writable. As such, we only register a class
+        // loader cache if instanceid is available without trying to create one.
+        $instanceId = $systemConfig->getValue('instanceid', null);
+        if ($instanceId) {
+            try {
+                $memcacheFactory = \OC::$server->getMemCacheFactory();
+                self::$loader->setMemoryCache($memcacheFactory->createLocal('Autoloader'));
+            } catch (\Exception $ex) {
+            }
+        }
+    }
+
+    /**
+     * Handle the request
+     */
+    public static function handleRequest() {
+        \OC::$server->getEventLogger()->start('handle_request', 'Handle request');
+        $systemConfig = \OC::$server->getSystemConfig();
+
+        // Check if Nextcloud is installed or in maintenance (update) mode
+        if (!$systemConfig->getValue('installed', false)) {
+            \OC::$server->getSession()->clear();
+            $setupHelper = new OC\Setup(
+                $systemConfig,
+                \OC::$server->get(\bantu\IniGetWrapper\IniGetWrapper::class),
+                \OC::$server->getL10N('lib'),
+                \OC::$server->query(\OCP\Defaults::class),
+                \OC::$server->get(\Psr\Log\LoggerInterface::class),
+                \OC::$server->getSecureRandom(),
+                \OC::$server->query(\OC\Installer::class)
+            );
+            $controller = new OC\Core\Controller\SetupController($setupHelper);
+            $controller->run($_POST);
+            exit();
+        }
+
+        $request = \OC::$server->getRequest();
+        $requestPath = $request->getRawPathInfo();
+        if ($requestPath === '/heartbeat') {
+            return;
+        }
+        if (substr($requestPath, -3) !== '.js') { // we need these files during the upgrade
+            self::checkMaintenanceMode($systemConfig);
+
+            if (\OCP\Util::needUpgrade()) {
+                if (function_exists('opcache_reset')) {
+                    opcache_reset();
+                }
+                if (!((bool) $systemConfig->getValue('maintenance', false))) {
+                    self::printUpgradePage($systemConfig);
+                    exit();
+                }
+            }
+        }
+
+        // emergency app disabling
+        if ($requestPath === '/disableapp'
+            && $request->getMethod() === 'POST'
+            && ((array)$request->getParam('appid')) !== ''
+        ) {
+            \OC_JSON::callCheck();
+            \OC_JSON::checkAdminUser();
+            $appIds = (array)$request->getParam('appid');
+            foreach ($appIds as $appId) {
+                $appId = \OC_App::cleanAppId($appId);
+                \OC::$server->getAppManager()->disableApp($appId);
+            }
+            \OC_JSON::success();
+            exit();
+        }
+
+        // Always load authentication apps
+        OC_App::loadApps(['authentication']);
+
+        // Load minimum set of apps
+        if (!\OCP\Util::needUpgrade()
+            && !((bool) $systemConfig->getValue('maintenance', false))) {
+            // For logged-in users: Load everything
+            if (\OC::$server->getUserSession()->isLoggedIn()) {
+                OC_App::loadApps();
+            } else {
+                // For guests: Load only filesystem and logging
+                OC_App::loadApps(['filesystem', 'logging']);
+                self::handleLogin($request);
+            }
+        }
+
+        if (!self::$CLI) {
+            try {
+                if (!((bool) $systemConfig->getValue('maintenance', false)) && !\OCP\Util::needUpgrade()) {
+                    OC_App::loadApps(['filesystem', 'logging']);
+                    OC_App::loadApps();
+                }
+                OC::$server->get(\OC\Route\Router::class)->match($request->getRawPathInfo());
+                return;
+            } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
+                //header('HTTP/1.0 404 Not Found');
+            } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
+                http_response_code(405);
+                return;
+            }
+        }
+
+        // Handle WebDAV
+        if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'PROPFIND') {
+            // not allowed any more to prevent people
+            // mounting this root directly.
+            // Users need to mount remote.php/webdav instead.
+            http_response_code(405);
+            return;
+        }
+
+        // Someone is logged in
+        if (\OC::$server->getUserSession()->isLoggedIn()) {
+            OC_App::loadApps();
+            OC_User::setupBackends();
+            OC_Util::setupFS();
+            // FIXME
+            // Redirect to default application
+            OC_Util::redirectToDefaultPage();
+        } else {
+            // Not handled and not logged in
+            header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute('core.login.showLoginForm'));
+        }
+    }
+
+    /**
+     * Check login: apache auth, auth token, basic auth
+     *
+     * @param OCP\IRequest $request
+     * @return boolean
+     */
+    public static function handleLogin(OCP\IRequest $request) {
+        $userSession = self::$server->getUserSession();
+        if (OC_User::handleApacheAuth()) {
+            return true;
+        }
+        if ($userSession->tryTokenLogin($request)) {
+            return true;
+        }
+        if (isset($_COOKIE['nc_username'])
+            && isset($_COOKIE['nc_token'])
+            && isset($_COOKIE['nc_session_id'])
+            && $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) {
+            return true;
+        }
+        if ($userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
+            return true;
+        }
+        return false;
+    }
+
+    protected static function handleAuthHeaders() {
+        //copy http auth headers for apache+php-fcgid work around
+        if (isset($_SERVER['HTTP_XAUTHORIZATION']) && !isset($_SERVER['HTTP_AUTHORIZATION'])) {
+            $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER['HTTP_XAUTHORIZATION'];
+        }
+
+        // Extract PHP_AUTH_USER/PHP_AUTH_PW from other headers if necessary.
+        $vars = [
+            'HTTP_AUTHORIZATION', // apache+php-cgi work around
+            'REDIRECT_HTTP_AUTHORIZATION', // apache+php-cgi alternative
+        ];
+        foreach ($vars as $var) {
+            if (isset($_SERVER[$var]) && preg_match('/Basic\s+(.*)$/i', $_SERVER[$var], $matches)) {
+                $credentials = explode(':', base64_decode($matches[1]), 2);
+                if (count($credentials) === 2) {
+                    $_SERVER['PHP_AUTH_USER'] = $credentials[0];
+                    $_SERVER['PHP_AUTH_PW'] = $credentials[1];
+                    break;
+                }
+            }
+        }
+    }
 }
 
 OC::init();

Please login to merge, or discard this patch.

		@@ -31,59 +31,59 @@
		block discarded – undo
31	31	require_once __DIR__ . '/lib/versioncheck.php';
32	32
33	33	try {
34		- require_once __DIR__ . '/lib/base.php';
	34	+ require_once __DIR__ . '/lib/base.php';
35	35
36		- OC::handleRequest();
	36	+ OC::handleRequest();
37	37	} catch (\OC\ServiceUnavailableException $ex) {
38		- \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
	38	+ \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
39	39
40		- //show the user a detailed error page
41		- OC_Template::printExceptionErrorPage($ex, 503);
	40	+ //show the user a detailed error page
	41	+ OC_Template::printExceptionErrorPage($ex, 503);
42	42	} catch (\OCP\HintException $ex) {
43		- try {
44		- OC_Template::printErrorPage($ex->getMessage(), $ex->getHint(), 503);
45		- } catch (Exception $ex2) {
46		- try {
47		- \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
48		- \OC::$server->getLogger()->logException($ex2, ['app' => 'index']);
49		- } catch (Throwable $e) {
50		- // no way to log it properly - but to avoid a white page of death we try harder and ignore this one here
51		- }
	43	+ try {
	44	+ OC_Template::printErrorPage($ex->getMessage(), $ex->getHint(), 503);
	45	+ } catch (Exception $ex2) {
	46	+ try {
	47	+ \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
	48	+ \OC::$server->getLogger()->logException($ex2, ['app' => 'index']);
	49	+ } catch (Throwable $e) {
	50	+ // no way to log it properly - but to avoid a white page of death we try harder and ignore this one here
	51	+ }
52	52
53		- //show the user a detailed error page
54		- OC_Template::printExceptionErrorPage($ex, 500);
55		- }
	53	+ //show the user a detailed error page
	54	+ OC_Template::printExceptionErrorPage($ex, 500);
	55	+ }
56	56	} catch (\OC\User\LoginException $ex) {
57		- $request = \OC::$server->getRequest();
58		- /**
59		- * Routes with the @CORS annotation and other API endpoints should
60		- * not return a webpage, so we only print the error page when html is accepted,
61		- * otherwise we reply with a JSON array like the SecurityMiddleware would do.
62		- */
63		- if (stripos($request->getHeader('Accept'),'html') === false) {
64		- http_response_code(401);
65		- header('Content-Type: application/json; charset=utf-8');
66		- echo json_encode(['message' => $ex->getMessage()]);
67		- exit();
68		- }
69		- OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 401);
	57	+ $request = \OC::$server->getRequest();
	58	+ /**
	59	+ * Routes with the @CORS annotation and other API endpoints should
	60	+ * not return a webpage, so we only print the error page when html is accepted,
	61	+ * otherwise we reply with a JSON array like the SecurityMiddleware would do.
	62	+ */
	63	+ if (stripos($request->getHeader('Accept'),'html') === false) {
	64	+ http_response_code(401);
	65	+ header('Content-Type: application/json; charset=utf-8');
	66	+ echo json_encode(['message' => $ex->getMessage()]);
	67	+ exit();
	68	+ }
	69	+ OC_Template::printErrorPage($ex->getMessage(), $ex->getMessage(), 401);
70	70	} catch (Exception $ex) {
71		- \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
	71	+ \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
72	72
73		- //show the user a detailed error page
74		- OC_Template::printExceptionErrorPage($ex, 500);
	73	+ //show the user a detailed error page
	74	+ OC_Template::printExceptionErrorPage($ex, 500);
75	75	} catch (Error $ex) {
76		- try {
77		- \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
78		- } catch (Error $e) {
79		- http_response_code(500);
80		- header('Content-Type: text/plain; charset=utf-8');
81		- print("Internal Server Error\n\n");
82		- print("The server encountered an internal error and was unable to complete your request.\n");
83		- print("Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n");
84		- print("More details can be found in the webserver log.\n");
	76	+ try {
	77	+ \OC::$server->getLogger()->logException($ex, ['app' => 'index']);
	78	+ } catch (Error $e) {
	79	+ http_response_code(500);
	80	+ header('Content-Type: text/plain; charset=utf-8');
	81	+ print("Internal Server Error\n\n");
	82	+ print("The server encountered an internal error and was unable to complete your request.\n");
	83	+ print("Please contact the server administrator if this error reappears multiple times, please include the technical details below in your report.\n");
	84	+ print("More details can be found in the webserver log.\n");
85	85
86		- throw $ex;
87		- }
88		- OC_Template::printExceptionErrorPage($ex, 500);
	86	+ throw $ex;
	87	+ }
	88	+ OC_Template::printExceptionErrorPage($ex, 500);
89	89	}

		@@ -34,49 +34,49 @@
		block discarded – undo
34	34	* @since 23.0.0
35	35	*/
36	36	class HintException extends \Exception {
37		- private $hint;
	37	+ private $hint;
38	38
39		- /**
40		- * HintException constructor.
41		- *
42		- * @since 23.0.0
43		- * @param string $message The error message. It will be not revealed to the
44		- * the user (unless the hint is empty) and thus
45		- * should be not translated.
46		- * @param string $hint A useful message that is presented to the end
47		- * user. It should be translated, but must not
48		- * contain sensitive data.
49		- * @param int $code
50		- * @param \Exception\|null $previous
51		- */
52		- public function __construct($message, $hint = '', $code = 0, \Exception $previous = null) {
53		- $this->hint = $hint;
54		- parent::__construct($message, $code, $previous);
55		- }
	39	+ /**
	40	+ * HintException constructor.
	41	+ *
	42	+ * @since 23.0.0
	43	+ * @param string $message The error message. It will be not revealed to the
	44	+ * the user (unless the hint is empty) and thus
	45	+ * should be not translated.
	46	+ * @param string $hint A useful message that is presented to the end
	47	+ * user. It should be translated, but must not
	48	+ * contain sensitive data.
	49	+ * @param int $code
	50	+ * @param \Exception\|null $previous
	51	+ */
	52	+ public function __construct($message, $hint = '', $code = 0, \Exception $previous = null) {
	53	+ $this->hint = $hint;
	54	+ parent::__construct($message, $code, $previous);
	55	+ }
56	56
57		- /**
58		- * Returns a string representation of this Exception that includes the error
59		- * code, the message and the hint.
60		- *
61		- * @since 23.0.0
62		- * @return string
63		- */
64		- public function __toString(): string {
65		- return __CLASS__ . ": [{$this->code}]: {$this->message} ({$this->hint})\n";
66		- }
	57	+ /**
	58	+ * Returns a string representation of this Exception that includes the error
	59	+ * code, the message and the hint.
	60	+ *
	61	+ * @since 23.0.0
	62	+ * @return string
	63	+ */
	64	+ public function __toString(): string {
	65	+ return __CLASS__ . ": [{$this->code}]: {$this->message} ({$this->hint})\n";
	66	+ }
67	67
68		- /**
69		- * Returns the hint with the intention to be presented to the end user. If
70		- * an empty hint was specified upon instatiation, the message is returned
71		- * instead.
72		- *
73		- * @since 23.0.0
74		- * @return string
75		- */
76		- public function getHint(): string {
77		- if (empty($this->hint)) {
78		- return $this->message;
79		- }
80		- return $this->hint;
81		- }
	68	+ /**
	69	+ * Returns the hint with the intention to be presented to the end user. If
	70	+ * an empty hint was specified upon instatiation, the message is returned
	71	+ * instead.
	72	+ *
	73	+ * @since 23.0.0
	74	+ * @return string
	75	+ */
	76	+ public function getHint(): string {
	77	+ if (empty($this->hint)) {
	78	+ return $this->message;
	79	+ }
	80	+ return $this->hint;
	81	+ }
82	82	}

		@@ -49,186 +49,186 @@
		block discarded – undo
49	49	*/
50	50	class App {
51	51
52		- /** @var string[] */
53		- private static $nameSpaceCache = [];
54		-
55		- /**
56		- * Turns an app id into a namespace by either reading the appinfo.xml's
57		- * namespace tag or uppercasing the appid's first letter
58		- * @param string $appId the app id
59		- * @param string $topNamespace the namespace which should be prepended to
60		- * the transformed app id, defaults to OCA\
61		- * @return string the starting namespace for the app
62		- */
63		- public static function buildAppNamespace(string $appId, string $topNamespace = 'OCA\\'): string {
64		- // Hit the cache!
65		- if (isset(self::$nameSpaceCache[$appId])) {
66		- return $topNamespace . self::$nameSpaceCache[$appId];
67		- }
68		-
69		- $appInfo = \OC_App::getAppInfo($appId);
70		- if (isset($appInfo['namespace'])) {
71		- self::$nameSpaceCache[$appId] = trim($appInfo['namespace']);
72		- } else {
73		- if ($appId !== 'spreed') {
74		- // if the tag is not found, fall back to uppercasing the first letter
75		- self::$nameSpaceCache[$appId] = ucfirst($appId);
76		- } else {
77		- // For the Talk app (appid spreed) the above fallback doesn't work.
78		- // This leads to a problem when trying to install it freshly,
79		- // because the apps namespace is already registered before the
80		- // app is downloaded from the appstore, because of the hackish
81		- // global route index.php/call/{token} which is registered via
82		- // the core/routes.php so it does not have the app namespace.
83		- // @ref https://github.com/nextcloud/server/pull/19433
84		- self::$nameSpaceCache[$appId] = 'Talk';
85		- }
86		- }
87		-
88		- return $topNamespace . self::$nameSpaceCache[$appId];
89		- }
90		-
91		- public static function getAppIdForClass(string $className, string $topNamespace = 'OCA\\'): ?string {
92		- if (strpos($className, $topNamespace) !== 0) {
93		- return null;
94		- }
95		-
96		- foreach (self::$nameSpaceCache as $appId => $namespace) {
97		- if (strpos($className, $topNamespace . $namespace . '\\') === 0) {
98		- return $appId;
99		- }
100		- }
101		-
102		- return null;
103		- }
104		-
105		-
106		- /**
107		- * Shortcut for calling a controller method and printing the result
108		- *
109		- * @param string $controllerName the name of the controller under which it is
110		- * stored in the DI container
111		- * @param string $methodName the method that you want to call
112		- * @param DIContainer $container an instance of a pimple container.
113		- * @param array $urlParams list of URL parameters (optional)
114		- * @throws HintException
115		- */
116		- public static function main(string $controllerName, string $methodName, DIContainer $container, array $urlParams = null) {
117		- if (!is_null($urlParams)) {
118		- /** @var Request $request */
119		- $request = $container->query(IRequest::class);
120		- $request->setUrlParameters($urlParams);
121		- } elseif (isset($container['urlParams']) && !is_null($container['urlParams'])) {
122		- /** @var Request $request */
123		- $request = $container->query(IRequest::class);
124		- $request->setUrlParameters($container['urlParams']);
125		- }
126		- $appName = $container['AppName'];
127		-
128		- // first try $controllerName then go for \OCA\AppName\Controller\$controllerName
129		- try {
130		- $controller = $container->query($controllerName);
131		- } catch (QueryException $e) {
132		- if (strpos($controllerName, '\\Controller\\') !== false) {
133		- // This is from a global registered app route that is not enabled.
134		- [/OC(A)/, $app, /* Controller/Name*/] = explode('\\', $controllerName, 3);
135		- throw new HintException('App ' . strtolower($app) . ' is not enabled');
136		- }
137		-
138		- if ($appName === 'core') {
139		- $appNameSpace = 'OC\\Core';
140		- } else {
141		- $appNameSpace = self::buildAppNamespace($appName);
142		- }
143		- $controllerName = $appNameSpace . '\\Controller\\' . $controllerName;
144		- $controller = $container->query($controllerName);
145		- }
146		-
147		- // initialize the dispatcher and run all the middleware before the controller
148		- /** @var Dispatcher $dispatcher */
149		- $dispatcher = $container['Dispatcher'];
150		-
151		- [
152		- $httpHeaders,
153		- $responseHeaders,
154		- $responseCookies,
155		- $output,
156		- $response
157		- ] = $dispatcher->dispatch($controller, $methodName);
158		-
159		- $io = $container[IOutput::class];
160		-
161		- if (!is_null($httpHeaders)) {
162		- $io->setHeader($httpHeaders);
163		- }
164		-
165		- foreach ($responseHeaders as $name => $value) {
166		- $io->setHeader($name . ': ' . $value);
167		- }
168		-
169		- foreach ($responseCookies as $name => $value) {
170		- $expireDate = null;
171		- if ($value['expireDate'] instanceof \DateTime) {
172		- $expireDate = $value['expireDate']->getTimestamp();
173		- }
174		- $sameSite = $value['sameSite'] ?? 'Lax';
175		-
176		- $io->setCookie(
177		- $name,
178		- $value['value'],
179		- $expireDate,
180		- $container->getServer()->getWebRoot(),
181		- null,
182		- $container->getServer()->getRequest()->getServerProtocol() === 'https',
183		- true,
184		- $sameSite
185		- );
186		- }
187		-
188		- /*
	52	+ /** @var string[] */
	53	+ private static $nameSpaceCache = [];
	54	+
	55	+ /**
	56	+ * Turns an app id into a namespace by either reading the appinfo.xml's
	57	+ * namespace tag or uppercasing the appid's first letter
	58	+ * @param string $appId the app id
	59	+ * @param string $topNamespace the namespace which should be prepended to
	60	+ * the transformed app id, defaults to OCA\
	61	+ * @return string the starting namespace for the app
	62	+ */
	63	+ public static function buildAppNamespace(string $appId, string $topNamespace = 'OCA\\'): string {
	64	+ // Hit the cache!
	65	+ if (isset(self::$nameSpaceCache[$appId])) {
	66	+ return $topNamespace . self::$nameSpaceCache[$appId];
	67	+ }
	68	+
	69	+ $appInfo = \OC_App::getAppInfo($appId);
	70	+ if (isset($appInfo['namespace'])) {
	71	+ self::$nameSpaceCache[$appId] = trim($appInfo['namespace']);
	72	+ } else {
	73	+ if ($appId !== 'spreed') {
	74	+ // if the tag is not found, fall back to uppercasing the first letter
	75	+ self::$nameSpaceCache[$appId] = ucfirst($appId);
	76	+ } else {
	77	+ // For the Talk app (appid spreed) the above fallback doesn't work.
	78	+ // This leads to a problem when trying to install it freshly,
	79	+ // because the apps namespace is already registered before the
	80	+ // app is downloaded from the appstore, because of the hackish
	81	+ // global route index.php/call/{token} which is registered via
	82	+ // the core/routes.php so it does not have the app namespace.
	83	+ // @ref https://github.com/nextcloud/server/pull/19433
	84	+ self::$nameSpaceCache[$appId] = 'Talk';
	85	+ }
	86	+ }
	87	+
	88	+ return $topNamespace . self::$nameSpaceCache[$appId];
	89	+ }
	90	+
	91	+ public static function getAppIdForClass(string $className, string $topNamespace = 'OCA\\'): ?string {
	92	+ if (strpos($className, $topNamespace) !== 0) {
	93	+ return null;
	94	+ }
	95	+
	96	+ foreach (self::$nameSpaceCache as $appId => $namespace) {
	97	+ if (strpos($className, $topNamespace . $namespace . '\\') === 0) {
	98	+ return $appId;
	99	+ }
	100	+ }
	101	+
	102	+ return null;
	103	+ }
	104	+
	105	+
	106	+ /**
	107	+ * Shortcut for calling a controller method and printing the result
	108	+ *
	109	+ * @param string $controllerName the name of the controller under which it is
	110	+ * stored in the DI container
	111	+ * @param string $methodName the method that you want to call
	112	+ * @param DIContainer $container an instance of a pimple container.
	113	+ * @param array $urlParams list of URL parameters (optional)
	114	+ * @throws HintException
	115	+ */
	116	+ public static function main(string $controllerName, string $methodName, DIContainer $container, array $urlParams = null) {
	117	+ if (!is_null($urlParams)) {
	118	+ /** @var Request $request */
	119	+ $request = $container->query(IRequest::class);
	120	+ $request->setUrlParameters($urlParams);
	121	+ } elseif (isset($container['urlParams']) && !is_null($container['urlParams'])) {
	122	+ /** @var Request $request */
	123	+ $request = $container->query(IRequest::class);
	124	+ $request->setUrlParameters($container['urlParams']);
	125	+ }
	126	+ $appName = $container['AppName'];
	127	+
	128	+ // first try $controllerName then go for \OCA\AppName\Controller\$controllerName
	129	+ try {
	130	+ $controller = $container->query($controllerName);
	131	+ } catch (QueryException $e) {
	132	+ if (strpos($controllerName, '\\Controller\\') !== false) {
	133	+ // This is from a global registered app route that is not enabled.
	134	+ [/OC(A)/, $app, /* Controller/Name*/] = explode('\\', $controllerName, 3);
	135	+ throw new HintException('App ' . strtolower($app) . ' is not enabled');
	136	+ }
	137	+
	138	+ if ($appName === 'core') {
	139	+ $appNameSpace = 'OC\\Core';
	140	+ } else {
	141	+ $appNameSpace = self::buildAppNamespace($appName);
	142	+ }
	143	+ $controllerName = $appNameSpace . '\\Controller\\' . $controllerName;
	144	+ $controller = $container->query($controllerName);
	145	+ }
	146	+
	147	+ // initialize the dispatcher and run all the middleware before the controller
	148	+ /** @var Dispatcher $dispatcher */
	149	+ $dispatcher = $container['Dispatcher'];
	150	+
	151	+ [
	152	+ $httpHeaders,
	153	+ $responseHeaders,
	154	+ $responseCookies,
	155	+ $output,
	156	+ $response
	157	+ ] = $dispatcher->dispatch($controller, $methodName);
	158	+
	159	+ $io = $container[IOutput::class];
	160	+
	161	+ if (!is_null($httpHeaders)) {
	162	+ $io->setHeader($httpHeaders);
	163	+ }
	164	+
	165	+ foreach ($responseHeaders as $name => $value) {
	166	+ $io->setHeader($name . ': ' . $value);
	167	+ }
	168	+
	169	+ foreach ($responseCookies as $name => $value) {
	170	+ $expireDate = null;
	171	+ if ($value['expireDate'] instanceof \DateTime) {
	172	+ $expireDate = $value['expireDate']->getTimestamp();
	173	+ }
	174	+ $sameSite = $value['sameSite'] ?? 'Lax';
	175	+
	176	+ $io->setCookie(
	177	+ $name,
	178	+ $value['value'],
	179	+ $expireDate,
	180	+ $container->getServer()->getWebRoot(),
	181	+ null,
	182	+ $container->getServer()->getRequest()->getServerProtocol() === 'https',
	183	+ true,
	184	+ $sameSite
	185	+ );
	186	+ }
	187	+
	188	+ /*
189	189	* Status 204 does not have a body and no Content Length
190	190	* Status 304 does not have a body and does not need a Content Length
191	191	* https://tools.ietf.org/html/rfc7230#section-3.3
192	192	* https://tools.ietf.org/html/rfc7230#section-3.3.2
193	193	*/
194		- $emptyResponse = false;
195		- if (preg_match('/^HTTP\/\d\.\d (\d{3}) .*$/', $httpHeaders, $matches)) {
196		- $status = (int)$matches[1];
197		- if ($status === Http::STATUS_NO_CONTENT \|\| $status === Http::STATUS_NOT_MODIFIED) {
198		- $emptyResponse = true;
199		- }
200		- }
201		-
202		- if (!$emptyResponse) {
203		- if ($response instanceof ICallbackResponse) {
204		- $response->callback($io);
205		- } elseif (!is_null($output)) {
206		- $io->setHeader('Content-Length: ' . strlen($output));
207		- $io->setOutput($output);
208		- }
209		- }
210		- }
211		-
212		- /**
213		- * Shortcut for calling a controller method and printing the result.
214		- * Similar to App:main except that no headers will be sent.
215		- * This should be used for example when registering sections via
216		- * \OC\AppFramework\Core\API::registerAdmin()
217		- *
218		- * @param string $controllerName the name of the controller under which it is
219		- * stored in the DI container
220		- * @param string $methodName the method that you want to call
221		- * @param array $urlParams an array with variables extracted from the routes
222		- * @param DIContainer $container an instance of a pimple container.
223		- */
224		- public static function part(string $controllerName, string $methodName, array $urlParams,
225		- DIContainer $container) {
226		- $container['urlParams'] = $urlParams;
227		- $controller = $container[$controllerName];
228		-
229		- $dispatcher = $container['Dispatcher'];
230		-
231		- [, , $output] = $dispatcher->dispatch($controller, $methodName);
232		- return $output;
233		- }
	194	+ $emptyResponse = false;
	195	+ if (preg_match('/^HTTP\/\d\.\d (\d{3}) .*$/', $httpHeaders, $matches)) {
	196	+ $status = (int)$matches[1];
	197	+ if ($status === Http::STATUS_NO_CONTENT \|\| $status === Http::STATUS_NOT_MODIFIED) {
	198	+ $emptyResponse = true;
	199	+ }
	200	+ }
	201	+
	202	+ if (!$emptyResponse) {
	203	+ if ($response instanceof ICallbackResponse) {
	204	+ $response->callback($io);
	205	+ } elseif (!is_null($output)) {
	206	+ $io->setHeader('Content-Length: ' . strlen($output));
	207	+ $io->setOutput($output);
	208	+ }
	209	+ }
	210	+ }
	211	+
	212	+ /**
	213	+ * Shortcut for calling a controller method and printing the result.
	214	+ * Similar to App:main except that no headers will be sent.
	215	+ * This should be used for example when registering sections via
	216	+ * \OC\AppFramework\Core\API::registerAdmin()
	217	+ *
	218	+ * @param string $controllerName the name of the controller under which it is
	219	+ * stored in the DI container
	220	+ * @param string $methodName the method that you want to call
	221	+ * @param array $urlParams an array with variables extracted from the routes
	222	+ * @param DIContainer $container an instance of a pimple container.
	223	+ */
	224	+ public static function part(string $controllerName, string $methodName, array $urlParams,
	225	+ DIContainer $container) {
	226	+ $container['urlParams'] = $urlParams;
	227	+ $controller = $container[$controllerName];
	228	+
	229	+ $dispatcher = $container['Dispatcher'];
	230	+
	231	+ [, , $output] = $dispatcher->dispatch($controller, $methodName);
	232	+ return $output;
	233	+ }
234	234	}

		@@ -35,177 +35,177 @@
		block discarded – undo
35	35	use OCP\HintException;
36	36
37	37	class ExceptionSerializer {
38		- public const methodsWithSensitiveParameters = [
39		- // Session/User
40		- 'completeLogin',
41		- 'login',
42		- 'checkPassword',
43		- 'checkPasswordNoLogging',
44		- 'loginWithPassword',
45		- 'updatePrivateKeyPassword',
46		- 'validateUserPass',
47		- 'loginWithToken',
48		- '{closure}',
49		- 'createSessionToken',
50		-
51		- // Provisioning
52		- 'addUser',
53		-
54		- // TokenProvider
55		- 'getToken',
56		- 'isTokenPassword',
57		- 'getPassword',
58		- 'decryptPassword',
59		- 'logClientIn',
60		- 'generateToken',
61		- 'validateToken',
62		-
63		- // TwoFactorAuth
64		- 'solveChallenge',
65		- 'verifyChallenge',
66		-
67		- // ICrypto
68		- 'calculateHMAC',
69		- 'encrypt',
70		- 'decrypt',
71		-
72		- // LoginController
73		- 'tryLogin',
74		- 'confirmPassword',
75		-
76		- // LDAP
77		- 'bind',
78		- 'areCredentialsValid',
79		- 'invokeLDAPMethod',
80		-
81		- // Encryption
82		- 'storeKeyPair',
83		- 'setupUser',
84		- 'checkSignature',
85		-
86		- // files_external: OCA\Files_External\MountConfig
87		- 'getBackendStatus',
88		-
89		- // files_external: UserStoragesController
90		- 'update',
91		-
92		- // Preview providers, don't log big data strings
93		- 'imagecreatefromstring',
94		- ];
95		-
96		- /** @var SystemConfig */
97		- private $systemConfig;
98		-
99		- public function __construct(SystemConfig $systemConfig) {
100		- $this->systemConfig = $systemConfig;
101		- }
102		-
103		- public const methodsWithSensitiveParametersByClass = [
104		- SetupController::class => [
105		- 'run',
106		- 'display',
107		- 'loadAutoConfig',
108		- ],
109		- Setup::class => [
110		- 'install'
111		- ],
112		- Key::class => [
113		- '__construct'
114		- ],
115		- ];
116		-
117		- private function editTrace(array &$sensitiveValues, array $traceLine): array {
118		- if (isset($traceLine['args'])) {
119		- $sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
120		- }
121		- $traceLine['args'] = ['* sensitive parameters replaced *'];
122		- return $traceLine;
123		- }
124		-
125		- private function filterTrace(array $trace) {
126		- $sensitiveValues = [];
127		- $trace = array_map(function (array $traceLine) use (&$sensitiveValues) {
128		- $className = $traceLine['class'] ?? '';
129		- if ($className && isset(self::methodsWithSensitiveParametersByClass[$className])
130		- && in_array($traceLine['function'], self::methodsWithSensitiveParametersByClass[$className], true)) {
131		- return $this->editTrace($sensitiveValues, $traceLine);
132		- }
133		- foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
134		- if (strpos($traceLine['function'], $sensitiveMethod) !== false) {
135		- return $this->editTrace($sensitiveValues, $traceLine);
136		- }
137		- }
138		- return $traceLine;
139		- }, $trace);
140		- return array_map(function (array $traceLine) use ($sensitiveValues) {
141		- if (isset($traceLine['args'])) {
142		- $traceLine['args'] = $this->removeValuesFromArgs($traceLine['args'], $sensitiveValues);
143		- }
144		- return $traceLine;
145		- }, $trace);
146		- }
147		-
148		- private function removeValuesFromArgs($args, $values) {
149		- foreach ($args as &$arg) {
150		- if (in_array($arg, $values, true)) {
151		- $arg = '* sensitive parameter replaced *';
152		- } elseif (is_array($arg)) {
153		- $arg = $this->removeValuesFromArgs($arg, $values);
154		- }
155		- }
156		- return $args;
157		- }
158		-
159		- private function encodeTrace($trace) {
160		- $filteredTrace = $this->filterTrace($trace);
161		- return array_map(function (array $line) {
162		- if (isset($line['args'])) {
163		- $line['args'] = array_map([$this, 'encodeArg'], $line['args']);
164		- }
165		- return $line;
166		- }, $filteredTrace);
167		- }
168		-
169		- private function encodeArg($arg) {
170		- if (is_object($arg)) {
171		- $data = get_object_vars($arg);
172		- $data['__class__'] = get_class($arg);
173		- return array_map([$this, 'encodeArg'], $data);
174		- }
175		-
176		- if (is_array($arg)) {
177		- // Only log the first 5 elements of an array unless we are on debug
178		- if ((int)$this->systemConfig->getValue('loglevel', 2) !== 0) {
179		- $elemCount = count($arg);
180		- if ($elemCount > 5) {
181		- $arg = array_slice($arg, 0, 5);
182		- $arg[] = 'And ' . ($elemCount - 5) . ' more entries, set log level to debug to see all entries';
183		- }
184		- }
185		- return array_map([$this, 'encodeArg'], $arg);
186		- }
187		-
188		- return $arg;
189		- }
190		-
191		- public function serializeException(\Throwable $exception) {
192		- $data = [
193		- 'Exception' => get_class($exception),
194		- 'Message' => $exception->getMessage(),
195		- 'Code' => $exception->getCode(),
196		- 'Trace' => $this->encodeTrace($exception->getTrace()),
197		- 'File' => $exception->getFile(),
198		- 'Line' => $exception->getLine(),
199		- ];
200		-
201		- if ($exception instanceof HintException) {
202		- $data['Hint'] = $exception->getHint();
203		- }
204		-
205		- if ($exception->getPrevious()) {
206		- $data['Previous'] = $this->serializeException($exception->getPrevious());
207		- }
208		-
209		- return $data;
210		- }
	38	+ public const methodsWithSensitiveParameters = [
	39	+ // Session/User
	40	+ 'completeLogin',
	41	+ 'login',
	42	+ 'checkPassword',
	43	+ 'checkPasswordNoLogging',
	44	+ 'loginWithPassword',
	45	+ 'updatePrivateKeyPassword',
	46	+ 'validateUserPass',
	47	+ 'loginWithToken',
	48	+ '{closure}',
	49	+ 'createSessionToken',
	50	+
	51	+ // Provisioning
	52	+ 'addUser',
	53	+
	54	+ // TokenProvider
	55	+ 'getToken',
	56	+ 'isTokenPassword',
	57	+ 'getPassword',
	58	+ 'decryptPassword',
	59	+ 'logClientIn',
	60	+ 'generateToken',
	61	+ 'validateToken',
	62	+
	63	+ // TwoFactorAuth
	64	+ 'solveChallenge',
	65	+ 'verifyChallenge',
	66	+
	67	+ // ICrypto
	68	+ 'calculateHMAC',
	69	+ 'encrypt',
	70	+ 'decrypt',
	71	+
	72	+ // LoginController
	73	+ 'tryLogin',
	74	+ 'confirmPassword',
	75	+
	76	+ // LDAP
	77	+ 'bind',
	78	+ 'areCredentialsValid',
	79	+ 'invokeLDAPMethod',
	80	+
	81	+ // Encryption
	82	+ 'storeKeyPair',
	83	+ 'setupUser',
	84	+ 'checkSignature',
	85	+
	86	+ // files_external: OCA\Files_External\MountConfig
	87	+ 'getBackendStatus',
	88	+
	89	+ // files_external: UserStoragesController
	90	+ 'update',
	91	+
	92	+ // Preview providers, don't log big data strings
	93	+ 'imagecreatefromstring',
	94	+ ];
	95	+
	96	+ /** @var SystemConfig */
	97	+ private $systemConfig;
	98	+
	99	+ public function __construct(SystemConfig $systemConfig) {
	100	+ $this->systemConfig = $systemConfig;
	101	+ }
	102	+
	103	+ public const methodsWithSensitiveParametersByClass = [
	104	+ SetupController::class => [
	105	+ 'run',
	106	+ 'display',
	107	+ 'loadAutoConfig',
	108	+ ],
	109	+ Setup::class => [
	110	+ 'install'
	111	+ ],
	112	+ Key::class => [
	113	+ '__construct'
	114	+ ],
	115	+ ];
	116	+
	117	+ private function editTrace(array &$sensitiveValues, array $traceLine): array {
	118	+ if (isset($traceLine['args'])) {
	119	+ $sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
	120	+ }
	121	+ $traceLine['args'] = ['* sensitive parameters replaced *'];
	122	+ return $traceLine;
	123	+ }
	124	+
	125	+ private function filterTrace(array $trace) {
	126	+ $sensitiveValues = [];
	127	+ $trace = array_map(function (array $traceLine) use (&$sensitiveValues) {
	128	+ $className = $traceLine['class'] ?? '';
	129	+ if ($className && isset(self::methodsWithSensitiveParametersByClass[$className])
	130	+ && in_array($traceLine['function'], self::methodsWithSensitiveParametersByClass[$className], true)) {
	131	+ return $this->editTrace($sensitiveValues, $traceLine);
	132	+ }
	133	+ foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
	134	+ if (strpos($traceLine['function'], $sensitiveMethod) !== false) {
	135	+ return $this->editTrace($sensitiveValues, $traceLine);
	136	+ }
	137	+ }
	138	+ return $traceLine;
	139	+ }, $trace);
	140	+ return array_map(function (array $traceLine) use ($sensitiveValues) {
	141	+ if (isset($traceLine['args'])) {
	142	+ $traceLine['args'] = $this->removeValuesFromArgs($traceLine['args'], $sensitiveValues);
	143	+ }
	144	+ return $traceLine;
	145	+ }, $trace);
	146	+ }
	147	+
	148	+ private function removeValuesFromArgs($args, $values) {
	149	+ foreach ($args as &$arg) {
	150	+ if (in_array($arg, $values, true)) {
	151	+ $arg = '* sensitive parameter replaced *';
	152	+ } elseif (is_array($arg)) {
	153	+ $arg = $this->removeValuesFromArgs($arg, $values);
	154	+ }
	155	+ }
	156	+ return $args;
	157	+ }
	158	+
	159	+ private function encodeTrace($trace) {
	160	+ $filteredTrace = $this->filterTrace($trace);
	161	+ return array_map(function (array $line) {
	162	+ if (isset($line['args'])) {
	163	+ $line['args'] = array_map([$this, 'encodeArg'], $line['args']);
	164	+ }
	165	+ return $line;
	166	+ }, $filteredTrace);
	167	+ }
	168	+
	169	+ private function encodeArg($arg) {
	170	+ if (is_object($arg)) {
	171	+ $data = get_object_vars($arg);
	172	+ $data['__class__'] = get_class($arg);
	173	+ return array_map([$this, 'encodeArg'], $data);
	174	+ }
	175	+
	176	+ if (is_array($arg)) {
	177	+ // Only log the first 5 elements of an array unless we are on debug
	178	+ if ((int)$this->systemConfig->getValue('loglevel', 2) !== 0) {
	179	+ $elemCount = count($arg);
	180	+ if ($elemCount > 5) {
	181	+ $arg = array_slice($arg, 0, 5);
	182	+ $arg[] = 'And ' . ($elemCount - 5) . ' more entries, set log level to debug to see all entries';
	183	+ }
	184	+ }
	185	+ return array_map([$this, 'encodeArg'], $arg);
	186	+ }
	187	+
	188	+ return $arg;
	189	+ }
	190	+
	191	+ public function serializeException(\Throwable $exception) {
	192	+ $data = [
	193	+ 'Exception' => get_class($exception),
	194	+ 'Message' => $exception->getMessage(),
	195	+ 'Code' => $exception->getCode(),
	196	+ 'Trace' => $this->encodeTrace($exception->getTrace()),
	197	+ 'File' => $exception->getFile(),
	198	+ 'Line' => $exception->getLine(),
	199	+ ];
	200	+
	201	+ if ($exception instanceof HintException) {
	202	+ $data['Hint'] = $exception->getHint();
	203	+ }
	204	+
	205	+ if ($exception->getPrevious()) {
	206	+ $data['Previous'] = $this->serializeException($exception->getPrevious());
	207	+ }
	208	+
	209	+ return $data;
	210	+ }
211	211	}

		@@ -29,118 +29,118 @@
		block discarded – undo
29	29	*
30	30	*/
31	31	class OC_Hook {
32		- public static $thrownExceptions = [];
	32	+ public static $thrownExceptions = [];
33	33
34		- private static $registered = [];
	34	+ private static $registered = [];
35	35
36		- /**
37		- * connects a function to a hook
38		- *
39		- * @param string $signalClass class name of emitter
40		- * @param string $signalName name of signal
41		- * @param string\|object $slotClass class name of slot
42		- * @param string $slotName name of slot
43		- * @return bool
44		- *
45		- * This function makes it very easy to connect to use hooks.
46		- *
47		- * TODO: write example
48		- */
49		- public static function connect($signalClass, $signalName, $slotClass, $slotName) {
50		- // If we're trying to connect to an emitting class that isn't
51		- // yet registered, register it
52		- if (!array_key_exists($signalClass, self::$registered)) {
53		- self::$registered[$signalClass] = [];
54		- }
55		- // If we're trying to connect to an emitting method that isn't
56		- // yet registered, register it with the emitting class
57		- if (!array_key_exists($signalName, self::$registered[$signalClass])) {
58		- self::$registered[$signalClass][$signalName] = [];
59		- }
	36	+ /**
	37	+ * connects a function to a hook
	38	+ *
	39	+ * @param string $signalClass class name of emitter
	40	+ * @param string $signalName name of signal
	41	+ * @param string\|object $slotClass class name of slot
	42	+ * @param string $slotName name of slot
	43	+ * @return bool
	44	+ *
	45	+ * This function makes it very easy to connect to use hooks.
	46	+ *
	47	+ * TODO: write example
	48	+ */
	49	+ public static function connect($signalClass, $signalName, $slotClass, $slotName) {
	50	+ // If we're trying to connect to an emitting class that isn't
	51	+ // yet registered, register it
	52	+ if (!array_key_exists($signalClass, self::$registered)) {
	53	+ self::$registered[$signalClass] = [];
	54	+ }
	55	+ // If we're trying to connect to an emitting method that isn't
	56	+ // yet registered, register it with the emitting class
	57	+ if (!array_key_exists($signalName, self::$registered[$signalClass])) {
	58	+ self::$registered[$signalClass][$signalName] = [];
	59	+ }
60	60
61		- // don't connect hooks twice
62		- foreach (self::$registered[$signalClass][$signalName] as $hook) {
63		- if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
64		- return false;
65		- }
66		- }
67		- // Connect the hook handler to the requested emitter
68		- self::$registered[$signalClass][$signalName][] = [
69		- "class" => $slotClass,
70		- "name" => $slotName
71		- ];
	61	+ // don't connect hooks twice
	62	+ foreach (self::$registered[$signalClass][$signalName] as $hook) {
	63	+ if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
	64	+ return false;
	65	+ }
	66	+ }
	67	+ // Connect the hook handler to the requested emitter
	68	+ self::$registered[$signalClass][$signalName][] = [
	69	+ "class" => $slotClass,
	70	+ "name" => $slotName
	71	+ ];
72	72
73		- // No chance for failure ;-)
74		- return true;
75		- }
	73	+ // No chance for failure ;-)
	74	+ return true;
	75	+ }
76	76
77		- /**
78		- * emits a signal
79		- *
80		- * @param string $signalClass class name of emitter
81		- * @param string $signalName name of signal
82		- * @param mixed $params default: array() array with additional data
83		- * @return bool true if slots exists or false if not
84		- * @throws \OCP\HintException
85		- * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
86		- *
87		- * TODO: write example
88		- */
89		- public static function emit($signalClass, $signalName, $params = []) {
	77	+ /**
	78	+ * emits a signal
	79	+ *
	80	+ * @param string $signalClass class name of emitter
	81	+ * @param string $signalName name of signal
	82	+ * @param mixed $params default: array() array with additional data
	83	+ * @return bool true if slots exists or false if not
	84	+ * @throws \OCP\HintException
	85	+ * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
	86	+ *
	87	+ * TODO: write example
	88	+ */
	89	+ public static function emit($signalClass, $signalName, $params = []) {
90	90
91		- // Return false if no hook handlers are listening to this
92		- // emitting class
93		- if (!array_key_exists($signalClass, self::$registered)) {
94		- return false;
95		- }
	91	+ // Return false if no hook handlers are listening to this
	92	+ // emitting class
	93	+ if (!array_key_exists($signalClass, self::$registered)) {
	94	+ return false;
	95	+ }
96	96
97		- // Return false if no hook handlers are listening to this
98		- // emitting method
99		- if (!array_key_exists($signalName, self::$registered[$signalClass])) {
100		- return false;
101		- }
	97	+ // Return false if no hook handlers are listening to this
	98	+ // emitting method
	99	+ if (!array_key_exists($signalName, self::$registered[$signalClass])) {
	100	+ return false;
	101	+ }
102	102
103		- // Call all slots
104		- foreach (self::$registered[$signalClass][$signalName] as $i) {
105		- try {
106		- call_user_func([ $i["class"], $i["name"] ], $params);
107		- } catch (Exception $e) {
108		- self::$thrownExceptions[] = $e;
109		- \OC::$server->getLogger()->logException($e);
110		- if ($e instanceof \OCP\HintException) {
111		- throw $e;
112		- }
113		- if ($e instanceof \OC\ServerNotAvailableException) {
114		- throw $e;
115		- }
116		- }
117		- }
	103	+ // Call all slots
	104	+ foreach (self::$registered[$signalClass][$signalName] as $i) {
	105	+ try {
	106	+ call_user_func([ $i["class"], $i["name"] ], $params);
	107	+ } catch (Exception $e) {
	108	+ self::$thrownExceptions[] = $e;
	109	+ \OC::$server->getLogger()->logException($e);
	110	+ if ($e instanceof \OCP\HintException) {
	111	+ throw $e;
	112	+ }
	113	+ if ($e instanceof \OC\ServerNotAvailableException) {
	114	+ throw $e;
	115	+ }
	116	+ }
	117	+ }
118	118
119		- return true;
120		- }
	119	+ return true;
	120	+ }
121	121
122		- /**
123		- * clear hooks
124		- * @param string $signalClass
125		- * @param string $signalName
126		- */
127		- public static function clear($signalClass = '', $signalName = '') {
128		- if ($signalClass) {
129		- if ($signalName) {
130		- self::$registered[$signalClass][$signalName] = [];
131		- } else {
132		- self::$registered[$signalClass] = [];
133		- }
134		- } else {
135		- self::$registered = [];
136		- }
137		- }
	122	+ /**
	123	+ * clear hooks
	124	+ * @param string $signalClass
	125	+ * @param string $signalName
	126	+ */
	127	+ public static function clear($signalClass = '', $signalName = '') {
	128	+ if ($signalClass) {
	129	+ if ($signalName) {
	130	+ self::$registered[$signalClass][$signalName] = [];
	131	+ } else {
	132	+ self::$registered[$signalClass] = [];
	133	+ }
	134	+ } else {
	135	+ self::$registered = [];
	136	+ }
	137	+ }
138	138
139		- /**
140		- * DO NOT USE!
141		- * For unit tests ONLY!
142		- */
143		- public static function getHooks() {
144		- return self::$registered;
145		- }
	139	+ /**
	140	+ * DO NOT USE!
	141	+ * For unit tests ONLY!
	142	+ */
	143	+ public static function getHooks() {
	144	+ return self::$registered;
	145	+ }
146	146	}

		@@ -37,128 +37,128 @@
		block discarded – undo
37	37	use OCP\IMemcache;
38	38
39	39	class Factory implements ICacheFactory {
40		- public const NULL_CACHE = NullCache::class;
41		-
42		- /**
43		- * @var string $globalPrefix
44		- */
45		- private $globalPrefix;
46		-
47		- /**
48		- * @var ILogger $logger
49		- */
50		- private $logger;
51		-
52		- /**
53		- * @var string $localCacheClass
54		- */
55		- private $localCacheClass;
56		-
57		- /**
58		- * @var string $distributedCacheClass
59		- */
60		- private $distributedCacheClass;
61		-
62		- /**
63		- * @var string $lockingCacheClass
64		- */
65		- private $lockingCacheClass;
66		-
67		- /**
68		- * @param string $globalPrefix
69		- * @param ILogger $logger
70		- * @param string\|null $localCacheClass
71		- * @param string\|null $distributedCacheClass
72		- * @param string\|null $lockingCacheClass
73		- */
74		- public function __construct(string $globalPrefix, ILogger $logger,
75		- $localCacheClass = null, $distributedCacheClass = null, $lockingCacheClass = null) {
76		- $this->logger = $logger;
77		- $this->globalPrefix = $globalPrefix;
78		-
79		- if (!$localCacheClass) {
80		- $localCacheClass = self::NULL_CACHE;
81		- }
82		- if (!$distributedCacheClass) {
83		- $distributedCacheClass = $localCacheClass;
84		- }
85		-
86		- $missingCacheMessage = 'Memcache {class} not available for {use} cache';
87		- $missingCacheHint = 'Is the matching PHP module installed and enabled?';
88		- if (!class_exists($localCacheClass) \|\| !$localCacheClass::isAvailable()) {
89		- throw new \OCP\HintException(strtr($missingCacheMessage, [
90		- '{class}' => $localCacheClass, '{use}' => 'local'
91		- ]), $missingCacheHint);
92		- }
93		- if (!class_exists($distributedCacheClass) \|\| !$distributedCacheClass::isAvailable()) {
94		- throw new \OCP\HintException(strtr($missingCacheMessage, [
95		- '{class}' => $distributedCacheClass, '{use}' => 'distributed'
96		- ]), $missingCacheHint);
97		- }
98		- if (!($lockingCacheClass && class_exists($distributedCacheClass) && $lockingCacheClass::isAvailable())) {
99		- // don't fallback since the fallback might not be suitable for storing lock
100		- $lockingCacheClass = self::NULL_CACHE;
101		- }
102		-
103		- $this->localCacheClass = $localCacheClass;
104		- $this->distributedCacheClass = $distributedCacheClass;
105		- $this->lockingCacheClass = $lockingCacheClass;
106		- }
107		-
108		- /**
109		- * create a cache instance for storing locks
110		- *
111		- * @param string $prefix
112		- * @return IMemcache
113		- */
114		- public function createLocking(string $prefix = ''): IMemcache {
115		- return new $this->lockingCacheClass($this->globalPrefix . '/' . $prefix);
116		- }
117		-
118		- /**
119		- * create a distributed cache instance
120		- *
121		- * @param string $prefix
122		- * @return ICache
123		- */
124		- public function createDistributed(string $prefix = ''): ICache {
125		- return new $this->distributedCacheClass($this->globalPrefix . '/' . $prefix);
126		- }
127		-
128		- /**
129		- * create a local cache instance
130		- *
131		- * @param string $prefix
132		- * @return ICache
133		- */
134		- public function createLocal(string $prefix = ''): ICache {
135		- return new $this->localCacheClass($this->globalPrefix . '/' . $prefix);
136		- }
137		-
138		- /**
139		- * check memcache availability
140		- *
141		- * @return bool
142		- */
143		- public function isAvailable(): bool {
144		- return ($this->distributedCacheClass !== self::NULL_CACHE);
145		- }
146		-
147		- /**
148		- * @see \OC\Memcache\Factory::createLocal()
149		- * @param string $prefix
150		- * @return ICache
151		- */
152		- public function createLowLatency(string $prefix = ''): ICache {
153		- return $this->createLocal($prefix);
154		- }
155		-
156		- /**
157		- * Check if a local memory cache backend is available
158		- *
159		- * @return bool
160		- */
161		- public function isLocalCacheAvailable(): bool {
162		- return ($this->localCacheClass !== self::NULL_CACHE);
163		- }
	40	+ public const NULL_CACHE = NullCache::class;
	41	+
	42	+ /**
	43	+ * @var string $globalPrefix
	44	+ */
	45	+ private $globalPrefix;
	46	+
	47	+ /**
	48	+ * @var ILogger $logger
	49	+ */
	50	+ private $logger;
	51	+
	52	+ /**
	53	+ * @var string $localCacheClass
	54	+ */
	55	+ private $localCacheClass;
	56	+
	57	+ /**
	58	+ * @var string $distributedCacheClass
	59	+ */
	60	+ private $distributedCacheClass;
	61	+
	62	+ /**
	63	+ * @var string $lockingCacheClass
	64	+ */
	65	+ private $lockingCacheClass;
	66	+
	67	+ /**
	68	+ * @param string $globalPrefix
	69	+ * @param ILogger $logger
	70	+ * @param string\|null $localCacheClass
	71	+ * @param string\|null $distributedCacheClass
	72	+ * @param string\|null $lockingCacheClass
	73	+ */
	74	+ public function __construct(string $globalPrefix, ILogger $logger,
	75	+ $localCacheClass = null, $distributedCacheClass = null, $lockingCacheClass = null) {
	76	+ $this->logger = $logger;
	77	+ $this->globalPrefix = $globalPrefix;
	78	+
	79	+ if (!$localCacheClass) {
	80	+ $localCacheClass = self::NULL_CACHE;
	81	+ }
	82	+ if (!$distributedCacheClass) {
	83	+ $distributedCacheClass = $localCacheClass;
	84	+ }
	85	+
	86	+ $missingCacheMessage = 'Memcache {class} not available for {use} cache';
	87	+ $missingCacheHint = 'Is the matching PHP module installed and enabled?';
	88	+ if (!class_exists($localCacheClass) \|\| !$localCacheClass::isAvailable()) {
	89	+ throw new \OCP\HintException(strtr($missingCacheMessage, [
	90	+ '{class}' => $localCacheClass, '{use}' => 'local'
	91	+ ]), $missingCacheHint);
	92	+ }
	93	+ if (!class_exists($distributedCacheClass) \|\| !$distributedCacheClass::isAvailable()) {
	94	+ throw new \OCP\HintException(strtr($missingCacheMessage, [
	95	+ '{class}' => $distributedCacheClass, '{use}' => 'distributed'
	96	+ ]), $missingCacheHint);
	97	+ }
	98	+ if (!($lockingCacheClass && class_exists($distributedCacheClass) && $lockingCacheClass::isAvailable())) {
	99	+ // don't fallback since the fallback might not be suitable for storing lock
	100	+ $lockingCacheClass = self::NULL_CACHE;
	101	+ }
	102	+
	103	+ $this->localCacheClass = $localCacheClass;
	104	+ $this->distributedCacheClass = $distributedCacheClass;
	105	+ $this->lockingCacheClass = $lockingCacheClass;
	106	+ }
	107	+
	108	+ /**
	109	+ * create a cache instance for storing locks
	110	+ *
	111	+ * @param string $prefix
	112	+ * @return IMemcache
	113	+ */
	114	+ public function createLocking(string $prefix = ''): IMemcache {
	115	+ return new $this->lockingCacheClass($this->globalPrefix . '/' . $prefix);
	116	+ }
	117	+
	118	+ /**
	119	+ * create a distributed cache instance
	120	+ *
	121	+ * @param string $prefix
	122	+ * @return ICache
	123	+ */
	124	+ public function createDistributed(string $prefix = ''): ICache {
	125	+ return new $this->distributedCacheClass($this->globalPrefix . '/' . $prefix);
	126	+ }
	127	+
	128	+ /**
	129	+ * create a local cache instance
	130	+ *
	131	+ * @param string $prefix
	132	+ * @return ICache
	133	+ */
	134	+ public function createLocal(string $prefix = ''): ICache {
	135	+ return new $this->localCacheClass($this->globalPrefix . '/' . $prefix);
	136	+ }
	137	+
	138	+ /**
	139	+ * check memcache availability
	140	+ *
	141	+ * @return bool
	142	+ */
	143	+ public function isAvailable(): bool {
	144	+ return ($this->distributedCacheClass !== self::NULL_CACHE);
	145	+ }
	146	+
	147	+ /**
	148	+ * @see \OC\Memcache\Factory::createLocal()
	149	+ * @param string $prefix
	150	+ * @return ICache
	151	+ */
	152	+ public function createLowLatency(string $prefix = ''): ICache {
	153	+ return $this->createLocal($prefix);
	154	+ }
	155	+
	156	+ /**
	157	+ * Check if a local memory cache backend is available
	158	+ *
	159	+ * @return bool
	160	+ */
	161	+ public function isLocalCacheAvailable(): bool {
	162	+ return ($this->localCacheClass !== self::NULL_CACHE);
	163	+ }
164	164	}

nextcloud / server

Push — master ( bb40e6...385330 )

Status

Category

Indentation +45 added lines, -45 removed lines patch added patch discarded remove patch

Indentation +42 added lines, -42 removed lines patch added patch discarded remove patch

Indentation +177 added lines, -177 removed lines patch added patch discarded remove patch

Indentation +173 added lines, -173 removed lines patch added patch discarded remove patch

Indentation +534 added lines, -534 removed lines patch added patch discarded remove patch

Indentation +1396 added lines, -1396 removed lines patch added patch discarded remove patch

Indentation +103 added lines, -103 removed lines patch added patch discarded remove patch

Indentation +124 added lines, -124 removed lines patch added patch discarded remove patch

Indentation +1000 added lines, -1000 removed lines patch added patch discarded remove patch