Inspection of "Merge pull request #20375 from nextcloud/techdebt/..." - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 21b7e5...813bdc )

by Christoph

created 2020-04-09 09:25 UTC

Status

Indentation +246 added lines, -246 removed lines patch added patch discarded remove patch

@@ -39,252 +39,252 @@
 block discarded – undo
 
 class SubAdmin extends PublicEmitter implements ISubAdmin {
 
-	/** @var IUserManager */
-	private $userManager;
-
-	/** @var IGroupManager */
-	private $groupManager;
-
-	/** @var IDBConnection */
-	private $dbConn;
-
-	/**
-	 * @param IUserManager $userManager
-	 * @param IGroupManager $groupManager
-	 * @param IDBConnection $dbConn
-	 */
-	public function __construct(IUserManager $userManager,
-								IGroupManager $groupManager,
-								IDBConnection $dbConn) {
-		$this->userManager = $userManager;
-		$this->groupManager = $groupManager;
-		$this->dbConn = $dbConn;
-
-		$this->userManager->listen('\OC\User', 'postDelete', function($user) {
-			$this->post_deleteUser($user);
-		});
-		$this->groupManager->listen('\OC\Group', 'postDelete', function($group) {
-			$this->post_deleteGroup($group);
-		});
-	}
-
-	/**
-	 * add a SubAdmin
-	 * @param IUser $user user to be SubAdmin
-	 * @param IGroup $group group $user becomes subadmin of
-	 */
-	public function createSubAdmin(IUser $user, IGroup $group): void {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$qb->insert('group_admin')
-			->values([
-				'gid' => $qb->createNamedParameter($group->getGID()),
-				'uid' => $qb->createNamedParameter($user->getUID())
-			])
-			->execute();
-
-		$this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
-		\OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);
-	}
-
-	/**
-	 * delete a SubAdmin
-	 * @param IUser $user the user that is the SubAdmin
-	 * @param IGroup $group the group
-	 */
-	public function deleteSubAdmin(IUser $user, IGroup $group): void {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$qb->delete('group_admin')
-			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->execute();
-
-		$this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
-		\OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);
-	}
-
-	/**
-	 * get groups of a SubAdmin
-	 * @param IUser $user the SubAdmin
-	 * @return IGroup[]
-	 */
-	public function getSubAdminsGroups(IUser $user): array {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$result = $qb->select('gid')
-			->from('group_admin')
-			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->execute();
-
-		$groups = [];
-		while($row = $result->fetch()) {
-			$group = $this->groupManager->get($row['gid']);
-			if(!is_null($group)) {
-				$groups[$group->getGID()] = $group;
-			}
-		}
-		$result->closeCursor();
-
-		return $groups;
-	}
-
-	/**
-	 * get an array of groupid and displayName for a user
-	 * @param IUser $user
-	 * @return array ['displayName' => displayname]
-	 */
-	public function getSubAdminsGroupsName(IUser $user): array {
-		return array_map(function($group) {
-			return ['displayName' => $group->getDisplayName()];
-		}, $this->getSubAdminsGroups($user));
-	}
-
-	/**
-	 * get SubAdmins of a group
-	 * @param IGroup $group the group
-	 * @return IUser[]
-	 */
-	public function getGroupsSubAdmins(IGroup $group): array {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$result = $qb->select('uid')
-			->from('group_admin')
-			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
-			->execute();
-
-		$users = [];
-		while($row = $result->fetch()) {
-			$user = $this->userManager->get($row['uid']);
-			if(!is_null($user)) {
-				$users[] = $user;
-			}
-		}
-		$result->closeCursor();
-
-		return $users;
-	}
-
-	/**
-	 * get all SubAdmins
-	 * @return array
-	 */
-	public function getAllSubAdmins(): array {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$result = $qb->select('*')
-			->from('group_admin')
-			->execute();
-
-		$subadmins = [];
-		while($row = $result->fetch()) {
-			$user = $this->userManager->get($row['uid']);
-			$group = $this->groupManager->get($row['gid']);
-			if(!is_null($user) && !is_null($group)) {
-				$subadmins[] = [
-					'user'  => $user,
-					'group' => $group
-				];
-			}
-		}
-		$result->closeCursor();
-
-		return $subadmins;
-	}
-
-	/**
-	 * checks if a user is a SubAdmin of a group
-	 * @param IUser $user
-	 * @param IGroup $group
-	 * @return bool
-	 */
-	public function isSubAdminOfGroup(IUser $user, IGroup $group): bool {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		/*
+    /** @var IUserManager */
+    private $userManager;
+
+    /** @var IGroupManager */
+    private $groupManager;
+
+    /** @var IDBConnection */
+    private $dbConn;
+
+    /**
+     * @param IUserManager $userManager
+     * @param IGroupManager $groupManager
+     * @param IDBConnection $dbConn
+     */
+    public function __construct(IUserManager $userManager,
+                                IGroupManager $groupManager,
+                                IDBConnection $dbConn) {
+        $this->userManager = $userManager;
+        $this->groupManager = $groupManager;
+        $this->dbConn = $dbConn;
+
+        $this->userManager->listen('\OC\User', 'postDelete', function($user) {
+            $this->post_deleteUser($user);
+        });
+        $this->groupManager->listen('\OC\Group', 'postDelete', function($group) {
+            $this->post_deleteGroup($group);
+        });
+    }
+
+    /**
+     * add a SubAdmin
+     * @param IUser $user user to be SubAdmin
+     * @param IGroup $group group $user becomes subadmin of
+     */
+    public function createSubAdmin(IUser $user, IGroup $group): void {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $qb->insert('group_admin')
+            ->values([
+                'gid' => $qb->createNamedParameter($group->getGID()),
+                'uid' => $qb->createNamedParameter($user->getUID())
+            ])
+            ->execute();
+
+        $this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
+        \OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);
+    }
+
+    /**
+     * delete a SubAdmin
+     * @param IUser $user the user that is the SubAdmin
+     * @param IGroup $group the group
+     */
+    public function deleteSubAdmin(IUser $user, IGroup $group): void {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $qb->delete('group_admin')
+            ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
+            ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->execute();
+
+        $this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
+        \OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);
+    }
+
+    /**
+     * get groups of a SubAdmin
+     * @param IUser $user the SubAdmin
+     * @return IGroup[]
+     */
+    public function getSubAdminsGroups(IUser $user): array {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $result = $qb->select('gid')
+            ->from('group_admin')
+            ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->execute();
+
+        $groups = [];
+        while($row = $result->fetch()) {
+            $group = $this->groupManager->get($row['gid']);
+            if(!is_null($group)) {
+                $groups[$group->getGID()] = $group;
+            }
+        }
+        $result->closeCursor();
+
+        return $groups;
+    }
+
+    /**
+     * get an array of groupid and displayName for a user
+     * @param IUser $user
+     * @return array ['displayName' => displayname]
+     */
+    public function getSubAdminsGroupsName(IUser $user): array {
+        return array_map(function($group) {
+            return ['displayName' => $group->getDisplayName()];
+        }, $this->getSubAdminsGroups($user));
+    }
+
+    /**
+     * get SubAdmins of a group
+     * @param IGroup $group the group
+     * @return IUser[]
+     */
+    public function getGroupsSubAdmins(IGroup $group): array {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $result = $qb->select('uid')
+            ->from('group_admin')
+            ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
+            ->execute();
+
+        $users = [];
+        while($row = $result->fetch()) {
+            $user = $this->userManager->get($row['uid']);
+            if(!is_null($user)) {
+                $users[] = $user;
+            }
+        }
+        $result->closeCursor();
+
+        return $users;
+    }
+
+    /**
+     * get all SubAdmins
+     * @return array
+     */
+    public function getAllSubAdmins(): array {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $result = $qb->select('*')
+            ->from('group_admin')
+            ->execute();
+
+        $subadmins = [];
+        while($row = $result->fetch()) {
+            $user = $this->userManager->get($row['uid']);
+            $group = $this->groupManager->get($row['gid']);
+            if(!is_null($user) && !is_null($group)) {
+                $subadmins[] = [
+                    'user'  => $user,
+                    'group' => $group
+                ];
+            }
+        }
+        $result->closeCursor();
+
+        return $subadmins;
+    }
+
+    /**
+     * checks if a user is a SubAdmin of a group
+     * @param IUser $user
+     * @param IGroup $group
+     * @return bool
+     */
+    public function isSubAdminOfGroup(IUser $user, IGroup $group): bool {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        /*
 		 * Primary key is ('gid', 'uid') so max 1 result possible here
 		 */
-		$result = $qb->select('*')
-			->from('group_admin')
-			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->execute();
-
-		$fetch =  $result->fetch();
-		$result->closeCursor();
-		$result = !empty($fetch) ? true : false;
-
-		return $result;
-	}
-
-	/**
-	 * checks if a user is a SubAdmin
-	 * @param IUser $user
-	 * @return bool
-	 */
-	public function isSubAdmin(IUser $user): bool {
-		// Check if the user is already an admin
-		if ($this->groupManager->isAdmin($user->getUID())) {
-			return true;
-		}
-
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$result = $qb->select('gid')
-			->from('group_admin')
-			->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->setMaxResults(1)
-			->execute();
-
-		$isSubAdmin = $result->fetch();
-		$result->closeCursor();
-
-		return $isSubAdmin !== false;
-	}
-
-	/**
-	 * checks if a user is a accessible by a subadmin
-	 * @param IUser $subadmin
-	 * @param IUser $user
-	 * @return bool
-	 */
-	public function isUserAccessible(IUser $subadmin, IUser $user): bool {
-		if(!$this->isSubAdmin($subadmin)) {
-			return false;
-		}
-		if($this->groupManager->isAdmin($user->getUID())) {
-			return false;
-		}
-		$accessibleGroups = $this->getSubAdminsGroups($subadmin);
-		foreach($accessibleGroups as $accessibleGroup) {
-			if($accessibleGroup->inGroup($user)) {
-				return true;
-			}
-		}
-		return false;
-	}
-
-	/**
-	 * delete all SubAdmins by $user
-	 * @param IUser $user
-	 */
-	private function post_deleteUser(IUser $user) {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$qb->delete('group_admin')
-			->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
-			->execute();
-	}
-
-	/**
-	 * delete all SubAdmins by $group
-	 * @param IGroup $group
-	 */
-	private function post_deleteGroup(IGroup $group) {
-		$qb = $this->dbConn->getQueryBuilder();
-
-		$qb->delete('group_admin')
-			->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
-			->execute();
-	}
+        $result = $qb->select('*')
+            ->from('group_admin')
+            ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
+            ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->execute();
+
+        $fetch =  $result->fetch();
+        $result->closeCursor();
+        $result = !empty($fetch) ? true : false;
+
+        return $result;
+    }
+
+    /**
+     * checks if a user is a SubAdmin
+     * @param IUser $user
+     * @return bool
+     */
+    public function isSubAdmin(IUser $user): bool {
+        // Check if the user is already an admin
+        if ($this->groupManager->isAdmin($user->getUID())) {
+            return true;
+        }
+
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $result = $qb->select('gid')
+            ->from('group_admin')
+            ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->setMaxResults(1)
+            ->execute();
+
+        $isSubAdmin = $result->fetch();
+        $result->closeCursor();
+
+        return $isSubAdmin !== false;
+    }
+
+    /**
+     * checks if a user is a accessible by a subadmin
+     * @param IUser $subadmin
+     * @param IUser $user
+     * @return bool
+     */
+    public function isUserAccessible(IUser $subadmin, IUser $user): bool {
+        if(!$this->isSubAdmin($subadmin)) {
+            return false;
+        }
+        if($this->groupManager->isAdmin($user->getUID())) {
+            return false;
+        }
+        $accessibleGroups = $this->getSubAdminsGroups($subadmin);
+        foreach($accessibleGroups as $accessibleGroup) {
+            if($accessibleGroup->inGroup($user)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * delete all SubAdmins by $user
+     * @param IUser $user
+     */
+    private function post_deleteUser(IUser $user) {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $qb->delete('group_admin')
+            ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
+            ->execute();
+    }
+
+    /**
+     * delete all SubAdmins by $group
+     * @param IGroup $group
+     */
+    private function post_deleteGroup(IGroup $group) {
+        $qb = $this->dbConn->getQueryBuilder();
+
+        $qb->delete('group_admin')
+            ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
+            ->execute();
+    }
 }

Please login to merge, or discard this patch.

lib/private/Share/Share.php 1 patch

Indentation +1496 added lines, -1496 removed lines patch added patch discarded remove patch

@@ -49,1500 +49,1500 @@
 block discarded – undo
  */
 class Share extends Constants {
 
-	/** CRUDS permissions (Create, Read, Update, Delete, Share) using a bitmask
-	 * Construct permissions for share() and setPermissions with Or (|) e.g.
-	 * Give user read and update permissions: PERMISSION_READ | PERMISSION_UPDATE
-	 *
-	 * Check if permission is granted with And (&) e.g. Check if delete is
-	 * granted: if ($permissions & PERMISSION_DELETE)
-	 *
-	 * Remove permissions with And (&) and Not (~) e.g. Remove the update
-	 * permission: $permissions &= ~PERMISSION_UPDATE
-	 *
-	 * Apps are required to handle permissions on their own, this class only
-	 * stores and manages the permissions of shares
-	 * @see lib/public/constants.php
-	 */
-
-	/**
-	 * Register a sharing backend class that implements OCP\Share_Backend for an item type
-	 * @param string $itemType Item type
-	 * @param string $class Backend class
-	 * @param string $collectionOf (optional) Depends on item type
-	 * @param array $supportedFileExtensions (optional) List of supported file extensions if this item type depends on files
-	 * @return boolean true if backend is registered or false if error
-	 */
-	public static function registerBackend($itemType, $class, $collectionOf = null, $supportedFileExtensions = null) {
-		if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_enabled', 'yes') == 'yes') {
-			if (!isset(self::$backendTypes[$itemType])) {
-				self::$backendTypes[$itemType] = [
-					'class' => $class,
-					'collectionOf' => $collectionOf,
-					'supportedFileExtensions' => $supportedFileExtensions
-				];
-				return true;
-			}
-			\OCP\Util::writeLog('OCP\Share',
-				'Sharing backend '.$class.' not registered, '.self::$backendTypes[$itemType]['class']
-				.' is already registered for '.$itemType,
-				ILogger::WARN);
-		}
-		return false;
-	}
-
-	/**
-	 * Get the items of item type shared with the current user
-	 * @param string $itemType
-	 * @param int $format (optional) Format type must be defined by the backend
-	 * @param mixed $parameters (optional)
-	 * @param int $limit Number of items to return (optional) Returns all by default
-	 * @param boolean $includeCollections (optional)
-	 * @return mixed Return depends on format
-	 * @deprecated TESTS ONLY - this methods is only used by tests
-	 * called like this:
-	 * \OC\Share\Share::getItemsSharedWith('folder'); (apps/files_sharing/tests/UpdaterTest.php)
-	 */
-	public static function getItemsSharedWith() {
-		return self::getItems('folder', null, self::$shareTypeUserAndGroups, \OC_User::getUser(), null, self::FORMAT_NONE,
-			null, -1, false);
-	}
-
-	/**
-	 * Get the items of item type shared with a user
-	 * @param string $itemType
-	 * @param string $user id for which user we want the shares
-	 * @param int $format (optional) Format type must be defined by the backend
-	 * @param mixed $parameters (optional)
-	 * @param int $limit Number of items to return (optional) Returns all by default
-	 * @param boolean $includeCollections (optional)
-	 * @return mixed Return depends on format
-	 */
-	public static function getItemsSharedWithUser($itemType, $user, $format = self::FORMAT_NONE,
-												  $parameters = null, $limit = -1, $includeCollections = false) {
-		return self::getItems($itemType, null, self::$shareTypeUserAndGroups, $user, null, $format,
-			$parameters, $limit, $includeCollections);
-	}
-
-	/**
-	 * Get the item of item type shared with a given user by source
-	 * @param string $itemType
-	 * @param string $itemSource
-	 * @param string $user User to whom the item was shared
-	 * @param string $owner Owner of the share
-	 * @param int $shareType only look for a specific share type
-	 * @return array Return list of items with file_target, permissions and expiration
-	 */
-	public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null, $shareType = null) {
-		$shares = [];
-		$fileDependent = false;
-
-		$where = 'WHERE';
-		$fileDependentWhere = '';
-		if ($itemType === 'file' || $itemType === 'folder') {
-			$fileDependent = true;
-			$column = 'file_source';
-			$fileDependentWhere = 'INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` ';
-			$fileDependentWhere .= 'INNER JOIN `*PREFIX*storages` ON `numeric_id` = `*PREFIX*filecache`.`storage` ';
-		} else {
-			$column = 'item_source';
-		}
-
-		$select = self::createSelectStatement(self::FORMAT_NONE, $fileDependent);
-
-		$where .= ' `' . $column . '` = ? AND `item_type` = ? ';
-		$arguments = [$itemSource, $itemType];
-		// for link shares $user === null
-		if ($user !== null) {
-			$where .= ' AND `share_with` = ? ';
-			$arguments[] = $user;
-		}
-
-		if ($shareType !== null) {
-			$where .= ' AND `share_type` = ? ';
-			$arguments[] = $shareType;
-		}
-
-		if ($owner !== null) {
-			$where .= ' AND `uid_owner` = ? ';
-			$arguments[] = $owner;
-		}
-
-		$query = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` '. $fileDependentWhere . $where);
-
-		$result = \OC_DB::executeAudited($query, $arguments);
-
-		while ($row = $result->fetchRow()) {
-			if ($fileDependent && !self::isFileReachable($row['path'], $row['storage_id'])) {
-				continue;
-			}
-			if ($fileDependent && (int)$row['file_parent'] === -1) {
-				// if it is a mount point we need to get the path from the mount manager
-				$mountManager = \OC\Files\Filesystem::getMountManager();
-				$mountPoint = $mountManager->findByStorageId($row['storage_id']);
-				if (!empty($mountPoint)) {
-					$path = $mountPoint[0]->getMountPoint();
-					$path = trim($path, '/');
-					$path = substr($path, strlen($owner) + 1); //normalize path to 'files/foo.txt`
-					$row['path'] = $path;
-				} else {
-					\OC::$server->getLogger()->warning(
-						'Could not resolve mount point for ' . $row['storage_id'],
-						['app' => 'OCP\Share']
-					);
-				}
-			}
-			$shares[] = $row;
-		}
-
-		//if didn't found a result than let's look for a group share.
-		if(empty($shares) && $user !== null) {
-			$userObject = \OC::$server->getUserManager()->get($user);
-			$groups = [];
-			if ($userObject) {
-				$groups = \OC::$server->getGroupManager()->getUserGroupIds($userObject);
-			}
-
-			if (!empty($groups)) {
-				$where = $fileDependentWhere . ' WHERE `' . $column . '` = ? AND `item_type` = ? AND `share_with` in (?)';
-				$arguments = [$itemSource, $itemType, $groups];
-				$types = [null, null, IQueryBuilder::PARAM_STR_ARRAY];
-
-				if ($owner !== null) {
-					$where .= ' AND `uid_owner` = ?';
-					$arguments[] = $owner;
-					$types[] = null;
-				}
-
-				// TODO: inject connection, hopefully one day in the future when this
-				// class isn't static anymore...
-				$conn = \OC::$server->getDatabaseConnection();
-				$result = $conn->executeQuery(
-					'SELECT ' . $select . ' FROM `*PREFIX*share` ' . $where,
-					$arguments,
-					$types
-				);
-
-				while ($row = $result->fetch()) {
-					$shares[] = $row;
-				}
-			}
-		}
-
-		return $shares;
-
-	}
-
-	/**
-	 * Get the item of item type shared with the current user by source
-	 * @param string $itemType
-	 * @param string $itemSource
-	 * @param int $format (optional) Format type must be defined by the backend
-	 * @param mixed $parameters
-	 * @param boolean $includeCollections
-	 * @param string $shareWith (optional) define against which user should be checked, default: current user
-	 * @return array
-	 */
-	public static function getItemSharedWithBySource($itemType, $itemSource, $format = self::FORMAT_NONE,
-													 $parameters = null, $includeCollections = false, $shareWith = null) {
-		$shareWith = ($shareWith === null) ? \OC_User::getUser() : $shareWith;
-		return self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups, $shareWith, null, $format,
-			$parameters, 1, $includeCollections, true);
-	}
-
-	/**
-	 * Get the shared item of item type owned by the current user
-	 * @param string $itemType
-	 * @param string $itemSource
-	 * @param int $format (optional) Format type must be defined by the backend
-	 * @param mixed $parameters
-	 * @param boolean $includeCollections
-	 * @return mixed Return depends on format
-	 */
-	public static function getItemShared($itemType, $itemSource, $format = self::FORMAT_NONE,
-										 $parameters = null, $includeCollections = false) {
-		return self::getItems($itemType, $itemSource, null, null, \OC_User::getUser(), $format,
-			$parameters, -1, $includeCollections);
-	}
-
-	/**
-	 * Share an item with a user, group, or via private link
-	 * @param string $itemType
-	 * @param string $itemSource
-	 * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
-	 * @param string $shareWith User or group the item is being shared with
-	 * @param int $permissions CRUDS
-	 * @param string $itemSourceName
-	 * @param \DateTime|null $expirationDate
-	 * @return boolean|string Returns true on success or false on failure, Returns token on success for links
-	 * @throws \OC\HintException when the share type is remote and the shareWith is invalid
-	 * @throws \Exception
-	 * @since 5.0.0 - parameter $itemSourceName was added in 6.0.0, parameter $expirationDate was added in 7.0.0, parameter $passwordChanged added in 9.0.0
-	 * @deprecated 14.0.0 TESTS ONLY - this methods is as of 2018-06 only used by tests
-	 * called like this:
-	 * \OC\Share\Share::shareItem('test', 1, \OCP\Share::SHARE_TYPE_USER, $otherUserId, \OCP\Constants::PERMISSION_READ);
-	 */
-	public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions) {
-		$backend = self::getBackend($itemType);
-
-		if ($backend->isShareTypeAllowed($shareType) === false) {
-			$message = 'Sharing failed, because the backend does not allow shares from type %i';
-			throw new \Exception(sprintf($message, $shareType));
-		}
-
-		$uidOwner = \OC_User::getUser();
-
-		// Verify share type and sharing conditions are met
-		if ($shareType === self::SHARE_TYPE_USER) {
-			if ($shareWith == $uidOwner) {
-				$message = 'Sharing failed, because you can not share with yourself';
-				throw new \Exception($message);
-			}
-			if (!\OC::$server->getUserManager()->userExists($shareWith)) {
-				$message = 'Sharing failed, because the user %s does not exist';
-				throw new \Exception(sprintf($message, $shareWith));
-			}
-			// Check if the item source is already shared with the user, either from the same owner or a different user
-			if ($checkExists = self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups,
-				$shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
-				// Only allow the same share to occur again if it is the same
-				// owner and is not a user share, this use case is for increasing
-				// permissions for a specific user
-				if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
-					$message = 'Sharing failed, because this item is already shared with %s';
-					throw new \Exception(sprintf($message, $shareWith));
-				}
-			}
-			if ($checkExists = self::getItems($itemType, $itemSource, self::SHARE_TYPE_USER,
-				$shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
-				// Only allow the same share to occur again if it is the same
-				// owner and is not a user share, this use case is for increasing
-				// permissions for a specific user
-				if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
-					$message = 'Sharing failed, because this item is already shared with user %s';
-					throw new \Exception(sprintf($message, $shareWith));
-				}
-			}
-		}
-
-		// Put the item into the database
-		$result = self::put('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions);
-
-		return $result ? true : false;
-	}
-
-	/**
-	 * Unshare an item from a user, group, or delete a private link
-	 * @param string $itemType
-	 * @param string $itemSource
-	 * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
-	 * @param string $shareWith User or group the item is being shared with
-	 * @param string $owner owner of the share, if null the current user is used
-	 * @return boolean true on success or false on failure
-	 */
-	public static function unshare($itemType, $itemSource, $shareType, $shareWith, $owner = null) {
-
-		// check if it is a valid itemType
-		self::getBackend($itemType);
-
-		$items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, $owner, $shareType);
-
-		$toDelete = [];
-		$newParent = null;
-		$currentUser = $owner ? $owner : \OC_User::getUser();
-		foreach ($items as $item) {
-			// delete the item with the expected share_type and owner
-			if ((int)$item['share_type'] === (int)$shareType && $item['uid_owner'] === $currentUser) {
-				$toDelete = $item;
-				// if there is more then one result we don't have to delete the children
-				// but update their parent. For group shares the new parent should always be
-				// the original group share and not the db entry with the unique name
-			} else if ((int)$item['share_type'] === self::$shareTypeGroupUserUnique) {
-				$newParent = $item['parent'];
-			} else {
-				$newParent = $item['id'];
-			}
-		}
-
-		if (!empty($toDelete)) {
-			self::unshareItem($toDelete, $newParent);
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * Checks whether a share has expired, calls unshareItem() if yes.
-	 * @param array $item Share data (usually database row)
-	 * @return boolean True if item was expired, false otherwise.
-	 */
-	protected static function expireItem(array $item) {
-
-		$result = false;
-
-		// only use default expiration date for link shares
-		if ((int) $item['share_type'] === self::SHARE_TYPE_LINK) {
-
-			// calculate expiration date
-			if (!empty($item['expiration'])) {
-				$userDefinedExpire = new \DateTime($item['expiration']);
-				$expires = $userDefinedExpire->getTimestamp();
-			} else {
-				$expires = null;
-			}
-
-
-			// get default expiration settings
-			$defaultSettings = Helper::getDefaultExpireSetting();
-			$expires = Helper::calculateExpireDate($defaultSettings, $item['stime'], $expires);
-
-
-			if (is_int($expires)) {
-				$now = time();
-				if ($now > $expires) {
-					self::unshareItem($item);
-					$result = true;
-				}
-			}
-		}
-		return $result;
-	}
-
-	/**
-	 * Unshares a share given a share data array
-	 * @param array $item Share data (usually database row)
-	 * @param int $newParent parent ID
-	 * @return null
-	 */
-	protected static function unshareItem(array $item, $newParent = null) {
-
-		$shareType = (int)$item['share_type'];
-		$shareWith = null;
-		if ($shareType !== \OCP\Share::SHARE_TYPE_LINK) {
-			$shareWith = $item['share_with'];
-		}
-
-		// Pass all the vars we have for now, they may be useful
-		$hookParams = [
-			'id'            => $item['id'],
-			'itemType'      => $item['item_type'],
-			'itemSource'    => $item['item_source'],
-			'shareType'     => $shareType,
-			'shareWith'     => $shareWith,
-			'itemParent'    => $item['parent'],
-			'uidOwner'      => $item['uid_owner'],
-		];
-		if($item['item_type'] === 'file' || $item['item_type'] === 'folder') {
-			$hookParams['fileSource'] = $item['file_source'];
-			$hookParams['fileTarget'] = $item['file_target'];
-		}
-
-		\OC_Hook::emit(\OCP\Share::class, 'pre_unshare', $hookParams);
-		$deletedShares = Helper::delete($item['id'], false, null, $newParent);
-		$deletedShares[] = $hookParams;
-		$hookParams['deletedShares'] = $deletedShares;
-		\OC_Hook::emit(\OCP\Share::class, 'post_unshare', $hookParams);
-		if ((int)$item['share_type'] === \OCP\Share::SHARE_TYPE_REMOTE && \OC::$server->getUserSession()->getUser()) {
-			list(, $remote) = Helper::splitUserRemote($item['share_with']);
-			self::sendRemoteUnshare($remote, $item['id'], $item['token']);
-		}
-	}
-
-	/**
-	 * Get the backend class for the specified item type
-	 * @param string $itemType
-	 * @throws \Exception
-	 * @return \OCP\Share_Backend
-	 */
-	public static function getBackend($itemType) {
-		$l = \OC::$server->getL10N('lib');
-		if (isset(self::$backends[$itemType])) {
-			return self::$backends[$itemType];
-		} else if (isset(self::$backendTypes[$itemType]['class'])) {
-			$class = self::$backendTypes[$itemType]['class'];
-			if (class_exists($class)) {
-				self::$backends[$itemType] = new $class;
-				if (!(self::$backends[$itemType] instanceof \OCP\Share_Backend)) {
-					$message = 'Sharing backend %s must implement the interface OCP\Share_Backend';
-					$message_t = $l->t('Sharing backend %s must implement the interface OCP\Share_Backend', [$class]);
-					\OCP\Util::writeLog('OCP\Share', sprintf($message, $class), ILogger::ERROR);
-					throw new \Exception($message_t);
-				}
-				return self::$backends[$itemType];
-			} else {
-				$message = 'Sharing backend %s not found';
-				$message_t = $l->t('Sharing backend %s not found', [$class]);
-				\OCP\Util::writeLog('OCP\Share', sprintf($message, $class), ILogger::ERROR);
-				throw new \Exception($message_t);
-			}
-		}
-		$message = 'Sharing backend for %s not found';
-		$message_t = $l->t('Sharing backend for %s not found', [$itemType]);
-		\OCP\Util::writeLog('OCP\Share', sprintf($message, $itemType), ILogger::ERROR);
-		throw new \Exception($message_t);
-	}
-
-	/**
-	 * Check if resharing is allowed
-	 * @return boolean true if allowed or false
-	 *
-	 * Resharing is allowed by default if not configured
-	 */
-	public static function isResharingAllowed() {
-		if (!isset(self::$isResharingAllowed)) {
-			if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_allow_resharing', 'yes') == 'yes') {
-				self::$isResharingAllowed = true;
-			} else {
-				self::$isResharingAllowed = false;
-			}
-		}
-		return self::$isResharingAllowed;
-	}
-
-	/**
-	 * Get a list of collection item types for the specified item type
-	 * @param string $itemType
-	 * @return array
-	 */
-	private static function getCollectionItemTypes($itemType) {
-		$collectionTypes = [$itemType];
-		foreach (self::$backendTypes as $type => $backend) {
-			if (in_array($backend['collectionOf'], $collectionTypes)) {
-				$collectionTypes[] = $type;
-			}
-		}
-		// TODO Add option for collections to be collection of themselves, only 'folder' does it now...
-		if (isset(self::$backendTypes[$itemType]) && (!self::getBackend($itemType) instanceof \OCP\Share_Backend_Collection || $itemType != 'folder')) {
-			unset($collectionTypes[0]);
-		}
-		// Return array if collections were found or the item type is a
-		// collection itself - collections can be inside collections
-		if (count($collectionTypes) > 0) {
-			return $collectionTypes;
-		}
-		return false;
-	}
-
-	/**
-	 * Get the owners of items shared with a user.
-	 *
-	 * @param string $user The user the items are shared with.
-	 * @param string $type The type of the items shared with the user.
-	 * @param boolean $includeCollections Include collection item types (optional)
-	 * @param boolean $includeOwner include owner in the list of users the item is shared with (optional)
-	 * @return array
-	 * @deprecated TESTS ONLY - this methods is only used by tests
-	 * called like this:
-	 * \OC\Share\Share::getSharedItemsOwners($this->user, $this->type, true)
-	 */
-	public static function getSharedItemsOwners($user, $type, $includeCollections = false, $includeOwner = false) {
-		// First, we find out if $type is part of a collection (and if that collection is part of
-		// another one and so on).
-		$collectionTypes = [];
-		if (!$includeCollections || !$collectionTypes = self::getCollectionItemTypes($type)) {
-			$collectionTypes[] = $type;
-		}
-
-		// Of these collection types, along with our original $type, we make a
-		// list of the ones for which a sharing backend has been registered.
-		// FIXME: Ideally, we wouldn't need to nest getItemsSharedWith in this loop but just call it
-		// with its $includeCollections parameter set to true. Unfortunately, this fails currently.
-		$allMaybeSharedItems = [];
-		foreach ($collectionTypes as $collectionType) {
-			if (isset(self::$backends[$collectionType])) {
-				$allMaybeSharedItems[$collectionType] = self::getItemsSharedWithUser(
-					$collectionType,
-					$user,
-					self::FORMAT_NONE
-				);
-			}
-		}
-
-		$owners = [];
-		if ($includeOwner) {
-			$owners[] = $user;
-		}
-
-		// We take a look at all shared items of the given $type (or of the collections it is part of)
-		// and find out their owners. Then, we gather the tags for the original $type from all owners,
-		// and return them as elements of a list that look like "Tag (owner)".
-		foreach ($allMaybeSharedItems as $collectionType => $maybeSharedItems) {
-			foreach ($maybeSharedItems as $sharedItem) {
-				if (isset($sharedItem['id'])) { //workaround for https://github.com/owncloud/core/issues/2814
-					$owners[] = $sharedItem['uid_owner'];
-				}
-			}
-		}
-
-		return $owners;
-	}
-
-	/**
-	 * Get shared items from the database
-	 * @param string $itemType
-	 * @param string $item Item source or target (optional)
-	 * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, SHARE_TYPE_LINK, $shareTypeUserAndGroups, or $shareTypeGroupUserUnique
-	 * @param string $shareWith User or group the item is being shared with
-	 * @param string $uidOwner User that is the owner of shared items (optional)
-	 * @param int $format Format to convert items to with formatItems() (optional)
-	 * @param mixed $parameters to pass to formatItems() (optional)
-	 * @param int $limit Number of items to return, -1 to return all matches (optional)
-	 * @param boolean $includeCollections Include collection item types (optional)
-	 * @param boolean $itemShareWithBySource (optional)
-	 * @param boolean $checkExpireDate
-	 * @return array
-	 *
-	 * See public functions getItem(s)... for parameter usage
-	 *
-	 */
-	public static function getItems($itemType, $item = null, $shareType = null, $shareWith = null,
-									$uidOwner = null, $format = self::FORMAT_NONE, $parameters = null, $limit = -1,
-									$includeCollections = false, $itemShareWithBySource = false, $checkExpireDate  = true) {
-		if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_enabled', 'yes') != 'yes') {
-			return [];
-		}
-		$backend = self::getBackend($itemType);
-		$collectionTypes = false;
-		// Get filesystem root to add it to the file target and remove from the
-		// file source, match file_source with the file cache
-		if ($itemType == 'file' || $itemType == 'folder') {
-			if(!is_null($uidOwner)) {
-				$root = \OC\Files\Filesystem::getRoot();
-			} else {
-				$root = '';
-			}
-			$where = 'INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` ';
-			if (!isset($item)) {
-				$where .= ' AND `file_target` IS NOT NULL ';
-			}
-			$where .= 'INNER JOIN `*PREFIX*storages` ON `numeric_id` = `*PREFIX*filecache`.`storage` ';
-			$fileDependent = true;
-			$queryArgs = [];
-		} else {
-			$fileDependent = false;
-			$root = '';
-			$collectionTypes = self::getCollectionItemTypes($itemType);
-			if ($includeCollections && !isset($item) && $collectionTypes) {
-				// If includeCollections is true, find collections of this item type, e.g. a music album contains songs
-				if (!in_array($itemType, $collectionTypes)) {
-					$itemTypes = array_merge([$itemType], $collectionTypes);
-				} else {
-					$itemTypes = $collectionTypes;
-				}
-				$placeholders = implode(',', array_fill(0, count($itemTypes), '?'));
-				$where = ' WHERE `item_type` IN ('.$placeholders.'))';
-				$queryArgs = $itemTypes;
-			} else {
-				$where = ' WHERE `item_type` = ?';
-				$queryArgs = [$itemType];
-			}
-		}
-		if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
-			$where .= ' AND `share_type` != ?';
-			$queryArgs[] = self::SHARE_TYPE_LINK;
-		}
-		if (isset($shareType)) {
-			// Include all user and group items
-			if ($shareType == self::$shareTypeUserAndGroups && isset($shareWith)) {
-				$where .= ' AND ((`share_type` in (?, ?) AND `share_with` = ?) ';
-				$queryArgs[] = self::SHARE_TYPE_USER;
-				$queryArgs[] = self::$shareTypeGroupUserUnique;
-				$queryArgs[] = $shareWith;
-
-				$user = \OC::$server->getUserManager()->get($shareWith);
-				$groups = [];
-				if ($user) {
-					$groups = \OC::$server->getGroupManager()->getUserGroupIds($user);
-				}
-				if (!empty($groups)) {
-					$placeholders = implode(',', array_fill(0, count($groups), '?'));
-					$where .= ' OR (`share_type` = ? AND `share_with` IN ('.$placeholders.')) ';
-					$queryArgs[] = self::SHARE_TYPE_GROUP;
-					$queryArgs = array_merge($queryArgs, $groups);
-				}
-				$where .= ')';
-				// Don't include own group shares
-				$where .= ' AND `uid_owner` != ?';
-				$queryArgs[] = $shareWith;
-			} else {
-				$where .= ' AND `share_type` = ?';
-				$queryArgs[] = $shareType;
-				if (isset($shareWith)) {
-					$where .= ' AND `share_with` = ?';
-					$queryArgs[] = $shareWith;
-				}
-			}
-		}
-		if (isset($uidOwner)) {
-			$where .= ' AND `uid_owner` = ?';
-			$queryArgs[] = $uidOwner;
-			if (!isset($shareType)) {
-				// Prevent unique user targets for group shares from being selected
-				$where .= ' AND `share_type` != ?';
-				$queryArgs[] = self::$shareTypeGroupUserUnique;
-			}
-			if ($fileDependent) {
-				$column = 'file_source';
-			} else {
-				$column = 'item_source';
-			}
-		} else {
-			if ($fileDependent) {
-				$column = 'file_target';
-			} else {
-				$column = 'item_target';
-			}
-		}
-		if (isset($item)) {
-			$collectionTypes = self::getCollectionItemTypes($itemType);
-			if ($includeCollections && $collectionTypes && !in_array('folder', $collectionTypes)) {
-				$where .= ' AND (';
-			} else {
-				$where .= ' AND';
-			}
-			// If looking for own shared items, check item_source else check item_target
-			if (isset($uidOwner) || $itemShareWithBySource) {
-				// If item type is a file, file source needs to be checked in case the item was converted
-				if ($fileDependent) {
-					$where .= ' `file_source` = ?';
-					$column = 'file_source';
-				} else {
-					$where .= ' `item_source` = ?';
-					$column = 'item_source';
-				}
-			} else {
-				if ($fileDependent) {
-					$where .= ' `file_target` = ?';
-					$item = \OC\Files\Filesystem::normalizePath($item);
-				} else {
-					$where .= ' `item_target` = ?';
-				}
-			}
-			$queryArgs[] = $item;
-			if ($includeCollections && $collectionTypes && !in_array('folder', $collectionTypes)) {
-				$placeholders = implode(',', array_fill(0, count($collectionTypes), '?'));
-				$where .= ' OR `item_type` IN ('.$placeholders.'))';
-				$queryArgs = array_merge($queryArgs, $collectionTypes);
-			}
-		}
-
-		if ($shareType == self::$shareTypeUserAndGroups && $limit === 1) {
-			// Make sure the unique user target is returned if it exists,
-			// unique targets should follow the group share in the database
-			// If the limit is not 1, the filtering can be done later
-			$where .= ' ORDER BY `*PREFIX*share`.`id` DESC';
-		} else {
-			$where .= ' ORDER BY `*PREFIX*share`.`id` ASC';
-		}
-
-		if ($limit != -1 && !$includeCollections) {
-			// The limit must be at least 3, because filtering needs to be done
-			if ($limit < 3) {
-				$queryLimit = 3;
-			} else {
-				$queryLimit = $limit;
-			}
-		} else {
-			$queryLimit = null;
-		}
-		$select = self::createSelectStatement($format, $fileDependent, $uidOwner);
-		$root = strlen($root);
-		$query = \OC_DB::prepare('SELECT '.$select.' FROM `*PREFIX*share` '.$where, $queryLimit);
-		$result = $query->execute($queryArgs);
-		if ($result === false) {
-			\OCP\Util::writeLog('OCP\Share',
-				\OC_DB::getErrorMessage() . ', select=' . $select . ' where=',
-				ILogger::ERROR);
-		}
-		$items = [];
-		$targets = [];
-		$switchedItems = [];
-		$mounts = [];
-		while ($row = $result->fetchRow()) {
-			self::transformDBResults($row);
-			// Filter out duplicate group shares for users with unique targets
-			if ($fileDependent && !self::isFileReachable($row['path'], $row['storage_id'])) {
-				continue;
-			}
-			if ($row['share_type'] == self::$shareTypeGroupUserUnique && isset($items[$row['parent']])) {
-				$row['share_type'] = self::SHARE_TYPE_GROUP;
-				$row['unique_name'] = true; // remember that we use a unique name for this user
-				$row['share_with'] = $items[$row['parent']]['share_with'];
-				// if the group share was unshared from the user we keep the permission, otherwise
-				// we take the permission from the parent because this is always the up-to-date
-				// permission for the group share
-				if ($row['permissions'] > 0) {
-					$row['permissions'] = $items[$row['parent']]['permissions'];
-				}
-				// Remove the parent group share
-				unset($items[$row['parent']]);
-				if ($row['permissions'] == 0) {
-					continue;
-				}
-			} else if (!isset($uidOwner)) {
-				// Check if the same target already exists
-				if (isset($targets[$row['id']])) {
-					// Check if the same owner shared with the user twice
-					// through a group and user share - this is allowed
-					$id = $targets[$row['id']];
-					if (isset($items[$id]) && $items[$id]['uid_owner'] == $row['uid_owner']) {
-						// Switch to group share type to ensure resharing conditions aren't bypassed
-						if ($items[$id]['share_type'] != self::SHARE_TYPE_GROUP) {
-							$items[$id]['share_type'] = self::SHARE_TYPE_GROUP;
-							$items[$id]['share_with'] = $row['share_with'];
-						}
-						// Switch ids if sharing permission is granted on only
-						// one share to ensure correct parent is used if resharing
-						if (~(int)$items[$id]['permissions'] & \OCP\Constants::PERMISSION_SHARE
-							&& (int)$row['permissions'] & \OCP\Constants::PERMISSION_SHARE) {
-							$items[$row['id']] = $items[$id];
-							$switchedItems[$id] = $row['id'];
-							unset($items[$id]);
-							$id = $row['id'];
-						}
-						$items[$id]['permissions'] |= (int)$row['permissions'];
-
-					}
-					continue;
-				} elseif (!empty($row['parent'])) {
-					$targets[$row['parent']] = $row['id'];
-				}
-			}
-			// Remove root from file source paths if retrieving own shared items
-			if (isset($uidOwner) && isset($row['path'])) {
-				if (isset($row['parent'])) {
-					$query = \OC_DB::prepare('SELECT `file_target` FROM `*PREFIX*share` WHERE `id` = ?');
-					$parentResult = $query->execute([$row['parent']]);
-					if ($result === false) {
-						\OCP\Util::writeLog('OCP\Share', 'Can\'t select parent: ' .
-							\OC_DB::getErrorMessage() . ', select=' . $select . ' where=' . $where,
-							ILogger::ERROR);
-					} else {
-						$parentRow = $parentResult->fetchRow();
-						$tmpPath = $parentRow['file_target'];
-						// find the right position where the row path continues from the target path
-						$pos = strrpos($row['path'], $parentRow['file_target']);
-						$subPath = substr($row['path'], $pos);
-						$splitPath = explode('/', $subPath);
-						foreach (array_slice($splitPath, 2) as $pathPart) {
-							$tmpPath = $tmpPath . '/' . $pathPart;
-						}
-						$row['path'] = $tmpPath;
-					}
-				} else {
-					if (!isset($mounts[$row['storage']])) {
-						$mountPoints = \OC\Files\Filesystem::getMountByNumericId($row['storage']);
-						if (is_array($mountPoints) && !empty($mountPoints)) {
-							$mounts[$row['storage']] = current($mountPoints);
-						}
-					}
-					if (!empty($mounts[$row['storage']])) {
-						$path = $mounts[$row['storage']]->getMountPoint().$row['path'];
-						$relPath = substr($path, $root); // path relative to data/user
-						$row['path'] = rtrim($relPath, '/');
-					}
-				}
-			}
-
-			if($checkExpireDate) {
-				if (self::expireItem($row)) {
-					continue;
-				}
-			}
-			// Check if resharing is allowed, if not remove share permission
-			if (isset($row['permissions']) && (!self::isResharingAllowed() | \OCP\Util::isSharingDisabledForUser())) {
-				$row['permissions'] &= ~\OCP\Constants::PERMISSION_SHARE;
-			}
-			// Add display names to result
-			$row['share_with_displayname'] = $row['share_with'];
-			if ( isset($row['share_with']) && $row['share_with'] != '' &&
-				$row['share_type'] === self::SHARE_TYPE_USER) {
-				$shareWithUser = \OC::$server->getUserManager()->get($row['share_with']);
-				$row['share_with_displayname'] = $shareWithUser === null ? $row['share_with'] : $shareWithUser->getDisplayName();
-			} else if(isset($row['share_with']) && $row['share_with'] != '' &&
-				$row['share_type'] === self::SHARE_TYPE_REMOTE) {
-				$addressBookEntries = \OC::$server->getContactsManager()->search($row['share_with'], ['CLOUD']);
-				foreach ($addressBookEntries as $entry) {
-					foreach ($entry['CLOUD'] as $cloudID) {
-						if ($cloudID === $row['share_with']) {
-							$row['share_with_displayname'] = $entry['FN'];
-						}
-					}
-				}
-			}
-			if ( isset($row['uid_owner']) && $row['uid_owner'] != '') {
-				$ownerUser = \OC::$server->getUserManager()->get($row['uid_owner']);
-				$row['displayname_owner'] = $ownerUser === null ? $row['uid_owner'] : $ownerUser->getDisplayName();
-			}
-
-			if ($row['permissions'] > 0) {
-				$items[$row['id']] = $row;
-			}
-
-		}
-
-		// group items if we are looking for items shared with the current user
-		if (isset($shareWith) && $shareWith === \OCP\User::getUser()) {
-			$items = self::groupItems($items, $itemType);
-		}
-
-		if (!empty($items)) {
-			$collectionItems = [];
-			foreach ($items as &$row) {
-				// Return only the item instead of a 2-dimensional array
-				if ($limit == 1 && $row[$column] == $item && ($row['item_type'] == $itemType || $itemType == 'file')) {
-					if ($format == self::FORMAT_NONE) {
-						return $row;
-					} else {
-						break;
-					}
-				}
-				// Check if this is a collection of the requested item type
-				if ($includeCollections && $collectionTypes && $row['item_type'] !== 'folder' && in_array($row['item_type'], $collectionTypes)) {
-					if (($collectionBackend = self::getBackend($row['item_type']))
-						&& $collectionBackend instanceof \OCP\Share_Backend_Collection) {
-						// Collections can be inside collections, check if the item is a collection
-						if (isset($item) && $row['item_type'] == $itemType && $row[$column] == $item) {
-							$collectionItems[] = $row;
-						} else {
-							$collection = [];
-							$collection['item_type'] = $row['item_type'];
-							if ($row['item_type'] == 'file' || $row['item_type'] == 'folder') {
-								$collection['path'] = basename($row['path']);
-							}
-							$row['collection'] = $collection;
-							// Fetch all of the children sources
-							$children = $collectionBackend->getChildren($row[$column]);
-							foreach ($children as $child) {
-								$childItem = $row;
-								$childItem['item_type'] = $itemType;
-								if ($row['item_type'] != 'file' && $row['item_type'] != 'folder') {
-									$childItem['item_source'] = $child['source'];
-									$childItem['item_target'] = $child['target'];
-								}
-								if ($backend instanceof \OCP\Share_Backend_File_Dependent) {
-									if ($row['item_type'] == 'file' || $row['item_type'] == 'folder') {
-										$childItem['file_source'] = $child['source'];
-									} else { // TODO is this really needed if we already know that we use the file backend?
-										$meta = \OC\Files\Filesystem::getFileInfo($child['file_path']);
-										$childItem['file_source'] = $meta['fileid'];
-									}
-									$childItem['file_target'] =
-										\OC\Files\Filesystem::normalizePath($child['file_path']);
-								}
-								if (isset($item)) {
-									if ($childItem[$column] == $item) {
-										// Return only the item instead of a 2-dimensional array
-										if ($limit == 1) {
-											if ($format == self::FORMAT_NONE) {
-												return $childItem;
-											} else {
-												// Unset the items array and break out of both loops
-												$items = [];
-												$items[] = $childItem;
-												break 2;
-											}
-										} else {
-											$collectionItems[] = $childItem;
-										}
-									}
-								} else {
-									$collectionItems[] = $childItem;
-								}
-							}
-						}
-					}
-					// Remove collection item
-					$toRemove = $row['id'];
-					if (array_key_exists($toRemove, $switchedItems)) {
-						$toRemove = $switchedItems[$toRemove];
-					}
-					unset($items[$toRemove]);
-				} elseif ($includeCollections && $collectionTypes && in_array($row['item_type'], $collectionTypes)) {
-					// FIXME: Thats a dirty hack to improve file sharing performance,
-					// see github issue #10588 for more details
-					// Need to find a solution which works for all back-ends
-					$collectionBackend = self::getBackend($row['item_type']);
-					$sharedParents = $collectionBackend->getParents($row['item_source']);
-					foreach ($sharedParents as $parent) {
-						$collectionItems[] = $parent;
-					}
-				}
-			}
-			if (!empty($collectionItems)) {
-				$collectionItems = array_unique($collectionItems, SORT_REGULAR);
-				$items = array_merge($items, $collectionItems);
-			}
-
-			// filter out invalid items, these can appear when subshare entries exist
-			// for a group in which the requested user isn't a member any more
-			$items = array_filter($items, function($item) {
-				return $item['share_type'] !== self::$shareTypeGroupUserUnique;
-			});
-
-			return self::formatResult($items, $column, $backend, $format, $parameters);
-		} elseif ($includeCollections && $collectionTypes && in_array('folder', $collectionTypes)) {
-			// FIXME: Thats a dirty hack to improve file sharing performance,
-			// see github issue #10588 for more details
-			// Need to find a solution which works for all back-ends
-			$collectionItems = [];
-			$collectionBackend = self::getBackend('folder');
-			$sharedParents = $collectionBackend->getParents($item, $shareWith, $uidOwner);
-			foreach ($sharedParents as $parent) {
-				$collectionItems[] = $parent;
-			}
-			if ($limit === 1) {
-				return reset($collectionItems);
-			}
-			return self::formatResult($collectionItems, $column, $backend, $format, $parameters);
-		}
-
-		return [];
-	}
-
-	/**
-	 * group items with link to the same source
-	 *
-	 * @param array $items
-	 * @param string $itemType
-	 * @return array of grouped items
-	 */
-	protected static function groupItems($items, $itemType) {
-
-		$fileSharing = $itemType === 'file' || $itemType === 'folder';
-
-		$result = [];
-
-		foreach ($items as $item) {
-			$grouped = false;
-			foreach ($result as $key => $r) {
-				// for file/folder shares we need to compare file_source, otherwise we compare item_source
-				// only group shares if they already point to the same target, otherwise the file where shared
-				// before grouping of shares was added. In this case we don't group them toi avoid confusions
-				if (( $fileSharing && $item['file_source'] === $r['file_source'] && $item['file_target'] === $r['file_target']) ||
-					(!$fileSharing && $item['item_source'] === $r['item_source'] && $item['item_target'] === $r['item_target'])) {
-					// add the first item to the list of grouped shares
-					if (!isset($result[$key]['grouped'])) {
-						$result[$key]['grouped'][] = $result[$key];
-					}
-					$result[$key]['permissions'] = (int) $item['permissions'] | (int) $r['permissions'];
-					$result[$key]['grouped'][] = $item;
-					$grouped = true;
-					break;
-				}
-			}
-
-			if (!$grouped) {
-				$result[] = $item;
-			}
-
-		}
-
-		return $result;
-	}
-
-	/**
-	 * Put shared item into the database
-	 * @param string $itemType Item type
-	 * @param string $itemSource Item source
-	 * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
-	 * @param string $shareWith User or group the item is being shared with
-	 * @param string $uidOwner User that is the owner of shared item
-	 * @param int $permissions CRUDS permissions
-	 * @throws \Exception
-	 * @return mixed id of the new share or false
-	 * @deprecated TESTS ONLY - this methods is only used by tests
-	 * called like this:
-	 * self::put('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions);
-	 */
-	private static function put($itemType, $itemSource, $shareType, $shareWith, $uidOwner,
-								$permissions) {
-
-		$queriesToExecute = [];
-		$suggestedItemTarget = null;
-		$groupFileTarget = $fileTarget = $suggestedFileTarget = $filePath = '';
-		$groupItemTarget = $itemTarget = $fileSource = $parent = 0;
-
-		$result = self::checkReshare('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions, null, null);
-		if(!empty($result)) {
-			$parent = $result['parent'];
-			$itemSource = $result['itemSource'];
-			$fileSource = $result['fileSource'];
-			$suggestedItemTarget = $result['suggestedItemTarget'];
-			$suggestedFileTarget = $result['suggestedFileTarget'];
-			$filePath = $result['filePath'];
-		}
-
-		$isGroupShare = false;
-			$users = [$shareWith];
-			$itemTarget = Helper::generateTarget($itemType, $itemSource, $shareType, $shareWith, $uidOwner,
-				$suggestedItemTarget);
-
-		$run = true;
-		$error = '';
-		$preHookData = [
-			'itemType' => $itemType,
-			'itemSource' => $itemSource,
-			'shareType' => $shareType,
-			'uidOwner' => $uidOwner,
-			'permissions' => $permissions,
-			'fileSource' => $fileSource,
-			'expiration' => null,
-			'token' => null,
-			'run' => &$run,
-			'error' => &$error
-		];
-
-		$preHookData['itemTarget'] = $itemTarget;
-		$preHookData['shareWith'] = $shareWith;
-
-		\OC_Hook::emit(\OCP\Share::class, 'pre_shared', $preHookData);
-
-		if ($run === false) {
-			throw new \Exception($error);
-		}
-
-		foreach ($users as $user) {
-			$sourceId = ($itemType === 'file' || $itemType === 'folder') ? $fileSource : $itemSource;
-			$sourceExists = self::getItemSharedWithBySource($itemType, $sourceId, self::FORMAT_NONE, null, true, $user);
-
-			$userShareType = $shareType;
-
-			if ($sourceExists && $sourceExists['item_source'] === $itemSource) {
-				$fileTarget = $sourceExists['file_target'];
-				$itemTarget = $sourceExists['item_target'];
-
-			} elseif(!$sourceExists)  {
-
-				$itemTarget = Helper::generateTarget($itemType, $itemSource, $userShareType, $user,
-					$uidOwner, $suggestedItemTarget, $parent);
-				if (isset($fileSource)) {
-						$fileTarget = Helper::generateTarget('file', $filePath, $userShareType,
-							$user, $uidOwner, $suggestedFileTarget, $parent);
-				} else {
-					$fileTarget = null;
-				}
-
-			} else {
-
-				// group share which doesn't exists until now, check if we need a unique target for this user
-
-				$itemTarget = Helper::generateTarget($itemType, $itemSource, self::SHARE_TYPE_USER, $user,
-					$uidOwner, $suggestedItemTarget, $parent);
-
-				// do we also need a file target
-				if (isset($fileSource)) {
-					$fileTarget = Helper::generateTarget('file', $filePath, self::SHARE_TYPE_USER, $user,
-						$uidOwner, $suggestedFileTarget, $parent);
-				} else {
-					$fileTarget = null;
-				}
-
-				if (($itemTarget === $groupItemTarget) &&
-					(!isset($fileSource) || $fileTarget === $groupFileTarget)) {
-					continue;
-				}
-			}
-
-			$queriesToExecute[] = [
-				'itemType'			=> $itemType,
-				'itemSource'		=> $itemSource,
-				'itemTarget'		=> $itemTarget,
-				'shareType'			=> $userShareType,
-				'shareWith'			=> $user,
-				'uidOwner'			=> $uidOwner,
-				'permissions'		=> $permissions,
-				'shareTime'			=> time(),
-				'fileSource'		=> $fileSource,
-				'fileTarget'		=> $fileTarget,
-				'token'				=> null,
-				'parent'			=> $parent,
-				'expiration'		=> null,
-			];
-
-		}
-
-		$id = false;
-
-		foreach ($queriesToExecute as $shareQuery) {
-			$shareQuery['parent'] = $parent;
-			$id = self::insertShare($shareQuery);
-		}
-
-		$postHookData = [
-			'itemType' => $itemType,
-			'itemSource' => $itemSource,
-			'parent' => $parent,
-			'shareType' => $shareType,
-			'uidOwner' => $uidOwner,
-			'permissions' => $permissions,
-			'fileSource' => $fileSource,
-			'id' => $parent,
-			'token' => null,
-			'expirationDate' => null,
-		];
-
-		$postHookData['shareWith'] = $isGroupShare ? $shareWith['group'] : $shareWith;
-		$postHookData['itemTarget'] = $isGroupShare ? $groupItemTarget : $itemTarget;
-		$postHookData['fileTarget'] = $isGroupShare ? $groupFileTarget : $fileTarget;
-
-		\OC_Hook::emit(\OCP\Share::class, 'post_shared', $postHookData);
-
-
-		return $id ? $id : false;
-	}
-
-	/**
-	 * @param string $itemType
-	 * @param string $itemSource
-	 * @param int $shareType
-	 * @param string $shareWith
-	 * @param string $uidOwner
-	 * @param int $permissions
-	 * @param string|null $itemSourceName
-	 * @param null|\DateTime $expirationDate
-	 * @deprecated TESTS ONLY - this methods is only used by tests
-	 * called like this:
-	 * self::checkReshare('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions, null, null);
-	 */
-	private static function checkReshare($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, $itemSourceName, $expirationDate) {
-		$backend = self::getBackend($itemType);
-
-		$result = [];
-
-		$column = ($itemType === 'file' || $itemType === 'folder') ? 'file_source' : 'item_source';
-
-		$checkReshare = self::getItemSharedWithBySource($itemType, $itemSource, self::FORMAT_NONE, null, true);
-		if ($checkReshare) {
-			// Check if attempting to share back to owner
-			if ($checkReshare['uid_owner'] == $shareWith) {
-				$message = 'Sharing %1$s failed, because the user %2$s is the original sharer';
-				throw new \Exception(sprintf($message, $itemSourceName, $shareWith));
-			}
-		}
-
-		if ($checkReshare && $checkReshare['uid_owner'] !== \OC_User::getUser()) {
-			// Check if share permissions is granted
-			if (self::isResharingAllowed() && (int)$checkReshare['permissions'] & \OCP\Constants::PERMISSION_SHARE) {
-				if (~(int)$checkReshare['permissions'] & $permissions) {
-					$message = 'Sharing %1$s failed, because the permissions exceed permissions granted to %2$s';
-					throw new \Exception(sprintf($message, $itemSourceName, $uidOwner));
-				} else {
-					// TODO Don't check if inside folder
-					$result['parent'] = $checkReshare['id'];
-
-					$result['expirationDate'] = $expirationDate;
-					// $checkReshare['expiration'] could be null and then is always less than any value
-					if(isset($checkReshare['expiration']) && $checkReshare['expiration'] < $expirationDate) {
-						$result['expirationDate'] = $checkReshare['expiration'];
-					}
-
-					// only suggest the same name as new target if it is a reshare of the
-					// same file/folder and not the reshare of a child
-					if ($checkReshare[$column] === $itemSource) {
-						$result['filePath'] = $checkReshare['file_target'];
-						$result['itemSource'] = $checkReshare['item_source'];
-						$result['fileSource'] = $checkReshare['file_source'];
-						$result['suggestedItemTarget'] = $checkReshare['item_target'];
-						$result['suggestedFileTarget'] = $checkReshare['file_target'];
-					} else {
-						$result['filePath'] = ($backend instanceof \OCP\Share_Backend_File_Dependent) ? $backend->getFilePath($itemSource, $uidOwner) : null;
-						$result['suggestedItemTarget'] = null;
-						$result['suggestedFileTarget'] = null;
-						$result['itemSource'] = $itemSource;
-						$result['fileSource'] = ($backend instanceof \OCP\Share_Backend_File_Dependent) ? $itemSource : null;
-					}
-				}
-			} else {
-				$message = 'Sharing %s failed, because resharing is not allowed';
-				throw new \Exception(sprintf($message, $itemSourceName));
-			}
-		} else {
-			$result['parent'] = null;
-			$result['suggestedItemTarget'] = null;
-			$result['suggestedFileTarget'] = null;
-			$result['itemSource'] = $itemSource;
-			$result['expirationDate'] = $expirationDate;
-			if (!$backend->isValidSource($itemSource, $uidOwner)) {
-				$message = 'Sharing %1$s failed, because the sharing backend for '
-					.'%2$s could not find its source';
-				throw new \Exception(sprintf($message, $itemSource, $itemType));
-			}
-			if ($backend instanceof \OCP\Share_Backend_File_Dependent) {
-				$result['filePath'] = $backend->getFilePath($itemSource, $uidOwner);
-					$meta = \OC\Files\Filesystem::getFileInfo($result['filePath']);
-					$result['fileSource'] = $meta['fileid'];
-				if ($result['fileSource'] == -1) {
-					$message = 'Sharing %s failed, because the file could not be found in the file cache';
-					throw new \Exception(sprintf($message, $itemSource));
-				}
-			} else {
-				$result['filePath'] = null;
-				$result['fileSource'] = null;
-			}
-		}
-
-		return $result;
-	}
-
-	/**
-	 *
-	 * @param array $shareData
-	 * @return mixed false in case of a failure or the id of the new share
-	 */
-	private static function insertShare(array $shareData) {
-
-		$query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
-			.' `item_type`, `item_source`, `item_target`, `share_type`,'
-			.' `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`,'
-			.' `file_target`, `token`, `parent`, `expiration`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)');
-		$query->bindValue(1, $shareData['itemType']);
-		$query->bindValue(2, $shareData['itemSource']);
-		$query->bindValue(3, $shareData['itemTarget']);
-		$query->bindValue(4, $shareData['shareType']);
-		$query->bindValue(5, $shareData['shareWith']);
-		$query->bindValue(6, $shareData['uidOwner']);
-		$query->bindValue(7, $shareData['permissions']);
-		$query->bindValue(8, $shareData['shareTime']);
-		$query->bindValue(9, $shareData['fileSource']);
-		$query->bindValue(10, $shareData['fileTarget']);
-		$query->bindValue(11, $shareData['token']);
-		$query->bindValue(12, $shareData['parent']);
-		$query->bindValue(13, $shareData['expiration'], 'datetime');
-		$result = $query->execute();
-
-		$id = false;
-		if ($result) {
-			$id =  \OC::$server->getDatabaseConnection()->lastInsertId('*PREFIX*share');
-		}
-
-		return $id;
-
-	}
-
-	/**
-	 * construct select statement
-	 * @param int $format
-	 * @param boolean $fileDependent ist it a file/folder share or a generla share
-	 * @param string $uidOwner
-	 * @return string select statement
-	 */
-	private static function createSelectStatement($format, $fileDependent, $uidOwner = null) {
-		$select = '*';
-		if ($format == self::FORMAT_STATUSES) {
-			if ($fileDependent) {
-				$select = '`*PREFIX*share`.`id`, `*PREFIX*share`.`parent`, `share_type`, `path`, `storage`, '
-					. '`share_with`, `uid_owner` , `file_source`, `stime`, `*PREFIX*share`.`permissions`, '
-					. '`*PREFIX*storages`.`id` AS `storage_id`, `*PREFIX*filecache`.`parent` as `file_parent`, '
-					. '`uid_initiator`';
-			} else {
-				$select = '`id`, `parent`, `share_type`, `share_with`, `uid_owner`, `item_source`, `stime`, `*PREFIX*share`.`permissions`';
-			}
-		} else {
-			if (isset($uidOwner)) {
-				if ($fileDependent) {
-					$select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `*PREFIX*share`.`parent`,'
-						. ' `share_type`, `share_with`, `file_source`, `file_target`, `path`, `*PREFIX*share`.`permissions`, `stime`,'
-						. ' `expiration`, `token`, `storage`, `mail_send`, `uid_owner`, '
-						. '`*PREFIX*storages`.`id` AS `storage_id`, `*PREFIX*filecache`.`parent` as `file_parent`';
-				} else {
-					$select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `*PREFIX*share`.`permissions`,'
-						. ' `stime`, `file_source`, `expiration`, `token`, `mail_send`, `uid_owner`';
-				}
-			} else {
-				if ($fileDependent) {
-					if ($format == \OCA\Files_Sharing\ShareBackend\File::FORMAT_GET_FOLDER_CONTENTS || $format == \OCA\Files_Sharing\ShareBackend\File::FORMAT_FILE_APP_ROOT) {
-						$select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `*PREFIX*share`.`parent`, `uid_owner`, '
-							. '`share_type`, `share_with`, `file_source`, `path`, `file_target`, `stime`, '
-							. '`*PREFIX*share`.`permissions`, `expiration`, `storage`, `*PREFIX*filecache`.`parent` as `file_parent`, '
-							. '`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`, `mail_send`';
-					} else {
-						$select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`,'
-							. '`*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`,'
-							. '`file_source`, `path`, `file_target`, `*PREFIX*share`.`permissions`,'
-							. '`stime`, `expiration`, `token`, `storage`, `mail_send`,'
-							. '`*PREFIX*storages`.`id` AS `storage_id`, `*PREFIX*filecache`.`parent` as `file_parent`';
-					}
-				}
-			}
-		}
-		return $select;
-	}
-
-
-	/**
-	 * transform db results
-	 * @param array $row result
-	 */
-	private static function transformDBResults(&$row) {
-		if (isset($row['id'])) {
-			$row['id'] = (int) $row['id'];
-		}
-		if (isset($row['share_type'])) {
-			$row['share_type'] = (int) $row['share_type'];
-		}
-		if (isset($row['parent'])) {
-			$row['parent'] = (int) $row['parent'];
-		}
-		if (isset($row['file_parent'])) {
-			$row['file_parent'] = (int) $row['file_parent'];
-		}
-		if (isset($row['file_source'])) {
-			$row['file_source'] = (int) $row['file_source'];
-		}
-		if (isset($row['permissions'])) {
-			$row['permissions'] = (int) $row['permissions'];
-		}
-		if (isset($row['storage'])) {
-			$row['storage'] = (int) $row['storage'];
-		}
-		if (isset($row['stime'])) {
-			$row['stime'] = (int) $row['stime'];
-		}
-		if (isset($row['expiration']) && $row['share_type'] !== self::SHARE_TYPE_LINK) {
-			// discard expiration date for non-link shares, which might have been
-			// set by ancient bugs
-			$row['expiration'] = null;
-		}
-	}
-
-	/**
-	 * format result
-	 * @param array $items result
-	 * @param string $column is it a file share or a general share ('file_target' or 'item_target')
-	 * @param \OCP\Share_Backend $backend sharing backend
-	 * @param int $format
-	 * @param array $parameters additional format parameters
-	 * @return array format result
-	 */
-	private static function formatResult($items, $column, $backend, $format = self::FORMAT_NONE , $parameters = null) {
-		if ($format === self::FORMAT_NONE) {
-			return $items;
-		} else if ($format === self::FORMAT_STATUSES) {
-			$statuses = [];
-			foreach ($items as $item) {
-				if ($item['share_type'] === self::SHARE_TYPE_LINK) {
-					if ($item['uid_initiator'] !== \OC::$server->getUserSession()->getUser()->getUID()) {
-						continue;
-					}
-					$statuses[$item[$column]]['link'] = true;
-				} else if (!isset($statuses[$item[$column]])) {
-					$statuses[$item[$column]]['link'] = false;
-				}
-				if (!empty($item['file_target'])) {
-					$statuses[$item[$column]]['path'] = $item['path'];
-				}
-			}
-			return $statuses;
-		} else {
-			return $backend->formatItems($items, $format, $parameters);
-		}
-	}
-
-	/**
-	 * remove protocol from URL
-	 *
-	 * @param string $url
-	 * @return string
-	 */
-	public static function removeProtocolFromUrl($url) {
-		if (strpos($url, 'https://') === 0) {
-			return substr($url, strlen('https://'));
-		} else if (strpos($url, 'http://') === 0) {
-			return substr($url, strlen('http://'));
-		}
-
-		return $url;
-	}
-
-	/**
-	 * try http post first with https and then with http as a fallback
-	 *
-	 * @param string $remoteDomain
-	 * @param string $urlSuffix
-	 * @param array $fields post parameters
-	 * @return array
-	 */
-	private static function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields) {
-		$protocol = 'https://';
-		$result = [
-			'success' => false,
-			'result' => '',
-		];
-		$try = 0;
-		$discoveryService = \OC::$server->query(\OCP\OCS\IDiscoveryService::class);
-		while ($result['success'] === false && $try < 2) {
-			$federationEndpoints = $discoveryService->discover($protocol . $remoteDomain, 'FEDERATED_SHARING');
-			$endpoint = isset($federationEndpoints['share']) ? $federationEndpoints['share'] : '/ocs/v2.php/cloud/shares';
-			$client = \OC::$server->getHTTPClientService()->newClient();
-
-			try {
-				$response = $client->post(
-					$protocol . $remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT,
-					[
-						'body' => $fields,
-						'connect_timeout' => 10,
-					]
-				);
-
-				$result = ['success' => true, 'result' => $response->getBody()];
-			} catch (\Exception $e) {
-				$result = ['success' => false, 'result' => $e->getMessage()];
-			}
-
-			$try++;
-			$protocol = 'http://';
-		}
-
-		return $result;
-	}
-
-	/**
-	 * send server-to-server unshare to remote server
-	 *
-	 * @param string $remote url
-	 * @param int $id share id
-	 * @param string $token
-	 * @return bool
-	 */
-	private static function sendRemoteUnshare($remote, $id, $token) {
-		$url = rtrim($remote, '/');
-		$fields = ['token' => $token, 'format' => 'json'];
-		$url = self::removeProtocolFromUrl($url);
-		$result = self::tryHttpPostToShareEndpoint($url, '/'.$id.'/unshare', $fields);
-		$status = json_decode($result['result'], true);
-
-		return ($result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200));
-	}
-
-	/**
-	 * @return int
-	 */
-	public static function getExpireInterval() {
-		return (int)\OC::$server->getConfig()->getAppValue('core', 'shareapi_expire_after_n_days', '7');
-	}
-
-	/**
-	 * Checks whether the given path is reachable for the given owner
-	 *
-	 * @param string $path path relative to files
-	 * @param string $ownerStorageId storage id of the owner
-	 *
-	 * @return boolean true if file is reachable, false otherwise
-	 */
-	private static function isFileReachable($path, $ownerStorageId) {
-		// if outside the home storage, file is always considered reachable
-		if (!(substr($ownerStorageId, 0, 6) === 'home::' ||
-			substr($ownerStorageId, 0, 13) === 'object::user:'
-		)) {
-			return true;
-		}
-
-		// if inside the home storage, the file has to be under "/files/"
-		$path = ltrim($path, '/');
-		if (substr($path, 0, 6) === 'files/') {
-			return true;
-		}
-
-		return false;
-	}
+    /** CRUDS permissions (Create, Read, Update, Delete, Share) using a bitmask
+     * Construct permissions for share() and setPermissions with Or (|) e.g.
+     * Give user read and update permissions: PERMISSION_READ | PERMISSION_UPDATE
+     *
+     * Check if permission is granted with And (&) e.g. Check if delete is
+     * granted: if ($permissions & PERMISSION_DELETE)
+     *
+     * Remove permissions with And (&) and Not (~) e.g. Remove the update
+     * permission: $permissions &= ~PERMISSION_UPDATE
+     *
+     * Apps are required to handle permissions on their own, this class only
+     * stores and manages the permissions of shares
+     * @see lib/public/constants.php
+     */
+
+    /**
+     * Register a sharing backend class that implements OCP\Share_Backend for an item type
+     * @param string $itemType Item type
+     * @param string $class Backend class
+     * @param string $collectionOf (optional) Depends on item type
+     * @param array $supportedFileExtensions (optional) List of supported file extensions if this item type depends on files
+     * @return boolean true if backend is registered or false if error
+     */
+    public static function registerBackend($itemType, $class, $collectionOf = null, $supportedFileExtensions = null) {
+        if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_enabled', 'yes') == 'yes') {
+            if (!isset(self::$backendTypes[$itemType])) {
+                self::$backendTypes[$itemType] = [
+                    'class' => $class,
+                    'collectionOf' => $collectionOf,
+                    'supportedFileExtensions' => $supportedFileExtensions
+                ];
+                return true;
+            }
+            \OCP\Util::writeLog('OCP\Share',
+                'Sharing backend '.$class.' not registered, '.self::$backendTypes[$itemType]['class']
+                .' is already registered for '.$itemType,
+                ILogger::WARN);
+        }
+        return false;
+    }
+
+    /**
+     * Get the items of item type shared with the current user
+     * @param string $itemType
+     * @param int $format (optional) Format type must be defined by the backend
+     * @param mixed $parameters (optional)
+     * @param int $limit Number of items to return (optional) Returns all by default
+     * @param boolean $includeCollections (optional)
+     * @return mixed Return depends on format
+     * @deprecated TESTS ONLY - this methods is only used by tests
+     * called like this:
+     * \OC\Share\Share::getItemsSharedWith('folder'); (apps/files_sharing/tests/UpdaterTest.php)
+     */
+    public static function getItemsSharedWith() {
+        return self::getItems('folder', null, self::$shareTypeUserAndGroups, \OC_User::getUser(), null, self::FORMAT_NONE,
+            null, -1, false);
+    }
+
+    /**
+     * Get the items of item type shared with a user
+     * @param string $itemType
+     * @param string $user id for which user we want the shares
+     * @param int $format (optional) Format type must be defined by the backend
+     * @param mixed $parameters (optional)
+     * @param int $limit Number of items to return (optional) Returns all by default
+     * @param boolean $includeCollections (optional)
+     * @return mixed Return depends on format
+     */
+    public static function getItemsSharedWithUser($itemType, $user, $format = self::FORMAT_NONE,
+                                                    $parameters = null, $limit = -1, $includeCollections = false) {
+        return self::getItems($itemType, null, self::$shareTypeUserAndGroups, $user, null, $format,
+            $parameters, $limit, $includeCollections);
+    }
+
+    /**
+     * Get the item of item type shared with a given user by source
+     * @param string $itemType
+     * @param string $itemSource
+     * @param string $user User to whom the item was shared
+     * @param string $owner Owner of the share
+     * @param int $shareType only look for a specific share type
+     * @return array Return list of items with file_target, permissions and expiration
+     */
+    public static function getItemSharedWithUser($itemType, $itemSource, $user, $owner = null, $shareType = null) {
+        $shares = [];
+        $fileDependent = false;
+
+        $where = 'WHERE';
+        $fileDependentWhere = '';
+        if ($itemType === 'file' || $itemType === 'folder') {
+            $fileDependent = true;
+            $column = 'file_source';
+            $fileDependentWhere = 'INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` ';
+            $fileDependentWhere .= 'INNER JOIN `*PREFIX*storages` ON `numeric_id` = `*PREFIX*filecache`.`storage` ';
+        } else {
+            $column = 'item_source';
+        }
+
+        $select = self::createSelectStatement(self::FORMAT_NONE, $fileDependent);
+
+        $where .= ' `' . $column . '` = ? AND `item_type` = ? ';
+        $arguments = [$itemSource, $itemType];
+        // for link shares $user === null
+        if ($user !== null) {
+            $where .= ' AND `share_with` = ? ';
+            $arguments[] = $user;
+        }
+
+        if ($shareType !== null) {
+            $where .= ' AND `share_type` = ? ';
+            $arguments[] = $shareType;
+        }
+
+        if ($owner !== null) {
+            $where .= ' AND `uid_owner` = ? ';
+            $arguments[] = $owner;
+        }
+
+        $query = \OC_DB::prepare('SELECT ' . $select . ' FROM `*PREFIX*share` '. $fileDependentWhere . $where);
+
+        $result = \OC_DB::executeAudited($query, $arguments);
+
+        while ($row = $result->fetchRow()) {
+            if ($fileDependent && !self::isFileReachable($row['path'], $row['storage_id'])) {
+                continue;
+            }
+            if ($fileDependent && (int)$row['file_parent'] === -1) {
+                // if it is a mount point we need to get the path from the mount manager
+                $mountManager = \OC\Files\Filesystem::getMountManager();
+                $mountPoint = $mountManager->findByStorageId($row['storage_id']);
+                if (!empty($mountPoint)) {
+                    $path = $mountPoint[0]->getMountPoint();
+                    $path = trim($path, '/');
+                    $path = substr($path, strlen($owner) + 1); //normalize path to 'files/foo.txt`
+                    $row['path'] = $path;
+                } else {
+                    \OC::$server->getLogger()->warning(
+                        'Could not resolve mount point for ' . $row['storage_id'],
+                        ['app' => 'OCP\Share']
+                    );
+                }
+            }
+            $shares[] = $row;
+        }
+
+        //if didn't found a result than let's look for a group share.
+        if(empty($shares) && $user !== null) {
+            $userObject = \OC::$server->getUserManager()->get($user);
+            $groups = [];
+            if ($userObject) {
+                $groups = \OC::$server->getGroupManager()->getUserGroupIds($userObject);
+            }
+
+            if (!empty($groups)) {
+                $where = $fileDependentWhere . ' WHERE `' . $column . '` = ? AND `item_type` = ? AND `share_with` in (?)';
+                $arguments = [$itemSource, $itemType, $groups];
+                $types = [null, null, IQueryBuilder::PARAM_STR_ARRAY];
+
+                if ($owner !== null) {
+                    $where .= ' AND `uid_owner` = ?';
+                    $arguments[] = $owner;
+                    $types[] = null;
+                }
+
+                // TODO: inject connection, hopefully one day in the future when this
+                // class isn't static anymore...
+                $conn = \OC::$server->getDatabaseConnection();
+                $result = $conn->executeQuery(
+                    'SELECT ' . $select . ' FROM `*PREFIX*share` ' . $where,
+                    $arguments,
+                    $types
+                );
+
+                while ($row = $result->fetch()) {
+                    $shares[] = $row;
+                }
+            }
+        }
+
+        return $shares;
+
+    }
+
+    /**
+     * Get the item of item type shared with the current user by source
+     * @param string $itemType
+     * @param string $itemSource
+     * @param int $format (optional) Format type must be defined by the backend
+     * @param mixed $parameters
+     * @param boolean $includeCollections
+     * @param string $shareWith (optional) define against which user should be checked, default: current user
+     * @return array
+     */
+    public static function getItemSharedWithBySource($itemType, $itemSource, $format = self::FORMAT_NONE,
+                                                        $parameters = null, $includeCollections = false, $shareWith = null) {
+        $shareWith = ($shareWith === null) ? \OC_User::getUser() : $shareWith;
+        return self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups, $shareWith, null, $format,
+            $parameters, 1, $includeCollections, true);
+    }
+
+    /**
+     * Get the shared item of item type owned by the current user
+     * @param string $itemType
+     * @param string $itemSource
+     * @param int $format (optional) Format type must be defined by the backend
+     * @param mixed $parameters
+     * @param boolean $includeCollections
+     * @return mixed Return depends on format
+     */
+    public static function getItemShared($itemType, $itemSource, $format = self::FORMAT_NONE,
+                                            $parameters = null, $includeCollections = false) {
+        return self::getItems($itemType, $itemSource, null, null, \OC_User::getUser(), $format,
+            $parameters, -1, $includeCollections);
+    }
+
+    /**
+     * Share an item with a user, group, or via private link
+     * @param string $itemType
+     * @param string $itemSource
+     * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
+     * @param string $shareWith User or group the item is being shared with
+     * @param int $permissions CRUDS
+     * @param string $itemSourceName
+     * @param \DateTime|null $expirationDate
+     * @return boolean|string Returns true on success or false on failure, Returns token on success for links
+     * @throws \OC\HintException when the share type is remote and the shareWith is invalid
+     * @throws \Exception
+     * @since 5.0.0 - parameter $itemSourceName was added in 6.0.0, parameter $expirationDate was added in 7.0.0, parameter $passwordChanged added in 9.0.0
+     * @deprecated 14.0.0 TESTS ONLY - this methods is as of 2018-06 only used by tests
+     * called like this:
+     * \OC\Share\Share::shareItem('test', 1, \OCP\Share::SHARE_TYPE_USER, $otherUserId, \OCP\Constants::PERMISSION_READ);
+     */
+    public static function shareItem($itemType, $itemSource, $shareType, $shareWith, $permissions) {
+        $backend = self::getBackend($itemType);
+
+        if ($backend->isShareTypeAllowed($shareType) === false) {
+            $message = 'Sharing failed, because the backend does not allow shares from type %i';
+            throw new \Exception(sprintf($message, $shareType));
+        }
+
+        $uidOwner = \OC_User::getUser();
+
+        // Verify share type and sharing conditions are met
+        if ($shareType === self::SHARE_TYPE_USER) {
+            if ($shareWith == $uidOwner) {
+                $message = 'Sharing failed, because you can not share with yourself';
+                throw new \Exception($message);
+            }
+            if (!\OC::$server->getUserManager()->userExists($shareWith)) {
+                $message = 'Sharing failed, because the user %s does not exist';
+                throw new \Exception(sprintf($message, $shareWith));
+            }
+            // Check if the item source is already shared with the user, either from the same owner or a different user
+            if ($checkExists = self::getItems($itemType, $itemSource, self::$shareTypeUserAndGroups,
+                $shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
+                // Only allow the same share to occur again if it is the same
+                // owner and is not a user share, this use case is for increasing
+                // permissions for a specific user
+                if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
+                    $message = 'Sharing failed, because this item is already shared with %s';
+                    throw new \Exception(sprintf($message, $shareWith));
+                }
+            }
+            if ($checkExists = self::getItems($itemType, $itemSource, self::SHARE_TYPE_USER,
+                $shareWith, null, self::FORMAT_NONE, null, 1, true, true)) {
+                // Only allow the same share to occur again if it is the same
+                // owner and is not a user share, this use case is for increasing
+                // permissions for a specific user
+                if ($checkExists['uid_owner'] != $uidOwner || $checkExists['share_type'] == $shareType) {
+                    $message = 'Sharing failed, because this item is already shared with user %s';
+                    throw new \Exception(sprintf($message, $shareWith));
+                }
+            }
+        }
+
+        // Put the item into the database
+        $result = self::put('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions);
+
+        return $result ? true : false;
+    }
+
+    /**
+     * Unshare an item from a user, group, or delete a private link
+     * @param string $itemType
+     * @param string $itemSource
+     * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
+     * @param string $shareWith User or group the item is being shared with
+     * @param string $owner owner of the share, if null the current user is used
+     * @return boolean true on success or false on failure
+     */
+    public static function unshare($itemType, $itemSource, $shareType, $shareWith, $owner = null) {
+
+        // check if it is a valid itemType
+        self::getBackend($itemType);
+
+        $items = self::getItemSharedWithUser($itemType, $itemSource, $shareWith, $owner, $shareType);
+
+        $toDelete = [];
+        $newParent = null;
+        $currentUser = $owner ? $owner : \OC_User::getUser();
+        foreach ($items as $item) {
+            // delete the item with the expected share_type and owner
+            if ((int)$item['share_type'] === (int)$shareType && $item['uid_owner'] === $currentUser) {
+                $toDelete = $item;
+                // if there is more then one result we don't have to delete the children
+                // but update their parent. For group shares the new parent should always be
+                // the original group share and not the db entry with the unique name
+            } else if ((int)$item['share_type'] === self::$shareTypeGroupUserUnique) {
+                $newParent = $item['parent'];
+            } else {
+                $newParent = $item['id'];
+            }
+        }
+
+        if (!empty($toDelete)) {
+            self::unshareItem($toDelete, $newParent);
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Checks whether a share has expired, calls unshareItem() if yes.
+     * @param array $item Share data (usually database row)
+     * @return boolean True if item was expired, false otherwise.
+     */
+    protected static function expireItem(array $item) {
+
+        $result = false;
+
+        // only use default expiration date for link shares
+        if ((int) $item['share_type'] === self::SHARE_TYPE_LINK) {
+
+            // calculate expiration date
+            if (!empty($item['expiration'])) {
+                $userDefinedExpire = new \DateTime($item['expiration']);
+                $expires = $userDefinedExpire->getTimestamp();
+            } else {
+                $expires = null;
+            }
+
+
+            // get default expiration settings
+            $defaultSettings = Helper::getDefaultExpireSetting();
+            $expires = Helper::calculateExpireDate($defaultSettings, $item['stime'], $expires);
+
+
+            if (is_int($expires)) {
+                $now = time();
+                if ($now > $expires) {
+                    self::unshareItem($item);
+                    $result = true;
+                }
+            }
+        }
+        return $result;
+    }
+
+    /**
+     * Unshares a share given a share data array
+     * @param array $item Share data (usually database row)
+     * @param int $newParent parent ID
+     * @return null
+     */
+    protected static function unshareItem(array $item, $newParent = null) {
+
+        $shareType = (int)$item['share_type'];
+        $shareWith = null;
+        if ($shareType !== \OCP\Share::SHARE_TYPE_LINK) {
+            $shareWith = $item['share_with'];
+        }
+
+        // Pass all the vars we have for now, they may be useful
+        $hookParams = [
+            'id'            => $item['id'],
+            'itemType'      => $item['item_type'],
+            'itemSource'    => $item['item_source'],
+            'shareType'     => $shareType,
+            'shareWith'     => $shareWith,
+            'itemParent'    => $item['parent'],
+            'uidOwner'      => $item['uid_owner'],
+        ];
+        if($item['item_type'] === 'file' || $item['item_type'] === 'folder') {
+            $hookParams['fileSource'] = $item['file_source'];
+            $hookParams['fileTarget'] = $item['file_target'];
+        }
+
+        \OC_Hook::emit(\OCP\Share::class, 'pre_unshare', $hookParams);
+        $deletedShares = Helper::delete($item['id'], false, null, $newParent);
+        $deletedShares[] = $hookParams;
+        $hookParams['deletedShares'] = $deletedShares;
+        \OC_Hook::emit(\OCP\Share::class, 'post_unshare', $hookParams);
+        if ((int)$item['share_type'] === \OCP\Share::SHARE_TYPE_REMOTE && \OC::$server->getUserSession()->getUser()) {
+            list(, $remote) = Helper::splitUserRemote($item['share_with']);
+            self::sendRemoteUnshare($remote, $item['id'], $item['token']);
+        }
+    }
+
+    /**
+     * Get the backend class for the specified item type
+     * @param string $itemType
+     * @throws \Exception
+     * @return \OCP\Share_Backend
+     */
+    public static function getBackend($itemType) {
+        $l = \OC::$server->getL10N('lib');
+        if (isset(self::$backends[$itemType])) {
+            return self::$backends[$itemType];
+        } else if (isset(self::$backendTypes[$itemType]['class'])) {
+            $class = self::$backendTypes[$itemType]['class'];
+            if (class_exists($class)) {
+                self::$backends[$itemType] = new $class;
+                if (!(self::$backends[$itemType] instanceof \OCP\Share_Backend)) {
+                    $message = 'Sharing backend %s must implement the interface OCP\Share_Backend';
+                    $message_t = $l->t('Sharing backend %s must implement the interface OCP\Share_Backend', [$class]);
+                    \OCP\Util::writeLog('OCP\Share', sprintf($message, $class), ILogger::ERROR);
+                    throw new \Exception($message_t);
+                }
+                return self::$backends[$itemType];
+            } else {
+                $message = 'Sharing backend %s not found';
+                $message_t = $l->t('Sharing backend %s not found', [$class]);
+                \OCP\Util::writeLog('OCP\Share', sprintf($message, $class), ILogger::ERROR);
+                throw new \Exception($message_t);
+            }
+        }
+        $message = 'Sharing backend for %s not found';
+        $message_t = $l->t('Sharing backend for %s not found', [$itemType]);
+        \OCP\Util::writeLog('OCP\Share', sprintf($message, $itemType), ILogger::ERROR);
+        throw new \Exception($message_t);
+    }
+
+    /**
+     * Check if resharing is allowed
+     * @return boolean true if allowed or false
+     *
+     * Resharing is allowed by default if not configured
+     */
+    public static function isResharingAllowed() {
+        if (!isset(self::$isResharingAllowed)) {
+            if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_allow_resharing', 'yes') == 'yes') {
+                self::$isResharingAllowed = true;
+            } else {
+                self::$isResharingAllowed = false;
+            }
+        }
+        return self::$isResharingAllowed;
+    }
+
+    /**
+     * Get a list of collection item types for the specified item type
+     * @param string $itemType
+     * @return array
+     */
+    private static function getCollectionItemTypes($itemType) {
+        $collectionTypes = [$itemType];
+        foreach (self::$backendTypes as $type => $backend) {
+            if (in_array($backend['collectionOf'], $collectionTypes)) {
+                $collectionTypes[] = $type;
+            }
+        }
+        // TODO Add option for collections to be collection of themselves, only 'folder' does it now...
+        if (isset(self::$backendTypes[$itemType]) && (!self::getBackend($itemType) instanceof \OCP\Share_Backend_Collection || $itemType != 'folder')) {
+            unset($collectionTypes[0]);
+        }
+        // Return array if collections were found or the item type is a
+        // collection itself - collections can be inside collections
+        if (count($collectionTypes) > 0) {
+            return $collectionTypes;
+        }
+        return false;
+    }
+
+    /**
+     * Get the owners of items shared with a user.
+     *
+     * @param string $user The user the items are shared with.
+     * @param string $type The type of the items shared with the user.
+     * @param boolean $includeCollections Include collection item types (optional)
+     * @param boolean $includeOwner include owner in the list of users the item is shared with (optional)
+     * @return array
+     * @deprecated TESTS ONLY - this methods is only used by tests
+     * called like this:
+     * \OC\Share\Share::getSharedItemsOwners($this->user, $this->type, true)
+     */
+    public static function getSharedItemsOwners($user, $type, $includeCollections = false, $includeOwner = false) {
+        // First, we find out if $type is part of a collection (and if that collection is part of
+        // another one and so on).
+        $collectionTypes = [];
+        if (!$includeCollections || !$collectionTypes = self::getCollectionItemTypes($type)) {
+            $collectionTypes[] = $type;
+        }
+
+        // Of these collection types, along with our original $type, we make a
+        // list of the ones for which a sharing backend has been registered.
+        // FIXME: Ideally, we wouldn't need to nest getItemsSharedWith in this loop but just call it
+        // with its $includeCollections parameter set to true. Unfortunately, this fails currently.
+        $allMaybeSharedItems = [];
+        foreach ($collectionTypes as $collectionType) {
+            if (isset(self::$backends[$collectionType])) {
+                $allMaybeSharedItems[$collectionType] = self::getItemsSharedWithUser(
+                    $collectionType,
+                    $user,
+                    self::FORMAT_NONE
+                );
+            }
+        }
+
+        $owners = [];
+        if ($includeOwner) {
+            $owners[] = $user;
+        }
+
+        // We take a look at all shared items of the given $type (or of the collections it is part of)
+        // and find out their owners. Then, we gather the tags for the original $type from all owners,
+        // and return them as elements of a list that look like "Tag (owner)".
+        foreach ($allMaybeSharedItems as $collectionType => $maybeSharedItems) {
+            foreach ($maybeSharedItems as $sharedItem) {
+                if (isset($sharedItem['id'])) { //workaround for https://github.com/owncloud/core/issues/2814
+                    $owners[] = $sharedItem['uid_owner'];
+                }
+            }
+        }
+
+        return $owners;
+    }
+
+    /**
+     * Get shared items from the database
+     * @param string $itemType
+     * @param string $item Item source or target (optional)
+     * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, SHARE_TYPE_LINK, $shareTypeUserAndGroups, or $shareTypeGroupUserUnique
+     * @param string $shareWith User or group the item is being shared with
+     * @param string $uidOwner User that is the owner of shared items (optional)
+     * @param int $format Format to convert items to with formatItems() (optional)
+     * @param mixed $parameters to pass to formatItems() (optional)
+     * @param int $limit Number of items to return, -1 to return all matches (optional)
+     * @param boolean $includeCollections Include collection item types (optional)
+     * @param boolean $itemShareWithBySource (optional)
+     * @param boolean $checkExpireDate
+     * @return array
+     *
+     * See public functions getItem(s)... for parameter usage
+     *
+     */
+    public static function getItems($itemType, $item = null, $shareType = null, $shareWith = null,
+                                    $uidOwner = null, $format = self::FORMAT_NONE, $parameters = null, $limit = -1,
+                                    $includeCollections = false, $itemShareWithBySource = false, $checkExpireDate  = true) {
+        if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_enabled', 'yes') != 'yes') {
+            return [];
+        }
+        $backend = self::getBackend($itemType);
+        $collectionTypes = false;
+        // Get filesystem root to add it to the file target and remove from the
+        // file source, match file_source with the file cache
+        if ($itemType == 'file' || $itemType == 'folder') {
+            if(!is_null($uidOwner)) {
+                $root = \OC\Files\Filesystem::getRoot();
+            } else {
+                $root = '';
+            }
+            $where = 'INNER JOIN `*PREFIX*filecache` ON `file_source` = `*PREFIX*filecache`.`fileid` ';
+            if (!isset($item)) {
+                $where .= ' AND `file_target` IS NOT NULL ';
+            }
+            $where .= 'INNER JOIN `*PREFIX*storages` ON `numeric_id` = `*PREFIX*filecache`.`storage` ';
+            $fileDependent = true;
+            $queryArgs = [];
+        } else {
+            $fileDependent = false;
+            $root = '';
+            $collectionTypes = self::getCollectionItemTypes($itemType);
+            if ($includeCollections && !isset($item) && $collectionTypes) {
+                // If includeCollections is true, find collections of this item type, e.g. a music album contains songs
+                if (!in_array($itemType, $collectionTypes)) {
+                    $itemTypes = array_merge([$itemType], $collectionTypes);
+                } else {
+                    $itemTypes = $collectionTypes;
+                }
+                $placeholders = implode(',', array_fill(0, count($itemTypes), '?'));
+                $where = ' WHERE `item_type` IN ('.$placeholders.'))';
+                $queryArgs = $itemTypes;
+            } else {
+                $where = ' WHERE `item_type` = ?';
+                $queryArgs = [$itemType];
+            }
+        }
+        if (\OC::$server->getConfig()->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') {
+            $where .= ' AND `share_type` != ?';
+            $queryArgs[] = self::SHARE_TYPE_LINK;
+        }
+        if (isset($shareType)) {
+            // Include all user and group items
+            if ($shareType == self::$shareTypeUserAndGroups && isset($shareWith)) {
+                $where .= ' AND ((`share_type` in (?, ?) AND `share_with` = ?) ';
+                $queryArgs[] = self::SHARE_TYPE_USER;
+                $queryArgs[] = self::$shareTypeGroupUserUnique;
+                $queryArgs[] = $shareWith;
+
+                $user = \OC::$server->getUserManager()->get($shareWith);
+                $groups = [];
+                if ($user) {
+                    $groups = \OC::$server->getGroupManager()->getUserGroupIds($user);
+                }
+                if (!empty($groups)) {
+                    $placeholders = implode(',', array_fill(0, count($groups), '?'));
+                    $where .= ' OR (`share_type` = ? AND `share_with` IN ('.$placeholders.')) ';
+                    $queryArgs[] = self::SHARE_TYPE_GROUP;
+                    $queryArgs = array_merge($queryArgs, $groups);
+                }
+                $where .= ')';
+                // Don't include own group shares
+                $where .= ' AND `uid_owner` != ?';
+                $queryArgs[] = $shareWith;
+            } else {
+                $where .= ' AND `share_type` = ?';
+                $queryArgs[] = $shareType;
+                if (isset($shareWith)) {
+                    $where .= ' AND `share_with` = ?';
+                    $queryArgs[] = $shareWith;
+                }
+            }
+        }
+        if (isset($uidOwner)) {
+            $where .= ' AND `uid_owner` = ?';
+            $queryArgs[] = $uidOwner;
+            if (!isset($shareType)) {
+                // Prevent unique user targets for group shares from being selected
+                $where .= ' AND `share_type` != ?';
+                $queryArgs[] = self::$shareTypeGroupUserUnique;
+            }
+            if ($fileDependent) {
+                $column = 'file_source';
+            } else {
+                $column = 'item_source';
+            }
+        } else {
+            if ($fileDependent) {
+                $column = 'file_target';
+            } else {
+                $column = 'item_target';
+            }
+        }
+        if (isset($item)) {
+            $collectionTypes = self::getCollectionItemTypes($itemType);
+            if ($includeCollections && $collectionTypes && !in_array('folder', $collectionTypes)) {
+                $where .= ' AND (';
+            } else {
+                $where .= ' AND';
+            }
+            // If looking for own shared items, check item_source else check item_target
+            if (isset($uidOwner) || $itemShareWithBySource) {
+                // If item type is a file, file source needs to be checked in case the item was converted
+                if ($fileDependent) {
+                    $where .= ' `file_source` = ?';
+                    $column = 'file_source';
+                } else {
+                    $where .= ' `item_source` = ?';
+                    $column = 'item_source';
+                }
+            } else {
+                if ($fileDependent) {
+                    $where .= ' `file_target` = ?';
+                    $item = \OC\Files\Filesystem::normalizePath($item);
+                } else {
+                    $where .= ' `item_target` = ?';
+                }
+            }
+            $queryArgs[] = $item;
+            if ($includeCollections && $collectionTypes && !in_array('folder', $collectionTypes)) {
+                $placeholders = implode(',', array_fill(0, count($collectionTypes), '?'));
+                $where .= ' OR `item_type` IN ('.$placeholders.'))';
+                $queryArgs = array_merge($queryArgs, $collectionTypes);
+            }
+        }
+
+        if ($shareType == self::$shareTypeUserAndGroups && $limit === 1) {
+            // Make sure the unique user target is returned if it exists,
+            // unique targets should follow the group share in the database
+            // If the limit is not 1, the filtering can be done later
+            $where .= ' ORDER BY `*PREFIX*share`.`id` DESC';
+        } else {
+            $where .= ' ORDER BY `*PREFIX*share`.`id` ASC';
+        }
+
+        if ($limit != -1 && !$includeCollections) {
+            // The limit must be at least 3, because filtering needs to be done
+            if ($limit < 3) {
+                $queryLimit = 3;
+            } else {
+                $queryLimit = $limit;
+            }
+        } else {
+            $queryLimit = null;
+        }
+        $select = self::createSelectStatement($format, $fileDependent, $uidOwner);
+        $root = strlen($root);
+        $query = \OC_DB::prepare('SELECT '.$select.' FROM `*PREFIX*share` '.$where, $queryLimit);
+        $result = $query->execute($queryArgs);
+        if ($result === false) {
+            \OCP\Util::writeLog('OCP\Share',
+                \OC_DB::getErrorMessage() . ', select=' . $select . ' where=',
+                ILogger::ERROR);
+        }
+        $items = [];
+        $targets = [];
+        $switchedItems = [];
+        $mounts = [];
+        while ($row = $result->fetchRow()) {
+            self::transformDBResults($row);
+            // Filter out duplicate group shares for users with unique targets
+            if ($fileDependent && !self::isFileReachable($row['path'], $row['storage_id'])) {
+                continue;
+            }
+            if ($row['share_type'] == self::$shareTypeGroupUserUnique && isset($items[$row['parent']])) {
+                $row['share_type'] = self::SHARE_TYPE_GROUP;
+                $row['unique_name'] = true; // remember that we use a unique name for this user
+                $row['share_with'] = $items[$row['parent']]['share_with'];
+                // if the group share was unshared from the user we keep the permission, otherwise
+                // we take the permission from the parent because this is always the up-to-date
+                // permission for the group share
+                if ($row['permissions'] > 0) {
+                    $row['permissions'] = $items[$row['parent']]['permissions'];
+                }
+                // Remove the parent group share
+                unset($items[$row['parent']]);
+                if ($row['permissions'] == 0) {
+                    continue;
+                }
+            } else if (!isset($uidOwner)) {
+                // Check if the same target already exists
+                if (isset($targets[$row['id']])) {
+                    // Check if the same owner shared with the user twice
+                    // through a group and user share - this is allowed
+                    $id = $targets[$row['id']];
+                    if (isset($items[$id]) && $items[$id]['uid_owner'] == $row['uid_owner']) {
+                        // Switch to group share type to ensure resharing conditions aren't bypassed
+                        if ($items[$id]['share_type'] != self::SHARE_TYPE_GROUP) {
+                            $items[$id]['share_type'] = self::SHARE_TYPE_GROUP;
+                            $items[$id]['share_with'] = $row['share_with'];
+                        }
+                        // Switch ids if sharing permission is granted on only
+                        // one share to ensure correct parent is used if resharing
+                        if (~(int)$items[$id]['permissions'] & \OCP\Constants::PERMISSION_SHARE
+                            && (int)$row['permissions'] & \OCP\Constants::PERMISSION_SHARE) {
+                            $items[$row['id']] = $items[$id];
+                            $switchedItems[$id] = $row['id'];
+                            unset($items[$id]);
+                            $id = $row['id'];
+                        }
+                        $items[$id]['permissions'] |= (int)$row['permissions'];
+
+                    }
+                    continue;
+                } elseif (!empty($row['parent'])) {
+                    $targets[$row['parent']] = $row['id'];
+                }
+            }
+            // Remove root from file source paths if retrieving own shared items
+            if (isset($uidOwner) && isset($row['path'])) {
+                if (isset($row['parent'])) {
+                    $query = \OC_DB::prepare('SELECT `file_target` FROM `*PREFIX*share` WHERE `id` = ?');
+                    $parentResult = $query->execute([$row['parent']]);
+                    if ($result === false) {
+                        \OCP\Util::writeLog('OCP\Share', 'Can\'t select parent: ' .
+                            \OC_DB::getErrorMessage() . ', select=' . $select . ' where=' . $where,
+                            ILogger::ERROR);
+                    } else {
+                        $parentRow = $parentResult->fetchRow();
+                        $tmpPath = $parentRow['file_target'];
+                        // find the right position where the row path continues from the target path
+                        $pos = strrpos($row['path'], $parentRow['file_target']);
+                        $subPath = substr($row['path'], $pos);
+                        $splitPath = explode('/', $subPath);
+                        foreach (array_slice($splitPath, 2) as $pathPart) {
+                            $tmpPath = $tmpPath . '/' . $pathPart;
+                        }
+                        $row['path'] = $tmpPath;
+                    }
+                } else {
+                    if (!isset($mounts[$row['storage']])) {
+                        $mountPoints = \OC\Files\Filesystem::getMountByNumericId($row['storage']);
+                        if (is_array($mountPoints) && !empty($mountPoints)) {
+                            $mounts[$row['storage']] = current($mountPoints);
+                        }
+                    }
+                    if (!empty($mounts[$row['storage']])) {
+                        $path = $mounts[$row['storage']]->getMountPoint().$row['path'];
+                        $relPath = substr($path, $root); // path relative to data/user
+                        $row['path'] = rtrim($relPath, '/');
+                    }
+                }
+            }
+
+            if($checkExpireDate) {
+                if (self::expireItem($row)) {
+                    continue;
+                }
+            }
+            // Check if resharing is allowed, if not remove share permission
+            if (isset($row['permissions']) && (!self::isResharingAllowed() | \OCP\Util::isSharingDisabledForUser())) {
+                $row['permissions'] &= ~\OCP\Constants::PERMISSION_SHARE;
+            }
+            // Add display names to result
+            $row['share_with_displayname'] = $row['share_with'];
+            if ( isset($row['share_with']) && $row['share_with'] != '' &&
+                $row['share_type'] === self::SHARE_TYPE_USER) {
+                $shareWithUser = \OC::$server->getUserManager()->get($row['share_with']);
+                $row['share_with_displayname'] = $shareWithUser === null ? $row['share_with'] : $shareWithUser->getDisplayName();
+            } else if(isset($row['share_with']) && $row['share_with'] != '' &&
+                $row['share_type'] === self::SHARE_TYPE_REMOTE) {
+                $addressBookEntries = \OC::$server->getContactsManager()->search($row['share_with'], ['CLOUD']);
+                foreach ($addressBookEntries as $entry) {
+                    foreach ($entry['CLOUD'] as $cloudID) {
+                        if ($cloudID === $row['share_with']) {
+                            $row['share_with_displayname'] = $entry['FN'];
+                        }
+                    }
+                }
+            }
+            if ( isset($row['uid_owner']) && $row['uid_owner'] != '') {
+                $ownerUser = \OC::$server->getUserManager()->get($row['uid_owner']);
+                $row['displayname_owner'] = $ownerUser === null ? $row['uid_owner'] : $ownerUser->getDisplayName();
+            }
+
+            if ($row['permissions'] > 0) {
+                $items[$row['id']] = $row;
+            }
+
+        }
+
+        // group items if we are looking for items shared with the current user
+        if (isset($shareWith) && $shareWith === \OCP\User::getUser()) {
+            $items = self::groupItems($items, $itemType);
+        }
+
+        if (!empty($items)) {
+            $collectionItems = [];
+            foreach ($items as &$row) {
+                // Return only the item instead of a 2-dimensional array
+                if ($limit == 1 && $row[$column] == $item && ($row['item_type'] == $itemType || $itemType == 'file')) {
+                    if ($format == self::FORMAT_NONE) {
+                        return $row;
+                    } else {
+                        break;
+                    }
+                }
+                // Check if this is a collection of the requested item type
+                if ($includeCollections && $collectionTypes && $row['item_type'] !== 'folder' && in_array($row['item_type'], $collectionTypes)) {
+                    if (($collectionBackend = self::getBackend($row['item_type']))
+                        && $collectionBackend instanceof \OCP\Share_Backend_Collection) {
+                        // Collections can be inside collections, check if the item is a collection
+                        if (isset($item) && $row['item_type'] == $itemType && $row[$column] == $item) {
+                            $collectionItems[] = $row;
+                        } else {
+                            $collection = [];
+                            $collection['item_type'] = $row['item_type'];
+                            if ($row['item_type'] == 'file' || $row['item_type'] == 'folder') {
+                                $collection['path'] = basename($row['path']);
+                            }
+                            $row['collection'] = $collection;
+                            // Fetch all of the children sources
+                            $children = $collectionBackend->getChildren($row[$column]);
+                            foreach ($children as $child) {
+                                $childItem = $row;
+                                $childItem['item_type'] = $itemType;
+                                if ($row['item_type'] != 'file' && $row['item_type'] != 'folder') {
+                                    $childItem['item_source'] = $child['source'];
+                                    $childItem['item_target'] = $child['target'];
+                                }
+                                if ($backend instanceof \OCP\Share_Backend_File_Dependent) {
+                                    if ($row['item_type'] == 'file' || $row['item_type'] == 'folder') {
+                                        $childItem['file_source'] = $child['source'];
+                                    } else { // TODO is this really needed if we already know that we use the file backend?
+                                        $meta = \OC\Files\Filesystem::getFileInfo($child['file_path']);
+                                        $childItem['file_source'] = $meta['fileid'];
+                                    }
+                                    $childItem['file_target'] =
+                                        \OC\Files\Filesystem::normalizePath($child['file_path']);
+                                }
+                                if (isset($item)) {
+                                    if ($childItem[$column] == $item) {
+                                        // Return only the item instead of a 2-dimensional array
+                                        if ($limit == 1) {
+                                            if ($format == self::FORMAT_NONE) {
+                                                return $childItem;
+                                            } else {
+                                                // Unset the items array and break out of both loops
+                                                $items = [];
+                                                $items[] = $childItem;
+                                                break 2;
+                                            }
+                                        } else {
+                                            $collectionItems[] = $childItem;
+                                        }
+                                    }
+                                } else {
+                                    $collectionItems[] = $childItem;
+                                }
+                            }
+                        }
+                    }
+                    // Remove collection item
+                    $toRemove = $row['id'];
+                    if (array_key_exists($toRemove, $switchedItems)) {
+                        $toRemove = $switchedItems[$toRemove];
+                    }
+                    unset($items[$toRemove]);
+                } elseif ($includeCollections && $collectionTypes && in_array($row['item_type'], $collectionTypes)) {
+                    // FIXME: Thats a dirty hack to improve file sharing performance,
+                    // see github issue #10588 for more details
+                    // Need to find a solution which works for all back-ends
+                    $collectionBackend = self::getBackend($row['item_type']);
+                    $sharedParents = $collectionBackend->getParents($row['item_source']);
+                    foreach ($sharedParents as $parent) {
+                        $collectionItems[] = $parent;
+                    }
+                }
+            }
+            if (!empty($collectionItems)) {
+                $collectionItems = array_unique($collectionItems, SORT_REGULAR);
+                $items = array_merge($items, $collectionItems);
+            }
+
+            // filter out invalid items, these can appear when subshare entries exist
+            // for a group in which the requested user isn't a member any more
+            $items = array_filter($items, function($item) {
+                return $item['share_type'] !== self::$shareTypeGroupUserUnique;
+            });
+
+            return self::formatResult($items, $column, $backend, $format, $parameters);
+        } elseif ($includeCollections && $collectionTypes && in_array('folder', $collectionTypes)) {
+            // FIXME: Thats a dirty hack to improve file sharing performance,
+            // see github issue #10588 for more details
+            // Need to find a solution which works for all back-ends
+            $collectionItems = [];
+            $collectionBackend = self::getBackend('folder');
+            $sharedParents = $collectionBackend->getParents($item, $shareWith, $uidOwner);
+            foreach ($sharedParents as $parent) {
+                $collectionItems[] = $parent;
+            }
+            if ($limit === 1) {
+                return reset($collectionItems);
+            }
+            return self::formatResult($collectionItems, $column, $backend, $format, $parameters);
+        }
+
+        return [];
+    }
+
+    /**
+     * group items with link to the same source
+     *
+     * @param array $items
+     * @param string $itemType
+     * @return array of grouped items
+     */
+    protected static function groupItems($items, $itemType) {
+
+        $fileSharing = $itemType === 'file' || $itemType === 'folder';
+
+        $result = [];
+
+        foreach ($items as $item) {
+            $grouped = false;
+            foreach ($result as $key => $r) {
+                // for file/folder shares we need to compare file_source, otherwise we compare item_source
+                // only group shares if they already point to the same target, otherwise the file where shared
+                // before grouping of shares was added. In this case we don't group them toi avoid confusions
+                if (( $fileSharing && $item['file_source'] === $r['file_source'] && $item['file_target'] === $r['file_target']) ||
+                    (!$fileSharing && $item['item_source'] === $r['item_source'] && $item['item_target'] === $r['item_target'])) {
+                    // add the first item to the list of grouped shares
+                    if (!isset($result[$key]['grouped'])) {
+                        $result[$key]['grouped'][] = $result[$key];
+                    }
+                    $result[$key]['permissions'] = (int) $item['permissions'] | (int) $r['permissions'];
+                    $result[$key]['grouped'][] = $item;
+                    $grouped = true;
+                    break;
+                }
+            }
+
+            if (!$grouped) {
+                $result[] = $item;
+            }
+
+        }
+
+        return $result;
+    }
+
+    /**
+     * Put shared item into the database
+     * @param string $itemType Item type
+     * @param string $itemSource Item source
+     * @param int $shareType SHARE_TYPE_USER, SHARE_TYPE_GROUP, or SHARE_TYPE_LINK
+     * @param string $shareWith User or group the item is being shared with
+     * @param string $uidOwner User that is the owner of shared item
+     * @param int $permissions CRUDS permissions
+     * @throws \Exception
+     * @return mixed id of the new share or false
+     * @deprecated TESTS ONLY - this methods is only used by tests
+     * called like this:
+     * self::put('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions);
+     */
+    private static function put($itemType, $itemSource, $shareType, $shareWith, $uidOwner,
+                                $permissions) {
+
+        $queriesToExecute = [];
+        $suggestedItemTarget = null;
+        $groupFileTarget = $fileTarget = $suggestedFileTarget = $filePath = '';
+        $groupItemTarget = $itemTarget = $fileSource = $parent = 0;
+
+        $result = self::checkReshare('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions, null, null);
+        if(!empty($result)) {
+            $parent = $result['parent'];
+            $itemSource = $result['itemSource'];
+            $fileSource = $result['fileSource'];
+            $suggestedItemTarget = $result['suggestedItemTarget'];
+            $suggestedFileTarget = $result['suggestedFileTarget'];
+            $filePath = $result['filePath'];
+        }
+
+        $isGroupShare = false;
+            $users = [$shareWith];
+            $itemTarget = Helper::generateTarget($itemType, $itemSource, $shareType, $shareWith, $uidOwner,
+                $suggestedItemTarget);
+
+        $run = true;
+        $error = '';
+        $preHookData = [
+            'itemType' => $itemType,
+            'itemSource' => $itemSource,
+            'shareType' => $shareType,
+            'uidOwner' => $uidOwner,
+            'permissions' => $permissions,
+            'fileSource' => $fileSource,
+            'expiration' => null,
+            'token' => null,
+            'run' => &$run,
+            'error' => &$error
+        ];
+
+        $preHookData['itemTarget'] = $itemTarget;
+        $preHookData['shareWith'] = $shareWith;
+
+        \OC_Hook::emit(\OCP\Share::class, 'pre_shared', $preHookData);
+
+        if ($run === false) {
+            throw new \Exception($error);
+        }
+
+        foreach ($users as $user) {
+            $sourceId = ($itemType === 'file' || $itemType === 'folder') ? $fileSource : $itemSource;
+            $sourceExists = self::getItemSharedWithBySource($itemType, $sourceId, self::FORMAT_NONE, null, true, $user);
+
+            $userShareType = $shareType;
+
+            if ($sourceExists && $sourceExists['item_source'] === $itemSource) {
+                $fileTarget = $sourceExists['file_target'];
+                $itemTarget = $sourceExists['item_target'];
+
+            } elseif(!$sourceExists)  {
+
+                $itemTarget = Helper::generateTarget($itemType, $itemSource, $userShareType, $user,
+                    $uidOwner, $suggestedItemTarget, $parent);
+                if (isset($fileSource)) {
+                        $fileTarget = Helper::generateTarget('file', $filePath, $userShareType,
+                            $user, $uidOwner, $suggestedFileTarget, $parent);
+                } else {
+                    $fileTarget = null;
+                }
+
+            } else {
+
+                // group share which doesn't exists until now, check if we need a unique target for this user
+
+                $itemTarget = Helper::generateTarget($itemType, $itemSource, self::SHARE_TYPE_USER, $user,
+                    $uidOwner, $suggestedItemTarget, $parent);
+
+                // do we also need a file target
+                if (isset($fileSource)) {
+                    $fileTarget = Helper::generateTarget('file', $filePath, self::SHARE_TYPE_USER, $user,
+                        $uidOwner, $suggestedFileTarget, $parent);
+                } else {
+                    $fileTarget = null;
+                }
+
+                if (($itemTarget === $groupItemTarget) &&
+                    (!isset($fileSource) || $fileTarget === $groupFileTarget)) {
+                    continue;
+                }
+            }
+
+            $queriesToExecute[] = [
+                'itemType'			=> $itemType,
+                'itemSource'		=> $itemSource,
+                'itemTarget'		=> $itemTarget,
+                'shareType'			=> $userShareType,
+                'shareWith'			=> $user,
+                'uidOwner'			=> $uidOwner,
+                'permissions'		=> $permissions,
+                'shareTime'			=> time(),
+                'fileSource'		=> $fileSource,
+                'fileTarget'		=> $fileTarget,
+                'token'				=> null,
+                'parent'			=> $parent,
+                'expiration'		=> null,
+            ];
+
+        }
+
+        $id = false;
+
+        foreach ($queriesToExecute as $shareQuery) {
+            $shareQuery['parent'] = $parent;
+            $id = self::insertShare($shareQuery);
+        }
+
+        $postHookData = [
+            'itemType' => $itemType,
+            'itemSource' => $itemSource,
+            'parent' => $parent,
+            'shareType' => $shareType,
+            'uidOwner' => $uidOwner,
+            'permissions' => $permissions,
+            'fileSource' => $fileSource,
+            'id' => $parent,
+            'token' => null,
+            'expirationDate' => null,
+        ];
+
+        $postHookData['shareWith'] = $isGroupShare ? $shareWith['group'] : $shareWith;
+        $postHookData['itemTarget'] = $isGroupShare ? $groupItemTarget : $itemTarget;
+        $postHookData['fileTarget'] = $isGroupShare ? $groupFileTarget : $fileTarget;
+
+        \OC_Hook::emit(\OCP\Share::class, 'post_shared', $postHookData);
+
+
+        return $id ? $id : false;
+    }
+
+    /**
+     * @param string $itemType
+     * @param string $itemSource
+     * @param int $shareType
+     * @param string $shareWith
+     * @param string $uidOwner
+     * @param int $permissions
+     * @param string|null $itemSourceName
+     * @param null|\DateTime $expirationDate
+     * @deprecated TESTS ONLY - this methods is only used by tests
+     * called like this:
+     * self::checkReshare('test', $itemSource, self::SHARE_TYPE_USER, $shareWith, $uidOwner, $permissions, null, null);
+     */
+    private static function checkReshare($itemType, $itemSource, $shareType, $shareWith, $uidOwner, $permissions, $itemSourceName, $expirationDate) {
+        $backend = self::getBackend($itemType);
+
+        $result = [];
+
+        $column = ($itemType === 'file' || $itemType === 'folder') ? 'file_source' : 'item_source';
+
+        $checkReshare = self::getItemSharedWithBySource($itemType, $itemSource, self::FORMAT_NONE, null, true);
+        if ($checkReshare) {
+            // Check if attempting to share back to owner
+            if ($checkReshare['uid_owner'] == $shareWith) {
+                $message = 'Sharing %1$s failed, because the user %2$s is the original sharer';
+                throw new \Exception(sprintf($message, $itemSourceName, $shareWith));
+            }
+        }
+
+        if ($checkReshare && $checkReshare['uid_owner'] !== \OC_User::getUser()) {
+            // Check if share permissions is granted
+            if (self::isResharingAllowed() && (int)$checkReshare['permissions'] & \OCP\Constants::PERMISSION_SHARE) {
+                if (~(int)$checkReshare['permissions'] & $permissions) {
+                    $message = 'Sharing %1$s failed, because the permissions exceed permissions granted to %2$s';
+                    throw new \Exception(sprintf($message, $itemSourceName, $uidOwner));
+                } else {
+                    // TODO Don't check if inside folder
+                    $result['parent'] = $checkReshare['id'];
+
+                    $result['expirationDate'] = $expirationDate;
+                    // $checkReshare['expiration'] could be null and then is always less than any value
+                    if(isset($checkReshare['expiration']) && $checkReshare['expiration'] < $expirationDate) {
+                        $result['expirationDate'] = $checkReshare['expiration'];
+                    }
+
+                    // only suggest the same name as new target if it is a reshare of the
+                    // same file/folder and not the reshare of a child
+                    if ($checkReshare[$column] === $itemSource) {
+                        $result['filePath'] = $checkReshare['file_target'];
+                        $result['itemSource'] = $checkReshare['item_source'];
+                        $result['fileSource'] = $checkReshare['file_source'];
+                        $result['suggestedItemTarget'] = $checkReshare['item_target'];
+                        $result['suggestedFileTarget'] = $checkReshare['file_target'];
+                    } else {
+                        $result['filePath'] = ($backend instanceof \OCP\Share_Backend_File_Dependent) ? $backend->getFilePath($itemSource, $uidOwner) : null;
+                        $result['suggestedItemTarget'] = null;
+                        $result['suggestedFileTarget'] = null;
+                        $result['itemSource'] = $itemSource;
+                        $result['fileSource'] = ($backend instanceof \OCP\Share_Backend_File_Dependent) ? $itemSource : null;
+                    }
+                }
+            } else {
+                $message = 'Sharing %s failed, because resharing is not allowed';
+                throw new \Exception(sprintf($message, $itemSourceName));
+            }
+        } else {
+            $result['parent'] = null;
+            $result['suggestedItemTarget'] = null;
+            $result['suggestedFileTarget'] = null;
+            $result['itemSource'] = $itemSource;
+            $result['expirationDate'] = $expirationDate;
+            if (!$backend->isValidSource($itemSource, $uidOwner)) {
+                $message = 'Sharing %1$s failed, because the sharing backend for '
+                    .'%2$s could not find its source';
+                throw new \Exception(sprintf($message, $itemSource, $itemType));
+            }
+            if ($backend instanceof \OCP\Share_Backend_File_Dependent) {
+                $result['filePath'] = $backend->getFilePath($itemSource, $uidOwner);
+                    $meta = \OC\Files\Filesystem::getFileInfo($result['filePath']);
+                    $result['fileSource'] = $meta['fileid'];
+                if ($result['fileSource'] == -1) {
+                    $message = 'Sharing %s failed, because the file could not be found in the file cache';
+                    throw new \Exception(sprintf($message, $itemSource));
+                }
+            } else {
+                $result['filePath'] = null;
+                $result['fileSource'] = null;
+            }
+        }
+
+        return $result;
+    }
+
+    /**
+     *
+     * @param array $shareData
+     * @return mixed false in case of a failure or the id of the new share
+     */
+    private static function insertShare(array $shareData) {
+
+        $query = \OC_DB::prepare('INSERT INTO `*PREFIX*share` ('
+            .' `item_type`, `item_source`, `item_target`, `share_type`,'
+            .' `share_with`, `uid_owner`, `permissions`, `stime`, `file_source`,'
+            .' `file_target`, `token`, `parent`, `expiration`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?)');
+        $query->bindValue(1, $shareData['itemType']);
+        $query->bindValue(2, $shareData['itemSource']);
+        $query->bindValue(3, $shareData['itemTarget']);
+        $query->bindValue(4, $shareData['shareType']);
+        $query->bindValue(5, $shareData['shareWith']);
+        $query->bindValue(6, $shareData['uidOwner']);
+        $query->bindValue(7, $shareData['permissions']);
+        $query->bindValue(8, $shareData['shareTime']);
+        $query->bindValue(9, $shareData['fileSource']);
+        $query->bindValue(10, $shareData['fileTarget']);
+        $query->bindValue(11, $shareData['token']);
+        $query->bindValue(12, $shareData['parent']);
+        $query->bindValue(13, $shareData['expiration'], 'datetime');
+        $result = $query->execute();
+
+        $id = false;
+        if ($result) {
+            $id =  \OC::$server->getDatabaseConnection()->lastInsertId('*PREFIX*share');
+        }
+
+        return $id;
+
+    }
+
+    /**
+     * construct select statement
+     * @param int $format
+     * @param boolean $fileDependent ist it a file/folder share or a generla share
+     * @param string $uidOwner
+     * @return string select statement
+     */
+    private static function createSelectStatement($format, $fileDependent, $uidOwner = null) {
+        $select = '*';
+        if ($format == self::FORMAT_STATUSES) {
+            if ($fileDependent) {
+                $select = '`*PREFIX*share`.`id`, `*PREFIX*share`.`parent`, `share_type`, `path`, `storage`, '
+                    . '`share_with`, `uid_owner` , `file_source`, `stime`, `*PREFIX*share`.`permissions`, '
+                    . '`*PREFIX*storages`.`id` AS `storage_id`, `*PREFIX*filecache`.`parent` as `file_parent`, '
+                    . '`uid_initiator`';
+            } else {
+                $select = '`id`, `parent`, `share_type`, `share_with`, `uid_owner`, `item_source`, `stime`, `*PREFIX*share`.`permissions`';
+            }
+        } else {
+            if (isset($uidOwner)) {
+                if ($fileDependent) {
+                    $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `*PREFIX*share`.`parent`,'
+                        . ' `share_type`, `share_with`, `file_source`, `file_target`, `path`, `*PREFIX*share`.`permissions`, `stime`,'
+                        . ' `expiration`, `token`, `storage`, `mail_send`, `uid_owner`, '
+                        . '`*PREFIX*storages`.`id` AS `storage_id`, `*PREFIX*filecache`.`parent` as `file_parent`';
+                } else {
+                    $select = '`id`, `item_type`, `item_source`, `parent`, `share_type`, `share_with`, `*PREFIX*share`.`permissions`,'
+                        . ' `stime`, `file_source`, `expiration`, `token`, `mail_send`, `uid_owner`';
+                }
+            } else {
+                if ($fileDependent) {
+                    if ($format == \OCA\Files_Sharing\ShareBackend\File::FORMAT_GET_FOLDER_CONTENTS || $format == \OCA\Files_Sharing\ShareBackend\File::FORMAT_FILE_APP_ROOT) {
+                        $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `*PREFIX*share`.`parent`, `uid_owner`, '
+                            . '`share_type`, `share_with`, `file_source`, `path`, `file_target`, `stime`, '
+                            . '`*PREFIX*share`.`permissions`, `expiration`, `storage`, `*PREFIX*filecache`.`parent` as `file_parent`, '
+                            . '`name`, `mtime`, `mimetype`, `mimepart`, `size`, `encrypted`, `etag`, `mail_send`';
+                    } else {
+                        $select = '`*PREFIX*share`.`id`, `item_type`, `item_source`, `item_target`,'
+                            . '`*PREFIX*share`.`parent`, `share_type`, `share_with`, `uid_owner`,'
+                            . '`file_source`, `path`, `file_target`, `*PREFIX*share`.`permissions`,'
+                            . '`stime`, `expiration`, `token`, `storage`, `mail_send`,'
+                            . '`*PREFIX*storages`.`id` AS `storage_id`, `*PREFIX*filecache`.`parent` as `file_parent`';
+                    }
+                }
+            }
+        }
+        return $select;
+    }
+
+
+    /**
+     * transform db results
+     * @param array $row result
+     */
+    private static function transformDBResults(&$row) {
+        if (isset($row['id'])) {
+            $row['id'] = (int) $row['id'];
+        }
+        if (isset($row['share_type'])) {
+            $row['share_type'] = (int) $row['share_type'];
+        }
+        if (isset($row['parent'])) {
+            $row['parent'] = (int) $row['parent'];
+        }
+        if (isset($row['file_parent'])) {
+            $row['file_parent'] = (int) $row['file_parent'];
+        }
+        if (isset($row['file_source'])) {
+            $row['file_source'] = (int) $row['file_source'];
+        }
+        if (isset($row['permissions'])) {
+            $row['permissions'] = (int) $row['permissions'];
+        }
+        if (isset($row['storage'])) {
+            $row['storage'] = (int) $row['storage'];
+        }
+        if (isset($row['stime'])) {
+            $row['stime'] = (int) $row['stime'];
+        }
+        if (isset($row['expiration']) && $row['share_type'] !== self::SHARE_TYPE_LINK) {
+            // discard expiration date for non-link shares, which might have been
+            // set by ancient bugs
+            $row['expiration'] = null;
+        }
+    }
+
+    /**
+     * format result
+     * @param array $items result
+     * @param string $column is it a file share or a general share ('file_target' or 'item_target')
+     * @param \OCP\Share_Backend $backend sharing backend
+     * @param int $format
+     * @param array $parameters additional format parameters
+     * @return array format result
+     */
+    private static function formatResult($items, $column, $backend, $format = self::FORMAT_NONE , $parameters = null) {
+        if ($format === self::FORMAT_NONE) {
+            return $items;
+        } else if ($format === self::FORMAT_STATUSES) {
+            $statuses = [];
+            foreach ($items as $item) {
+                if ($item['share_type'] === self::SHARE_TYPE_LINK) {
+                    if ($item['uid_initiator'] !== \OC::$server->getUserSession()->getUser()->getUID()) {
+                        continue;
+                    }
+                    $statuses[$item[$column]]['link'] = true;
+                } else if (!isset($statuses[$item[$column]])) {
+                    $statuses[$item[$column]]['link'] = false;
+                }
+                if (!empty($item['file_target'])) {
+                    $statuses[$item[$column]]['path'] = $item['path'];
+                }
+            }
+            return $statuses;
+        } else {
+            return $backend->formatItems($items, $format, $parameters);
+        }
+    }
+
+    /**
+     * remove protocol from URL
+     *
+     * @param string $url
+     * @return string
+     */
+    public static function removeProtocolFromUrl($url) {
+        if (strpos($url, 'https://') === 0) {
+            return substr($url, strlen('https://'));
+        } else if (strpos($url, 'http://') === 0) {
+            return substr($url, strlen('http://'));
+        }
+
+        return $url;
+    }
+
+    /**
+     * try http post first with https and then with http as a fallback
+     *
+     * @param string $remoteDomain
+     * @param string $urlSuffix
+     * @param array $fields post parameters
+     * @return array
+     */
+    private static function tryHttpPostToShareEndpoint($remoteDomain, $urlSuffix, array $fields) {
+        $protocol = 'https://';
+        $result = [
+            'success' => false,
+            'result' => '',
+        ];
+        $try = 0;
+        $discoveryService = \OC::$server->query(\OCP\OCS\IDiscoveryService::class);
+        while ($result['success'] === false && $try < 2) {
+            $federationEndpoints = $discoveryService->discover($protocol . $remoteDomain, 'FEDERATED_SHARING');
+            $endpoint = isset($federationEndpoints['share']) ? $federationEndpoints['share'] : '/ocs/v2.php/cloud/shares';
+            $client = \OC::$server->getHTTPClientService()->newClient();
+
+            try {
+                $response = $client->post(
+                    $protocol . $remoteDomain . $endpoint . $urlSuffix . '?format=' . self::RESPONSE_FORMAT,
+                    [
+                        'body' => $fields,
+                        'connect_timeout' => 10,
+                    ]
+                );
+
+                $result = ['success' => true, 'result' => $response->getBody()];
+            } catch (\Exception $e) {
+                $result = ['success' => false, 'result' => $e->getMessage()];
+            }
+
+            $try++;
+            $protocol = 'http://';
+        }
+
+        return $result;
+    }
+
+    /**
+     * send server-to-server unshare to remote server
+     *
+     * @param string $remote url
+     * @param int $id share id
+     * @param string $token
+     * @return bool
+     */
+    private static function sendRemoteUnshare($remote, $id, $token) {
+        $url = rtrim($remote, '/');
+        $fields = ['token' => $token, 'format' => 'json'];
+        $url = self::removeProtocolFromUrl($url);
+        $result = self::tryHttpPostToShareEndpoint($url, '/'.$id.'/unshare', $fields);
+        $status = json_decode($result['result'], true);
+
+        return ($result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200));
+    }
+
+    /**
+     * @return int
+     */
+    public static function getExpireInterval() {
+        return (int)\OC::$server->getConfig()->getAppValue('core', 'shareapi_expire_after_n_days', '7');
+    }
+
+    /**
+     * Checks whether the given path is reachable for the given owner
+     *
+     * @param string $path path relative to files
+     * @param string $ownerStorageId storage id of the owner
+     *
+     * @return boolean true if file is reachable, false otherwise
+     */
+    private static function isFileReachable($path, $ownerStorageId) {
+        // if outside the home storage, file is always considered reachable
+        if (!(substr($ownerStorageId, 0, 6) === 'home::' ||
+            substr($ownerStorageId, 0, 13) === 'object::user:'
+        )) {
+            return true;
+        }
+
+        // if inside the home storage, the file has to be under "/files/"
+        $path = ltrim($path, '/');
+        if (substr($path, 0, 6) === 'files/') {
+            return true;
+        }
+
+        return false;
+    }
 }

Please login to merge, or discard this patch.

lib/private/AppFramework/Middleware/OCSMiddleware.php 1 patch

Indentation +109 added lines, -109 removed lines patch added patch discarded remove patch

@@ -40,116 +40,116 @@
 block discarded – undo
 
 class OCSMiddleware extends Middleware {
 
-	/** @var IRequest */
-	private $request;
-
-	/** @var int */
-	private $ocsVersion;
-
-	/**
-	 * @param IRequest $request
-	 */
-	public function __construct(IRequest $request) {
-		$this->request = $request;
-	}
-
-	/**
-	 * @param Controller $controller
-	 * @param string $methodName
-	 */
-	public function beforeController($controller, $methodName) {
-		if ($controller instanceof OCSController) {
-			if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
-				$this->ocsVersion = 2;
-			} else {
-				$this->ocsVersion = 1;
-			}
-			$controller->setOCSVersion($this->ocsVersion);
-		}
-	}
-
-	/**
-	 * @param Controller $controller
-	 * @param string $methodName
-	 * @param \Exception $exception
-	 * @throws \Exception
-	 * @return BaseResponse
-	 */
-	public function afterException($controller, $methodName, \Exception $exception) {
-		if ($controller instanceof OCSController && $exception instanceof OCSException) {
-			$code = $exception->getCode();
-			if ($code === 0) {
-				$code = API::RESPOND_UNKNOWN_ERROR;
-			}
-
-			return $this->buildNewResponse($controller, $code, $exception->getMessage());
-		}
-
-		throw $exception;
-	}
-
-	/**
-	 * @param Controller $controller
-	 * @param string $methodName
-	 * @param Response $response
-	 * @return \OCP\AppFramework\Http\Response
-	 */
-	public function afterController($controller, $methodName, Response $response) {
-		/*
+    /** @var IRequest */
+    private $request;
+
+    /** @var int */
+    private $ocsVersion;
+
+    /**
+     * @param IRequest $request
+     */
+    public function __construct(IRequest $request) {
+        $this->request = $request;
+    }
+
+    /**
+     * @param Controller $controller
+     * @param string $methodName
+     */
+    public function beforeController($controller, $methodName) {
+        if ($controller instanceof OCSController) {
+            if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
+                $this->ocsVersion = 2;
+            } else {
+                $this->ocsVersion = 1;
+            }
+            $controller->setOCSVersion($this->ocsVersion);
+        }
+    }
+
+    /**
+     * @param Controller $controller
+     * @param string $methodName
+     * @param \Exception $exception
+     * @throws \Exception
+     * @return BaseResponse
+     */
+    public function afterException($controller, $methodName, \Exception $exception) {
+        if ($controller instanceof OCSController && $exception instanceof OCSException) {
+            $code = $exception->getCode();
+            if ($code === 0) {
+                $code = API::RESPOND_UNKNOWN_ERROR;
+            }
+
+            return $this->buildNewResponse($controller, $code, $exception->getMessage());
+        }
+
+        throw $exception;
+    }
+
+    /**
+     * @param Controller $controller
+     * @param string $methodName
+     * @param Response $response
+     * @return \OCP\AppFramework\Http\Response
+     */
+    public function afterController($controller, $methodName, Response $response) {
+        /*
 		 * If a different middleware has detected that a request unauthorized or forbidden
 		 * we need to catch the response and convert it to a proper OCS response.
 		 */
-		if ($controller instanceof OCSController && !($response instanceof BaseResponse)) {
-			if ($response->getStatus() === Http::STATUS_UNAUTHORIZED ||
-				$response->getStatus() === Http::STATUS_FORBIDDEN) {
-
-				$message = '';
-				if ($response instanceof JSONResponse) {
-					/** @var DataResponse $response */
-					$message = $response->getData()['message'];
-				}
-
-				return $this->buildNewResponse($controller, API::RESPOND_UNAUTHORISED, $message);
-			}
-		}
-
-		return $response;
-	}
-
-	/**
-	 * @param Controller $controller
-	 * @param int $code
-	 * @param string $message
-	 * @return V1Response|V2Response
-	 */
-	private function buildNewResponse(Controller $controller, $code, $message) {
-		$format = $this->getFormat($controller);
-
-		$data = new DataResponse();
-		$data->setStatus($code);
-		if ($this->ocsVersion === 1) {
-			$response = new V1Response($data, $format, $message);
-		} else {
-			$response = new V2Response($data, $format, $message);
-		}
-
-		return $response;
-	}
-
-	/**
-	 * @param Controller $controller
-	 * @return string
-	 */
-	private function getFormat(Controller $controller) {
-		// get format from the url format or request format parameter
-		$format = $this->request->getParam('format');
-
-		// if none is given try the first Accept header
-		if($format === null) {
-			$headers = $this->request->getHeader('Accept');
-			$format = $controller->getResponderByHTTPHeader($headers, 'xml');
-		}
-
-		return $format;
-	}
+        if ($controller instanceof OCSController && !($response instanceof BaseResponse)) {
+            if ($response->getStatus() === Http::STATUS_UNAUTHORIZED ||
+                $response->getStatus() === Http::STATUS_FORBIDDEN) {
+
+                $message = '';
+                if ($response instanceof JSONResponse) {
+                    /** @var DataResponse $response */
+                    $message = $response->getData()['message'];
+                }
+
+                return $this->buildNewResponse($controller, API::RESPOND_UNAUTHORISED, $message);
+            }
+        }
+
+        return $response;
+    }
+
+    /**
+     * @param Controller $controller
+     * @param int $code
+     * @param string $message
+     * @return V1Response|V2Response
+     */
+    private function buildNewResponse(Controller $controller, $code, $message) {
+        $format = $this->getFormat($controller);
+
+        $data = new DataResponse();
+        $data->setStatus($code);
+        if ($this->ocsVersion === 1) {
+            $response = new V1Response($data, $format, $message);
+        } else {
+            $response = new V2Response($data, $format, $message);
+        }
+
+        return $response;
+    }
+
+    /**
+     * @param Controller $controller
+     * @return string
+     */
+    private function getFormat(Controller $controller) {
+        // get format from the url format or request format parameter
+        $format = $this->request->getParam('format');
+
+        // if none is given try the first Accept header
+        if($format === null) {
+            $headers = $this->request->getHeader('Accept');
+            $format = $controller->getResponderByHTTPHeader($headers, 'xml');
+        }
+
+        return $format;
+    }
 }

Please login to merge, or discard this patch.

lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php 2 patches

Indentation +167 added lines, -167 removed lines patch added patch discarded remove patch

@@ -67,103 +67,103 @@  discard block
 block discarded – undo
  * check fails
  */
 class SecurityMiddleware extends Middleware {
-	/** @var INavigationManager */
-	private $navigationManager;
-	/** @var IRequest */
-	private $request;
-	/** @var ControllerMethodReflector */
-	private $reflector;
-	/** @var string */
-	private $appName;
-	/** @var IURLGenerator */
-	private $urlGenerator;
-	/** @var ILogger */
-	private $logger;
-	/** @var bool */
-	private $isLoggedIn;
-	/** @var bool */
-	private $isAdminUser;
-	/** @var bool */
-	private $isSubAdmin;
-	/** @var IAppManager */
-	private $appManager;
-	/** @var IL10N */
-	private $l10n;
-
-	public function __construct(IRequest $request,
-								ControllerMethodReflector $reflector,
-								INavigationManager $navigationManager,
-								IURLGenerator $urlGenerator,
-								ILogger $logger,
-								string $appName,
-								bool $isLoggedIn,
-								bool $isAdminUser,
-								bool $isSubAdmin,
-								IAppManager $appManager,
-								IL10N $l10n
-	) {
-		$this->navigationManager = $navigationManager;
-		$this->request = $request;
-		$this->reflector = $reflector;
-		$this->appName = $appName;
-		$this->urlGenerator = $urlGenerator;
-		$this->logger = $logger;
-		$this->isLoggedIn = $isLoggedIn;
-		$this->isAdminUser = $isAdminUser;
-		$this->isSubAdmin = $isSubAdmin;
-		$this->appManager = $appManager;
-		$this->l10n = $l10n;
-	}
-
-	/**
-	 * This runs all the security checks before a method call. The
-	 * security checks are determined by inspecting the controller method
-	 * annotations
-	 * @param Controller $controller the controller
-	 * @param string $methodName the name of the method
-	 * @throws SecurityException when a security check fails
-	 *
-	 * @suppress PhanUndeclaredClassConstant
-	 */
-	public function beforeController($controller, $methodName) {
-
-		// this will set the current navigation entry of the app, use this only
-		// for normal HTML requests and not for AJAX requests
-		$this->navigationManager->setActiveEntry($this->appName);
-
-		if (get_class($controller) === \OCA\Talk\Controller\PageController::class && $methodName === 'showCall') {
-			$this->navigationManager->setActiveEntry('spreed');
-		}
-
-		// security checks
-		$isPublicPage = $this->reflector->hasAnnotation('PublicPage');
-		if(!$isPublicPage) {
-			if(!$this->isLoggedIn) {
-				throw new NotLoggedInException();
-			}
-
-			if($this->reflector->hasAnnotation('SubAdminRequired')
-				&& !$this->isSubAdmin
-				&& !$this->isAdminUser) {
-				throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin'));
-			}
-			if(!$this->reflector->hasAnnotation('SubAdminRequired')
-				&& !$this->reflector->hasAnnotation('NoAdminRequired')
-				&& !$this->isAdminUser) {
-				throw new NotAdminException($this->l10n->t('Logged in user must be an admin'));
-			}
-		}
-
-		// Check for strict cookie requirement
-		if($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) {
-			if(!$this->request->passesStrictCookieCheck()) {
-				throw new StrictCookieMissingException();
-			}
-		}
-		// CSRF check - also registers the CSRF token since the session may be closed later
-		Util::callRegister();
-		if(!$this->reflector->hasAnnotation('NoCSRFRequired')) {
-			/*
+    /** @var INavigationManager */
+    private $navigationManager;
+    /** @var IRequest */
+    private $request;
+    /** @var ControllerMethodReflector */
+    private $reflector;
+    /** @var string */
+    private $appName;
+    /** @var IURLGenerator */
+    private $urlGenerator;
+    /** @var ILogger */
+    private $logger;
+    /** @var bool */
+    private $isLoggedIn;
+    /** @var bool */
+    private $isAdminUser;
+    /** @var bool */
+    private $isSubAdmin;
+    /** @var IAppManager */
+    private $appManager;
+    /** @var IL10N */
+    private $l10n;
+
+    public function __construct(IRequest $request,
+                                ControllerMethodReflector $reflector,
+                                INavigationManager $navigationManager,
+                                IURLGenerator $urlGenerator,
+                                ILogger $logger,
+                                string $appName,
+                                bool $isLoggedIn,
+                                bool $isAdminUser,
+                                bool $isSubAdmin,
+                                IAppManager $appManager,
+                                IL10N $l10n
+    ) {
+        $this->navigationManager = $navigationManager;
+        $this->request = $request;
+        $this->reflector = $reflector;
+        $this->appName = $appName;
+        $this->urlGenerator = $urlGenerator;
+        $this->logger = $logger;
+        $this->isLoggedIn = $isLoggedIn;
+        $this->isAdminUser = $isAdminUser;
+        $this->isSubAdmin = $isSubAdmin;
+        $this->appManager = $appManager;
+        $this->l10n = $l10n;
+    }
+
+    /**
+     * This runs all the security checks before a method call. The
+     * security checks are determined by inspecting the controller method
+     * annotations
+     * @param Controller $controller the controller
+     * @param string $methodName the name of the method
+     * @throws SecurityException when a security check fails
+     *
+     * @suppress PhanUndeclaredClassConstant
+     */
+    public function beforeController($controller, $methodName) {
+
+        // this will set the current navigation entry of the app, use this only
+        // for normal HTML requests and not for AJAX requests
+        $this->navigationManager->setActiveEntry($this->appName);
+
+        if (get_class($controller) === \OCA\Talk\Controller\PageController::class && $methodName === 'showCall') {
+            $this->navigationManager->setActiveEntry('spreed');
+        }
+
+        // security checks
+        $isPublicPage = $this->reflector->hasAnnotation('PublicPage');
+        if(!$isPublicPage) {
+            if(!$this->isLoggedIn) {
+                throw new NotLoggedInException();
+            }
+
+            if($this->reflector->hasAnnotation('SubAdminRequired')
+                && !$this->isSubAdmin
+                && !$this->isAdminUser) {
+                throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin'));
+            }
+            if(!$this->reflector->hasAnnotation('SubAdminRequired')
+                && !$this->reflector->hasAnnotation('NoAdminRequired')
+                && !$this->isAdminUser) {
+                throw new NotAdminException($this->l10n->t('Logged in user must be an admin'));
+            }
+        }
+
+        // Check for strict cookie requirement
+        if($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) {
+            if(!$this->request->passesStrictCookieCheck()) {
+                throw new StrictCookieMissingException();
+            }
+        }
+        // CSRF check - also registers the CSRF token since the session may be closed later
+        Util::callRegister();
+        if(!$this->reflector->hasAnnotation('NoCSRFRequired')) {
+            /*
 			 * Only allow the CSRF check to fail on OCS Requests. This kind of
 			 * hacks around that we have no full token auth in place yet and we
 			 * do want to offer CSRF checks for web requests.
@@ -171,75 +171,75 @@  discard block
 block discarded – undo
 			 * Additionally we allow Bearer authenticated requests to pass on OCS routes.
 			 * This allows oauth apps (e.g. moodle) to use the OCS endpoints
 			 */
-			if(!$this->request->passesCSRFCheck() && !(
-					$controller instanceof OCSController && (
-						$this->request->getHeader('OCS-APIREQUEST') === 'true' ||
-						strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0
-					)
-				)) {
-				throw new CrossSiteRequestForgeryException();
-			}
-		}
-
-		/**
-		 * Checks if app is enabled (also includes a check whether user is allowed to access the resource)
-		 * The getAppPath() check is here since components such as settings also use the AppFramework and
-		 * therefore won't pass this check.
-		 * If page is public, app does not need to be enabled for current user/visitor
-		 */
-		try {
-			$appPath = $this->appManager->getAppPath($this->appName);
-		} catch (AppPathNotFoundException $e) {
-			$appPath = false;
-		}
-
-		if ($appPath !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) {
-			throw new AppNotEnabledException();
-		}
-	}
-
-	/**
-	 * If an SecurityException is being caught, ajax requests return a JSON error
-	 * response and non ajax requests redirect to the index
-	 * @param Controller $controller the controller that is being called
-	 * @param string $methodName the name of the method that will be called on
-	 *                           the controller
-	 * @param \Exception $exception the thrown exception
-	 * @throws \Exception the passed in exception if it can't handle it
-	 * @return Response a Response object or null in case that the exception could not be handled
-	 */
-	public function afterException($controller, $methodName, \Exception $exception): Response {
-		if($exception instanceof SecurityException) {
-			if($exception instanceof StrictCookieMissingException) {
-				return new RedirectResponse(\OC::$WEBROOT);
-			}
-			if (stripos($this->request->getHeader('Accept'),'html') === false) {
-				$response = new JSONResponse(
-					['message' => $exception->getMessage()],
-					$exception->getCode()
-				);
-			} else {
-				if($exception instanceof NotLoggedInException) {
-					$params = [];
-					if (isset($this->request->server['REQUEST_URI'])) {
-						$params['redirect_url'] = $this->request->server['REQUEST_URI'];
-					}
-					$url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
-					$response = new RedirectResponse($url);
-				} else {
-					$response = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest');
-					$response->setStatus($exception->getCode());
-				}
-			}
-
-			$this->logger->logException($exception, [
-				'level' => ILogger::DEBUG,
-				'app' => 'core',
-			]);
-			return $response;
-		}
-
-		throw $exception;
-	}
+            if(!$this->request->passesCSRFCheck() && !(
+                    $controller instanceof OCSController && (
+                        $this->request->getHeader('OCS-APIREQUEST') === 'true' ||
+                        strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0
+                    )
+                )) {
+                throw new CrossSiteRequestForgeryException();
+            }
+        }
+
+        /**
+         * Checks if app is enabled (also includes a check whether user is allowed to access the resource)
+         * The getAppPath() check is here since components such as settings also use the AppFramework and
+         * therefore won't pass this check.
+         * If page is public, app does not need to be enabled for current user/visitor
+         */
+        try {
+            $appPath = $this->appManager->getAppPath($this->appName);
+        } catch (AppPathNotFoundException $e) {
+            $appPath = false;
+        }
+
+        if ($appPath !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) {
+            throw new AppNotEnabledException();
+        }
+    }
+
+    /**
+     * If an SecurityException is being caught, ajax requests return a JSON error
+     * response and non ajax requests redirect to the index
+     * @param Controller $controller the controller that is being called
+     * @param string $methodName the name of the method that will be called on
+     *                           the controller
+     * @param \Exception $exception the thrown exception
+     * @throws \Exception the passed in exception if it can't handle it
+     * @return Response a Response object or null in case that the exception could not be handled
+     */
+    public function afterException($controller, $methodName, \Exception $exception): Response {
+        if($exception instanceof SecurityException) {
+            if($exception instanceof StrictCookieMissingException) {
+                return new RedirectResponse(\OC::$WEBROOT);
+            }
+            if (stripos($this->request->getHeader('Accept'),'html') === false) {
+                $response = new JSONResponse(
+                    ['message' => $exception->getMessage()],
+                    $exception->getCode()
+                );
+            } else {
+                if($exception instanceof NotLoggedInException) {
+                    $params = [];
+                    if (isset($this->request->server['REQUEST_URI'])) {
+                        $params['redirect_url'] = $this->request->server['REQUEST_URI'];
+                    }
+                    $url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
+                    $response = new RedirectResponse($url);
+                } else {
+                    $response = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest');
+                    $response->setStatus($exception->getCode());
+                }
+            }
+
+            $this->logger->logException($exception, [
+                'level' => ILogger::DEBUG,
+                'app' => 'core',
+            ]);
+            return $response;
+        }
+
+        throw $exception;
+    }
 
 }

Please login to merge, or discard this patch.

Spacing +12 added lines, -12 removed lines patch added patch discarded remove patch

@@ -137,17 +137,17 @@  discard block
 block discarded – undo
 
 		// security checks
 		$isPublicPage = $this->reflector->hasAnnotation('PublicPage');
-		if(!$isPublicPage) {
-			if(!$this->isLoggedIn) {
+		if (!$isPublicPage) {
+			if (!$this->isLoggedIn) {
 				throw new NotLoggedInException();
 			}
 
-			if($this->reflector->hasAnnotation('SubAdminRequired')
+			if ($this->reflector->hasAnnotation('SubAdminRequired')
 				&& !$this->isSubAdmin
 				&& !$this->isAdminUser) {
 				throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin'));
 			}
-			if(!$this->reflector->hasAnnotation('SubAdminRequired')
+			if (!$this->reflector->hasAnnotation('SubAdminRequired')
 				&& !$this->reflector->hasAnnotation('NoAdminRequired')
 				&& !$this->isAdminUser) {
 				throw new NotAdminException($this->l10n->t('Logged in user must be an admin'));
@@ -155,14 +155,14 @@  discard block
 block discarded – undo
 		}
 
 		// Check for strict cookie requirement
-		if($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) {
-			if(!$this->request->passesStrictCookieCheck()) {
+		if ($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) {
+			if (!$this->request->passesStrictCookieCheck()) {
 				throw new StrictCookieMissingException();
 			}
 		}
 		// CSRF check - also registers the CSRF token since the session may be closed later
 		Util::callRegister();
-		if(!$this->reflector->hasAnnotation('NoCSRFRequired')) {
+		if (!$this->reflector->hasAnnotation('NoCSRFRequired')) {
 			/*
 			 * Only allow the CSRF check to fail on OCS Requests. This kind of
 			 * hacks around that we have no full token auth in place yet and we
@@ -171,7 +171,7 @@  discard block
 block discarded – undo
 			 * Additionally we allow Bearer authenticated requests to pass on OCS routes.
 			 * This allows oauth apps (e.g. moodle) to use the OCS endpoints
 			 */
-			if(!$this->request->passesCSRFCheck() && !(
+			if (!$this->request->passesCSRFCheck() && !(
 					$controller instanceof OCSController && (
 						$this->request->getHeader('OCS-APIREQUEST') === 'true' ||
 						strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0
@@ -209,17 +209,17 @@  discard block
 block discarded – undo
 	 * @return Response a Response object or null in case that the exception could not be handled
 	 */
 	public function afterException($controller, $methodName, \Exception $exception): Response {
-		if($exception instanceof SecurityException) {
-			if($exception instanceof StrictCookieMissingException) {
+		if ($exception instanceof SecurityException) {
+			if ($exception instanceof StrictCookieMissingException) {
 				return new RedirectResponse(\OC::$WEBROOT);
 			}
-			if (stripos($this->request->getHeader('Accept'),'html') === false) {
+			if (stripos($this->request->getHeader('Accept'), 'html') === false) {
 				$response = new JSONResponse(
 					['message' => $exception->getMessage()],
 					$exception->getCode()
 				);
 			} else {
-				if($exception instanceof NotLoggedInException) {
+				if ($exception instanceof NotLoggedInException) {
 					$params = [];
 					if (isset($this->request->server['REQUEST_URI'])) {
 						$params['redirect_url'] = $this->request->server['REQUEST_URI'];

Please login to merge, or discard this patch.

lib/private/AppFramework/Http.php 2 patches

Indentation +115 added lines, -115 removed lines patch added patch discarded remove patch

@@ -34,121 +34,121 @@
 block discarded – undo
 
 class Http extends BaseHttp {
 
-	private $server;
-	private $protocolVersion;
-	protected $headers;
-
-	/**
-	 * @param array $server $_SERVER
-	 * @param string $protocolVersion the http version to use defaults to HTTP/1.1
-	 */
-	public function __construct($server, $protocolVersion='HTTP/1.1') {
-		$this->server = $server;
-		$this->protocolVersion = $protocolVersion;
-
-		$this->headers = [
-			self::STATUS_CONTINUE => 'Continue',
-			self::STATUS_SWITCHING_PROTOCOLS => 'Switching Protocols',
-			self::STATUS_PROCESSING => 'Processing',
-			self::STATUS_OK => 'OK',
-			self::STATUS_CREATED => 'Created',
-			self::STATUS_ACCEPTED => 'Accepted',
-			self::STATUS_NON_AUTHORATIVE_INFORMATION => 'Non-Authorative Information',
-			self::STATUS_NO_CONTENT => 'No Content',
-			self::STATUS_RESET_CONTENT => 'Reset Content',
-			self::STATUS_PARTIAL_CONTENT => 'Partial Content',
-			self::STATUS_MULTI_STATUS => 'Multi-Status', // RFC 4918
-			self::STATUS_ALREADY_REPORTED => 'Already Reported', // RFC 5842
-			self::STATUS_IM_USED => 'IM Used', // RFC 3229
-			self::STATUS_MULTIPLE_CHOICES => 'Multiple Choices',
-			self::STATUS_MOVED_PERMANENTLY => 'Moved Permanently',
-			self::STATUS_FOUND => 'Found',
-			self::STATUS_SEE_OTHER => 'See Other',
-			self::STATUS_NOT_MODIFIED => 'Not Modified',
-			self::STATUS_USE_PROXY => 'Use Proxy',
-			self::STATUS_RESERVED => 'Reserved',
-			self::STATUS_TEMPORARY_REDIRECT => 'Temporary Redirect',
-			self::STATUS_BAD_REQUEST => 'Bad request',
-			self::STATUS_UNAUTHORIZED => 'Unauthorized',
-			self::STATUS_PAYMENT_REQUIRED => 'Payment Required',
-			self::STATUS_FORBIDDEN => 'Forbidden',
-			self::STATUS_NOT_FOUND => 'Not Found',
-			self::STATUS_METHOD_NOT_ALLOWED => 'Method Not Allowed',
-			self::STATUS_NOT_ACCEPTABLE => 'Not Acceptable',
-			self::STATUS_PROXY_AUTHENTICATION_REQUIRED => 'Proxy Authentication Required',
-			self::STATUS_REQUEST_TIMEOUT => 'Request Timeout',
-			self::STATUS_CONFLICT => 'Conflict',
-			self::STATUS_GONE => 'Gone',
-			self::STATUS_LENGTH_REQUIRED => 'Length Required',
-			self::STATUS_PRECONDITION_FAILED => 'Precondition failed',
-			self::STATUS_REQUEST_ENTITY_TOO_LARGE => 'Request Entity Too Large',
-			self::STATUS_REQUEST_URI_TOO_LONG => 'Request-URI Too Long',
-			self::STATUS_UNSUPPORTED_MEDIA_TYPE => 'Unsupported Media Type',
-			self::STATUS_REQUEST_RANGE_NOT_SATISFIABLE => 'Requested Range Not Satisfiable',
-			self::STATUS_EXPECTATION_FAILED => 'Expectation Failed',
-			self::STATUS_IM_A_TEAPOT => 'I\'m a teapot', // RFC 2324
-			self::STATUS_UNPROCESSABLE_ENTITY => 'Unprocessable Entity', // RFC 4918
-			self::STATUS_LOCKED => 'Locked', // RFC 4918
-			self::STATUS_FAILED_DEPENDENCY => 'Failed Dependency', // RFC 4918
-			self::STATUS_UPGRADE_REQUIRED => 'Upgrade required',
-			self::STATUS_PRECONDITION_REQUIRED => 'Precondition required', // draft-nottingham-http-new-status
-			self::STATUS_TOO_MANY_REQUESTS => 'Too Many Requests', // draft-nottingham-http-new-status
-			self::STATUS_REQUEST_HEADER_FIELDS_TOO_LARGE => 'Request Header Fields Too Large', // draft-nottingham-http-new-status
-			self::STATUS_INTERNAL_SERVER_ERROR => 'Internal Server Error',
-			self::STATUS_NOT_IMPLEMENTED => 'Not Implemented',
-			self::STATUS_BAD_GATEWAY => 'Bad Gateway',
-			self::STATUS_SERVICE_UNAVAILABLE => 'Service Unavailable',
-			self::STATUS_GATEWAY_TIMEOUT => 'Gateway Timeout',
-			self::STATUS_HTTP_VERSION_NOT_SUPPORTED => 'HTTP Version not supported',
-			self::STATUS_VARIANT_ALSO_NEGOTIATES => 'Variant Also Negotiates',
-			self::STATUS_INSUFFICIENT_STORAGE => 'Insufficient Storage', // RFC 4918
-			self::STATUS_LOOP_DETECTED => 'Loop Detected', // RFC 5842
-			self::STATUS_BANDWIDTH_LIMIT_EXCEEDED => 'Bandwidth Limit Exceeded', // non-standard
-			self::STATUS_NOT_EXTENDED => 'Not extended',
-			self::STATUS_NETWORK_AUTHENTICATION_REQUIRED => 'Network Authentication Required', // draft-nottingham-http-new-status
-		];
-	}
-
-
-	/**
-	 * Gets the correct header
-	 * @param int Http::CONSTANT $status the constant from the Http class
-	 * @param \DateTime $lastModified formatted last modified date
-	 * @param string $ETag the etag
-	 * @return string
-	 */
-	public function getStatusHeader($status, \DateTime $lastModified=null, 
-									$ETag=null) {
-
-		if(!is_null($lastModified)) {
-			$lastModified = $lastModified->format(\DateTime::RFC2822);
-		}
-
-		// if etag or lastmodified have not changed, return a not modified
-		if ((isset($this->server['HTTP_IF_NONE_MATCH'])
-			&& trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string)$ETag)
-
-			||
-
-			(isset($this->server['HTTP_IF_MODIFIED_SINCE'])
-			&& trim($this->server['HTTP_IF_MODIFIED_SINCE']) === 
-				$lastModified)) {
-
-			$status = self::STATUS_NOT_MODIFIED;
-		}
-
-		// we have one change currently for the http 1.0 header that differs
-		// from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND
-		// if this differs any more, we want to create childclasses for this
-		if($status === self::STATUS_TEMPORARY_REDIRECT 
-			&& $this->protocolVersion === 'HTTP/1.0') {
-
-			$status = self::STATUS_FOUND;
-		}
-
-		return $this->protocolVersion . ' ' . $status . ' ' . 
-			$this->headers[$status];
-	}
+    private $server;
+    private $protocolVersion;
+    protected $headers;
+
+    /**
+     * @param array $server $_SERVER
+     * @param string $protocolVersion the http version to use defaults to HTTP/1.1
+     */
+    public function __construct($server, $protocolVersion='HTTP/1.1') {
+        $this->server = $server;
+        $this->protocolVersion = $protocolVersion;
+
+        $this->headers = [
+            self::STATUS_CONTINUE => 'Continue',
+            self::STATUS_SWITCHING_PROTOCOLS => 'Switching Protocols',
+            self::STATUS_PROCESSING => 'Processing',
+            self::STATUS_OK => 'OK',
+            self::STATUS_CREATED => 'Created',
+            self::STATUS_ACCEPTED => 'Accepted',
+            self::STATUS_NON_AUTHORATIVE_INFORMATION => 'Non-Authorative Information',
+            self::STATUS_NO_CONTENT => 'No Content',
+            self::STATUS_RESET_CONTENT => 'Reset Content',
+            self::STATUS_PARTIAL_CONTENT => 'Partial Content',
+            self::STATUS_MULTI_STATUS => 'Multi-Status', // RFC 4918
+            self::STATUS_ALREADY_REPORTED => 'Already Reported', // RFC 5842
+            self::STATUS_IM_USED => 'IM Used', // RFC 3229
+            self::STATUS_MULTIPLE_CHOICES => 'Multiple Choices',
+            self::STATUS_MOVED_PERMANENTLY => 'Moved Permanently',
+            self::STATUS_FOUND => 'Found',
+            self::STATUS_SEE_OTHER => 'See Other',
+            self::STATUS_NOT_MODIFIED => 'Not Modified',
+            self::STATUS_USE_PROXY => 'Use Proxy',
+            self::STATUS_RESERVED => 'Reserved',
+            self::STATUS_TEMPORARY_REDIRECT => 'Temporary Redirect',
+            self::STATUS_BAD_REQUEST => 'Bad request',
+            self::STATUS_UNAUTHORIZED => 'Unauthorized',
+            self::STATUS_PAYMENT_REQUIRED => 'Payment Required',
+            self::STATUS_FORBIDDEN => 'Forbidden',
+            self::STATUS_NOT_FOUND => 'Not Found',
+            self::STATUS_METHOD_NOT_ALLOWED => 'Method Not Allowed',
+            self::STATUS_NOT_ACCEPTABLE => 'Not Acceptable',
+            self::STATUS_PROXY_AUTHENTICATION_REQUIRED => 'Proxy Authentication Required',
+            self::STATUS_REQUEST_TIMEOUT => 'Request Timeout',
+            self::STATUS_CONFLICT => 'Conflict',
+            self::STATUS_GONE => 'Gone',
+            self::STATUS_LENGTH_REQUIRED => 'Length Required',
+            self::STATUS_PRECONDITION_FAILED => 'Precondition failed',
+            self::STATUS_REQUEST_ENTITY_TOO_LARGE => 'Request Entity Too Large',
+            self::STATUS_REQUEST_URI_TOO_LONG => 'Request-URI Too Long',
+            self::STATUS_UNSUPPORTED_MEDIA_TYPE => 'Unsupported Media Type',
+            self::STATUS_REQUEST_RANGE_NOT_SATISFIABLE => 'Requested Range Not Satisfiable',
+            self::STATUS_EXPECTATION_FAILED => 'Expectation Failed',
+            self::STATUS_IM_A_TEAPOT => 'I\'m a teapot', // RFC 2324
+            self::STATUS_UNPROCESSABLE_ENTITY => 'Unprocessable Entity', // RFC 4918
+            self::STATUS_LOCKED => 'Locked', // RFC 4918
+            self::STATUS_FAILED_DEPENDENCY => 'Failed Dependency', // RFC 4918
+            self::STATUS_UPGRADE_REQUIRED => 'Upgrade required',
+            self::STATUS_PRECONDITION_REQUIRED => 'Precondition required', // draft-nottingham-http-new-status
+            self::STATUS_TOO_MANY_REQUESTS => 'Too Many Requests', // draft-nottingham-http-new-status
+            self::STATUS_REQUEST_HEADER_FIELDS_TOO_LARGE => 'Request Header Fields Too Large', // draft-nottingham-http-new-status
+            self::STATUS_INTERNAL_SERVER_ERROR => 'Internal Server Error',
+            self::STATUS_NOT_IMPLEMENTED => 'Not Implemented',
+            self::STATUS_BAD_GATEWAY => 'Bad Gateway',
+            self::STATUS_SERVICE_UNAVAILABLE => 'Service Unavailable',
+            self::STATUS_GATEWAY_TIMEOUT => 'Gateway Timeout',
+            self::STATUS_HTTP_VERSION_NOT_SUPPORTED => 'HTTP Version not supported',
+            self::STATUS_VARIANT_ALSO_NEGOTIATES => 'Variant Also Negotiates',
+            self::STATUS_INSUFFICIENT_STORAGE => 'Insufficient Storage', // RFC 4918
+            self::STATUS_LOOP_DETECTED => 'Loop Detected', // RFC 5842
+            self::STATUS_BANDWIDTH_LIMIT_EXCEEDED => 'Bandwidth Limit Exceeded', // non-standard
+            self::STATUS_NOT_EXTENDED => 'Not extended',
+            self::STATUS_NETWORK_AUTHENTICATION_REQUIRED => 'Network Authentication Required', // draft-nottingham-http-new-status
+        ];
+    }
+
+
+    /**
+     * Gets the correct header
+     * @param int Http::CONSTANT $status the constant from the Http class
+     * @param \DateTime $lastModified formatted last modified date
+     * @param string $ETag the etag
+     * @return string
+     */
+    public function getStatusHeader($status, \DateTime $lastModified=null, 
+                                    $ETag=null) {
+
+        if(!is_null($lastModified)) {
+            $lastModified = $lastModified->format(\DateTime::RFC2822);
+        }
+
+        // if etag or lastmodified have not changed, return a not modified
+        if ((isset($this->server['HTTP_IF_NONE_MATCH'])
+            && trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string)$ETag)
+
+            ||
+
+            (isset($this->server['HTTP_IF_MODIFIED_SINCE'])
+            && trim($this->server['HTTP_IF_MODIFIED_SINCE']) === 
+                $lastModified)) {
+
+            $status = self::STATUS_NOT_MODIFIED;
+        }
+
+        // we have one change currently for the http 1.0 header that differs
+        // from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND
+        // if this differs any more, we want to create childclasses for this
+        if($status === self::STATUS_TEMPORARY_REDIRECT 
+            && $this->protocolVersion === 'HTTP/1.0') {
+
+            $status = self::STATUS_FOUND;
+        }
+
+        return $this->protocolVersion . ' ' . $status . ' ' . 
+            $this->headers[$status];
+    }
 
 
 }

Please login to merge, or discard this patch.

Spacing +7 added lines, -7 removed lines patch added patch discarded remove patch

@@ -42,7 +42,7 @@  discard block
 block discarded – undo
 	 * @param array $server $_SERVER
 	 * @param string $protocolVersion the http version to use defaults to HTTP/1.1
 	 */
-	public function __construct($server, $protocolVersion='HTTP/1.1') {
+	public function __construct($server, $protocolVersion = 'HTTP/1.1') {
 		$this->server = $server;
 		$this->protocolVersion = $protocolVersion;
 
@@ -117,16 +117,16 @@  discard block
 block discarded – undo
 	 * @param string $ETag the etag
 	 * @return string
 	 */
-	public function getStatusHeader($status, \DateTime $lastModified=null, 
-									$ETag=null) {
+	public function getStatusHeader($status, \DateTime $lastModified = null, 
+									$ETag = null) {
 
-		if(!is_null($lastModified)) {
+		if (!is_null($lastModified)) {
 			$lastModified = $lastModified->format(\DateTime::RFC2822);
 		}
 
 		// if etag or lastmodified have not changed, return a not modified
 		if ((isset($this->server['HTTP_IF_NONE_MATCH'])
-			&& trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string)$ETag)
+			&& trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string) $ETag)
 
 			||
 
@@ -140,13 +140,13 @@  discard block
 block discarded – undo
 		// we have one change currently for the http 1.0 header that differs
 		// from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND
 		// if this differs any more, we want to create childclasses for this
-		if($status === self::STATUS_TEMPORARY_REDIRECT 
+		if ($status === self::STATUS_TEMPORARY_REDIRECT 
 			&& $this->protocolVersion === 'HTTP/1.0') {
 
 			$status = self::STATUS_FOUND;
 		}
 
-		return $this->protocolVersion . ' ' . $status . ' ' . 
+		return $this->protocolVersion.' '.$status.' '. 
 			$this->headers[$status];
 	}
 

Please login to merge, or discard this patch.

lib/private/legacy/OC_Defaults.php 2 patches

Indentation +265 added lines, -265 removed lines patch added patch discarded remove patch

@@ -37,298 +37,298 @@
 block discarded – undo
  */
 class OC_Defaults {
 
-	private $theme;
+    private $theme;
 
-	private $defaultEntity;
-	private $defaultName;
-	private $defaultTitle;
-	private $defaultBaseUrl;
-	private $defaultSyncClientUrl;
-	private $defaultiOSClientUrl;
-	private $defaultiTunesAppId;
-	private $defaultAndroidClientUrl;
-	private $defaultDocBaseUrl;
-	private $defaultDocVersion;
-	private $defaultSlogan;
-	private $defaultColorPrimary;
-	private $defaultTextColorPrimary;
+    private $defaultEntity;
+    private $defaultName;
+    private $defaultTitle;
+    private $defaultBaseUrl;
+    private $defaultSyncClientUrl;
+    private $defaultiOSClientUrl;
+    private $defaultiTunesAppId;
+    private $defaultAndroidClientUrl;
+    private $defaultDocBaseUrl;
+    private $defaultDocVersion;
+    private $defaultSlogan;
+    private $defaultColorPrimary;
+    private $defaultTextColorPrimary;
 
-	public function __construct() {
-		$config = \OC::$server->getConfig();
+    public function __construct() {
+        $config = \OC::$server->getConfig();
 
-		$this->defaultEntity = 'Nextcloud'; /* e.g. company name, used for footers and copyright notices */
-		$this->defaultName = 'Nextcloud'; /* short name, used when referring to the software */
-		$this->defaultTitle = 'Nextcloud'; /* can be a longer name, for titles */
-		$this->defaultBaseUrl = 'https://nextcloud.com';
-		$this->defaultSyncClientUrl = $config->getSystemValue('customclient_desktop', 'https://nextcloud.com/install/#install-clients');
-		$this->defaultiOSClientUrl = $config->getSystemValue('customclient_ios', 'https://geo.itunes.apple.com/us/app/nextcloud/id1125420102?mt=8');
-		$this->defaultiTunesAppId = $config->getSystemValue('customclient_ios_appid', '1125420102');
-		$this->defaultAndroidClientUrl = $config->getSystemValue('customclient_android', 'https://play.google.com/store/apps/details?id=com.nextcloud.client');
-		$this->defaultDocBaseUrl = 'https://docs.nextcloud.com';
-		$this->defaultDocVersion = \OC_Util::getVersion()[0]; // used to generate doc links
-		$this->defaultColorPrimary = '#0082c9';
-		$this->defaultTextColorPrimary = '#ffffff';
+        $this->defaultEntity = 'Nextcloud'; /* e.g. company name, used for footers and copyright notices */
+        $this->defaultName = 'Nextcloud'; /* short name, used when referring to the software */
+        $this->defaultTitle = 'Nextcloud'; /* can be a longer name, for titles */
+        $this->defaultBaseUrl = 'https://nextcloud.com';
+        $this->defaultSyncClientUrl = $config->getSystemValue('customclient_desktop', 'https://nextcloud.com/install/#install-clients');
+        $this->defaultiOSClientUrl = $config->getSystemValue('customclient_ios', 'https://geo.itunes.apple.com/us/app/nextcloud/id1125420102?mt=8');
+        $this->defaultiTunesAppId = $config->getSystemValue('customclient_ios_appid', '1125420102');
+        $this->defaultAndroidClientUrl = $config->getSystemValue('customclient_android', 'https://play.google.com/store/apps/details?id=com.nextcloud.client');
+        $this->defaultDocBaseUrl = 'https://docs.nextcloud.com';
+        $this->defaultDocVersion = \OC_Util::getVersion()[0]; // used to generate doc links
+        $this->defaultColorPrimary = '#0082c9';
+        $this->defaultTextColorPrimary = '#ffffff';
 
-		$themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php';
-		if (file_exists($themePath)) {
-			// prevent defaults.php from printing output
-			ob_start();
-			require_once $themePath;
-			ob_end_clean();
-			if (class_exists('OC_Theme')) {
-				$this->theme = new OC_Theme();
-			}
-		}
-	}
+        $themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php';
+        if (file_exists($themePath)) {
+            // prevent defaults.php from printing output
+            ob_start();
+            require_once $themePath;
+            ob_end_clean();
+            if (class_exists('OC_Theme')) {
+                $this->theme = new OC_Theme();
+            }
+        }
+    }
 
-	/**
-	 * @param string $method
-	 */
-	private function themeExist($method) {
-		if (isset($this->theme) && method_exists($this->theme, $method)) {
-			return true;
-		}
-		return false;
-	}
+    /**
+     * @param string $method
+     */
+    private function themeExist($method) {
+        if (isset($this->theme) && method_exists($this->theme, $method)) {
+            return true;
+        }
+        return false;
+    }
 
-	/**
-	 * Returns the base URL
-	 * @return string URL
-	 */
-	public function getBaseUrl() {
-		if ($this->themeExist('getBaseUrl')) {
-			return $this->theme->getBaseUrl();
-		} else {
-			return $this->defaultBaseUrl;
-		}
-	}
+    /**
+     * Returns the base URL
+     * @return string URL
+     */
+    public function getBaseUrl() {
+        if ($this->themeExist('getBaseUrl')) {
+            return $this->theme->getBaseUrl();
+        } else {
+            return $this->defaultBaseUrl;
+        }
+    }
 
-	/**
-	 * Returns the URL where the sync clients are listed
-	 * @return string URL
-	 */
-	public function getSyncClientUrl() {
-		if ($this->themeExist('getSyncClientUrl')) {
-			return $this->theme->getSyncClientUrl();
-		} else {
-			return $this->defaultSyncClientUrl;
-		}
-	}
+    /**
+     * Returns the URL where the sync clients are listed
+     * @return string URL
+     */
+    public function getSyncClientUrl() {
+        if ($this->themeExist('getSyncClientUrl')) {
+            return $this->theme->getSyncClientUrl();
+        } else {
+            return $this->defaultSyncClientUrl;
+        }
+    }
 
-	/**
-	 * Returns the URL to the App Store for the iOS Client
-	 * @return string URL
-	 */
-	public function getiOSClientUrl() {
-		if ($this->themeExist('getiOSClientUrl')) {
-			return $this->theme->getiOSClientUrl();
-		} else {
-			return $this->defaultiOSClientUrl;
-		}
-	}
+    /**
+     * Returns the URL to the App Store for the iOS Client
+     * @return string URL
+     */
+    public function getiOSClientUrl() {
+        if ($this->themeExist('getiOSClientUrl')) {
+            return $this->theme->getiOSClientUrl();
+        } else {
+            return $this->defaultiOSClientUrl;
+        }
+    }
 
-	/**
-	 * Returns the AppId for the App Store for the iOS Client
-	 * @return string AppId
-	 */
-	public function getiTunesAppId() {
-		if ($this->themeExist('getiTunesAppId')) {
-			return $this->theme->getiTunesAppId();
-		} else {
-			return $this->defaultiTunesAppId;
-		}
-	}
+    /**
+     * Returns the AppId for the App Store for the iOS Client
+     * @return string AppId
+     */
+    public function getiTunesAppId() {
+        if ($this->themeExist('getiTunesAppId')) {
+            return $this->theme->getiTunesAppId();
+        } else {
+            return $this->defaultiTunesAppId;
+        }
+    }
 
-	/**
-	 * Returns the URL to Google Play for the Android Client
-	 * @return string URL
-	 */
-	public function getAndroidClientUrl() {
-		if ($this->themeExist('getAndroidClientUrl')) {
-			return $this->theme->getAndroidClientUrl();
-		} else {
-			return $this->defaultAndroidClientUrl;
-		}
-	}
+    /**
+     * Returns the URL to Google Play for the Android Client
+     * @return string URL
+     */
+    public function getAndroidClientUrl() {
+        if ($this->themeExist('getAndroidClientUrl')) {
+            return $this->theme->getAndroidClientUrl();
+        } else {
+            return $this->defaultAndroidClientUrl;
+        }
+    }
 
-	/**
-	 * Returns the documentation URL
-	 * @return string URL
-	 */
-	public function getDocBaseUrl() {
-		if ($this->themeExist('getDocBaseUrl')) {
-			return $this->theme->getDocBaseUrl();
-		} else {
-			return $this->defaultDocBaseUrl;
-		}
-	}
+    /**
+     * Returns the documentation URL
+     * @return string URL
+     */
+    public function getDocBaseUrl() {
+        if ($this->themeExist('getDocBaseUrl')) {
+            return $this->theme->getDocBaseUrl();
+        } else {
+            return $this->defaultDocBaseUrl;
+        }
+    }
 
-	/**
-	 * Returns the title
-	 * @return string title
-	 */
-	public function getTitle() {
-		if ($this->themeExist('getTitle')) {
-			return $this->theme->getTitle();
-		} else {
-			return $this->defaultTitle;
-		}
-	}
+    /**
+     * Returns the title
+     * @return string title
+     */
+    public function getTitle() {
+        if ($this->themeExist('getTitle')) {
+            return $this->theme->getTitle();
+        } else {
+            return $this->defaultTitle;
+        }
+    }
 
-	/**
-	 * Returns the short name of the software
-	 * @return string title
-	 */
-	public function getName() {
-		if ($this->themeExist('getName')) {
-			return $this->theme->getName();
-		} else {
-			return $this->defaultName;
-		}
-	}
+    /**
+     * Returns the short name of the software
+     * @return string title
+     */
+    public function getName() {
+        if ($this->themeExist('getName')) {
+            return $this->theme->getName();
+        } else {
+            return $this->defaultName;
+        }
+    }
 
-	/**
-	 * Returns the short name of the software containing HTML strings
-	 * @return string title
-	 */
-	public function getHTMLName() {
-		if ($this->themeExist('getHTMLName')) {
-			return $this->theme->getHTMLName();
-		} else {
-			return $this->defaultName;
-		}
-	}
+    /**
+     * Returns the short name of the software containing HTML strings
+     * @return string title
+     */
+    public function getHTMLName() {
+        if ($this->themeExist('getHTMLName')) {
+            return $this->theme->getHTMLName();
+        } else {
+            return $this->defaultName;
+        }
+    }
 
-	/**
-	 * Returns entity (e.g. company name) - used for footer, copyright
-	 * @return string entity name
-	 */
-	public function getEntity() {
-		if ($this->themeExist('getEntity')) {
-			return $this->theme->getEntity();
-		} else {
-			return $this->defaultEntity;
-		}
-	}
+    /**
+     * Returns entity (e.g. company name) - used for footer, copyright
+     * @return string entity name
+     */
+    public function getEntity() {
+        if ($this->themeExist('getEntity')) {
+            return $this->theme->getEntity();
+        } else {
+            return $this->defaultEntity;
+        }
+    }
 
-	/**
-	 * Returns slogan
-	 * @return string slogan
-	 */
-	public function getSlogan() {
-		if ($this->themeExist('getSlogan')) {
-			return $this->theme->getSlogan();
-		} else {
-			if ($this->defaultSlogan === null) {
-				$l10n = \OC::$server->getL10N('lib');
-				$this->defaultSlogan = $l10n->t('a safe home for all your data');
-			}
-			return $this->defaultSlogan;
-		}
-	}
+    /**
+     * Returns slogan
+     * @return string slogan
+     */
+    public function getSlogan() {
+        if ($this->themeExist('getSlogan')) {
+            return $this->theme->getSlogan();
+        } else {
+            if ($this->defaultSlogan === null) {
+                $l10n = \OC::$server->getL10N('lib');
+                $this->defaultSlogan = $l10n->t('a safe home for all your data');
+            }
+            return $this->defaultSlogan;
+        }
+    }
 
-	/**
-	 * Returns logo claim
-	 * @return string logo claim
-	 * @deprecated 13.0.0
-	 */
-	public function getLogoClaim() {
-		return '';
-	}
+    /**
+     * Returns logo claim
+     * @return string logo claim
+     * @deprecated 13.0.0
+     */
+    public function getLogoClaim() {
+        return '';
+    }
 
-	/**
-	 * Returns short version of the footer
-	 * @return string short footer
-	 */
-	public function getShortFooter() {
-		if ($this->themeExist('getShortFooter')) {
-			$footer = $this->theme->getShortFooter();
-		} else {
-			$footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' .
-				' rel="noreferrer noopener">' .$this->getEntity() . '</a>'.
-				' – ' . $this->getSlogan();
-		}
+    /**
+     * Returns short version of the footer
+     * @return string short footer
+     */
+    public function getShortFooter() {
+        if ($this->themeExist('getShortFooter')) {
+            $footer = $this->theme->getShortFooter();
+        } else {
+            $footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' .
+                ' rel="noreferrer noopener">' .$this->getEntity() . '</a>'.
+                ' – ' . $this->getSlogan();
+        }
 
-		return $footer;
-	}
+        return $footer;
+    }
 
-	/**
-	 * Returns long version of the footer
-	 * @return string long footer
-	 */
-	public function getLongFooter() {
-		if ($this->themeExist('getLongFooter')) {
-			$footer = $this->theme->getLongFooter();
-		} else {
-			$footer = $this->getShortFooter();
-		}
+    /**
+     * Returns long version of the footer
+     * @return string long footer
+     */
+    public function getLongFooter() {
+        if ($this->themeExist('getLongFooter')) {
+            $footer = $this->theme->getLongFooter();
+        } else {
+            $footer = $this->getShortFooter();
+        }
 
-		return $footer;
-	}
+        return $footer;
+    }
 
-	/**
-	 * @param string $key
-	 * @return string URL to doc with key
-	 */
-	public function buildDocLinkToKey($key) {
-		if ($this->themeExist('buildDocLinkToKey')) {
-			return $this->theme->buildDocLinkToKey($key);
-		}
-		return $this->getDocBaseUrl() . '/server/' . $this->defaultDocVersion . '/go.php?to=' . $key;
-	}
+    /**
+     * @param string $key
+     * @return string URL to doc with key
+     */
+    public function buildDocLinkToKey($key) {
+        if ($this->themeExist('buildDocLinkToKey')) {
+            return $this->theme->buildDocLinkToKey($key);
+        }
+        return $this->getDocBaseUrl() . '/server/' . $this->defaultDocVersion . '/go.php?to=' . $key;
+    }
 
-	/**
-	 * Returns primary color
-	 * @return string
-	 */
-	public function getColorPrimary() {
+    /**
+     * Returns primary color
+     * @return string
+     */
+    public function getColorPrimary() {
 
-		if ($this->themeExist('getColorPrimary')) {
-			return $this->theme->getColorPrimary();
-		}
-		if ($this->themeExist('getMailHeaderColor')) {
-			return $this->theme->getMailHeaderColor();
-		}
-		return $this->defaultColorPrimary;
-	}
+        if ($this->themeExist('getColorPrimary')) {
+            return $this->theme->getColorPrimary();
+        }
+        if ($this->themeExist('getMailHeaderColor')) {
+            return $this->theme->getMailHeaderColor();
+        }
+        return $this->defaultColorPrimary;
+    }
 
-	/**
-	 * @return array scss variables to overwrite
-	 */
-	public function getScssVariables() {
-		if($this->themeExist('getScssVariables')) {
-			return $this->theme->getScssVariables();
-		}
-		return [];
-	}
+    /**
+     * @return array scss variables to overwrite
+     */
+    public function getScssVariables() {
+        if($this->themeExist('getScssVariables')) {
+            return $this->theme->getScssVariables();
+        }
+        return [];
+    }
 
-	public function shouldReplaceIcons() {
-		return false;
-	}
+    public function shouldReplaceIcons() {
+        return false;
+    }
 
-	/**
-	 * Themed logo url
-	 *
-	 * @param bool $useSvg Whether to point to the SVG image or a fallback
-	 * @return string
-	 */
-	public function getLogo($useSvg = true) {
-		if ($this->themeExist('getLogo')) {
-			return $this->theme->getLogo($useSvg);
-		}
+    /**
+     * Themed logo url
+     *
+     * @param bool $useSvg Whether to point to the SVG image or a fallback
+     * @return string
+     */
+    public function getLogo($useSvg = true) {
+        if ($this->themeExist('getLogo')) {
+            return $this->theme->getLogo($useSvg);
+        }
 
-		if($useSvg) {
-			$logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.svg');
-		} else {
-			$logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.png');
-		}
-		return $logo . '?v=' . hash('sha1', implode('.', \OCP\Util::getVersion()));
-	}
+        if($useSvg) {
+            $logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.svg');
+        } else {
+            $logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.png');
+        }
+        return $logo . '?v=' . hash('sha1', implode('.', \OCP\Util::getVersion()));
+    }
 
-	public function getTextColorPrimary() {
-		if ($this->themeExist('getTextColorPrimary')) {
-			return $this->theme->getTextColorPrimary();
-		}
-		return $this->defaultTextColorPrimary;
-	}
+    public function getTextColorPrimary() {
+        if ($this->themeExist('getTextColorPrimary')) {
+            return $this->theme->getTextColorPrimary();
+        }
+        return $this->defaultTextColorPrimary;
+    }
 }

Please login to merge, or discard this patch.

Spacing +8 added lines, -8 removed lines patch added patch discarded remove patch

@@ -69,7 +69,7 @@  discard block
 block discarded – undo
 		$this->defaultColorPrimary = '#0082c9';
 		$this->defaultTextColorPrimary = '#ffffff';
 
-		$themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php';
+		$themePath = OC::$SERVERROOT.'/themes/'.OC_Util::getTheme().'/defaults.php';
 		if (file_exists($themePath)) {
 			// prevent defaults.php from printing output
 			ob_start();
@@ -244,9 +244,9 @@  discard block
 block discarded – undo
 		if ($this->themeExist('getShortFooter')) {
 			$footer = $this->theme->getShortFooter();
 		} else {
-			$footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' .
-				' rel="noreferrer noopener">' .$this->getEntity() . '</a>'.
-				' – ' . $this->getSlogan();
+			$footer = '<a href="'.$this->getBaseUrl().'" target="_blank"'.
+				' rel="noreferrer noopener">'.$this->getEntity().'</a>'.
+				' – '.$this->getSlogan();
 		}
 
 		return $footer;
@@ -274,7 +274,7 @@  discard block
 block discarded – undo
 		if ($this->themeExist('buildDocLinkToKey')) {
 			return $this->theme->buildDocLinkToKey($key);
 		}
-		return $this->getDocBaseUrl() . '/server/' . $this->defaultDocVersion . '/go.php?to=' . $key;
+		return $this->getDocBaseUrl().'/server/'.$this->defaultDocVersion.'/go.php?to='.$key;
 	}
 
 	/**
@@ -296,7 +296,7 @@  discard block
 block discarded – undo
 	 * @return array scss variables to overwrite
 	 */
 	public function getScssVariables() {
-		if($this->themeExist('getScssVariables')) {
+		if ($this->themeExist('getScssVariables')) {
 			return $this->theme->getScssVariables();
 		}
 		return [];
@@ -317,12 +317,12 @@  discard block
 block discarded – undo
 			return $this->theme->getLogo($useSvg);
 		}
 
-		if($useSvg) {
+		if ($useSvg) {
 			$logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.svg');
 		} else {
 			$logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.png');
 		}
-		return $logo . '?v=' . hash('sha1', implode('.', \OCP\Util::getVersion()));
+		return $logo.'?v='.hash('sha1', implode('.', \OCP\Util::getVersion()));
 	}
 
 	public function getTextColorPrimary() {

Please login to merge, or discard this patch.

lib/private/legacy/OC_Files.php 2 patches

Indentation +380 added lines, -380 removed lines patch added patch discarded remove patch

@@ -50,385 +50,385 @@
 block discarded – undo
  *
  */
 class OC_Files {
-	const FILE = 1;
-	const ZIP_FILES = 2;
-	const ZIP_DIR = 3;
-
-	const UPLOAD_MIN_LIMIT_BYTES = 1048576; // 1 MiB
-
-
-	private static $multipartBoundary = '';
-
-	/**
-	 * @return string
-	 */
-	private static function getBoundary() {
-		if (empty(self::$multipartBoundary)) {
-			self::$multipartBoundary = md5(mt_rand());
-		}
-		return self::$multipartBoundary;
-	}
-
-	/**
-	 * @param string $filename
-	 * @param string $name
-	 * @param array $rangeArray ('from'=>int,'to'=>int), ...
-	 */
-	private static function sendHeaders($filename, $name, array $rangeArray) {
-		OC_Response::setContentDispositionHeader($name, 'attachment');
-		header('Content-Transfer-Encoding: binary', true);
-		header('Pragma: public');// enable caching in IE
-		header('Expires: 0');
-		header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
-		$fileSize = \OC\Files\Filesystem::filesize($filename);
-		$type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
-		if ($fileSize > -1) {
-			if (!empty($rangeArray)) {
-				http_response_code(206);
-				header('Accept-Ranges: bytes', true);
-				if (count($rangeArray) > 1) {
-				$type = 'multipart/byteranges; boundary='.self::getBoundary();
-				// no Content-Length header here
-				}
-				else {
-				header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
-				OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
-				}
-			}
-			else {
-				OC_Response::setContentLengthHeader($fileSize);
-			}
-		}
-		header('Content-Type: '.$type, true);
-	}
-
-	/**
-	 * return the content of a file or return a zip file containing multiple files
-	 *
-	 * @param string $dir
-	 * @param string $files ; separated list of files to download
-	 * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
-	 */
-	public static function get($dir, $files, $params = null) {
-
-		$view = \OC\Files\Filesystem::getView();
-		$getType = self::FILE;
-		$filename = $dir;
-		try {
-
-			if (is_array($files) && count($files) === 1) {
-				$files = $files[0];
-			}
-
-			if (!is_array($files)) {
-				$filename = $dir . '/' . $files;
-				if (!$view->is_dir($filename)) {
-					self::getSingleFile($view, $dir, $files, is_null($params) ? [] : $params);
-					return;
-				}
-			}
-
-			$name = 'download';
-			if (is_array($files)) {
-				$getType = self::ZIP_FILES;
-				$basename = basename($dir);
-				if ($basename) {
-					$name = $basename;
-				}
-
-				$filename = $dir . '/' . $name;
-			} else {
-				$filename = $dir . '/' . $files;
-				$getType = self::ZIP_DIR;
-				// downloading root ?
-				if ($files !== '') {
-					$name = $files;
-				}
-			}
-
-			self::lockFiles($view, $dir, $files);
-
-			/* Calculate filesize and number of files */
-			if ($getType === self::ZIP_FILES) {
-				$fileInfos = [];
-				$fileSize = 0;
-				foreach ($files as $file) {
-					$fileInfo = \OC\Files\Filesystem::getFileInfo($dir . '/' . $file);
-					$fileSize += $fileInfo->getSize();
-					$fileInfos[] = $fileInfo;
-				}
-				$numberOfFiles = self::getNumberOfFiles($fileInfos);
-			} elseif ($getType === self::ZIP_DIR) {
-				$fileInfo = \OC\Files\Filesystem::getFileInfo($dir . '/' . $files);
-				$fileSize = $fileInfo->getSize();
-				$numberOfFiles = self::getNumberOfFiles([$fileInfo]);
-			}
-
-			$streamer = new Streamer(\OC::$server->getRequest(), $fileSize, $numberOfFiles);
-			OC_Util::obEnd();
-
-			$streamer->sendHeaders($name);
-			$executionTime = (int)OC::$server->getIniWrapper()->getNumeric('max_execution_time');
-			if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
-				@set_time_limit(0);
-			}
-			ignore_user_abort(true);
-
-			if ($getType === self::ZIP_FILES) {
-				foreach ($files as $file) {
-					$file = $dir . '/' . $file;
-					if (\OC\Files\Filesystem::is_file($file)) {
-						$userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot());
-						$file = $userFolder->get($file);
-						if($file instanceof \OC\Files\Node\File) {
-							try {
-								$fh = $file->fopen('r');
-							} catch (\OCP\Files\NotPermittedException $e) {
-								continue;
-							}
-							$fileSize = $file->getSize();
-							$fileTime = $file->getMTime();
-						} else {
-							// File is not a file? …
-							\OC::$server->getLogger()->debug(
-								'File given, but no Node available. Name {file}',
-								[ 'app' => 'files', 'file' => $file ]
-							);
-							continue;
-						}
-						$streamer->addFileFromStream($fh, $file->getName(), $fileSize, $fileTime);
-						fclose($fh);
-					} elseif (\OC\Files\Filesystem::is_dir($file)) {
-						$streamer->addDirRecursive($file);
-					}
-				}
-			} elseif ($getType === self::ZIP_DIR) {
-				$file = $dir . '/' . $files;
-				$streamer->addDirRecursive($file);
-			}
-			$streamer->finalize();
-			set_time_limit($executionTime);
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-		} catch (\OCP\Lock\LockedException $ex) {
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-			OC::$server->getLogger()->logException($ex);
-			$l = \OC::$server->getL10N('core');
-			$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
-			\OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint, 200);
-		} catch (\OCP\Files\ForbiddenException $ex) {
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-			OC::$server->getLogger()->logException($ex);
-			$l = \OC::$server->getL10N('core');
-			\OC_Template::printErrorPage($l->t('Can\'t read file'), $ex->getMessage(), 200);
-		} catch (\Exception $ex) {
-			self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
-			OC::$server->getLogger()->logException($ex);
-			$l = \OC::$server->getL10N('core');
-			$hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
-			\OC_Template::printErrorPage($l->t('Can\'t read file'), $hint, 200);
-		}
-	}
-
-	/**
-	 * @param string $rangeHeaderPos
-	 * @param int $fileSize
-	 * @return array $rangeArray ('from'=>int,'to'=>int), ...
-	 */
-	private static function parseHttpRangeHeader($rangeHeaderPos, $fileSize) {
-		$rArray=explode(',', $rangeHeaderPos);
-		$minOffset = 0;
-		$ind = 0;
-
-		$rangeArray = [];
-
-		foreach ($rArray as $value) {
-			$ranges = explode('-', $value);
-			if (is_numeric($ranges[0])) {
-				if ($ranges[0] < $minOffset) { // case: bytes=500-700,601-999
-					$ranges[0] = $minOffset;
-				}
-				if ($ind > 0 && $rangeArray[$ind-1]['to']+1 == $ranges[0]) { // case: bytes=500-600,601-999
-					$ind--;
-					$ranges[0] = $rangeArray[$ind]['from'];
-				}
-			}
-
-			if (is_numeric($ranges[0]) && is_numeric($ranges[1]) && $ranges[0] < $fileSize && $ranges[0] <= $ranges[1]) {
-				// case: x-x
-				if ($ranges[1] >= $fileSize) {
-					$ranges[1] = $fileSize-1;
-				}
-				$rangeArray[$ind++] = [ 'from' => $ranges[0], 'to' => $ranges[1], 'size' => $fileSize ];
-				$minOffset = $ranges[1] + 1;
-				if ($minOffset >= $fileSize) {
-					break;
-				}
-			}
-			elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
-				// case: x-
-				$rangeArray[$ind++] = [ 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize ];
-				break;
-			}
-			elseif (is_numeric($ranges[1])) {
-				// case: -x
-				if ($ranges[1] > $fileSize) {
-					$ranges[1] = $fileSize;
-				}
-				$rangeArray[$ind++] = [ 'from' => $fileSize-$ranges[1], 'to' => $fileSize-1, 'size' => $fileSize ];
-				break;
-			}
-		}
-		return $rangeArray;
-	}
-
-	/**
-	 * @param View $view
-	 * @param string $name
-	 * @param string $dir
-	 * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
-	 */
-	private static function getSingleFile($view, $dir, $name, $params) {
-		$filename = $dir . '/' . $name;
-		$file = null;
-
-		try {
-			$userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot());
-			$file = $userFolder->get($filename);
-			if(!$file instanceof \OC\Files\Node\File || !$file->isReadable()) {
-				http_response_code(403);
-				die('403 Forbidden');
-			}
-			$fileSize = $file->getSize();
-		} catch (\OCP\Files\NotPermittedException $e) {
-			http_response_code(403);
-			die('403 Forbidden');
-		} catch (\OCP\Files\InvalidPathException $e) {
-			http_response_code(403);
-			die('403 Forbidden');
-		} catch (\OCP\Files\NotFoundException $e) {
-			http_response_code(404);
-			$tmpl = new OC_Template('', '404', 'guest');
-			$tmpl->printPage();
-			exit();
-		}
-
-		OC_Util::obEnd();
-		$view->lockFile($filename, ILockingProvider::LOCK_SHARED);
-
-		$rangeArray = [];
-
-		if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') {
-			$rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), $fileSize);
-		}
-
-		self::sendHeaders($filename, $name, $rangeArray);
-
-		if (isset($params['head']) && $params['head']) {
-			return;
-		}
-
-		if (!empty($rangeArray)) {
-			try {
-				if (count($rangeArray) == 1) {
-				$view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
-				}
-				else {
-				// check if file is seekable (if not throw UnseekableException)
-				// we have to check it before body contents
-				$view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
-
-				$type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
-
-				foreach ($rangeArray as $range) {
-					echo "\r\n--".self::getBoundary()."\r\n".
-						 "Content-type: ".$type."\r\n".
-						 "Content-range: bytes ".$range['from']."-".$range['to']."/".$range['size']."\r\n\r\n";
-					$view->readfilePart($filename, $range['from'], $range['to']);
-				}
-				echo "\r\n--".self::getBoundary()."--\r\n";
-				}
-			} catch (\OCP\Files\UnseekableException $ex) {
-				// file is unseekable
-				header_remove('Accept-Ranges');
-				header_remove('Content-Range');
-				http_response_code(200);
-				self::sendHeaders($filename, $name, []);
-				$view->readfile($filename);
-			}
-		}
-		else {
-			$view->readfile($filename);
-		}
-	}
-
-	/**
-	 * Returns the total (recursive) number of files and folders in the given
-	 * FileInfos.
-	 *
-	 * @param \OCP\Files\FileInfo[] $fileInfos the FileInfos to count
-	 * @return int the total number of files and folders
-	 */
-	private static function getNumberOfFiles($fileInfos) {
-		$numberOfFiles = 0;
-
-		$view = new View();
-
-		while ($fileInfo = array_pop($fileInfos)) {
-			$numberOfFiles++;
-
-			if ($fileInfo->getType() === \OCP\Files\FileInfo::TYPE_FOLDER) {
-				$fileInfos = array_merge($fileInfos, $view->getDirectoryContent($fileInfo->getPath()));
-			}
-		}
-
-		return $numberOfFiles;
-	}
-
-	/**
-	 * @param View $view
-	 * @param string $dir
-	 * @param string[]|string $files
-	 */
-	public static function lockFiles($view, $dir, $files) {
-		if (!is_array($files)) {
-			$file = $dir . '/' . $files;
-			$files = [$file];
-		}
-		foreach ($files as $file) {
-			$file = $dir . '/' . $file;
-			$view->lockFile($file, ILockingProvider::LOCK_SHARED);
-			if ($view->is_dir($file)) {
-				$contents = $view->getDirectoryContent($file);
-				$contents = array_map(function($fileInfo) use ($file) {
-					/** @var \OCP\Files\FileInfo $fileInfo */
-					return $file . '/' . $fileInfo->getName();
-				}, $contents);
-				self::lockFiles($view, $dir, $contents);
-			}
-		}
-	}
-
-	/**
-	 * @param string $dir
-	 * @param $files
-	 * @param integer $getType
-	 * @param View $view
-	 * @param string $filename
-	 */
-	private static function unlockAllTheFiles($dir, $files, $getType, $view, $filename) {
-		if ($getType === self::FILE) {
-			$view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
-		}
-		if ($getType === self::ZIP_FILES) {
-			foreach ($files as $file) {
-				$file = $dir . '/' . $file;
-				$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
-			}
-		}
-		if ($getType === self::ZIP_DIR) {
-			$file = $dir . '/' . $files;
-			$view->unlockFile($file, ILockingProvider::LOCK_SHARED);
-		}
-	}
+    const FILE = 1;
+    const ZIP_FILES = 2;
+    const ZIP_DIR = 3;
+
+    const UPLOAD_MIN_LIMIT_BYTES = 1048576; // 1 MiB
+
+
+    private static $multipartBoundary = '';
+
+    /**
+     * @return string
+     */
+    private static function getBoundary() {
+        if (empty(self::$multipartBoundary)) {
+            self::$multipartBoundary = md5(mt_rand());
+        }
+        return self::$multipartBoundary;
+    }
+
+    /**
+     * @param string $filename
+     * @param string $name
+     * @param array $rangeArray ('from'=>int,'to'=>int), ...
+     */
+    private static function sendHeaders($filename, $name, array $rangeArray) {
+        OC_Response::setContentDispositionHeader($name, 'attachment');
+        header('Content-Transfer-Encoding: binary', true);
+        header('Pragma: public');// enable caching in IE
+        header('Expires: 0');
+        header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+        $fileSize = \OC\Files\Filesystem::filesize($filename);
+        $type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
+        if ($fileSize > -1) {
+            if (!empty($rangeArray)) {
+                http_response_code(206);
+                header('Accept-Ranges: bytes', true);
+                if (count($rangeArray) > 1) {
+                $type = 'multipart/byteranges; boundary='.self::getBoundary();
+                // no Content-Length header here
+                }
+                else {
+                header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
+                OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
+                }
+            }
+            else {
+                OC_Response::setContentLengthHeader($fileSize);
+            }
+        }
+        header('Content-Type: '.$type, true);
+    }
+
+    /**
+     * return the content of a file or return a zip file containing multiple files
+     *
+     * @param string $dir
+     * @param string $files ; separated list of files to download
+     * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
+     */
+    public static function get($dir, $files, $params = null) {
+
+        $view = \OC\Files\Filesystem::getView();
+        $getType = self::FILE;
+        $filename = $dir;
+        try {
+
+            if (is_array($files) && count($files) === 1) {
+                $files = $files[0];
+            }
+
+            if (!is_array($files)) {
+                $filename = $dir . '/' . $files;
+                if (!$view->is_dir($filename)) {
+                    self::getSingleFile($view, $dir, $files, is_null($params) ? [] : $params);
+                    return;
+                }
+            }
+
+            $name = 'download';
+            if (is_array($files)) {
+                $getType = self::ZIP_FILES;
+                $basename = basename($dir);
+                if ($basename) {
+                    $name = $basename;
+                }
+
+                $filename = $dir . '/' . $name;
+            } else {
+                $filename = $dir . '/' . $files;
+                $getType = self::ZIP_DIR;
+                // downloading root ?
+                if ($files !== '') {
+                    $name = $files;
+                }
+            }
+
+            self::lockFiles($view, $dir, $files);
+
+            /* Calculate filesize and number of files */
+            if ($getType === self::ZIP_FILES) {
+                $fileInfos = [];
+                $fileSize = 0;
+                foreach ($files as $file) {
+                    $fileInfo = \OC\Files\Filesystem::getFileInfo($dir . '/' . $file);
+                    $fileSize += $fileInfo->getSize();
+                    $fileInfos[] = $fileInfo;
+                }
+                $numberOfFiles = self::getNumberOfFiles($fileInfos);
+            } elseif ($getType === self::ZIP_DIR) {
+                $fileInfo = \OC\Files\Filesystem::getFileInfo($dir . '/' . $files);
+                $fileSize = $fileInfo->getSize();
+                $numberOfFiles = self::getNumberOfFiles([$fileInfo]);
+            }
+
+            $streamer = new Streamer(\OC::$server->getRequest(), $fileSize, $numberOfFiles);
+            OC_Util::obEnd();
+
+            $streamer->sendHeaders($name);
+            $executionTime = (int)OC::$server->getIniWrapper()->getNumeric('max_execution_time');
+            if (strpos(@ini_get('disable_functions'), 'set_time_limit') === false) {
+                @set_time_limit(0);
+            }
+            ignore_user_abort(true);
+
+            if ($getType === self::ZIP_FILES) {
+                foreach ($files as $file) {
+                    $file = $dir . '/' . $file;
+                    if (\OC\Files\Filesystem::is_file($file)) {
+                        $userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot());
+                        $file = $userFolder->get($file);
+                        if($file instanceof \OC\Files\Node\File) {
+                            try {
+                                $fh = $file->fopen('r');
+                            } catch (\OCP\Files\NotPermittedException $e) {
+                                continue;
+                            }
+                            $fileSize = $file->getSize();
+                            $fileTime = $file->getMTime();
+                        } else {
+                            // File is not a file? …
+                            \OC::$server->getLogger()->debug(
+                                'File given, but no Node available. Name {file}',
+                                [ 'app' => 'files', 'file' => $file ]
+                            );
+                            continue;
+                        }
+                        $streamer->addFileFromStream($fh, $file->getName(), $fileSize, $fileTime);
+                        fclose($fh);
+                    } elseif (\OC\Files\Filesystem::is_dir($file)) {
+                        $streamer->addDirRecursive($file);
+                    }
+                }
+            } elseif ($getType === self::ZIP_DIR) {
+                $file = $dir . '/' . $files;
+                $streamer->addDirRecursive($file);
+            }
+            $streamer->finalize();
+            set_time_limit($executionTime);
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+        } catch (\OCP\Lock\LockedException $ex) {
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+            OC::$server->getLogger()->logException($ex);
+            $l = \OC::$server->getL10N('core');
+            $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
+            \OC_Template::printErrorPage($l->t('File is currently busy, please try again later'), $hint, 200);
+        } catch (\OCP\Files\ForbiddenException $ex) {
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+            OC::$server->getLogger()->logException($ex);
+            $l = \OC::$server->getL10N('core');
+            \OC_Template::printErrorPage($l->t('Can\'t read file'), $ex->getMessage(), 200);
+        } catch (\Exception $ex) {
+            self::unlockAllTheFiles($dir, $files, $getType, $view, $filename);
+            OC::$server->getLogger()->logException($ex);
+            $l = \OC::$server->getL10N('core');
+            $hint = method_exists($ex, 'getHint') ? $ex->getHint() : '';
+            \OC_Template::printErrorPage($l->t('Can\'t read file'), $hint, 200);
+        }
+    }
+
+    /**
+     * @param string $rangeHeaderPos
+     * @param int $fileSize
+     * @return array $rangeArray ('from'=>int,'to'=>int), ...
+     */
+    private static function parseHttpRangeHeader($rangeHeaderPos, $fileSize) {
+        $rArray=explode(',', $rangeHeaderPos);
+        $minOffset = 0;
+        $ind = 0;
+
+        $rangeArray = [];
+
+        foreach ($rArray as $value) {
+            $ranges = explode('-', $value);
+            if (is_numeric($ranges[0])) {
+                if ($ranges[0] < $minOffset) { // case: bytes=500-700,601-999
+                    $ranges[0] = $minOffset;
+                }
+                if ($ind > 0 && $rangeArray[$ind-1]['to']+1 == $ranges[0]) { // case: bytes=500-600,601-999
+                    $ind--;
+                    $ranges[0] = $rangeArray[$ind]['from'];
+                }
+            }
+
+            if (is_numeric($ranges[0]) && is_numeric($ranges[1]) && $ranges[0] < $fileSize && $ranges[0] <= $ranges[1]) {
+                // case: x-x
+                if ($ranges[1] >= $fileSize) {
+                    $ranges[1] = $fileSize-1;
+                }
+                $rangeArray[$ind++] = [ 'from' => $ranges[0], 'to' => $ranges[1], 'size' => $fileSize ];
+                $minOffset = $ranges[1] + 1;
+                if ($minOffset >= $fileSize) {
+                    break;
+                }
+            }
+            elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
+                // case: x-
+                $rangeArray[$ind++] = [ 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize ];
+                break;
+            }
+            elseif (is_numeric($ranges[1])) {
+                // case: -x
+                if ($ranges[1] > $fileSize) {
+                    $ranges[1] = $fileSize;
+                }
+                $rangeArray[$ind++] = [ 'from' => $fileSize-$ranges[1], 'to' => $fileSize-1, 'size' => $fileSize ];
+                break;
+            }
+        }
+        return $rangeArray;
+    }
+
+    /**
+     * @param View $view
+     * @param string $name
+     * @param string $dir
+     * @param array $params ; 'head' boolean to only send header of the request ; 'range' http range header
+     */
+    private static function getSingleFile($view, $dir, $name, $params) {
+        $filename = $dir . '/' . $name;
+        $file = null;
+
+        try {
+            $userFolder = \OC::$server->getRootFolder()->get(\OC\Files\Filesystem::getRoot());
+            $file = $userFolder->get($filename);
+            if(!$file instanceof \OC\Files\Node\File || !$file->isReadable()) {
+                http_response_code(403);
+                die('403 Forbidden');
+            }
+            $fileSize = $file->getSize();
+        } catch (\OCP\Files\NotPermittedException $e) {
+            http_response_code(403);
+            die('403 Forbidden');
+        } catch (\OCP\Files\InvalidPathException $e) {
+            http_response_code(403);
+            die('403 Forbidden');
+        } catch (\OCP\Files\NotFoundException $e) {
+            http_response_code(404);
+            $tmpl = new OC_Template('', '404', 'guest');
+            $tmpl->printPage();
+            exit();
+        }
+
+        OC_Util::obEnd();
+        $view->lockFile($filename, ILockingProvider::LOCK_SHARED);
+
+        $rangeArray = [];
+
+        if (isset($params['range']) && substr($params['range'], 0, 6) === 'bytes=') {
+            $rangeArray = self::parseHttpRangeHeader(substr($params['range'], 6), $fileSize);
+        }
+
+        self::sendHeaders($filename, $name, $rangeArray);
+
+        if (isset($params['head']) && $params['head']) {
+            return;
+        }
+
+        if (!empty($rangeArray)) {
+            try {
+                if (count($rangeArray) == 1) {
+                $view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
+                }
+                else {
+                // check if file is seekable (if not throw UnseekableException)
+                // we have to check it before body contents
+                $view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
+
+                $type = \OC::$server->getMimeTypeDetector()->getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename));
+
+                foreach ($rangeArray as $range) {
+                    echo "\r\n--".self::getBoundary()."\r\n".
+                            "Content-type: ".$type."\r\n".
+                            "Content-range: bytes ".$range['from']."-".$range['to']."/".$range['size']."\r\n\r\n";
+                    $view->readfilePart($filename, $range['from'], $range['to']);
+                }
+                echo "\r\n--".self::getBoundary()."--\r\n";
+                }
+            } catch (\OCP\Files\UnseekableException $ex) {
+                // file is unseekable
+                header_remove('Accept-Ranges');
+                header_remove('Content-Range');
+                http_response_code(200);
+                self::sendHeaders($filename, $name, []);
+                $view->readfile($filename);
+            }
+        }
+        else {
+            $view->readfile($filename);
+        }
+    }
+
+    /**
+     * Returns the total (recursive) number of files and folders in the given
+     * FileInfos.
+     *
+     * @param \OCP\Files\FileInfo[] $fileInfos the FileInfos to count
+     * @return int the total number of files and folders
+     */
+    private static function getNumberOfFiles($fileInfos) {
+        $numberOfFiles = 0;
+
+        $view = new View();
+
+        while ($fileInfo = array_pop($fileInfos)) {
+            $numberOfFiles++;
+
+            if ($fileInfo->getType() === \OCP\Files\FileInfo::TYPE_FOLDER) {
+                $fileInfos = array_merge($fileInfos, $view->getDirectoryContent($fileInfo->getPath()));
+            }
+        }
+
+        return $numberOfFiles;
+    }
+
+    /**
+     * @param View $view
+     * @param string $dir
+     * @param string[]|string $files
+     */
+    public static function lockFiles($view, $dir, $files) {
+        if (!is_array($files)) {
+            $file = $dir . '/' . $files;
+            $files = [$file];
+        }
+        foreach ($files as $file) {
+            $file = $dir . '/' . $file;
+            $view->lockFile($file, ILockingProvider::LOCK_SHARED);
+            if ($view->is_dir($file)) {
+                $contents = $view->getDirectoryContent($file);
+                $contents = array_map(function($fileInfo) use ($file) {
+                    /** @var \OCP\Files\FileInfo $fileInfo */
+                    return $file . '/' . $fileInfo->getName();
+                }, $contents);
+                self::lockFiles($view, $dir, $contents);
+            }
+        }
+    }
+
+    /**
+     * @param string $dir
+     * @param $files
+     * @param integer $getType
+     * @param View $view
+     * @param string $filename
+     */
+    private static function unlockAllTheFiles($dir, $files, $getType, $view, $filename) {
+        if ($getType === self::FILE) {
+            $view->unlockFile($filename, ILockingProvider::LOCK_SHARED);
+        }
+        if ($getType === self::ZIP_FILES) {
+            foreach ($files as $file) {
+                $file = $dir . '/' . $file;
+                $view->unlockFile($file, ILockingProvider::LOCK_SHARED);
+            }
+        }
+        if ($getType === self::ZIP_DIR) {
+            $file = $dir . '/' . $files;
+            $view->unlockFile($file, ILockingProvider::LOCK_SHARED);
+        }
+    }
 
 }

Please login to merge, or discard this patch.

Braces +6 added lines, -12 removed lines patch added patch discarded remove patch

@@ -89,13 +89,11 @@  discard block
 block discarded – undo
 				if (count($rangeArray) > 1) {
 				$type = 'multipart/byteranges; boundary='.self::getBoundary();
 				// no Content-Length header here
-				}
-				else {
+				} else {
 				header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
 				OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
 				}
-			}
-			else {
+			} else {
 				OC_Response::setContentLengthHeader($fileSize);
 			}
 		}
@@ -263,13 +261,11 @@  discard block
 block discarded – undo
 				if ($minOffset >= $fileSize) {
 					break;
 				}
-			}
-			elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
+			} elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
 				// case: x-
 				$rangeArray[$ind++] = [ 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize ];
 				break;
-			}
-			elseif (is_numeric($ranges[1])) {
+			} elseif (is_numeric($ranges[1])) {
 				// case: -x
 				if ($ranges[1] > $fileSize) {
 					$ranges[1] = $fileSize;
@@ -331,8 +327,7 @@  discard block
 block discarded – undo
 			try {
 				if (count($rangeArray) == 1) {
 				$view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
-				}
-				else {
+				} else {
 				// check if file is seekable (if not throw UnseekableException)
 				// we have to check it before body contents
 				$view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
@@ -355,8 +350,7 @@  discard block
 block discarded – undo
 				self::sendHeaders($filename, $name, []);
 				$view->readfile($filename);
 			}
-		}
-		else {
+		} else {
 			$view->readfile($filename);
 		}
 	}

Please login to merge, or discard this patch.

lib/private/legacy/OC_Hook.php 1 patch

Indentation +103 added lines, -103 removed lines patch added patch discarded remove patch

@@ -34,118 +34,118 @@
 block discarded – undo
  * @deprecated 18.0.0 use events and the \OCP\EventDispatcher\IEventDispatcher service
  */
 class OC_Hook {
-	public static $thrownExceptions = [];
+    public static $thrownExceptions = [];
 
-	static private $registered = [];
+    static private $registered = [];
 
-	/**
-	 * connects a function to a hook
-	 *
-	 * @param string $signalClass class name of emitter
-	 * @param string $signalName name of signal
-	 * @param string|object $slotClass class name of slot
-	 * @param string $slotName name of slot
-	 * @return bool
-	 *
-	 * This function makes it very easy to connect to use hooks.
-	 *
-	 * TODO: write example
-	 */
-	static public function connect($signalClass, $signalName, $slotClass, $slotName ) {
-		// If we're trying to connect to an emitting class that isn't
-		// yet registered, register it
-		if( !array_key_exists($signalClass, self::$registered )) {
-			self::$registered[$signalClass] = [];
-		}
-		// If we're trying to connect to an emitting method that isn't
-		// yet registered, register it with the emitting class
-		if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
-			self::$registered[$signalClass][$signalName] = [];
-		}
+    /**
+     * connects a function to a hook
+     *
+     * @param string $signalClass class name of emitter
+     * @param string $signalName name of signal
+     * @param string|object $slotClass class name of slot
+     * @param string $slotName name of slot
+     * @return bool
+     *
+     * This function makes it very easy to connect to use hooks.
+     *
+     * TODO: write example
+     */
+    static public function connect($signalClass, $signalName, $slotClass, $slotName ) {
+        // If we're trying to connect to an emitting class that isn't
+        // yet registered, register it
+        if( !array_key_exists($signalClass, self::$registered )) {
+            self::$registered[$signalClass] = [];
+        }
+        // If we're trying to connect to an emitting method that isn't
+        // yet registered, register it with the emitting class
+        if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
+            self::$registered[$signalClass][$signalName] = [];
+        }
 
-		// don't connect hooks twice
-		foreach (self::$registered[$signalClass][$signalName] as $hook) {
-			if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
-				return false;
-			}
-		}
-		// Connect the hook handler to the requested emitter
-		self::$registered[$signalClass][$signalName][] = [
-			"class" => $slotClass,
-			"name" => $slotName
-		];
+        // don't connect hooks twice
+        foreach (self::$registered[$signalClass][$signalName] as $hook) {
+            if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
+                return false;
+            }
+        }
+        // Connect the hook handler to the requested emitter
+        self::$registered[$signalClass][$signalName][] = [
+            "class" => $slotClass,
+            "name" => $slotName
+        ];
 
-		// No chance for failure ;-)
-		return true;
-	}
+        // No chance for failure ;-)
+        return true;
+    }
 
-	/**
-	 * emits a signal
-	 *
-	 * @param string $signalClass class name of emitter
-	 * @param string $signalName name of signal
-	 * @param mixed $params default: array() array with additional data
-	 * @return bool true if slots exists or false if not
-	 * @throws \OC\HintException
-	 * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
-	 *
-	 * TODO: write example
-	 */
-	static public function emit($signalClass, $signalName, $params = []) {
+    /**
+     * emits a signal
+     *
+     * @param string $signalClass class name of emitter
+     * @param string $signalName name of signal
+     * @param mixed $params default: array() array with additional data
+     * @return bool true if slots exists or false if not
+     * @throws \OC\HintException
+     * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
+     *
+     * TODO: write example
+     */
+    static public function emit($signalClass, $signalName, $params = []) {
 
-		// Return false if no hook handlers are listening to this
-		// emitting class
-		if( !array_key_exists($signalClass, self::$registered )) {
-			return false;
-		}
+        // Return false if no hook handlers are listening to this
+        // emitting class
+        if( !array_key_exists($signalClass, self::$registered )) {
+            return false;
+        }
 
-		// Return false if no hook handlers are listening to this
-		// emitting method
-		if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
-			return false;
-		}
+        // Return false if no hook handlers are listening to this
+        // emitting method
+        if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
+            return false;
+        }
 
-		// Call all slots
-		foreach( self::$registered[$signalClass][$signalName] as $i ) {
-			try {
-				call_user_func( [ $i["class"], $i["name"] ], $params );
-			} catch (Exception $e){
-				self::$thrownExceptions[] = $e;
-				\OC::$server->getLogger()->logException($e);
-				if($e instanceof \OC\HintException) {
-					throw $e;
-				}
-				if($e instanceof \OC\ServerNotAvailableException) {
-					throw $e;
-				}
-			}
-		}
+        // Call all slots
+        foreach( self::$registered[$signalClass][$signalName] as $i ) {
+            try {
+                call_user_func( [ $i["class"], $i["name"] ], $params );
+            } catch (Exception $e){
+                self::$thrownExceptions[] = $e;
+                \OC::$server->getLogger()->logException($e);
+                if($e instanceof \OC\HintException) {
+                    throw $e;
+                }
+                if($e instanceof \OC\ServerNotAvailableException) {
+                    throw $e;
+                }
+            }
+        }
 
-		return true;
-	}
+        return true;
+    }
 
-	/**
-	 * clear hooks
-	 * @param string $signalClass
-	 * @param string $signalName
-	 */
-	static public function clear($signalClass='', $signalName='') {
-		if ($signalClass) {
-			if ($signalName) {
-				self::$registered[$signalClass][$signalName]=[];
-			}else{
-				self::$registered[$signalClass]=[];
-			}
-		}else{
-			self::$registered=[];
-		}
-	}
+    /**
+     * clear hooks
+     * @param string $signalClass
+     * @param string $signalName
+     */
+    static public function clear($signalClass='', $signalName='') {
+        if ($signalClass) {
+            if ($signalName) {
+                self::$registered[$signalClass][$signalName]=[];
+            }else{
+                self::$registered[$signalClass]=[];
+            }
+        }else{
+            self::$registered=[];
+        }
+    }
 
-	/**
-	 * DO NOT USE!
-	 * For unit tests ONLY!
-	 */
-	static public function getHooks() {
-		return self::$registered;
-	}
+    /**
+     * DO NOT USE!
+     * For unit tests ONLY!
+     */
+    static public function getHooks() {
+        return self::$registered;
+    }
 }

Please login to merge, or discard this patch.

apps/user_ldap/lib/Connection.php 2 patches

Indentation +616 added lines, -616 removed lines patch added patch discarded remove patch

@@ -69,621 +69,621 @@
 block discarded – undo
  * @property string ldapGroupDisplayName
  */
 class Connection extends LDAPUtility {
-	private $ldapConnectionRes = null;
-	private $configPrefix;
-	private $configID;
-	private $configured = false;
-	//whether connection should be kept on __destruct
-	private $dontDestruct = false;
-
-	/**
-	 * @var bool runtime flag that indicates whether supported primary groups are available
-	 */
-	public $hasPrimaryGroups = true;
-
-	/**
-	 * @var bool runtime flag that indicates whether supported POSIX gidNumber are available
-	 */
-	public $hasGidNumber = true;
-
-	//cache handler
-	protected $cache;
-
-	/** @var Configuration settings handler **/
-	protected $configuration;
-
-	protected $doNotValidate = false;
-
-	protected $ignoreValidation = false;
-
-	protected $bindResult = [];
-
-	/**
-	 * Constructor
-	 * @param ILDAPWrapper $ldap
-	 * @param string $configPrefix a string with the prefix for the configkey column (appconfig table)
-	 * @param string|null $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections
-	 */
-	public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap') {
-		parent::__construct($ldap);
-		$this->configPrefix = $configPrefix;
-		$this->configID = $configID;
-		$this->configuration = new Configuration($configPrefix,
-												 !is_null($configID));
-		$memcache = \OC::$server->getMemCacheFactory();
-		if($memcache->isAvailable()) {
-			$this->cache = $memcache->createDistributed();
-		}
-		$helper = new Helper(\OC::$server->getConfig());
-		$this->doNotValidate = !in_array($this->configPrefix,
-			$helper->getServerConfigurationPrefixes());
-	}
-
-	public function __destruct() {
-		if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
-			@$this->ldap->unbind($this->ldapConnectionRes);
-			$this->bindResult = [];
-		}
-	}
-
-	/**
-	 * defines behaviour when the instance is cloned
-	 */
-	public function __clone() {
-		$this->configuration = new Configuration($this->configPrefix,
-												 !is_null($this->configID));
-		if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
-			$this->bindResult = [];
-		}
-		$this->ldapConnectionRes = null;
-		$this->dontDestruct = true;
-	}
-
-	/**
-	 * @param string $name
-	 * @return bool|mixed
-	 */
-	public function __get($name) {
-		if(!$this->configured) {
-			$this->readConfiguration();
-		}
-
-		return $this->configuration->$name;
-	}
-
-	/**
-	 * @param string $name
-	 * @param mixed $value
-	 */
-	public function __set($name, $value) {
-		$this->doNotValidate = false;
-		$before = $this->configuration->$name;
-		$this->configuration->$name = $value;
-		$after = $this->configuration->$name;
-		if($before !== $after) {
-			if ($this->configID !== '' && $this->configID !== null) {
-				$this->configuration->saveConfiguration();
-			}
-			$this->validateConfiguration();
-		}
-	}
-
-	/**
-	 * @param string $rule
-	 * @return array
-	 * @throws \RuntimeException
-	 */
-	public function resolveRule($rule) {
-		return $this->configuration->resolveRule($rule);
-	}
-
-	/**
-	 * sets whether the result of the configuration validation shall
-	 * be ignored when establishing the connection. Used by the Wizard
-	 * in early configuration state.
-	 * @param bool $state
-	 */
-	public function setIgnoreValidation($state) {
-		$this->ignoreValidation = (bool)$state;
-	}
-
-	/**
-	 * initializes the LDAP backend
-	 * @param bool $force read the config settings no matter what
-	 */
-	public function init($force = false) {
-		$this->readConfiguration($force);
-		$this->establishConnection();
-	}
-
-	/**
-	 * Returns the LDAP handler
-	 */
-	public function getConnectionResource() {
-		if(!$this->ldapConnectionRes) {
-			$this->init();
-		} else if(!$this->ldap->isResource($this->ldapConnectionRes)) {
-			$this->ldapConnectionRes = null;
-			$this->establishConnection();
-		}
-		if(is_null($this->ldapConnectionRes)) {
-			\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
-			throw new ServerNotAvailableException('Connection to LDAP server could not be established');
-		}
-		return $this->ldapConnectionRes;
-	}
-
-	/**
-	 * resets the connection resource
-	 */
-	public function resetConnectionResource() {
-		if(!is_null($this->ldapConnectionRes)) {
-			@$this->ldap->unbind($this->ldapConnectionRes);
-			$this->ldapConnectionRes = null;
-			$this->bindResult = [];
-		}
-	}
-
-	/**
-	 * @param string|null $key
-	 * @return string
-	 */
-	private function getCacheKey($key) {
-		$prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-';
-		if(is_null($key)) {
-			return $prefix;
-		}
-		return $prefix.hash('sha256', $key);
-	}
-
-	/**
-	 * @param string $key
-	 * @return mixed|null
-	 */
-	public function getFromCache($key) {
-		if(!$this->configured) {
-			$this->readConfiguration();
-		}
-		if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
-			return null;
-		}
-		$key = $this->getCacheKey($key);
-
-		return json_decode(base64_decode($this->cache->get($key)), true);
-	}
-
-	/**
-	 * @param string $key
-	 * @param mixed $value
-	 *
-	 * @return string
-	 */
-	public function writeToCache($key, $value) {
-		if(!$this->configured) {
-			$this->readConfiguration();
-		}
-		if(is_null($this->cache)
-			|| !$this->configuration->ldapCacheTTL
-			|| !$this->configuration->ldapConfigurationActive) {
-			return null;
-		}
-		$key   = $this->getCacheKey($key);
-		$value = base64_encode(json_encode($value));
-		$this->cache->set($key, $value, $this->configuration->ldapCacheTTL);
-	}
-
-	public function clearCache() {
-		if(!is_null($this->cache)) {
-			$this->cache->clear($this->getCacheKey(null));
-		}
-	}
-
-	/**
-	 * Caches the general LDAP configuration.
-	 * @param bool $force optional. true, if the re-read should be forced. defaults
-	 * to false.
-	 * @return null
-	 */
-	private function readConfiguration($force = false) {
-		if((!$this->configured || $force) && !is_null($this->configID)) {
-			$this->configuration->readConfiguration();
-			$this->configured = $this->validateConfiguration();
-		}
-	}
-
-	/**
-	 * set LDAP configuration with values delivered by an array, not read from configuration
-	 * @param array $config array that holds the config parameters in an associated array
-	 * @param array &$setParameters optional; array where the set fields will be given to
-	 * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters
-	 */
-	public function setConfiguration($config, &$setParameters = null) {
-		if(is_null($setParameters)) {
-			$setParameters = [];
-		}
-		$this->doNotValidate = false;
-		$this->configuration->setConfiguration($config, $setParameters);
-		if(count($setParameters) > 0) {
-			$this->configured = $this->validateConfiguration();
-		}
-
-
-		return $this->configured;
-	}
-
-	/**
-	 * saves the current Configuration in the database and empties the
-	 * cache
-	 * @return null
-	 */
-	public function saveConfiguration() {
-		$this->configuration->saveConfiguration();
-		$this->clearCache();
-	}
-
-	/**
-	 * get the current LDAP configuration
-	 * @return array
-	 */
-	public function getConfiguration() {
-		$this->readConfiguration();
-		$config = $this->configuration->getConfiguration();
-		$cta = $this->configuration->getConfigTranslationArray();
-		$result = [];
-		foreach($cta as $dbkey => $configkey) {
-			switch($configkey) {
-				case 'homeFolderNamingRule':
-					if(strpos($config[$configkey], 'attr:') === 0) {
-						$result[$dbkey] = substr($config[$configkey], 5);
-					} else {
-						$result[$dbkey] = '';
-					}
-					break;
-				case 'ldapBase':
-				case 'ldapBaseUsers':
-				case 'ldapBaseGroups':
-				case 'ldapAttributesForUserSearch':
-				case 'ldapAttributesForGroupSearch':
-					if(is_array($config[$configkey])) {
-						$result[$dbkey] = implode("\n", $config[$configkey]);
-						break;
-					} //else follows default
-				default:
-					$result[$dbkey] = $config[$configkey];
-			}
-		}
-		return $result;
-	}
-
-	private function doSoftValidation() {
-		//if User or Group Base are not set, take over Base DN setting
-		foreach(['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
-			$val = $this->configuration->$keyBase;
-			if(empty($val)) {
-				$this->configuration->$keyBase = $this->configuration->ldapBase;
-			}
-		}
-
-		foreach(['ldapExpertUUIDUserAttr'  => 'ldapUuidUserAttribute',
-			'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute']
-				as $expertSetting => $effectiveSetting) {
-			$uuidOverride = $this->configuration->$expertSetting;
-			if(!empty($uuidOverride)) {
-				$this->configuration->$effectiveSetting = $uuidOverride;
-			} else {
-				$uuidAttributes = Access::UUID_ATTRIBUTES;
-				array_unshift($uuidAttributes, 'auto');
-				if(!in_array($this->configuration->$effectiveSetting,
-							$uuidAttributes)
-					&& (!is_null($this->configID))) {
-					$this->configuration->$effectiveSetting = 'auto';
-					$this->configuration->saveConfiguration();
-					\OCP\Util::writeLog('user_ldap',
-										'Illegal value for the '.
-										$effectiveSetting.', '.'reset to '.
-										'autodetect.', ILogger::INFO);
-				}
-
-			}
-		}
-
-		$backupPort = (int)$this->configuration->ldapBackupPort;
-		if ($backupPort <= 0) {
-			$this->configuration->backupPort = $this->configuration->ldapPort;
-		}
-
-		//make sure empty search attributes are saved as simple, empty array
-		$saKeys = ['ldapAttributesForUserSearch',
-			'ldapAttributesForGroupSearch'];
-		foreach($saKeys as $key) {
-			$val = $this->configuration->$key;
-			if(is_array($val) && count($val) === 1 && empty($val[0])) {
-				$this->configuration->$key = [];
-			}
-		}
-
-		if((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
-			&& $this->configuration->ldapTLS) {
-			$this->configuration->ldapTLS = false;
-			\OCP\Util::writeLog(
-				'user_ldap',
-				'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.',
-				ILogger::INFO
-			);
-		}
-	}
-
-	/**
-	 * @return bool
-	 */
-	private function doCriticalValidation() {
-		$configurationOK = true;
-		$errorStr = 'Configuration Error (prefix '.
-			(string)$this->configPrefix .'): ';
-
-		//options that shall not be empty
-		$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
-			'ldapGroupDisplayName', 'ldapLoginFilter'];
-		foreach($options as $key) {
-			$val = $this->configuration->$key;
-			if(empty($val)) {
-				switch($key) {
-					case 'ldapHost':
-						$subj = 'LDAP Host';
-						break;
-					case 'ldapPort':
-						$subj = 'LDAP Port';
-						break;
-					case 'ldapUserDisplayName':
-						$subj = 'LDAP User Display Name';
-						break;
-					case 'ldapGroupDisplayName':
-						$subj = 'LDAP Group Display Name';
-						break;
-					case 'ldapLoginFilter':
-						$subj = 'LDAP Login Filter';
-						break;
-					default:
-						$subj = $key;
-						break;
-				}
-				$configurationOK = false;
-				\OCP\Util::writeLog(
-					'user_ldap',
-					$errorStr.'No '.$subj.' given!',
-					ILogger::WARN
-				);
-			}
-		}
-
-		//combinations
-		$agent = $this->configuration->ldapAgentName;
-		$pwd = $this->configuration->ldapAgentPassword;
-		if (
-			($agent === ''  && $pwd !== '')
-			|| ($agent !== '' && $pwd === '')
-		) {
-			\OCP\Util::writeLog(
-				'user_ldap',
-				$errorStr.'either no password is given for the user ' .
-					'agent or a password is given, but not an LDAP agent.',
-				ILogger::WARN);
-			$configurationOK = false;
-		}
-
-		$base = $this->configuration->ldapBase;
-		$baseUsers = $this->configuration->ldapBaseUsers;
-		$baseGroups = $this->configuration->ldapBaseGroups;
-
-		if(empty($base) && empty($baseUsers) && empty($baseGroups)) {
-			\OCP\Util::writeLog(
-				'user_ldap',
-				$errorStr.'Not a single Base DN given.',
-				ILogger::WARN
-			);
-			$configurationOK = false;
-		}
-
-		if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
-		   === false) {
-			\OCP\Util::writeLog(
-				'user_ldap',
-				$errorStr.'login filter does not contain %uid place holder.',
-				ILogger::WARN
-			);
-			$configurationOK = false;
-		}
-
-		return $configurationOK;
-	}
-
-	/**
-	 * Validates the user specified configuration
-	 * @return bool true if configuration seems OK, false otherwise
-	 */
-	private function validateConfiguration() {
-
-		if($this->doNotValidate) {
-			//don't do a validation if it is a new configuration with pure
-			//default values. Will be allowed on changes via __set or
-			//setConfiguration
-			return false;
-		}
-
-		// first step: "soft" checks: settings that are not really
-		// necessary, but advisable. If left empty, give an info message
-		$this->doSoftValidation();
-
-		//second step: critical checks. If left empty or filled wrong, mark as
-		//not configured and give a warning.
-		return $this->doCriticalValidation();
-	}
-
-
-	/**
-	 * Connects and Binds to LDAP
-	 *
-	 * @throws ServerNotAvailableException
-	 */
-	private function establishConnection() {
-		if(!$this->configuration->ldapConfigurationActive) {
-			return null;
-		}
-		static $phpLDAPinstalled = true;
-		if(!$phpLDAPinstalled) {
-			return false;
-		}
-		if(!$this->ignoreValidation && !$this->configured) {
-			\OCP\Util::writeLog(
-				'user_ldap',
-				'Configuration is invalid, cannot connect',
-				ILogger::WARN
-			);
-			return false;
-		}
-		if(!$this->ldapConnectionRes) {
-			if(!$this->ldap->areLDAPFunctionsAvailable()) {
-				$phpLDAPinstalled = false;
-				\OCP\Util::writeLog(
-					'user_ldap',
-					'function ldap_connect is not available. Make sure that the PHP ldap module is installed.',
-					ILogger::ERROR
-				);
-
-				return false;
-			}
-			if($this->configuration->turnOffCertCheck) {
-				if(putenv('LDAPTLS_REQCERT=never')) {
-					\OCP\Util::writeLog('user_ldap',
-						'Turned off SSL certificate validation successfully.',
-						ILogger::DEBUG);
-				} else {
-					\OCP\Util::writeLog(
-						'user_ldap',
-						'Could not turn off SSL certificate validation.',
-						ILogger::WARN
-					);
-				}
-			}
-
-			$isOverrideMainServer = ($this->configuration->ldapOverrideMainServer
-				|| $this->getFromCache('overrideMainServer'));
-			$isBackupHost = (trim($this->configuration->ldapBackupHost) !== "");
-			$bindStatus = false;
-			try {
-				if (!$isOverrideMainServer) {
-					$this->doConnect($this->configuration->ldapHost,
-						$this->configuration->ldapPort);
-					return $this->bind();
-				}
-			} catch (ServerNotAvailableException $e) {
-				if(!$isBackupHost) {
-					throw $e;
-				}
-			}
-
-			//if LDAP server is not reachable, try the Backup (Replica!) Server
-			if($isBackupHost || $isOverrideMainServer) {
-				$this->doConnect($this->configuration->ldapBackupHost,
-								 $this->configuration->ldapBackupPort);
-				$this->bindResult = [];
-				$bindStatus = $this->bind();
-				$error = $this->ldap->isResource($this->ldapConnectionRes) ?
-					$this->ldap->errno($this->ldapConnectionRes) : -1;
-				if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
-					//when bind to backup server succeeded and failed to main server,
-					//skip contacting him until next cache refresh
-					$this->writeToCache('overrideMainServer', true);
-				}
-			}
-
-			return $bindStatus;
-		}
-		return null;
-	}
-
-	/**
-	 * @param string $host
-	 * @param string $port
-	 * @return bool
-	 * @throws \OC\ServerNotAvailableException
-	 */
-	private function doConnect($host, $port) {
-		if ($host === '') {
-			return false;
-		}
-
-		$this->ldapConnectionRes = $this->ldap->connect($host, $port);
-
-		if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
-			throw new ServerNotAvailableException('Could not set required LDAP Protocol version.');
-		}
-
-		if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
-			throw new ServerNotAvailableException('Could not disable LDAP referrals.');
-		}
-
-		if($this->configuration->ldapTLS) {
-			if(!$this->ldap->startTls($this->ldapConnectionRes)) {
-				throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
-			}
-		}
-
-		return true;
-	}
-
-	/**
-	 * Binds to LDAP
-	 */
-	public function bind() {
-		if(!$this->configuration->ldapConfigurationActive) {
-			return false;
-		}
-		$cr = $this->ldapConnectionRes;
-		if(!$this->ldap->isResource($cr)) {
-			$cr = $this->getConnectionResource();
-		}
-
-		if(
-			count($this->bindResult) !== 0
-			&& $this->bindResult['dn'] === $this->configuration->ldapAgentName
-			&& \OC::$server->getHasher()->verify(
-				$this->configPrefix . $this->configuration->ldapAgentPassword,
-				$this->bindResult['hash']
-			)
-		) {
-			// don't attempt to bind again with the same data as before
-			// bind might have been invoked via getConnectionResource(),
-			// but we need results specifically for e.g. user login
-			return $this->bindResult['result'];
-		}
-
-		$ldapLogin = @$this->ldap->bind($cr,
-										$this->configuration->ldapAgentName,
-										$this->configuration->ldapAgentPassword);
-
-		$this->bindResult = [
-			'dn' => $this->configuration->ldapAgentName,
-			'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword),
-			'result' => $ldapLogin,
-		];
-
-		if(!$ldapLogin) {
-			$errno = $this->ldap->errno($cr);
-
-			\OCP\Util::writeLog('user_ldap',
-				'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
-				ILogger::WARN);
-
-			// Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS
-			// or (needed for Apple Open Directory:) LDAP_INSUFFICIENT_ACCESS
-			if($errno !== 0 && $errno !== 49 && $errno !== 50) {
-				$this->ldapConnectionRes = null;
-			}
-
-			return false;
-		}
-		return true;
-	}
+    private $ldapConnectionRes = null;
+    private $configPrefix;
+    private $configID;
+    private $configured = false;
+    //whether connection should be kept on __destruct
+    private $dontDestruct = false;
+
+    /**
+     * @var bool runtime flag that indicates whether supported primary groups are available
+     */
+    public $hasPrimaryGroups = true;
+
+    /**
+     * @var bool runtime flag that indicates whether supported POSIX gidNumber are available
+     */
+    public $hasGidNumber = true;
+
+    //cache handler
+    protected $cache;
+
+    /** @var Configuration settings handler **/
+    protected $configuration;
+
+    protected $doNotValidate = false;
+
+    protected $ignoreValidation = false;
+
+    protected $bindResult = [];
+
+    /**
+     * Constructor
+     * @param ILDAPWrapper $ldap
+     * @param string $configPrefix a string with the prefix for the configkey column (appconfig table)
+     * @param string|null $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections
+     */
+    public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap') {
+        parent::__construct($ldap);
+        $this->configPrefix = $configPrefix;
+        $this->configID = $configID;
+        $this->configuration = new Configuration($configPrefix,
+                                                    !is_null($configID));
+        $memcache = \OC::$server->getMemCacheFactory();
+        if($memcache->isAvailable()) {
+            $this->cache = $memcache->createDistributed();
+        }
+        $helper = new Helper(\OC::$server->getConfig());
+        $this->doNotValidate = !in_array($this->configPrefix,
+            $helper->getServerConfigurationPrefixes());
+    }
+
+    public function __destruct() {
+        if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
+            @$this->ldap->unbind($this->ldapConnectionRes);
+            $this->bindResult = [];
+        }
+    }
+
+    /**
+     * defines behaviour when the instance is cloned
+     */
+    public function __clone() {
+        $this->configuration = new Configuration($this->configPrefix,
+                                                    !is_null($this->configID));
+        if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
+            $this->bindResult = [];
+        }
+        $this->ldapConnectionRes = null;
+        $this->dontDestruct = true;
+    }
+
+    /**
+     * @param string $name
+     * @return bool|mixed
+     */
+    public function __get($name) {
+        if(!$this->configured) {
+            $this->readConfiguration();
+        }
+
+        return $this->configuration->$name;
+    }
+
+    /**
+     * @param string $name
+     * @param mixed $value
+     */
+    public function __set($name, $value) {
+        $this->doNotValidate = false;
+        $before = $this->configuration->$name;
+        $this->configuration->$name = $value;
+        $after = $this->configuration->$name;
+        if($before !== $after) {
+            if ($this->configID !== '' && $this->configID !== null) {
+                $this->configuration->saveConfiguration();
+            }
+            $this->validateConfiguration();
+        }
+    }
+
+    /**
+     * @param string $rule
+     * @return array
+     * @throws \RuntimeException
+     */
+    public function resolveRule($rule) {
+        return $this->configuration->resolveRule($rule);
+    }
+
+    /**
+     * sets whether the result of the configuration validation shall
+     * be ignored when establishing the connection. Used by the Wizard
+     * in early configuration state.
+     * @param bool $state
+     */
+    public function setIgnoreValidation($state) {
+        $this->ignoreValidation = (bool)$state;
+    }
+
+    /**
+     * initializes the LDAP backend
+     * @param bool $force read the config settings no matter what
+     */
+    public function init($force = false) {
+        $this->readConfiguration($force);
+        $this->establishConnection();
+    }
+
+    /**
+     * Returns the LDAP handler
+     */
+    public function getConnectionResource() {
+        if(!$this->ldapConnectionRes) {
+            $this->init();
+        } else if(!$this->ldap->isResource($this->ldapConnectionRes)) {
+            $this->ldapConnectionRes = null;
+            $this->establishConnection();
+        }
+        if(is_null($this->ldapConnectionRes)) {
+            \OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
+            throw new ServerNotAvailableException('Connection to LDAP server could not be established');
+        }
+        return $this->ldapConnectionRes;
+    }
+
+    /**
+     * resets the connection resource
+     */
+    public function resetConnectionResource() {
+        if(!is_null($this->ldapConnectionRes)) {
+            @$this->ldap->unbind($this->ldapConnectionRes);
+            $this->ldapConnectionRes = null;
+            $this->bindResult = [];
+        }
+    }
+
+    /**
+     * @param string|null $key
+     * @return string
+     */
+    private function getCacheKey($key) {
+        $prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-';
+        if(is_null($key)) {
+            return $prefix;
+        }
+        return $prefix.hash('sha256', $key);
+    }
+
+    /**
+     * @param string $key
+     * @return mixed|null
+     */
+    public function getFromCache($key) {
+        if(!$this->configured) {
+            $this->readConfiguration();
+        }
+        if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
+            return null;
+        }
+        $key = $this->getCacheKey($key);
+
+        return json_decode(base64_decode($this->cache->get($key)), true);
+    }
+
+    /**
+     * @param string $key
+     * @param mixed $value
+     *
+     * @return string
+     */
+    public function writeToCache($key, $value) {
+        if(!$this->configured) {
+            $this->readConfiguration();
+        }
+        if(is_null($this->cache)
+            || !$this->configuration->ldapCacheTTL
+            || !$this->configuration->ldapConfigurationActive) {
+            return null;
+        }
+        $key   = $this->getCacheKey($key);
+        $value = base64_encode(json_encode($value));
+        $this->cache->set($key, $value, $this->configuration->ldapCacheTTL);
+    }
+
+    public function clearCache() {
+        if(!is_null($this->cache)) {
+            $this->cache->clear($this->getCacheKey(null));
+        }
+    }
+
+    /**
+     * Caches the general LDAP configuration.
+     * @param bool $force optional. true, if the re-read should be forced. defaults
+     * to false.
+     * @return null
+     */
+    private function readConfiguration($force = false) {
+        if((!$this->configured || $force) && !is_null($this->configID)) {
+            $this->configuration->readConfiguration();
+            $this->configured = $this->validateConfiguration();
+        }
+    }
+
+    /**
+     * set LDAP configuration with values delivered by an array, not read from configuration
+     * @param array $config array that holds the config parameters in an associated array
+     * @param array &$setParameters optional; array where the set fields will be given to
+     * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters
+     */
+    public function setConfiguration($config, &$setParameters = null) {
+        if(is_null($setParameters)) {
+            $setParameters = [];
+        }
+        $this->doNotValidate = false;
+        $this->configuration->setConfiguration($config, $setParameters);
+        if(count($setParameters) > 0) {
+            $this->configured = $this->validateConfiguration();
+        }
+
+
+        return $this->configured;
+    }
+
+    /**
+     * saves the current Configuration in the database and empties the
+     * cache
+     * @return null
+     */
+    public function saveConfiguration() {
+        $this->configuration->saveConfiguration();
+        $this->clearCache();
+    }
+
+    /**
+     * get the current LDAP configuration
+     * @return array
+     */
+    public function getConfiguration() {
+        $this->readConfiguration();
+        $config = $this->configuration->getConfiguration();
+        $cta = $this->configuration->getConfigTranslationArray();
+        $result = [];
+        foreach($cta as $dbkey => $configkey) {
+            switch($configkey) {
+                case 'homeFolderNamingRule':
+                    if(strpos($config[$configkey], 'attr:') === 0) {
+                        $result[$dbkey] = substr($config[$configkey], 5);
+                    } else {
+                        $result[$dbkey] = '';
+                    }
+                    break;
+                case 'ldapBase':
+                case 'ldapBaseUsers':
+                case 'ldapBaseGroups':
+                case 'ldapAttributesForUserSearch':
+                case 'ldapAttributesForGroupSearch':
+                    if(is_array($config[$configkey])) {
+                        $result[$dbkey] = implode("\n", $config[$configkey]);
+                        break;
+                    } //else follows default
+                default:
+                    $result[$dbkey] = $config[$configkey];
+            }
+        }
+        return $result;
+    }
+
+    private function doSoftValidation() {
+        //if User or Group Base are not set, take over Base DN setting
+        foreach(['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
+            $val = $this->configuration->$keyBase;
+            if(empty($val)) {
+                $this->configuration->$keyBase = $this->configuration->ldapBase;
+            }
+        }
+
+        foreach(['ldapExpertUUIDUserAttr'  => 'ldapUuidUserAttribute',
+            'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute']
+                as $expertSetting => $effectiveSetting) {
+            $uuidOverride = $this->configuration->$expertSetting;
+            if(!empty($uuidOverride)) {
+                $this->configuration->$effectiveSetting = $uuidOverride;
+            } else {
+                $uuidAttributes = Access::UUID_ATTRIBUTES;
+                array_unshift($uuidAttributes, 'auto');
+                if(!in_array($this->configuration->$effectiveSetting,
+                            $uuidAttributes)
+                    && (!is_null($this->configID))) {
+                    $this->configuration->$effectiveSetting = 'auto';
+                    $this->configuration->saveConfiguration();
+                    \OCP\Util::writeLog('user_ldap',
+                                        'Illegal value for the '.
+                                        $effectiveSetting.', '.'reset to '.
+                                        'autodetect.', ILogger::INFO);
+                }
+
+            }
+        }
+
+        $backupPort = (int)$this->configuration->ldapBackupPort;
+        if ($backupPort <= 0) {
+            $this->configuration->backupPort = $this->configuration->ldapPort;
+        }
+
+        //make sure empty search attributes are saved as simple, empty array
+        $saKeys = ['ldapAttributesForUserSearch',
+            'ldapAttributesForGroupSearch'];
+        foreach($saKeys as $key) {
+            $val = $this->configuration->$key;
+            if(is_array($val) && count($val) === 1 && empty($val[0])) {
+                $this->configuration->$key = [];
+            }
+        }
+
+        if((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
+            && $this->configuration->ldapTLS) {
+            $this->configuration->ldapTLS = false;
+            \OCP\Util::writeLog(
+                'user_ldap',
+                'LDAPS (already using secure connection) and TLS do not work together. Switched off TLS.',
+                ILogger::INFO
+            );
+        }
+    }
+
+    /**
+     * @return bool
+     */
+    private function doCriticalValidation() {
+        $configurationOK = true;
+        $errorStr = 'Configuration Error (prefix '.
+            (string)$this->configPrefix .'): ';
+
+        //options that shall not be empty
+        $options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
+            'ldapGroupDisplayName', 'ldapLoginFilter'];
+        foreach($options as $key) {
+            $val = $this->configuration->$key;
+            if(empty($val)) {
+                switch($key) {
+                    case 'ldapHost':
+                        $subj = 'LDAP Host';
+                        break;
+                    case 'ldapPort':
+                        $subj = 'LDAP Port';
+                        break;
+                    case 'ldapUserDisplayName':
+                        $subj = 'LDAP User Display Name';
+                        break;
+                    case 'ldapGroupDisplayName':
+                        $subj = 'LDAP Group Display Name';
+                        break;
+                    case 'ldapLoginFilter':
+                        $subj = 'LDAP Login Filter';
+                        break;
+                    default:
+                        $subj = $key;
+                        break;
+                }
+                $configurationOK = false;
+                \OCP\Util::writeLog(
+                    'user_ldap',
+                    $errorStr.'No '.$subj.' given!',
+                    ILogger::WARN
+                );
+            }
+        }
+
+        //combinations
+        $agent = $this->configuration->ldapAgentName;
+        $pwd = $this->configuration->ldapAgentPassword;
+        if (
+            ($agent === ''  && $pwd !== '')
+            || ($agent !== '' && $pwd === '')
+        ) {
+            \OCP\Util::writeLog(
+                'user_ldap',
+                $errorStr.'either no password is given for the user ' .
+                    'agent or a password is given, but not an LDAP agent.',
+                ILogger::WARN);
+            $configurationOK = false;
+        }
+
+        $base = $this->configuration->ldapBase;
+        $baseUsers = $this->configuration->ldapBaseUsers;
+        $baseGroups = $this->configuration->ldapBaseGroups;
+
+        if(empty($base) && empty($baseUsers) && empty($baseGroups)) {
+            \OCP\Util::writeLog(
+                'user_ldap',
+                $errorStr.'Not a single Base DN given.',
+                ILogger::WARN
+            );
+            $configurationOK = false;
+        }
+
+        if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
+            === false) {
+            \OCP\Util::writeLog(
+                'user_ldap',
+                $errorStr.'login filter does not contain %uid place holder.',
+                ILogger::WARN
+            );
+            $configurationOK = false;
+        }
+
+        return $configurationOK;
+    }
+
+    /**
+     * Validates the user specified configuration
+     * @return bool true if configuration seems OK, false otherwise
+     */
+    private function validateConfiguration() {
+
+        if($this->doNotValidate) {
+            //don't do a validation if it is a new configuration with pure
+            //default values. Will be allowed on changes via __set or
+            //setConfiguration
+            return false;
+        }
+
+        // first step: "soft" checks: settings that are not really
+        // necessary, but advisable. If left empty, give an info message
+        $this->doSoftValidation();
+
+        //second step: critical checks. If left empty or filled wrong, mark as
+        //not configured and give a warning.
+        return $this->doCriticalValidation();
+    }
+
+
+    /**
+     * Connects and Binds to LDAP
+     *
+     * @throws ServerNotAvailableException
+     */
+    private function establishConnection() {
+        if(!$this->configuration->ldapConfigurationActive) {
+            return null;
+        }
+        static $phpLDAPinstalled = true;
+        if(!$phpLDAPinstalled) {
+            return false;
+        }
+        if(!$this->ignoreValidation && !$this->configured) {
+            \OCP\Util::writeLog(
+                'user_ldap',
+                'Configuration is invalid, cannot connect',
+                ILogger::WARN
+            );
+            return false;
+        }
+        if(!$this->ldapConnectionRes) {
+            if(!$this->ldap->areLDAPFunctionsAvailable()) {
+                $phpLDAPinstalled = false;
+                \OCP\Util::writeLog(
+                    'user_ldap',
+                    'function ldap_connect is not available. Make sure that the PHP ldap module is installed.',
+                    ILogger::ERROR
+                );
+
+                return false;
+            }
+            if($this->configuration->turnOffCertCheck) {
+                if(putenv('LDAPTLS_REQCERT=never')) {
+                    \OCP\Util::writeLog('user_ldap',
+                        'Turned off SSL certificate validation successfully.',
+                        ILogger::DEBUG);
+                } else {
+                    \OCP\Util::writeLog(
+                        'user_ldap',
+                        'Could not turn off SSL certificate validation.',
+                        ILogger::WARN
+                    );
+                }
+            }
+
+            $isOverrideMainServer = ($this->configuration->ldapOverrideMainServer
+                || $this->getFromCache('overrideMainServer'));
+            $isBackupHost = (trim($this->configuration->ldapBackupHost) !== "");
+            $bindStatus = false;
+            try {
+                if (!$isOverrideMainServer) {
+                    $this->doConnect($this->configuration->ldapHost,
+                        $this->configuration->ldapPort);
+                    return $this->bind();
+                }
+            } catch (ServerNotAvailableException $e) {
+                if(!$isBackupHost) {
+                    throw $e;
+                }
+            }
+
+            //if LDAP server is not reachable, try the Backup (Replica!) Server
+            if($isBackupHost || $isOverrideMainServer) {
+                $this->doConnect($this->configuration->ldapBackupHost,
+                                    $this->configuration->ldapBackupPort);
+                $this->bindResult = [];
+                $bindStatus = $this->bind();
+                $error = $this->ldap->isResource($this->ldapConnectionRes) ?
+                    $this->ldap->errno($this->ldapConnectionRes) : -1;
+                if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
+                    //when bind to backup server succeeded and failed to main server,
+                    //skip contacting him until next cache refresh
+                    $this->writeToCache('overrideMainServer', true);
+                }
+            }
+
+            return $bindStatus;
+        }
+        return null;
+    }
+
+    /**
+     * @param string $host
+     * @param string $port
+     * @return bool
+     * @throws \OC\ServerNotAvailableException
+     */
+    private function doConnect($host, $port) {
+        if ($host === '') {
+            return false;
+        }
+
+        $this->ldapConnectionRes = $this->ldap->connect($host, $port);
+
+        if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+            throw new ServerNotAvailableException('Could not set required LDAP Protocol version.');
+        }
+
+        if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+            throw new ServerNotAvailableException('Could not disable LDAP referrals.');
+        }
+
+        if($this->configuration->ldapTLS) {
+            if(!$this->ldap->startTls($this->ldapConnectionRes)) {
+                throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Binds to LDAP
+     */
+    public function bind() {
+        if(!$this->configuration->ldapConfigurationActive) {
+            return false;
+        }
+        $cr = $this->ldapConnectionRes;
+        if(!$this->ldap->isResource($cr)) {
+            $cr = $this->getConnectionResource();
+        }
+
+        if(
+            count($this->bindResult) !== 0
+            && $this->bindResult['dn'] === $this->configuration->ldapAgentName
+            && \OC::$server->getHasher()->verify(
+                $this->configPrefix . $this->configuration->ldapAgentPassword,
+                $this->bindResult['hash']
+            )
+        ) {
+            // don't attempt to bind again with the same data as before
+            // bind might have been invoked via getConnectionResource(),
+            // but we need results specifically for e.g. user login
+            return $this->bindResult['result'];
+        }
+
+        $ldapLogin = @$this->ldap->bind($cr,
+                                        $this->configuration->ldapAgentName,
+                                        $this->configuration->ldapAgentPassword);
+
+        $this->bindResult = [
+            'dn' => $this->configuration->ldapAgentName,
+            'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword),
+            'result' => $ldapLogin,
+        ];
+
+        if(!$ldapLogin) {
+            $errno = $this->ldap->errno($cr);
+
+            \OCP\Util::writeLog('user_ldap',
+                'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
+                ILogger::WARN);
+
+            // Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS
+            // or (needed for Apple Open Directory:) LDAP_INSUFFICIENT_ACCESS
+            if($errno !== 0 && $errno !== 49 && $errno !== 50) {
+                $this->ldapConnectionRes = null;
+            }
+
+            return false;
+        }
+        return true;
+    }
 
 }

Please login to merge, or discard this patch.

Spacing +65 added lines, -65 removed lines patch added patch discarded remove patch

@@ -111,7 +111,7 @@  discard block
 block discarded – undo
 		$this->configuration = new Configuration($configPrefix,
 												 !is_null($configID));
 		$memcache = \OC::$server->getMemCacheFactory();
-		if($memcache->isAvailable()) {
+		if ($memcache->isAvailable()) {
 			$this->cache = $memcache->createDistributed();
 		}
 		$helper = new Helper(\OC::$server->getConfig());
@@ -120,7 +120,7 @@  discard block
 block discarded – undo
 	}
 
 	public function __destruct() {
-		if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
+		if (!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
 			@$this->ldap->unbind($this->ldapConnectionRes);
 			$this->bindResult = [];
 		}
@@ -132,7 +132,7 @@  discard block
 block discarded – undo
 	public function __clone() {
 		$this->configuration = new Configuration($this->configPrefix,
 												 !is_null($this->configID));
-		if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
+		if (count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
 			$this->bindResult = [];
 		}
 		$this->ldapConnectionRes = null;
@@ -144,7 +144,7 @@  discard block
 block discarded – undo
 	 * @return bool|mixed
 	 */
 	public function __get($name) {
-		if(!$this->configured) {
+		if (!$this->configured) {
 			$this->readConfiguration();
 		}
 
@@ -160,7 +160,7 @@  discard block
 block discarded – undo
 		$before = $this->configuration->$name;
 		$this->configuration->$name = $value;
 		$after = $this->configuration->$name;
-		if($before !== $after) {
+		if ($before !== $after) {
 			if ($this->configID !== '' && $this->configID !== null) {
 				$this->configuration->saveConfiguration();
 			}
@@ -184,7 +184,7 @@  discard block
 block discarded – undo
 	 * @param bool $state
 	 */
 	public function setIgnoreValidation($state) {
-		$this->ignoreValidation = (bool)$state;
+		$this->ignoreValidation = (bool) $state;
 	}
 
 	/**
@@ -200,14 +200,14 @@  discard block
 block discarded – undo
 	 * Returns the LDAP handler
 	 */
 	public function getConnectionResource() {
-		if(!$this->ldapConnectionRes) {
+		if (!$this->ldapConnectionRes) {
 			$this->init();
-		} else if(!$this->ldap->isResource($this->ldapConnectionRes)) {
+		} else if (!$this->ldap->isResource($this->ldapConnectionRes)) {
 			$this->ldapConnectionRes = null;
 			$this->establishConnection();
 		}
-		if(is_null($this->ldapConnectionRes)) {
-			\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
+		if (is_null($this->ldapConnectionRes)) {
+			\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server '.$this->configuration->ldapHost, ILogger::ERROR);
 			throw new ServerNotAvailableException('Connection to LDAP server could not be established');
 		}
 		return $this->ldapConnectionRes;
@@ -217,7 +217,7 @@  discard block
 block discarded – undo
 	 * resets the connection resource
 	 */
 	public function resetConnectionResource() {
-		if(!is_null($this->ldapConnectionRes)) {
+		if (!is_null($this->ldapConnectionRes)) {
 			@$this->ldap->unbind($this->ldapConnectionRes);
 			$this->ldapConnectionRes = null;
 			$this->bindResult = [];
@@ -230,7 +230,7 @@  discard block
 block discarded – undo
 	 */
 	private function getCacheKey($key) {
 		$prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-';
-		if(is_null($key)) {
+		if (is_null($key)) {
 			return $prefix;
 		}
 		return $prefix.hash('sha256', $key);
@@ -241,10 +241,10 @@  discard block
 block discarded – undo
 	 * @return mixed|null
 	 */
 	public function getFromCache($key) {
-		if(!$this->configured) {
+		if (!$this->configured) {
 			$this->readConfiguration();
 		}
-		if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
+		if (is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
 			return null;
 		}
 		$key = $this->getCacheKey($key);
@@ -259,10 +259,10 @@  discard block
 block discarded – undo
 	 * @return string
 	 */
 	public function writeToCache($key, $value) {
-		if(!$this->configured) {
+		if (!$this->configured) {
 			$this->readConfiguration();
 		}
-		if(is_null($this->cache)
+		if (is_null($this->cache)
 			|| !$this->configuration->ldapCacheTTL
 			|| !$this->configuration->ldapConfigurationActive) {
 			return null;
@@ -273,7 +273,7 @@  discard block
 block discarded – undo
 	}
 
 	public function clearCache() {
-		if(!is_null($this->cache)) {
+		if (!is_null($this->cache)) {
 			$this->cache->clear($this->getCacheKey(null));
 		}
 	}
@@ -285,7 +285,7 @@  discard block
 block discarded – undo
 	 * @return null
 	 */
 	private function readConfiguration($force = false) {
-		if((!$this->configured || $force) && !is_null($this->configID)) {
+		if ((!$this->configured || $force) && !is_null($this->configID)) {
 			$this->configuration->readConfiguration();
 			$this->configured = $this->validateConfiguration();
 		}
@@ -298,12 +298,12 @@  discard block
 block discarded – undo
 	 * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters
 	 */
 	public function setConfiguration($config, &$setParameters = null) {
-		if(is_null($setParameters)) {
+		if (is_null($setParameters)) {
 			$setParameters = [];
 		}
 		$this->doNotValidate = false;
 		$this->configuration->setConfiguration($config, $setParameters);
-		if(count($setParameters) > 0) {
+		if (count($setParameters) > 0) {
 			$this->configured = $this->validateConfiguration();
 		}
 
@@ -330,10 +330,10 @@  discard block
 block discarded – undo
 		$config = $this->configuration->getConfiguration();
 		$cta = $this->configuration->getConfigTranslationArray();
 		$result = [];
-		foreach($cta as $dbkey => $configkey) {
-			switch($configkey) {
+		foreach ($cta as $dbkey => $configkey) {
+			switch ($configkey) {
 				case 'homeFolderNamingRule':
-					if(strpos($config[$configkey], 'attr:') === 0) {
+					if (strpos($config[$configkey], 'attr:') === 0) {
 						$result[$dbkey] = substr($config[$configkey], 5);
 					} else {
 						$result[$dbkey] = '';
@@ -344,7 +344,7 @@  discard block
 block discarded – undo
 				case 'ldapBaseGroups':
 				case 'ldapAttributesForUserSearch':
 				case 'ldapAttributesForGroupSearch':
-					if(is_array($config[$configkey])) {
+					if (is_array($config[$configkey])) {
 						$result[$dbkey] = implode("\n", $config[$configkey]);
 						break;
 					} //else follows default
@@ -357,23 +357,23 @@  discard block
 block discarded – undo
 
 	private function doSoftValidation() {
 		//if User or Group Base are not set, take over Base DN setting
-		foreach(['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
+		foreach (['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
 			$val = $this->configuration->$keyBase;
-			if(empty($val)) {
+			if (empty($val)) {
 				$this->configuration->$keyBase = $this->configuration->ldapBase;
 			}
 		}
 
-		foreach(['ldapExpertUUIDUserAttr'  => 'ldapUuidUserAttribute',
+		foreach (['ldapExpertUUIDUserAttr'  => 'ldapUuidUserAttribute',
 			'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute']
 				as $expertSetting => $effectiveSetting) {
 			$uuidOverride = $this->configuration->$expertSetting;
-			if(!empty($uuidOverride)) {
+			if (!empty($uuidOverride)) {
 				$this->configuration->$effectiveSetting = $uuidOverride;
 			} else {
 				$uuidAttributes = Access::UUID_ATTRIBUTES;
 				array_unshift($uuidAttributes, 'auto');
-				if(!in_array($this->configuration->$effectiveSetting,
+				if (!in_array($this->configuration->$effectiveSetting,
 							$uuidAttributes)
 					&& (!is_null($this->configID))) {
 					$this->configuration->$effectiveSetting = 'auto';
@@ -387,7 +387,7 @@  discard block
 block discarded – undo
 			}
 		}
 
-		$backupPort = (int)$this->configuration->ldapBackupPort;
+		$backupPort = (int) $this->configuration->ldapBackupPort;
 		if ($backupPort <= 0) {
 			$this->configuration->backupPort = $this->configuration->ldapPort;
 		}
@@ -395,14 +395,14 @@  discard block
 block discarded – undo
 		//make sure empty search attributes are saved as simple, empty array
 		$saKeys = ['ldapAttributesForUserSearch',
 			'ldapAttributesForGroupSearch'];
-		foreach($saKeys as $key) {
+		foreach ($saKeys as $key) {
 			$val = $this->configuration->$key;
-			if(is_array($val) && count($val) === 1 && empty($val[0])) {
+			if (is_array($val) && count($val) === 1 && empty($val[0])) {
 				$this->configuration->$key = [];
 			}
 		}
 
-		if((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
+		if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
 			&& $this->configuration->ldapTLS) {
 			$this->configuration->ldapTLS = false;
 			\OCP\Util::writeLog(
@@ -419,15 +419,15 @@  discard block
 block discarded – undo
 	private function doCriticalValidation() {
 		$configurationOK = true;
 		$errorStr = 'Configuration Error (prefix '.
-			(string)$this->configPrefix .'): ';
+			(string) $this->configPrefix.'): ';
 
 		//options that shall not be empty
 		$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
 			'ldapGroupDisplayName', 'ldapLoginFilter'];
-		foreach($options as $key) {
+		foreach ($options as $key) {
 			$val = $this->configuration->$key;
-			if(empty($val)) {
-				switch($key) {
+			if (empty($val)) {
+				switch ($key) {
 					case 'ldapHost':
 						$subj = 'LDAP Host';
 						break;
@@ -460,12 +460,12 @@  discard block
 block discarded – undo
 		$agent = $this->configuration->ldapAgentName;
 		$pwd = $this->configuration->ldapAgentPassword;
 		if (
-			($agent === ''  && $pwd !== '')
+			($agent === '' && $pwd !== '')
 			|| ($agent !== '' && $pwd === '')
 		) {
 			\OCP\Util::writeLog(
 				'user_ldap',
-				$errorStr.'either no password is given for the user ' .
+				$errorStr.'either no password is given for the user '.
 					'agent or a password is given, but not an LDAP agent.',
 				ILogger::WARN);
 			$configurationOK = false;
@@ -475,7 +475,7 @@  discard block
 block discarded – undo
 		$baseUsers = $this->configuration->ldapBaseUsers;
 		$baseGroups = $this->configuration->ldapBaseGroups;
 
-		if(empty($base) && empty($baseUsers) && empty($baseGroups)) {
+		if (empty($base) && empty($baseUsers) && empty($baseGroups)) {
 			\OCP\Util::writeLog(
 				'user_ldap',
 				$errorStr.'Not a single Base DN given.',
@@ -484,7 +484,7 @@  discard block
 block discarded – undo
 			$configurationOK = false;
 		}
 
-		if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
+		if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
 		   === false) {
 			\OCP\Util::writeLog(
 				'user_ldap',
@@ -503,7 +503,7 @@  discard block
 block discarded – undo
 	 */
 	private function validateConfiguration() {
 
-		if($this->doNotValidate) {
+		if ($this->doNotValidate) {
 			//don't do a validation if it is a new configuration with pure
 			//default values. Will be allowed on changes via __set or
 			//setConfiguration
@@ -526,14 +526,14 @@  discard block
 block discarded – undo
 	 * @throws ServerNotAvailableException
 	 */
 	private function establishConnection() {
-		if(!$this->configuration->ldapConfigurationActive) {
+		if (!$this->configuration->ldapConfigurationActive) {
 			return null;
 		}
 		static $phpLDAPinstalled = true;
-		if(!$phpLDAPinstalled) {
+		if (!$phpLDAPinstalled) {
 			return false;
 		}
-		if(!$this->ignoreValidation && !$this->configured) {
+		if (!$this->ignoreValidation && !$this->configured) {
 			\OCP\Util::writeLog(
 				'user_ldap',
 				'Configuration is invalid, cannot connect',
@@ -541,8 +541,8 @@  discard block
 block discarded – undo
 			);
 			return false;
 		}
-		if(!$this->ldapConnectionRes) {
-			if(!$this->ldap->areLDAPFunctionsAvailable()) {
+		if (!$this->ldapConnectionRes) {
+			if (!$this->ldap->areLDAPFunctionsAvailable()) {
 				$phpLDAPinstalled = false;
 				\OCP\Util::writeLog(
 					'user_ldap',
@@ -552,8 +552,8 @@  discard block
 block discarded – undo
 
 				return false;
 			}
-			if($this->configuration->turnOffCertCheck) {
-				if(putenv('LDAPTLS_REQCERT=never')) {
+			if ($this->configuration->turnOffCertCheck) {
+				if (putenv('LDAPTLS_REQCERT=never')) {
 					\OCP\Util::writeLog('user_ldap',
 						'Turned off SSL certificate validation successfully.',
 						ILogger::DEBUG);
@@ -577,20 +577,20 @@  discard block
 block discarded – undo
 					return $this->bind();
 				}
 			} catch (ServerNotAvailableException $e) {
-				if(!$isBackupHost) {
+				if (!$isBackupHost) {
 					throw $e;
 				}
 			}
 
 			//if LDAP server is not reachable, try the Backup (Replica!) Server
-			if($isBackupHost || $isOverrideMainServer) {
+			if ($isBackupHost || $isOverrideMainServer) {
 				$this->doConnect($this->configuration->ldapBackupHost,
 								 $this->configuration->ldapBackupPort);
 				$this->bindResult = [];
 				$bindStatus = $this->bind();
 				$error = $this->ldap->isResource($this->ldapConnectionRes) ?
 					$this->ldap->errno($this->ldapConnectionRes) : -1;
-				if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
+				if ($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
 					//when bind to backup server succeeded and failed to main server,
 					//skip contacting him until next cache refresh
 					$this->writeToCache('overrideMainServer', true);
@@ -615,17 +615,17 @@  discard block
 block discarded – undo
 
 		$this->ldapConnectionRes = $this->ldap->connect($host, $port);
 
-		if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+		if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
 			throw new ServerNotAvailableException('Could not set required LDAP Protocol version.');
 		}
 
-		if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+		if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
 			throw new ServerNotAvailableException('Could not disable LDAP referrals.');
 		}
 
-		if($this->configuration->ldapTLS) {
-			if(!$this->ldap->startTls($this->ldapConnectionRes)) {
-				throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
+		if ($this->configuration->ldapTLS) {
+			if (!$this->ldap->startTls($this->ldapConnectionRes)) {
+				throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host '.$host.'.');
 			}
 		}
 
@@ -636,19 +636,19 @@  discard block
 block discarded – undo
 	 * Binds to LDAP
 	 */
 	public function bind() {
-		if(!$this->configuration->ldapConfigurationActive) {
+		if (!$this->configuration->ldapConfigurationActive) {
 			return false;
 		}
 		$cr = $this->ldapConnectionRes;
-		if(!$this->ldap->isResource($cr)) {
+		if (!$this->ldap->isResource($cr)) {
 			$cr = $this->getConnectionResource();
 		}
 
-		if(
+		if (
 			count($this->bindResult) !== 0
 			&& $this->bindResult['dn'] === $this->configuration->ldapAgentName
 			&& \OC::$server->getHasher()->verify(
-				$this->configPrefix . $this->configuration->ldapAgentPassword,
+				$this->configPrefix.$this->configuration->ldapAgentPassword,
 				$this->bindResult['hash']
 			)
 		) {
@@ -664,20 +664,20 @@  discard block
 block discarded – undo
 
 		$this->bindResult = [
 			'dn' => $this->configuration->ldapAgentName,
-			'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword),
+			'hash' => \OC::$server->getHasher()->hash($this->configPrefix.$this->configuration->ldapAgentPassword),
 			'result' => $ldapLogin,
 		];
 
-		if(!$ldapLogin) {
+		if (!$ldapLogin) {
 			$errno = $this->ldap->errno($cr);
 
 			\OCP\Util::writeLog('user_ldap',
-				'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
+				'Bind failed: '.$errno.': '.$this->ldap->error($cr),
 				ILogger::WARN);
 
 			// Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS
 			// or (needed for Apple Open Directory:) LDAP_INSUFFICIENT_ACCESS
-			if($errno !== 0 && $errno !== 49 && $errno !== 50) {
+			if ($errno !== 0 && $errno !== 49 && $errno !== 50) {
 				$this->ldapConnectionRes = null;
 			}
 

Please login to merge, or discard this patch.

		@@ -39,252 +39,252 @@
		block discarded – undo
39	39
40	40	class SubAdmin extends PublicEmitter implements ISubAdmin {
41	41
42		- /** @var IUserManager */
43		- private $userManager;
44		-
45		- /** @var IGroupManager */
46		- private $groupManager;
47		-
48		- /** @var IDBConnection */
49		- private $dbConn;
50		-
51		- /**
52		- * @param IUserManager $userManager
53		- * @param IGroupManager $groupManager
54		- * @param IDBConnection $dbConn
55		- */
56		- public function __construct(IUserManager $userManager,
57		- IGroupManager $groupManager,
58		- IDBConnection $dbConn) {
59		- $this->userManager = $userManager;
60		- $this->groupManager = $groupManager;
61		- $this->dbConn = $dbConn;
62		-
63		- $this->userManager->listen('\OC\User', 'postDelete', function($user) {
64		- $this->post_deleteUser($user);
65		- });
66		- $this->groupManager->listen('\OC\Group', 'postDelete', function($group) {
67		- $this->post_deleteGroup($group);
68		- });
69		- }
70		-
71		- /**
72		- * add a SubAdmin
73		- * @param IUser $user user to be SubAdmin
74		- * @param IGroup $group group $user becomes subadmin of
75		- */
76		- public function createSubAdmin(IUser $user, IGroup $group): void {
77		- $qb = $this->dbConn->getQueryBuilder();
78		-
79		- $qb->insert('group_admin')
80		- ->values([
81		- 'gid' => $qb->createNamedParameter($group->getGID()),
82		- 'uid' => $qb->createNamedParameter($user->getUID())
83		- ])
84		- ->execute();
85		-
86		- $this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
87		- \OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);
88		- }
89		-
90		- /**
91		- * delete a SubAdmin
92		- * @param IUser $user the user that is the SubAdmin
93		- * @param IGroup $group the group
94		- */
95		- public function deleteSubAdmin(IUser $user, IGroup $group): void {
96		- $qb = $this->dbConn->getQueryBuilder();
97		-
98		- $qb->delete('group_admin')
99		- ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
100		- ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
101		- ->execute();
102		-
103		- $this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
104		- \OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);
105		- }
106		-
107		- /**
108		- * get groups of a SubAdmin
109		- * @param IUser $user the SubAdmin
110		- * @return IGroup[]
111		- */
112		- public function getSubAdminsGroups(IUser $user): array {
113		- $qb = $this->dbConn->getQueryBuilder();
114		-
115		- $result = $qb->select('gid')
116		- ->from('group_admin')
117		- ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
118		- ->execute();
119		-
120		- $groups = [];
121		- while($row = $result->fetch()) {
122		- $group = $this->groupManager->get($row['gid']);
123		- if(!is_null($group)) {
124		- $groups[$group->getGID()] = $group;
125		- }
126		- }
127		- $result->closeCursor();
128		-
129		- return $groups;
130		- }
131		-
132		- /**
133		- * get an array of groupid and displayName for a user
134		- * @param IUser $user
135		- * @return array ['displayName' => displayname]
136		- */
137		- public function getSubAdminsGroupsName(IUser $user): array {
138		- return array_map(function($group) {
139		- return ['displayName' => $group->getDisplayName()];
140		- }, $this->getSubAdminsGroups($user));
141		- }
142		-
143		- /**
144		- * get SubAdmins of a group
145		- * @param IGroup $group the group
146		- * @return IUser[]
147		- */
148		- public function getGroupsSubAdmins(IGroup $group): array {
149		- $qb = $this->dbConn->getQueryBuilder();
150		-
151		- $result = $qb->select('uid')
152		- ->from('group_admin')
153		- ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
154		- ->execute();
155		-
156		- $users = [];
157		- while($row = $result->fetch()) {
158		- $user = $this->userManager->get($row['uid']);
159		- if(!is_null($user)) {
160		- $users[] = $user;
161		- }
162		- }
163		- $result->closeCursor();
164		-
165		- return $users;
166		- }
167		-
168		- /**
169		- * get all SubAdmins
170		- * @return array
171		- */
172		- public function getAllSubAdmins(): array {
173		- $qb = $this->dbConn->getQueryBuilder();
174		-
175		- $result = $qb->select('*')
176		- ->from('group_admin')
177		- ->execute();
178		-
179		- $subadmins = [];
180		- while($row = $result->fetch()) {
181		- $user = $this->userManager->get($row['uid']);
182		- $group = $this->groupManager->get($row['gid']);
183		- if(!is_null($user) && !is_null($group)) {
184		- $subadmins[] = [
185		- 'user' => $user,
186		- 'group' => $group
187		- ];
188		- }
189		- }
190		- $result->closeCursor();
191		-
192		- return $subadmins;
193		- }
194		-
195		- /**
196		- * checks if a user is a SubAdmin of a group
197		- * @param IUser $user
198		- * @param IGroup $group
199		- * @return bool
200		- */
201		- public function isSubAdminOfGroup(IUser $user, IGroup $group): bool {
202		- $qb = $this->dbConn->getQueryBuilder();
203		-
204		- /*
	42	+ /** @var IUserManager */
	43	+ private $userManager;
	44	+
	45	+ /** @var IGroupManager */
	46	+ private $groupManager;
	47	+
	48	+ /** @var IDBConnection */
	49	+ private $dbConn;
	50	+
	51	+ /**
	52	+ * @param IUserManager $userManager
	53	+ * @param IGroupManager $groupManager
	54	+ * @param IDBConnection $dbConn
	55	+ */
	56	+ public function __construct(IUserManager $userManager,
	57	+ IGroupManager $groupManager,
	58	+ IDBConnection $dbConn) {
	59	+ $this->userManager = $userManager;
	60	+ $this->groupManager = $groupManager;
	61	+ $this->dbConn = $dbConn;
	62	+
	63	+ $this->userManager->listen('\OC\User', 'postDelete', function($user) {
	64	+ $this->post_deleteUser($user);
	65	+ });
	66	+ $this->groupManager->listen('\OC\Group', 'postDelete', function($group) {
	67	+ $this->post_deleteGroup($group);
	68	+ });
	69	+ }
	70	+
	71	+ /**
	72	+ * add a SubAdmin
	73	+ * @param IUser $user user to be SubAdmin
	74	+ * @param IGroup $group group $user becomes subadmin of
	75	+ */
	76	+ public function createSubAdmin(IUser $user, IGroup $group): void {
	77	+ $qb = $this->dbConn->getQueryBuilder();
	78	+
	79	+ $qb->insert('group_admin')
	80	+ ->values([
	81	+ 'gid' => $qb->createNamedParameter($group->getGID()),
	82	+ 'uid' => $qb->createNamedParameter($user->getUID())
	83	+ ])
	84	+ ->execute();
	85	+
	86	+ $this->emit('\OC\SubAdmin', 'postCreateSubAdmin', [$user, $group]);
	87	+ \OC_Hook::emit("OC_SubAdmin", "post_createSubAdmin", ["gid" => $group->getGID()]);
	88	+ }
	89	+
	90	+ /**
	91	+ * delete a SubAdmin
	92	+ * @param IUser $user the user that is the SubAdmin
	93	+ * @param IGroup $group the group
	94	+ */
	95	+ public function deleteSubAdmin(IUser $user, IGroup $group): void {
	96	+ $qb = $this->dbConn->getQueryBuilder();
	97	+
	98	+ $qb->delete('group_admin')
	99	+ ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
	100	+ ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
	101	+ ->execute();
	102	+
	103	+ $this->emit('\OC\SubAdmin', 'postDeleteSubAdmin', [$user, $group]);
	104	+ \OC_Hook::emit("OC_SubAdmin", "post_deleteSubAdmin", ["gid" => $group->getGID()]);
	105	+ }
	106	+
	107	+ /**
	108	+ * get groups of a SubAdmin
	109	+ * @param IUser $user the SubAdmin
	110	+ * @return IGroup[]
	111	+ */
	112	+ public function getSubAdminsGroups(IUser $user): array {
	113	+ $qb = $this->dbConn->getQueryBuilder();
	114	+
	115	+ $result = $qb->select('gid')
	116	+ ->from('group_admin')
	117	+ ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
	118	+ ->execute();
	119	+
	120	+ $groups = [];
	121	+ while($row = $result->fetch()) {
	122	+ $group = $this->groupManager->get($row['gid']);
	123	+ if(!is_null($group)) {
	124	+ $groups[$group->getGID()] = $group;
	125	+ }
	126	+ }
	127	+ $result->closeCursor();
	128	+
	129	+ return $groups;
	130	+ }
	131	+
	132	+ /**
	133	+ * get an array of groupid and displayName for a user
	134	+ * @param IUser $user
	135	+ * @return array ['displayName' => displayname]
	136	+ */
	137	+ public function getSubAdminsGroupsName(IUser $user): array {
	138	+ return array_map(function($group) {
	139	+ return ['displayName' => $group->getDisplayName()];
	140	+ }, $this->getSubAdminsGroups($user));
	141	+ }
	142	+
	143	+ /**
	144	+ * get SubAdmins of a group
	145	+ * @param IGroup $group the group
	146	+ * @return IUser[]
	147	+ */
	148	+ public function getGroupsSubAdmins(IGroup $group): array {
	149	+ $qb = $this->dbConn->getQueryBuilder();
	150	+
	151	+ $result = $qb->select('uid')
	152	+ ->from('group_admin')
	153	+ ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
	154	+ ->execute();
	155	+
	156	+ $users = [];
	157	+ while($row = $result->fetch()) {
	158	+ $user = $this->userManager->get($row['uid']);
	159	+ if(!is_null($user)) {
	160	+ $users[] = $user;
	161	+ }
	162	+ }
	163	+ $result->closeCursor();
	164	+
	165	+ return $users;
	166	+ }
	167	+
	168	+ /**
	169	+ * get all SubAdmins
	170	+ * @return array
	171	+ */
	172	+ public function getAllSubAdmins(): array {
	173	+ $qb = $this->dbConn->getQueryBuilder();
	174	+
	175	+ $result = $qb->select('*')
	176	+ ->from('group_admin')
	177	+ ->execute();
	178	+
	179	+ $subadmins = [];
	180	+ while($row = $result->fetch()) {
	181	+ $user = $this->userManager->get($row['uid']);
	182	+ $group = $this->groupManager->get($row['gid']);
	183	+ if(!is_null($user) && !is_null($group)) {
	184	+ $subadmins[] = [
	185	+ 'user' => $user,
	186	+ 'group' => $group
	187	+ ];
	188	+ }
	189	+ }
	190	+ $result->closeCursor();
	191	+
	192	+ return $subadmins;
	193	+ }
	194	+
	195	+ /**
	196	+ * checks if a user is a SubAdmin of a group
	197	+ * @param IUser $user
	198	+ * @param IGroup $group
	199	+ * @return bool
	200	+ */
	201	+ public function isSubAdminOfGroup(IUser $user, IGroup $group): bool {
	202	+ $qb = $this->dbConn->getQueryBuilder();
	203	+
	204	+ /*
205	205	* Primary key is ('gid', 'uid') so max 1 result possible here
206	206	*/
207		- $result = $qb->select('*')
208		- ->from('group_admin')
209		- ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
210		- ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
211		- ->execute();
212		-
213		- $fetch = $result->fetch();
214		- $result->closeCursor();
215		- $result = !empty($fetch) ? true : false;
216		-
217		- return $result;
218		- }
219		-
220		- /**
221		- * checks if a user is a SubAdmin
222		- * @param IUser $user
223		- * @return bool
224		- */
225		- public function isSubAdmin(IUser $user): bool {
226		- // Check if the user is already an admin
227		- if ($this->groupManager->isAdmin($user->getUID())) {
228		- return true;
229		- }
230		-
231		- $qb = $this->dbConn->getQueryBuilder();
232		-
233		- $result = $qb->select('gid')
234		- ->from('group_admin')
235		- ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
236		- ->setMaxResults(1)
237		- ->execute();
238		-
239		- $isSubAdmin = $result->fetch();
240		- $result->closeCursor();
241		-
242		- return $isSubAdmin !== false;
243		- }
244		-
245		- /**
246		- * checks if a user is a accessible by a subadmin
247		- * @param IUser $subadmin
248		- * @param IUser $user
249		- * @return bool
250		- */
251		- public function isUserAccessible(IUser $subadmin, IUser $user): bool {
252		- if(!$this->isSubAdmin($subadmin)) {
253		- return false;
254		- }
255		- if($this->groupManager->isAdmin($user->getUID())) {
256		- return false;
257		- }
258		- $accessibleGroups = $this->getSubAdminsGroups($subadmin);
259		- foreach($accessibleGroups as $accessibleGroup) {
260		- if($accessibleGroup->inGroup($user)) {
261		- return true;
262		- }
263		- }
264		- return false;
265		- }
266		-
267		- /**
268		- * delete all SubAdmins by $user
269		- * @param IUser $user
270		- */
271		- private function post_deleteUser(IUser $user) {
272		- $qb = $this->dbConn->getQueryBuilder();
273		-
274		- $qb->delete('group_admin')
275		- ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
276		- ->execute();
277		- }
278		-
279		- /**
280		- * delete all SubAdmins by $group
281		- * @param IGroup $group
282		- */
283		- private function post_deleteGroup(IGroup $group) {
284		- $qb = $this->dbConn->getQueryBuilder();
285		-
286		- $qb->delete('group_admin')
287		- ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
288		- ->execute();
289		- }
	207	+ $result = $qb->select('*')
	208	+ ->from('group_admin')
	209	+ ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
	210	+ ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
	211	+ ->execute();
	212	+
	213	+ $fetch = $result->fetch();
	214	+ $result->closeCursor();
	215	+ $result = !empty($fetch) ? true : false;
	216	+
	217	+ return $result;
	218	+ }
	219	+
	220	+ /**
	221	+ * checks if a user is a SubAdmin
	222	+ * @param IUser $user
	223	+ * @return bool
	224	+ */
	225	+ public function isSubAdmin(IUser $user): bool {
	226	+ // Check if the user is already an admin
	227	+ if ($this->groupManager->isAdmin($user->getUID())) {
	228	+ return true;
	229	+ }
	230	+
	231	+ $qb = $this->dbConn->getQueryBuilder();
	232	+
	233	+ $result = $qb->select('gid')
	234	+ ->from('group_admin')
	235	+ ->andWhere($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
	236	+ ->setMaxResults(1)
	237	+ ->execute();
	238	+
	239	+ $isSubAdmin = $result->fetch();
	240	+ $result->closeCursor();
	241	+
	242	+ return $isSubAdmin !== false;
	243	+ }
	244	+
	245	+ /**
	246	+ * checks if a user is a accessible by a subadmin
	247	+ * @param IUser $subadmin
	248	+ * @param IUser $user
	249	+ * @return bool
	250	+ */
	251	+ public function isUserAccessible(IUser $subadmin, IUser $user): bool {
	252	+ if(!$this->isSubAdmin($subadmin)) {
	253	+ return false;
	254	+ }
	255	+ if($this->groupManager->isAdmin($user->getUID())) {
	256	+ return false;
	257	+ }
	258	+ $accessibleGroups = $this->getSubAdminsGroups($subadmin);
	259	+ foreach($accessibleGroups as $accessibleGroup) {
	260	+ if($accessibleGroup->inGroup($user)) {
	261	+ return true;
	262	+ }
	263	+ }
	264	+ return false;
	265	+ }
	266	+
	267	+ /**
	268	+ * delete all SubAdmins by $user
	269	+ * @param IUser $user
	270	+ */
	271	+ private function post_deleteUser(IUser $user) {
	272	+ $qb = $this->dbConn->getQueryBuilder();
	273	+
	274	+ $qb->delete('group_admin')
	275	+ ->where($qb->expr()->eq('uid', $qb->createNamedParameter($user->getUID())))
	276	+ ->execute();
	277	+ }
	278	+
	279	+ /**
	280	+ * delete all SubAdmins by $group
	281	+ * @param IGroup $group
	282	+ */
	283	+ private function post_deleteGroup(IGroup $group) {
	284	+ $qb = $this->dbConn->getQueryBuilder();
	285	+
	286	+ $qb->delete('group_admin')
	287	+ ->where($qb->expr()->eq('gid', $qb->createNamedParameter($group->getGID())))
	288	+ ->execute();
	289	+ }
290	290	}

		@@ -40,116 +40,116 @@
		block discarded – undo
40	40
41	41	class OCSMiddleware extends Middleware {
42	42
43		- /** @var IRequest */
44		- private $request;
45		-
46		- /** @var int */
47		- private $ocsVersion;
48		-
49		- /**
50		- * @param IRequest $request
51		- */
52		- public function __construct(IRequest $request) {
53		- $this->request = $request;
54		- }
55		-
56		- /**
57		- * @param Controller $controller
58		- * @param string $methodName
59		- */
60		- public function beforeController($controller, $methodName) {
61		- if ($controller instanceof OCSController) {
62		- if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
63		- $this->ocsVersion = 2;
64		- } else {
65		- $this->ocsVersion = 1;
66		- }
67		- $controller->setOCSVersion($this->ocsVersion);
68		- }
69		- }
70		-
71		- /**
72		- * @param Controller $controller
73		- * @param string $methodName
74		- * @param \Exception $exception
75		- * @throws \Exception
76		- * @return BaseResponse
77		- */
78		- public function afterException($controller, $methodName, \Exception $exception) {
79		- if ($controller instanceof OCSController && $exception instanceof OCSException) {
80		- $code = $exception->getCode();
81		- if ($code === 0) {
82		- $code = API::RESPOND_UNKNOWN_ERROR;
83		- }
84		-
85		- return $this->buildNewResponse($controller, $code, $exception->getMessage());
86		- }
87		-
88		- throw $exception;
89		- }
90		-
91		- /**
92		- * @param Controller $controller
93		- * @param string $methodName
94		- * @param Response $response
95		- * @return \OCP\AppFramework\Http\Response
96		- */
97		- public function afterController($controller, $methodName, Response $response) {
98		- /*
	43	+ /** @var IRequest */
	44	+ private $request;
	45	+
	46	+ /** @var int */
	47	+ private $ocsVersion;
	48	+
	49	+ /**
	50	+ * @param IRequest $request
	51	+ */
	52	+ public function __construct(IRequest $request) {
	53	+ $this->request = $request;
	54	+ }
	55	+
	56	+ /**
	57	+ * @param Controller $controller
	58	+ * @param string $methodName
	59	+ */
	60	+ public function beforeController($controller, $methodName) {
	61	+ if ($controller instanceof OCSController) {
	62	+ if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
	63	+ $this->ocsVersion = 2;
	64	+ } else {
	65	+ $this->ocsVersion = 1;
	66	+ }
	67	+ $controller->setOCSVersion($this->ocsVersion);
	68	+ }
	69	+ }
	70	+
	71	+ /**
	72	+ * @param Controller $controller
	73	+ * @param string $methodName
	74	+ * @param \Exception $exception
	75	+ * @throws \Exception
	76	+ * @return BaseResponse
	77	+ */
	78	+ public function afterException($controller, $methodName, \Exception $exception) {
	79	+ if ($controller instanceof OCSController && $exception instanceof OCSException) {
	80	+ $code = $exception->getCode();
	81	+ if ($code === 0) {
	82	+ $code = API::RESPOND_UNKNOWN_ERROR;
	83	+ }
	84	+
	85	+ return $this->buildNewResponse($controller, $code, $exception->getMessage());
	86	+ }
	87	+
	88	+ throw $exception;
	89	+ }
	90	+
	91	+ /**
	92	+ * @param Controller $controller
	93	+ * @param string $methodName
	94	+ * @param Response $response
	95	+ * @return \OCP\AppFramework\Http\Response
	96	+ */
	97	+ public function afterController($controller, $methodName, Response $response) {
	98	+ /*
99	99	* If a different middleware has detected that a request unauthorized or forbidden
100	100	* we need to catch the response and convert it to a proper OCS response.
101	101	*/
102		- if ($controller instanceof OCSController && !($response instanceof BaseResponse)) {
103		- if ($response->getStatus() === Http::STATUS_UNAUTHORIZED \|\|
104		- $response->getStatus() === Http::STATUS_FORBIDDEN) {
105		-
106		- $message = '';
107		- if ($response instanceof JSONResponse) {
108		- /** @var DataResponse $response */
109		- $message = $response->getData()['message'];
110		- }
111		-
112		- return $this->buildNewResponse($controller, API::RESPOND_UNAUTHORISED, $message);
113		- }
114		- }
115		-
116		- return $response;
117		- }
118		-
119		- /**
120		- * @param Controller $controller
121		- * @param int $code
122		- * @param string $message
123		- * @return V1Response\|V2Response
124		- */
125		- private function buildNewResponse(Controller $controller, $code, $message) {
126		- $format = $this->getFormat($controller);
127		-
128		- $data = new DataResponse();
129		- $data->setStatus($code);
130		- if ($this->ocsVersion === 1) {
131		- $response = new V1Response($data, $format, $message);
132		- } else {
133		- $response = new V2Response($data, $format, $message);
134		- }
135		-
136		- return $response;
137		- }
138		-
139		- /**
140		- * @param Controller $controller
141		- * @return string
142		- */
143		- private function getFormat(Controller $controller) {
144		- // get format from the url format or request format parameter
145		- $format = $this->request->getParam('format');
146		-
147		- // if none is given try the first Accept header
148		- if($format === null) {
149		- $headers = $this->request->getHeader('Accept');
150		- $format = $controller->getResponderByHTTPHeader($headers, 'xml');
151		- }
152		-
153		- return $format;
154		- }
	102	+ if ($controller instanceof OCSController && !($response instanceof BaseResponse)) {
	103	+ if ($response->getStatus() === Http::STATUS_UNAUTHORIZED \|\|
	104	+ $response->getStatus() === Http::STATUS_FORBIDDEN) {
	105	+
	106	+ $message = '';
	107	+ if ($response instanceof JSONResponse) {
	108	+ /** @var DataResponse $response */
	109	+ $message = $response->getData()['message'];
	110	+ }
	111	+
	112	+ return $this->buildNewResponse($controller, API::RESPOND_UNAUTHORISED, $message);
	113	+ }
	114	+ }
	115	+
	116	+ return $response;
	117	+ }
	118	+
	119	+ /**
	120	+ * @param Controller $controller
	121	+ * @param int $code
	122	+ * @param string $message
	123	+ * @return V1Response\|V2Response
	124	+ */
	125	+ private function buildNewResponse(Controller $controller, $code, $message) {
	126	+ $format = $this->getFormat($controller);
	127	+
	128	+ $data = new DataResponse();
	129	+ $data->setStatus($code);
	130	+ if ($this->ocsVersion === 1) {
	131	+ $response = new V1Response($data, $format, $message);
	132	+ } else {
	133	+ $response = new V2Response($data, $format, $message);
	134	+ }
	135	+
	136	+ return $response;
	137	+ }
	138	+
	139	+ /**
	140	+ * @param Controller $controller
	141	+ * @return string
	142	+ */
	143	+ private function getFormat(Controller $controller) {
	144	+ // get format from the url format or request format parameter
	145	+ $format = $this->request->getParam('format');
	146	+
	147	+ // if none is given try the first Accept header
	148	+ if($format === null) {
	149	+ $headers = $this->request->getHeader('Accept');
	150	+ $format = $controller->getResponderByHTTPHeader($headers, 'xml');
	151	+ }
	152	+
	153	+ return $format;
	154	+ }
155	155	}

		@@ -67,103 +67,103 @@ discard block
		block discarded – undo
67	67	* check fails
68	68	*/
69	69	class SecurityMiddleware extends Middleware {
70		- /** @var INavigationManager */
71		- private $navigationManager;
72		- /** @var IRequest */
73		- private $request;
74		- /** @var ControllerMethodReflector */
75		- private $reflector;
76		- /** @var string */
77		- private $appName;
78		- /** @var IURLGenerator */
79		- private $urlGenerator;
80		- /** @var ILogger */
81		- private $logger;
82		- /** @var bool */
83		- private $isLoggedIn;
84		- /** @var bool */
85		- private $isAdminUser;
86		- /** @var bool */
87		- private $isSubAdmin;
88		- /** @var IAppManager */
89		- private $appManager;
90		- /** @var IL10N */
91		- private $l10n;
92		-
93		- public function __construct(IRequest $request,
94		- ControllerMethodReflector $reflector,
95		- INavigationManager $navigationManager,
96		- IURLGenerator $urlGenerator,
97		- ILogger $logger,
98		- string $appName,
99		- bool $isLoggedIn,
100		- bool $isAdminUser,
101		- bool $isSubAdmin,
102		- IAppManager $appManager,
103		- IL10N $l10n
104		- ) {
105		- $this->navigationManager = $navigationManager;
106		- $this->request = $request;
107		- $this->reflector = $reflector;
108		- $this->appName = $appName;
109		- $this->urlGenerator = $urlGenerator;
110		- $this->logger = $logger;
111		- $this->isLoggedIn = $isLoggedIn;
112		- $this->isAdminUser = $isAdminUser;
113		- $this->isSubAdmin = $isSubAdmin;
114		- $this->appManager = $appManager;
115		- $this->l10n = $l10n;
116		- }
117		-
118		- /**
119		- * This runs all the security checks before a method call. The
120		- * security checks are determined by inspecting the controller method
121		- * annotations
122		- * @param Controller $controller the controller
123		- * @param string $methodName the name of the method
124		- * @throws SecurityException when a security check fails
125		- *
126		- * @suppress PhanUndeclaredClassConstant
127		- */
128		- public function beforeController($controller, $methodName) {
129		-
130		- // this will set the current navigation entry of the app, use this only
131		- // for normal HTML requests and not for AJAX requests
132		- $this->navigationManager->setActiveEntry($this->appName);
133		-
134		- if (get_class($controller) === \OCA\Talk\Controller\PageController::class && $methodName === 'showCall') {
135		- $this->navigationManager->setActiveEntry('spreed');
136		- }
137		-
138		- // security checks
139		- $isPublicPage = $this->reflector->hasAnnotation('PublicPage');
140		- if(!$isPublicPage) {
141		- if(!$this->isLoggedIn) {
142		- throw new NotLoggedInException();
143		- }
144		-
145		- if($this->reflector->hasAnnotation('SubAdminRequired')
146		- && !$this->isSubAdmin
147		- && !$this->isAdminUser) {
148		- throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin'));
149		- }
150		- if(!$this->reflector->hasAnnotation('SubAdminRequired')
151		- && !$this->reflector->hasAnnotation('NoAdminRequired')
152		- && !$this->isAdminUser) {
153		- throw new NotAdminException($this->l10n->t('Logged in user must be an admin'));
154		- }
155		- }
156		-
157		- // Check for strict cookie requirement
158		- if($this->reflector->hasAnnotation('StrictCookieRequired') \|\| !$this->reflector->hasAnnotation('NoCSRFRequired')) {
159		- if(!$this->request->passesStrictCookieCheck()) {
160		- throw new StrictCookieMissingException();
161		- }
162		- }
163		- // CSRF check - also registers the CSRF token since the session may be closed later
164		- Util::callRegister();
165		- if(!$this->reflector->hasAnnotation('NoCSRFRequired')) {
166		- /*
	70	+ /** @var INavigationManager */
	71	+ private $navigationManager;
	72	+ /** @var IRequest */
	73	+ private $request;
	74	+ /** @var ControllerMethodReflector */
	75	+ private $reflector;
	76	+ /** @var string */
	77	+ private $appName;
	78	+ /** @var IURLGenerator */
	79	+ private $urlGenerator;
	80	+ /** @var ILogger */
	81	+ private $logger;
	82	+ /** @var bool */
	83	+ private $isLoggedIn;
	84	+ /** @var bool */
	85	+ private $isAdminUser;
	86	+ /** @var bool */
	87	+ private $isSubAdmin;
	88	+ /** @var IAppManager */
	89	+ private $appManager;
	90	+ /** @var IL10N */
	91	+ private $l10n;
	92	+
	93	+ public function __construct(IRequest $request,
	94	+ ControllerMethodReflector $reflector,
	95	+ INavigationManager $navigationManager,
	96	+ IURLGenerator $urlGenerator,
	97	+ ILogger $logger,
	98	+ string $appName,
	99	+ bool $isLoggedIn,
	100	+ bool $isAdminUser,
	101	+ bool $isSubAdmin,
	102	+ IAppManager $appManager,
	103	+ IL10N $l10n
	104	+ ) {
	105	+ $this->navigationManager = $navigationManager;
	106	+ $this->request = $request;
	107	+ $this->reflector = $reflector;
	108	+ $this->appName = $appName;
	109	+ $this->urlGenerator = $urlGenerator;
	110	+ $this->logger = $logger;
	111	+ $this->isLoggedIn = $isLoggedIn;
	112	+ $this->isAdminUser = $isAdminUser;
	113	+ $this->isSubAdmin = $isSubAdmin;
	114	+ $this->appManager = $appManager;
	115	+ $this->l10n = $l10n;
	116	+ }
	117	+
	118	+ /**
	119	+ * This runs all the security checks before a method call. The
	120	+ * security checks are determined by inspecting the controller method
	121	+ * annotations
	122	+ * @param Controller $controller the controller
	123	+ * @param string $methodName the name of the method
	124	+ * @throws SecurityException when a security check fails
	125	+ *
	126	+ * @suppress PhanUndeclaredClassConstant
	127	+ */
	128	+ public function beforeController($controller, $methodName) {
	129	+
	130	+ // this will set the current navigation entry of the app, use this only
	131	+ // for normal HTML requests and not for AJAX requests
	132	+ $this->navigationManager->setActiveEntry($this->appName);
	133	+
	134	+ if (get_class($controller) === \OCA\Talk\Controller\PageController::class && $methodName === 'showCall') {
	135	+ $this->navigationManager->setActiveEntry('spreed');
	136	+ }
	137	+
	138	+ // security checks
	139	+ $isPublicPage = $this->reflector->hasAnnotation('PublicPage');
	140	+ if(!$isPublicPage) {
	141	+ if(!$this->isLoggedIn) {
	142	+ throw new NotLoggedInException();
	143	+ }
	144	+
	145	+ if($this->reflector->hasAnnotation('SubAdminRequired')
	146	+ && !$this->isSubAdmin
	147	+ && !$this->isAdminUser) {
	148	+ throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin'));
	149	+ }
	150	+ if(!$this->reflector->hasAnnotation('SubAdminRequired')
	151	+ && !$this->reflector->hasAnnotation('NoAdminRequired')
	152	+ && !$this->isAdminUser) {
	153	+ throw new NotAdminException($this->l10n->t('Logged in user must be an admin'));
	154	+ }
	155	+ }
	156	+
	157	+ // Check for strict cookie requirement
	158	+ if($this->reflector->hasAnnotation('StrictCookieRequired') \|\| !$this->reflector->hasAnnotation('NoCSRFRequired')) {
	159	+ if(!$this->request->passesStrictCookieCheck()) {
	160	+ throw new StrictCookieMissingException();
	161	+ }
	162	+ }
	163	+ // CSRF check - also registers the CSRF token since the session may be closed later
	164	+ Util::callRegister();
	165	+ if(!$this->reflector->hasAnnotation('NoCSRFRequired')) {
	166	+ /*
167	167	* Only allow the CSRF check to fail on OCS Requests. This kind of
168	168	* hacks around that we have no full token auth in place yet and we
169	169	* do want to offer CSRF checks for web requests.
		@@ -171,75 +171,75 @@ discard block
		block discarded – undo
171	171	* Additionally we allow Bearer authenticated requests to pass on OCS routes.
172	172	* This allows oauth apps (e.g. moodle) to use the OCS endpoints
173	173	*/
174		- if(!$this->request->passesCSRFCheck() && !(
175		- $controller instanceof OCSController && (
176		- $this->request->getHeader('OCS-APIREQUEST') === 'true' \|\|
177		- strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0
178		- )
179		- )) {
180		- throw new CrossSiteRequestForgeryException();
181		- }
182		- }
183		-
184		- /**
185		- * Checks if app is enabled (also includes a check whether user is allowed to access the resource)
186		- * The getAppPath() check is here since components such as settings also use the AppFramework and
187		- * therefore won't pass this check.
188		- * If page is public, app does not need to be enabled for current user/visitor
189		- */
190		- try {
191		- $appPath = $this->appManager->getAppPath($this->appName);
192		- } catch (AppPathNotFoundException $e) {
193		- $appPath = false;
194		- }
195		-
196		- if ($appPath !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) {
197		- throw new AppNotEnabledException();
198		- }
199		- }
200		-
201		- /**
202		- * If an SecurityException is being caught, ajax requests return a JSON error
203		- * response and non ajax requests redirect to the index
204		- * @param Controller $controller the controller that is being called
205		- * @param string $methodName the name of the method that will be called on
206		- * the controller
207		- * @param \Exception $exception the thrown exception
208		- * @throws \Exception the passed in exception if it can't handle it
209		- * @return Response a Response object or null in case that the exception could not be handled
210		- */
211		- public function afterException($controller, $methodName, \Exception $exception): Response {
212		- if($exception instanceof SecurityException) {
213		- if($exception instanceof StrictCookieMissingException) {
214		- return new RedirectResponse(\OC::$WEBROOT);
215		- }
216		- if (stripos($this->request->getHeader('Accept'),'html') === false) {
217		- $response = new JSONResponse(
218		- ['message' => $exception->getMessage()],
219		- $exception->getCode()
220		- );
221		- } else {
222		- if($exception instanceof NotLoggedInException) {
223		- $params = [];
224		- if (isset($this->request->server['REQUEST_URI'])) {
225		- $params['redirect_url'] = $this->request->server['REQUEST_URI'];
226		- }
227		- $url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
228		- $response = new RedirectResponse($url);
229		- } else {
230		- $response = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest');
231		- $response->setStatus($exception->getCode());
232		- }
233		- }
234		-
235		- $this->logger->logException($exception, [
236		- 'level' => ILogger::DEBUG,
237		- 'app' => 'core',
238		- ]);
239		- return $response;
240		- }
241		-
242		- throw $exception;
243		- }
	174	+ if(!$this->request->passesCSRFCheck() && !(
	175	+ $controller instanceof OCSController && (
	176	+ $this->request->getHeader('OCS-APIREQUEST') === 'true' \|\|
	177	+ strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0
	178	+ )
	179	+ )) {
	180	+ throw new CrossSiteRequestForgeryException();
	181	+ }
	182	+ }
	183	+
	184	+ /**
	185	+ * Checks if app is enabled (also includes a check whether user is allowed to access the resource)
	186	+ * The getAppPath() check is here since components such as settings also use the AppFramework and
	187	+ * therefore won't pass this check.
	188	+ * If page is public, app does not need to be enabled for current user/visitor
	189	+ */
	190	+ try {
	191	+ $appPath = $this->appManager->getAppPath($this->appName);
	192	+ } catch (AppPathNotFoundException $e) {
	193	+ $appPath = false;
	194	+ }
	195	+
	196	+ if ($appPath !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) {
	197	+ throw new AppNotEnabledException();
	198	+ }
	199	+ }
	200	+
	201	+ /**
	202	+ * If an SecurityException is being caught, ajax requests return a JSON error
	203	+ * response and non ajax requests redirect to the index
	204	+ * @param Controller $controller the controller that is being called
	205	+ * @param string $methodName the name of the method that will be called on
	206	+ * the controller
	207	+ * @param \Exception $exception the thrown exception
	208	+ * @throws \Exception the passed in exception if it can't handle it
	209	+ * @return Response a Response object or null in case that the exception could not be handled
	210	+ */
	211	+ public function afterException($controller, $methodName, \Exception $exception): Response {
	212	+ if($exception instanceof SecurityException) {
	213	+ if($exception instanceof StrictCookieMissingException) {
	214	+ return new RedirectResponse(\OC::$WEBROOT);
	215	+ }
	216	+ if (stripos($this->request->getHeader('Accept'),'html') === false) {
	217	+ $response = new JSONResponse(
	218	+ ['message' => $exception->getMessage()],
	219	+ $exception->getCode()
	220	+ );
	221	+ } else {
	222	+ if($exception instanceof NotLoggedInException) {
	223	+ $params = [];
	224	+ if (isset($this->request->server['REQUEST_URI'])) {
	225	+ $params['redirect_url'] = $this->request->server['REQUEST_URI'];
	226	+ }
	227	+ $url = $this->urlGenerator->linkToRoute('core.login.showLoginForm', $params);
	228	+ $response = new RedirectResponse($url);
	229	+ } else {
	230	+ $response = new TemplateResponse('core', '403', ['message' => $exception->getMessage()], 'guest');
	231	+ $response->setStatus($exception->getCode());
	232	+ }
	233	+ }
	234	+
	235	+ $this->logger->logException($exception, [
	236	+ 'level' => ILogger::DEBUG,
	237	+ 'app' => 'core',
	238	+ ]);
	239	+ return $response;
	240	+ }
	241	+
	242	+ throw $exception;
	243	+ }
244	244
245	245	}

		@@ -137,17 +137,17 @@ discard block
		block discarded – undo
137	137
138	138	// security checks
139	139	$isPublicPage = $this->reflector->hasAnnotation('PublicPage');
140		- if(!$isPublicPage) {
141		- if(!$this->isLoggedIn) {
	140	+ if (!$isPublicPage) {
	141	+ if (!$this->isLoggedIn) {
142	142	throw new NotLoggedInException();
143	143	}
144	144
145		- if($this->reflector->hasAnnotation('SubAdminRequired')
	145	+ if ($this->reflector->hasAnnotation('SubAdminRequired')
146	146	&& !$this->isSubAdmin
147	147	&& !$this->isAdminUser) {
148	148	throw new NotAdminException($this->l10n->t('Logged in user must be an admin or sub admin'));
149	149	}
150		- if(!$this->reflector->hasAnnotation('SubAdminRequired')
	150	+ if (!$this->reflector->hasAnnotation('SubAdminRequired')
151	151	&& !$this->reflector->hasAnnotation('NoAdminRequired')
152	152	&& !$this->isAdminUser) {
153	153	throw new NotAdminException($this->l10n->t('Logged in user must be an admin'));
		@@ -155,14 +155,14 @@ discard block
		block discarded – undo
155	155	}
156	156
157	157	// Check for strict cookie requirement
158		- if($this->reflector->hasAnnotation('StrictCookieRequired') \|\| !$this->reflector->hasAnnotation('NoCSRFRequired')) {
159		- if(!$this->request->passesStrictCookieCheck()) {
	158	+ if ($this->reflector->hasAnnotation('StrictCookieRequired') \|\| !$this->reflector->hasAnnotation('NoCSRFRequired')) {
	159	+ if (!$this->request->passesStrictCookieCheck()) {
160	160	throw new StrictCookieMissingException();
161	161	}
162	162	}
163	163	// CSRF check - also registers the CSRF token since the session may be closed later
164	164	Util::callRegister();
165		- if(!$this->reflector->hasAnnotation('NoCSRFRequired')) {
	165	+ if (!$this->reflector->hasAnnotation('NoCSRFRequired')) {
166	166	/*
167	167	* Only allow the CSRF check to fail on OCS Requests. This kind of
168	168	* hacks around that we have no full token auth in place yet and we
		@@ -171,7 +171,7 @@ discard block
		block discarded – undo
171	171	* Additionally we allow Bearer authenticated requests to pass on OCS routes.
172	172	* This allows oauth apps (e.g. moodle) to use the OCS endpoints
173	173	*/
174		- if(!$this->request->passesCSRFCheck() && !(
	174	+ if (!$this->request->passesCSRFCheck() && !(
175	175	$controller instanceof OCSController && (
176	176	$this->request->getHeader('OCS-APIREQUEST') === 'true' \|\|
177	177	strpos($this->request->getHeader('Authorization'), 'Bearer ') === 0
		@@ -209,17 +209,17 @@ discard block
		block discarded – undo
209	209	* @return Response a Response object or null in case that the exception could not be handled
210	210	*/
211	211	public function afterException($controller, $methodName, \Exception $exception): Response {
212		- if($exception instanceof SecurityException) {
213		- if($exception instanceof StrictCookieMissingException) {
	212	+ if ($exception instanceof SecurityException) {
	213	+ if ($exception instanceof StrictCookieMissingException) {
214	214	return new RedirectResponse(\OC::$WEBROOT);
215	215	}
216		- if (stripos($this->request->getHeader('Accept'),'html') === false) {
	216	+ if (stripos($this->request->getHeader('Accept'), 'html') === false) {
217	217	$response = new JSONResponse(
218	218	['message' => $exception->getMessage()],
219	219	$exception->getCode()
220	220	);
221	221	} else {
222		- if($exception instanceof NotLoggedInException) {
	222	+ if ($exception instanceof NotLoggedInException) {
223	223	$params = [];
224	224	if (isset($this->request->server['REQUEST_URI'])) {
225	225	$params['redirect_url'] = $this->request->server['REQUEST_URI'];

		@@ -34,121 +34,121 @@
		block discarded – undo
34	34
35	35	class Http extends BaseHttp {
36	36
37		- private $server;
38		- private $protocolVersion;
39		- protected $headers;
40		-
41		- /**
42		- * @param array $server $_SERVER
43		- * @param string $protocolVersion the http version to use defaults to HTTP/1.1
44		- */
45		- public function __construct($server, $protocolVersion='HTTP/1.1') {
46		- $this->server = $server;
47		- $this->protocolVersion = $protocolVersion;
48		-
49		- $this->headers = [
50		- self::STATUS_CONTINUE => 'Continue',
51		- self::STATUS_SWITCHING_PROTOCOLS => 'Switching Protocols',
52		- self::STATUS_PROCESSING => 'Processing',
53		- self::STATUS_OK => 'OK',
54		- self::STATUS_CREATED => 'Created',
55		- self::STATUS_ACCEPTED => 'Accepted',
56		- self::STATUS_NON_AUTHORATIVE_INFORMATION => 'Non-Authorative Information',
57		- self::STATUS_NO_CONTENT => 'No Content',
58		- self::STATUS_RESET_CONTENT => 'Reset Content',
59		- self::STATUS_PARTIAL_CONTENT => 'Partial Content',
60		- self::STATUS_MULTI_STATUS => 'Multi-Status', // RFC 4918
61		- self::STATUS_ALREADY_REPORTED => 'Already Reported', // RFC 5842
62		- self::STATUS_IM_USED => 'IM Used', // RFC 3229
63		- self::STATUS_MULTIPLE_CHOICES => 'Multiple Choices',
64		- self::STATUS_MOVED_PERMANENTLY => 'Moved Permanently',
65		- self::STATUS_FOUND => 'Found',
66		- self::STATUS_SEE_OTHER => 'See Other',
67		- self::STATUS_NOT_MODIFIED => 'Not Modified',
68		- self::STATUS_USE_PROXY => 'Use Proxy',
69		- self::STATUS_RESERVED => 'Reserved',
70		- self::STATUS_TEMPORARY_REDIRECT => 'Temporary Redirect',
71		- self::STATUS_BAD_REQUEST => 'Bad request',
72		- self::STATUS_UNAUTHORIZED => 'Unauthorized',
73		- self::STATUS_PAYMENT_REQUIRED => 'Payment Required',
74		- self::STATUS_FORBIDDEN => 'Forbidden',
75		- self::STATUS_NOT_FOUND => 'Not Found',
76		- self::STATUS_METHOD_NOT_ALLOWED => 'Method Not Allowed',
77		- self::STATUS_NOT_ACCEPTABLE => 'Not Acceptable',
78		- self::STATUS_PROXY_AUTHENTICATION_REQUIRED => 'Proxy Authentication Required',
79		- self::STATUS_REQUEST_TIMEOUT => 'Request Timeout',
80		- self::STATUS_CONFLICT => 'Conflict',
81		- self::STATUS_GONE => 'Gone',
82		- self::STATUS_LENGTH_REQUIRED => 'Length Required',
83		- self::STATUS_PRECONDITION_FAILED => 'Precondition failed',
84		- self::STATUS_REQUEST_ENTITY_TOO_LARGE => 'Request Entity Too Large',
85		- self::STATUS_REQUEST_URI_TOO_LONG => 'Request-URI Too Long',
86		- self::STATUS_UNSUPPORTED_MEDIA_TYPE => 'Unsupported Media Type',
87		- self::STATUS_REQUEST_RANGE_NOT_SATISFIABLE => 'Requested Range Not Satisfiable',
88		- self::STATUS_EXPECTATION_FAILED => 'Expectation Failed',
89		- self::STATUS_IM_A_TEAPOT => 'I\'m a teapot', // RFC 2324
90		- self::STATUS_UNPROCESSABLE_ENTITY => 'Unprocessable Entity', // RFC 4918
91		- self::STATUS_LOCKED => 'Locked', // RFC 4918
92		- self::STATUS_FAILED_DEPENDENCY => 'Failed Dependency', // RFC 4918
93		- self::STATUS_UPGRADE_REQUIRED => 'Upgrade required',
94		- self::STATUS_PRECONDITION_REQUIRED => 'Precondition required', // draft-nottingham-http-new-status
95		- self::STATUS_TOO_MANY_REQUESTS => 'Too Many Requests', // draft-nottingham-http-new-status
96		- self::STATUS_REQUEST_HEADER_FIELDS_TOO_LARGE => 'Request Header Fields Too Large', // draft-nottingham-http-new-status
97		- self::STATUS_INTERNAL_SERVER_ERROR => 'Internal Server Error',
98		- self::STATUS_NOT_IMPLEMENTED => 'Not Implemented',
99		- self::STATUS_BAD_GATEWAY => 'Bad Gateway',
100		- self::STATUS_SERVICE_UNAVAILABLE => 'Service Unavailable',
101		- self::STATUS_GATEWAY_TIMEOUT => 'Gateway Timeout',
102		- self::STATUS_HTTP_VERSION_NOT_SUPPORTED => 'HTTP Version not supported',
103		- self::STATUS_VARIANT_ALSO_NEGOTIATES => 'Variant Also Negotiates',
104		- self::STATUS_INSUFFICIENT_STORAGE => 'Insufficient Storage', // RFC 4918
105		- self::STATUS_LOOP_DETECTED => 'Loop Detected', // RFC 5842
106		- self::STATUS_BANDWIDTH_LIMIT_EXCEEDED => 'Bandwidth Limit Exceeded', // non-standard
107		- self::STATUS_NOT_EXTENDED => 'Not extended',
108		- self::STATUS_NETWORK_AUTHENTICATION_REQUIRED => 'Network Authentication Required', // draft-nottingham-http-new-status
109		- ];
110		- }
111		-
112		-
113		- /**
114		- * Gets the correct header
115		- * @param int Http::CONSTANT $status the constant from the Http class
116		- * @param \DateTime $lastModified formatted last modified date
117		- * @param string $ETag the etag
118		- * @return string
119		- */
120		- public function getStatusHeader($status, \DateTime $lastModified=null,
121		- $ETag=null) {
122		-
123		- if(!is_null($lastModified)) {
124		- $lastModified = $lastModified->format(\DateTime::RFC2822);
125		- }
126		-
127		- // if etag or lastmodified have not changed, return a not modified
128		- if ((isset($this->server['HTTP_IF_NONE_MATCH'])
129		- && trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string)$ETag)
130		-
131		- \|\|
132		-
133		- (isset($this->server['HTTP_IF_MODIFIED_SINCE'])
134		- && trim($this->server['HTTP_IF_MODIFIED_SINCE']) ===
135		- $lastModified)) {
136		-
137		- $status = self::STATUS_NOT_MODIFIED;
138		- }
139		-
140		- // we have one change currently for the http 1.0 header that differs
141		- // from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND
142		- // if this differs any more, we want to create childclasses for this
143		- if($status === self::STATUS_TEMPORARY_REDIRECT
144		- && $this->protocolVersion === 'HTTP/1.0') {
145		-
146		- $status = self::STATUS_FOUND;
147		- }
148		-
149		- return $this->protocolVersion . ' ' . $status . ' ' .
150		- $this->headers[$status];
151		- }
	37	+ private $server;
	38	+ private $protocolVersion;
	39	+ protected $headers;
	40	+
	41	+ /**
	42	+ * @param array $server $_SERVER
	43	+ * @param string $protocolVersion the http version to use defaults to HTTP/1.1
	44	+ */
	45	+ public function __construct($server, $protocolVersion='HTTP/1.1') {
	46	+ $this->server = $server;
	47	+ $this->protocolVersion = $protocolVersion;
	48	+
	49	+ $this->headers = [
	50	+ self::STATUS_CONTINUE => 'Continue',
	51	+ self::STATUS_SWITCHING_PROTOCOLS => 'Switching Protocols',
	52	+ self::STATUS_PROCESSING => 'Processing',
	53	+ self::STATUS_OK => 'OK',
	54	+ self::STATUS_CREATED => 'Created',
	55	+ self::STATUS_ACCEPTED => 'Accepted',
	56	+ self::STATUS_NON_AUTHORATIVE_INFORMATION => 'Non-Authorative Information',
	57	+ self::STATUS_NO_CONTENT => 'No Content',
	58	+ self::STATUS_RESET_CONTENT => 'Reset Content',
	59	+ self::STATUS_PARTIAL_CONTENT => 'Partial Content',
	60	+ self::STATUS_MULTI_STATUS => 'Multi-Status', // RFC 4918
	61	+ self::STATUS_ALREADY_REPORTED => 'Already Reported', // RFC 5842
	62	+ self::STATUS_IM_USED => 'IM Used', // RFC 3229
	63	+ self::STATUS_MULTIPLE_CHOICES => 'Multiple Choices',
	64	+ self::STATUS_MOVED_PERMANENTLY => 'Moved Permanently',
	65	+ self::STATUS_FOUND => 'Found',
	66	+ self::STATUS_SEE_OTHER => 'See Other',
	67	+ self::STATUS_NOT_MODIFIED => 'Not Modified',
	68	+ self::STATUS_USE_PROXY => 'Use Proxy',
	69	+ self::STATUS_RESERVED => 'Reserved',
	70	+ self::STATUS_TEMPORARY_REDIRECT => 'Temporary Redirect',
	71	+ self::STATUS_BAD_REQUEST => 'Bad request',
	72	+ self::STATUS_UNAUTHORIZED => 'Unauthorized',
	73	+ self::STATUS_PAYMENT_REQUIRED => 'Payment Required',
	74	+ self::STATUS_FORBIDDEN => 'Forbidden',
	75	+ self::STATUS_NOT_FOUND => 'Not Found',
	76	+ self::STATUS_METHOD_NOT_ALLOWED => 'Method Not Allowed',
	77	+ self::STATUS_NOT_ACCEPTABLE => 'Not Acceptable',
	78	+ self::STATUS_PROXY_AUTHENTICATION_REQUIRED => 'Proxy Authentication Required',
	79	+ self::STATUS_REQUEST_TIMEOUT => 'Request Timeout',
	80	+ self::STATUS_CONFLICT => 'Conflict',
	81	+ self::STATUS_GONE => 'Gone',
	82	+ self::STATUS_LENGTH_REQUIRED => 'Length Required',
	83	+ self::STATUS_PRECONDITION_FAILED => 'Precondition failed',
	84	+ self::STATUS_REQUEST_ENTITY_TOO_LARGE => 'Request Entity Too Large',
	85	+ self::STATUS_REQUEST_URI_TOO_LONG => 'Request-URI Too Long',
	86	+ self::STATUS_UNSUPPORTED_MEDIA_TYPE => 'Unsupported Media Type',
	87	+ self::STATUS_REQUEST_RANGE_NOT_SATISFIABLE => 'Requested Range Not Satisfiable',
	88	+ self::STATUS_EXPECTATION_FAILED => 'Expectation Failed',
	89	+ self::STATUS_IM_A_TEAPOT => 'I\'m a teapot', // RFC 2324
	90	+ self::STATUS_UNPROCESSABLE_ENTITY => 'Unprocessable Entity', // RFC 4918
	91	+ self::STATUS_LOCKED => 'Locked', // RFC 4918
	92	+ self::STATUS_FAILED_DEPENDENCY => 'Failed Dependency', // RFC 4918
	93	+ self::STATUS_UPGRADE_REQUIRED => 'Upgrade required',
	94	+ self::STATUS_PRECONDITION_REQUIRED => 'Precondition required', // draft-nottingham-http-new-status
	95	+ self::STATUS_TOO_MANY_REQUESTS => 'Too Many Requests', // draft-nottingham-http-new-status
	96	+ self::STATUS_REQUEST_HEADER_FIELDS_TOO_LARGE => 'Request Header Fields Too Large', // draft-nottingham-http-new-status
	97	+ self::STATUS_INTERNAL_SERVER_ERROR => 'Internal Server Error',
	98	+ self::STATUS_NOT_IMPLEMENTED => 'Not Implemented',
	99	+ self::STATUS_BAD_GATEWAY => 'Bad Gateway',
	100	+ self::STATUS_SERVICE_UNAVAILABLE => 'Service Unavailable',
	101	+ self::STATUS_GATEWAY_TIMEOUT => 'Gateway Timeout',
	102	+ self::STATUS_HTTP_VERSION_NOT_SUPPORTED => 'HTTP Version not supported',
	103	+ self::STATUS_VARIANT_ALSO_NEGOTIATES => 'Variant Also Negotiates',
	104	+ self::STATUS_INSUFFICIENT_STORAGE => 'Insufficient Storage', // RFC 4918
	105	+ self::STATUS_LOOP_DETECTED => 'Loop Detected', // RFC 5842
	106	+ self::STATUS_BANDWIDTH_LIMIT_EXCEEDED => 'Bandwidth Limit Exceeded', // non-standard
	107	+ self::STATUS_NOT_EXTENDED => 'Not extended',
	108	+ self::STATUS_NETWORK_AUTHENTICATION_REQUIRED => 'Network Authentication Required', // draft-nottingham-http-new-status
	109	+ ];
	110	+ }
	111	+
	112	+
	113	+ /**
	114	+ * Gets the correct header
	115	+ * @param int Http::CONSTANT $status the constant from the Http class
	116	+ * @param \DateTime $lastModified formatted last modified date
	117	+ * @param string $ETag the etag
	118	+ * @return string
	119	+ */
	120	+ public function getStatusHeader($status, \DateTime $lastModified=null,
	121	+ $ETag=null) {
	122	+
	123	+ if(!is_null($lastModified)) {
	124	+ $lastModified = $lastModified->format(\DateTime::RFC2822);
	125	+ }
	126	+
	127	+ // if etag or lastmodified have not changed, return a not modified
	128	+ if ((isset($this->server['HTTP_IF_NONE_MATCH'])
	129	+ && trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string)$ETag)
	130	+
	131	+ \|\|
	132	+
	133	+ (isset($this->server['HTTP_IF_MODIFIED_SINCE'])
	134	+ && trim($this->server['HTTP_IF_MODIFIED_SINCE']) ===
	135	+ $lastModified)) {
	136	+
	137	+ $status = self::STATUS_NOT_MODIFIED;
	138	+ }
	139	+
	140	+ // we have one change currently for the http 1.0 header that differs
	141	+ // from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND
	142	+ // if this differs any more, we want to create childclasses for this
	143	+ if($status === self::STATUS_TEMPORARY_REDIRECT
	144	+ && $this->protocolVersion === 'HTTP/1.0') {
	145	+
	146	+ $status = self::STATUS_FOUND;
	147	+ }
	148	+
	149	+ return $this->protocolVersion . ' ' . $status . ' ' .
	150	+ $this->headers[$status];
	151	+ }
152	152
153	153
154	154	}

		@@ -42,7 +42,7 @@ discard block
		block discarded – undo
42	42	* @param array $server $_SERVER
43	43	* @param string $protocolVersion the http version to use defaults to HTTP/1.1
44	44	*/
45		- public function __construct($server, $protocolVersion='HTTP/1.1') {
	45	+ public function __construct($server, $protocolVersion = 'HTTP/1.1') {
46	46	$this->server = $server;
47	47	$this->protocolVersion = $protocolVersion;
48	48
		@@ -117,16 +117,16 @@ discard block
		block discarded – undo
117	117	* @param string $ETag the etag
118	118	* @return string
119	119	*/
120		- public function getStatusHeader($status, \DateTime $lastModified=null,
121		- $ETag=null) {
	120	+ public function getStatusHeader($status, \DateTime $lastModified = null,
	121	+ $ETag = null) {
122	122
123		- if(!is_null($lastModified)) {
	123	+ if (!is_null($lastModified)) {
124	124	$lastModified = $lastModified->format(\DateTime::RFC2822);
125	125	}
126	126
127	127	// if etag or lastmodified have not changed, return a not modified
128	128	if ((isset($this->server['HTTP_IF_NONE_MATCH'])
129		- && trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string)$ETag)
	129	+ && trim(trim($this->server['HTTP_IF_NONE_MATCH']), '"') === (string) $ETag)
130	130
131	131	\|\|
132	132
		@@ -140,13 +140,13 @@ discard block
		block discarded – undo
140	140	// we have one change currently for the http 1.0 header that differs
141	141	// from 1.1: STATUS_TEMPORARY_REDIRECT should be STATUS_FOUND
142	142	// if this differs any more, we want to create childclasses for this
143		- if($status === self::STATUS_TEMPORARY_REDIRECT
	143	+ if ($status === self::STATUS_TEMPORARY_REDIRECT
144	144	&& $this->protocolVersion === 'HTTP/1.0') {
145	145
146	146	$status = self::STATUS_FOUND;
147	147	}
148	148
149		- return $this->protocolVersion . ' ' . $status . ' ' .
	149	+ return $this->protocolVersion.' '.$status.' '.
150	150	$this->headers[$status];
151	151	}
152	152

		@@ -37,298 +37,298 @@
		block discarded – undo
37	37	*/
38	38	class OC_Defaults {
39	39
40		- private $theme;
	40	+ private $theme;
41	41
42		- private $defaultEntity;
43		- private $defaultName;
44		- private $defaultTitle;
45		- private $defaultBaseUrl;
46		- private $defaultSyncClientUrl;
47		- private $defaultiOSClientUrl;
48		- private $defaultiTunesAppId;
49		- private $defaultAndroidClientUrl;
50		- private $defaultDocBaseUrl;
51		- private $defaultDocVersion;
52		- private $defaultSlogan;
53		- private $defaultColorPrimary;
54		- private $defaultTextColorPrimary;
	42	+ private $defaultEntity;
	43	+ private $defaultName;
	44	+ private $defaultTitle;
	45	+ private $defaultBaseUrl;
	46	+ private $defaultSyncClientUrl;
	47	+ private $defaultiOSClientUrl;
	48	+ private $defaultiTunesAppId;
	49	+ private $defaultAndroidClientUrl;
	50	+ private $defaultDocBaseUrl;
	51	+ private $defaultDocVersion;
	52	+ private $defaultSlogan;
	53	+ private $defaultColorPrimary;
	54	+ private $defaultTextColorPrimary;
55	55
56		- public function __construct() {
57		- $config = \OC::$server->getConfig();
	56	+ public function __construct() {
	57	+ $config = \OC::$server->getConfig();
58	58
59		- $this->defaultEntity = 'Nextcloud'; /* e.g. company name, used for footers and copyright notices */
60		- $this->defaultName = 'Nextcloud'; /* short name, used when referring to the software */
61		- $this->defaultTitle = 'Nextcloud'; /* can be a longer name, for titles */
62		- $this->defaultBaseUrl = 'https://nextcloud.com';
63		- $this->defaultSyncClientUrl = $config->getSystemValue('customclient_desktop', 'https://nextcloud.com/install/#install-clients');
64		- $this->defaultiOSClientUrl = $config->getSystemValue('customclient_ios', 'https://geo.itunes.apple.com/us/app/nextcloud/id1125420102?mt=8');
65		- $this->defaultiTunesAppId = $config->getSystemValue('customclient_ios_appid', '1125420102');
66		- $this->defaultAndroidClientUrl = $config->getSystemValue('customclient_android', 'https://play.google.com/store/apps/details?id=com.nextcloud.client');
67		- $this->defaultDocBaseUrl = 'https://docs.nextcloud.com';
68		- $this->defaultDocVersion = \OC_Util::getVersion()[0]; // used to generate doc links
69		- $this->defaultColorPrimary = '#0082c9';
70		- $this->defaultTextColorPrimary = '#ffffff';
	59	+ $this->defaultEntity = 'Nextcloud'; /* e.g. company name, used for footers and copyright notices */
	60	+ $this->defaultName = 'Nextcloud'; /* short name, used when referring to the software */
	61	+ $this->defaultTitle = 'Nextcloud'; /* can be a longer name, for titles */
	62	+ $this->defaultBaseUrl = 'https://nextcloud.com';
	63	+ $this->defaultSyncClientUrl = $config->getSystemValue('customclient_desktop', 'https://nextcloud.com/install/#install-clients');
	64	+ $this->defaultiOSClientUrl = $config->getSystemValue('customclient_ios', 'https://geo.itunes.apple.com/us/app/nextcloud/id1125420102?mt=8');
	65	+ $this->defaultiTunesAppId = $config->getSystemValue('customclient_ios_appid', '1125420102');
	66	+ $this->defaultAndroidClientUrl = $config->getSystemValue('customclient_android', 'https://play.google.com/store/apps/details?id=com.nextcloud.client');
	67	+ $this->defaultDocBaseUrl = 'https://docs.nextcloud.com';
	68	+ $this->defaultDocVersion = \OC_Util::getVersion()[0]; // used to generate doc links
	69	+ $this->defaultColorPrimary = '#0082c9';
	70	+ $this->defaultTextColorPrimary = '#ffffff';
71	71
72		- $themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php';
73		- if (file_exists($themePath)) {
74		- // prevent defaults.php from printing output
75		- ob_start();
76		- require_once $themePath;
77		- ob_end_clean();
78		- if (class_exists('OC_Theme')) {
79		- $this->theme = new OC_Theme();
80		- }
81		- }
82		- }
	72	+ $themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php';
	73	+ if (file_exists($themePath)) {
	74	+ // prevent defaults.php from printing output
	75	+ ob_start();
	76	+ require_once $themePath;
	77	+ ob_end_clean();
	78	+ if (class_exists('OC_Theme')) {
	79	+ $this->theme = new OC_Theme();
	80	+ }
	81	+ }
	82	+ }
83	83
84		- /**
85		- * @param string $method
86		- */
87		- private function themeExist($method) {
88		- if (isset($this->theme) && method_exists($this->theme, $method)) {
89		- return true;
90		- }
91		- return false;
92		- }
	84	+ /**
	85	+ * @param string $method
	86	+ */
	87	+ private function themeExist($method) {
	88	+ if (isset($this->theme) && method_exists($this->theme, $method)) {
	89	+ return true;
	90	+ }
	91	+ return false;
	92	+ }
93	93
94		- /**
95		- * Returns the base URL
96		- * @return string URL
97		- */
98		- public function getBaseUrl() {
99		- if ($this->themeExist('getBaseUrl')) {
100		- return $this->theme->getBaseUrl();
101		- } else {
102		- return $this->defaultBaseUrl;
103		- }
104		- }
	94	+ /**
	95	+ * Returns the base URL
	96	+ * @return string URL
	97	+ */
	98	+ public function getBaseUrl() {
	99	+ if ($this->themeExist('getBaseUrl')) {
	100	+ return $this->theme->getBaseUrl();
	101	+ } else {
	102	+ return $this->defaultBaseUrl;
	103	+ }
	104	+ }
105	105
106		- /**
107		- * Returns the URL where the sync clients are listed
108		- * @return string URL
109		- */
110		- public function getSyncClientUrl() {
111		- if ($this->themeExist('getSyncClientUrl')) {
112		- return $this->theme->getSyncClientUrl();
113		- } else {
114		- return $this->defaultSyncClientUrl;
115		- }
116		- }
	106	+ /**
	107	+ * Returns the URL where the sync clients are listed
	108	+ * @return string URL
	109	+ */
	110	+ public function getSyncClientUrl() {
	111	+ if ($this->themeExist('getSyncClientUrl')) {
	112	+ return $this->theme->getSyncClientUrl();
	113	+ } else {
	114	+ return $this->defaultSyncClientUrl;
	115	+ }
	116	+ }
117	117
118		- /**
119		- * Returns the URL to the App Store for the iOS Client
120		- * @return string URL
121		- */
122		- public function getiOSClientUrl() {
123		- if ($this->themeExist('getiOSClientUrl')) {
124		- return $this->theme->getiOSClientUrl();
125		- } else {
126		- return $this->defaultiOSClientUrl;
127		- }
128		- }
	118	+ /**
	119	+ * Returns the URL to the App Store for the iOS Client
	120	+ * @return string URL
	121	+ */
	122	+ public function getiOSClientUrl() {
	123	+ if ($this->themeExist('getiOSClientUrl')) {
	124	+ return $this->theme->getiOSClientUrl();
	125	+ } else {
	126	+ return $this->defaultiOSClientUrl;
	127	+ }
	128	+ }
129	129
130		- /**
131		- * Returns the AppId for the App Store for the iOS Client
132		- * @return string AppId
133		- */
134		- public function getiTunesAppId() {
135		- if ($this->themeExist('getiTunesAppId')) {
136		- return $this->theme->getiTunesAppId();
137		- } else {
138		- return $this->defaultiTunesAppId;
139		- }
140		- }
	130	+ /**
	131	+ * Returns the AppId for the App Store for the iOS Client
	132	+ * @return string AppId
	133	+ */
	134	+ public function getiTunesAppId() {
	135	+ if ($this->themeExist('getiTunesAppId')) {
	136	+ return $this->theme->getiTunesAppId();
	137	+ } else {
	138	+ return $this->defaultiTunesAppId;
	139	+ }
	140	+ }
141	141
142		- /**
143		- * Returns the URL to Google Play for the Android Client
144		- * @return string URL
145		- */
146		- public function getAndroidClientUrl() {
147		- if ($this->themeExist('getAndroidClientUrl')) {
148		- return $this->theme->getAndroidClientUrl();
149		- } else {
150		- return $this->defaultAndroidClientUrl;
151		- }
152		- }
	142	+ /**
	143	+ * Returns the URL to Google Play for the Android Client
	144	+ * @return string URL
	145	+ */
	146	+ public function getAndroidClientUrl() {
	147	+ if ($this->themeExist('getAndroidClientUrl')) {
	148	+ return $this->theme->getAndroidClientUrl();
	149	+ } else {
	150	+ return $this->defaultAndroidClientUrl;
	151	+ }
	152	+ }
153	153
154		- /**
155		- * Returns the documentation URL
156		- * @return string URL
157		- */
158		- public function getDocBaseUrl() {
159		- if ($this->themeExist('getDocBaseUrl')) {
160		- return $this->theme->getDocBaseUrl();
161		- } else {
162		- return $this->defaultDocBaseUrl;
163		- }
164		- }
	154	+ /**
	155	+ * Returns the documentation URL
	156	+ * @return string URL
	157	+ */
	158	+ public function getDocBaseUrl() {
	159	+ if ($this->themeExist('getDocBaseUrl')) {
	160	+ return $this->theme->getDocBaseUrl();
	161	+ } else {
	162	+ return $this->defaultDocBaseUrl;
	163	+ }
	164	+ }
165	165
166		- /**
167		- * Returns the title
168		- * @return string title
169		- */
170		- public function getTitle() {
171		- if ($this->themeExist('getTitle')) {
172		- return $this->theme->getTitle();
173		- } else {
174		- return $this->defaultTitle;
175		- }
176		- }
	166	+ /**
	167	+ * Returns the title
	168	+ * @return string title
	169	+ */
	170	+ public function getTitle() {
	171	+ if ($this->themeExist('getTitle')) {
	172	+ return $this->theme->getTitle();
	173	+ } else {
	174	+ return $this->defaultTitle;
	175	+ }
	176	+ }
177	177
178		- /**
179		- * Returns the short name of the software
180		- * @return string title
181		- */
182		- public function getName() {
183		- if ($this->themeExist('getName')) {
184		- return $this->theme->getName();
185		- } else {
186		- return $this->defaultName;
187		- }
188		- }
	178	+ /**
	179	+ * Returns the short name of the software
	180	+ * @return string title
	181	+ */
	182	+ public function getName() {
	183	+ if ($this->themeExist('getName')) {
	184	+ return $this->theme->getName();
	185	+ } else {
	186	+ return $this->defaultName;
	187	+ }
	188	+ }
189	189
190		- /**
191		- * Returns the short name of the software containing HTML strings
192		- * @return string title
193		- */
194		- public function getHTMLName() {
195		- if ($this->themeExist('getHTMLName')) {
196		- return $this->theme->getHTMLName();
197		- } else {
198		- return $this->defaultName;
199		- }
200		- }
	190	+ /**
	191	+ * Returns the short name of the software containing HTML strings
	192	+ * @return string title
	193	+ */
	194	+ public function getHTMLName() {
	195	+ if ($this->themeExist('getHTMLName')) {
	196	+ return $this->theme->getHTMLName();
	197	+ } else {
	198	+ return $this->defaultName;
	199	+ }
	200	+ }
201	201
202		- /**
203		- * Returns entity (e.g. company name) - used for footer, copyright
204		- * @return string entity name
205		- */
206		- public function getEntity() {
207		- if ($this->themeExist('getEntity')) {
208		- return $this->theme->getEntity();
209		- } else {
210		- return $this->defaultEntity;
211		- }
212		- }
	202	+ /**
	203	+ * Returns entity (e.g. company name) - used for footer, copyright
	204	+ * @return string entity name
	205	+ */
	206	+ public function getEntity() {
	207	+ if ($this->themeExist('getEntity')) {
	208	+ return $this->theme->getEntity();
	209	+ } else {
	210	+ return $this->defaultEntity;
	211	+ }
	212	+ }
213	213
214		- /**
215		- * Returns slogan
216		- * @return string slogan
217		- */
218		- public function getSlogan() {
219		- if ($this->themeExist('getSlogan')) {
220		- return $this->theme->getSlogan();
221		- } else {
222		- if ($this->defaultSlogan === null) {
223		- $l10n = \OC::$server->getL10N('lib');
224		- $this->defaultSlogan = $l10n->t('a safe home for all your data');
225		- }
226		- return $this->defaultSlogan;
227		- }
228		- }
	214	+ /**
	215	+ * Returns slogan
	216	+ * @return string slogan
	217	+ */
	218	+ public function getSlogan() {
	219	+ if ($this->themeExist('getSlogan')) {
	220	+ return $this->theme->getSlogan();
	221	+ } else {
	222	+ if ($this->defaultSlogan === null) {
	223	+ $l10n = \OC::$server->getL10N('lib');
	224	+ $this->defaultSlogan = $l10n->t('a safe home for all your data');
	225	+ }
	226	+ return $this->defaultSlogan;
	227	+ }
	228	+ }
229	229
230		- /**
231		- * Returns logo claim
232		- * @return string logo claim
233		- * @deprecated 13.0.0
234		- */
235		- public function getLogoClaim() {
236		- return '';
237		- }
	230	+ /**
	231	+ * Returns logo claim
	232	+ * @return string logo claim
	233	+ * @deprecated 13.0.0
	234	+ */
	235	+ public function getLogoClaim() {
	236	+ return '';
	237	+ }
238	238
239		- /**
240		- * Returns short version of the footer
241		- * @return string short footer
242		- */
243		- public function getShortFooter() {
244		- if ($this->themeExist('getShortFooter')) {
245		- $footer = $this->theme->getShortFooter();
246		- } else {
247		- $footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' .
248		- ' rel="noreferrer noopener">' .$this->getEntity() . '</a>'.
249		- ' – ' . $this->getSlogan();
250		- }
	239	+ /**
	240	+ * Returns short version of the footer
	241	+ * @return string short footer
	242	+ */
	243	+ public function getShortFooter() {
	244	+ if ($this->themeExist('getShortFooter')) {
	245	+ $footer = $this->theme->getShortFooter();
	246	+ } else {
	247	+ $footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' .
	248	+ ' rel="noreferrer noopener">' .$this->getEntity() . '</a>'.
	249	+ ' – ' . $this->getSlogan();
	250	+ }
251	251
252		- return $footer;
253		- }
	252	+ return $footer;
	253	+ }
254	254
255		- /**
256		- * Returns long version of the footer
257		- * @return string long footer
258		- */
259		- public function getLongFooter() {
260		- if ($this->themeExist('getLongFooter')) {
261		- $footer = $this->theme->getLongFooter();
262		- } else {
263		- $footer = $this->getShortFooter();
264		- }
	255	+ /**
	256	+ * Returns long version of the footer
	257	+ * @return string long footer
	258	+ */
	259	+ public function getLongFooter() {
	260	+ if ($this->themeExist('getLongFooter')) {
	261	+ $footer = $this->theme->getLongFooter();
	262	+ } else {
	263	+ $footer = $this->getShortFooter();
	264	+ }
265	265
266		- return $footer;
267		- }
	266	+ return $footer;
	267	+ }
268	268
269		- /**
270		- * @param string $key
271		- * @return string URL to doc with key
272		- */
273		- public function buildDocLinkToKey($key) {
274		- if ($this->themeExist('buildDocLinkToKey')) {
275		- return $this->theme->buildDocLinkToKey($key);
276		- }
277		- return $this->getDocBaseUrl() . '/server/' . $this->defaultDocVersion . '/go.php?to=' . $key;
278		- }
	269	+ /**
	270	+ * @param string $key
	271	+ * @return string URL to doc with key
	272	+ */
	273	+ public function buildDocLinkToKey($key) {
	274	+ if ($this->themeExist('buildDocLinkToKey')) {
	275	+ return $this->theme->buildDocLinkToKey($key);
	276	+ }
	277	+ return $this->getDocBaseUrl() . '/server/' . $this->defaultDocVersion . '/go.php?to=' . $key;
	278	+ }
279	279
280		- /**
281		- * Returns primary color
282		- * @return string
283		- */
284		- public function getColorPrimary() {
	280	+ /**
	281	+ * Returns primary color
	282	+ * @return string
	283	+ */
	284	+ public function getColorPrimary() {
285	285
286		- if ($this->themeExist('getColorPrimary')) {
287		- return $this->theme->getColorPrimary();
288		- }
289		- if ($this->themeExist('getMailHeaderColor')) {
290		- return $this->theme->getMailHeaderColor();
291		- }
292		- return $this->defaultColorPrimary;
293		- }
	286	+ if ($this->themeExist('getColorPrimary')) {
	287	+ return $this->theme->getColorPrimary();
	288	+ }
	289	+ if ($this->themeExist('getMailHeaderColor')) {
	290	+ return $this->theme->getMailHeaderColor();
	291	+ }
	292	+ return $this->defaultColorPrimary;
	293	+ }
294	294
295		- /**
296		- * @return array scss variables to overwrite
297		- */
298		- public function getScssVariables() {
299		- if($this->themeExist('getScssVariables')) {
300		- return $this->theme->getScssVariables();
301		- }
302		- return [];
303		- }
	295	+ /**
	296	+ * @return array scss variables to overwrite
	297	+ */
	298	+ public function getScssVariables() {
	299	+ if($this->themeExist('getScssVariables')) {
	300	+ return $this->theme->getScssVariables();
	301	+ }
	302	+ return [];
	303	+ }
304	304
305		- public function shouldReplaceIcons() {
306		- return false;
307		- }
	305	+ public function shouldReplaceIcons() {
	306	+ return false;
	307	+ }
308	308
309		- /**
310		- * Themed logo url
311		- *
312		- * @param bool $useSvg Whether to point to the SVG image or a fallback
313		- * @return string
314		- */
315		- public function getLogo($useSvg = true) {
316		- if ($this->themeExist('getLogo')) {
317		- return $this->theme->getLogo($useSvg);
318		- }
	309	+ /**
	310	+ * Themed logo url
	311	+ *
	312	+ * @param bool $useSvg Whether to point to the SVG image or a fallback
	313	+ * @return string
	314	+ */
	315	+ public function getLogo($useSvg = true) {
	316	+ if ($this->themeExist('getLogo')) {
	317	+ return $this->theme->getLogo($useSvg);
	318	+ }
319	319
320		- if($useSvg) {
321		- $logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.svg');
322		- } else {
323		- $logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.png');
324		- }
325		- return $logo . '?v=' . hash('sha1', implode('.', \OCP\Util::getVersion()));
326		- }
	320	+ if($useSvg) {
	321	+ $logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.svg');
	322	+ } else {
	323	+ $logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.png');
	324	+ }
	325	+ return $logo . '?v=' . hash('sha1', implode('.', \OCP\Util::getVersion()));
	326	+ }
327	327
328		- public function getTextColorPrimary() {
329		- if ($this->themeExist('getTextColorPrimary')) {
330		- return $this->theme->getTextColorPrimary();
331		- }
332		- return $this->defaultTextColorPrimary;
333		- }
	328	+ public function getTextColorPrimary() {
	329	+ if ($this->themeExist('getTextColorPrimary')) {
	330	+ return $this->theme->getTextColorPrimary();
	331	+ }
	332	+ return $this->defaultTextColorPrimary;
	333	+ }
334	334	}

		@@ -69,7 +69,7 @@ discard block
		block discarded – undo
69	69	$this->defaultColorPrimary = '#0082c9';
70	70	$this->defaultTextColorPrimary = '#ffffff';
71	71
72		- $themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php';
	72	+ $themePath = OC::$SERVERROOT.'/themes/'.OC_Util::getTheme().'/defaults.php';
73	73	if (file_exists($themePath)) {
74	74	// prevent defaults.php from printing output
75	75	ob_start();
		@@ -244,9 +244,9 @@ discard block
		block discarded – undo
244	244	if ($this->themeExist('getShortFooter')) {
245	245	$footer = $this->theme->getShortFooter();
246	246	} else {
247		- $footer = '<a href="'. $this->getBaseUrl() . '" target="_blank"' .
248		- ' rel="noreferrer noopener">' .$this->getEntity() . '</a>'.
249		- ' – ' . $this->getSlogan();
	247	+ $footer = '<a href="'.$this->getBaseUrl().'" target="_blank"'.
	248	+ ' rel="noreferrer noopener">'.$this->getEntity().'</a>'.
	249	+ ' – '.$this->getSlogan();
250	250	}
251	251
252	252	return $footer;
		@@ -274,7 +274,7 @@ discard block
		block discarded – undo
274	274	if ($this->themeExist('buildDocLinkToKey')) {
275	275	return $this->theme->buildDocLinkToKey($key);
276	276	}
277		- return $this->getDocBaseUrl() . '/server/' . $this->defaultDocVersion . '/go.php?to=' . $key;
	277	+ return $this->getDocBaseUrl().'/server/'.$this->defaultDocVersion.'/go.php?to='.$key;
278	278	}
279	279
280	280	/**
		@@ -296,7 +296,7 @@ discard block
		block discarded – undo
296	296	* @return array scss variables to overwrite
297	297	*/
298	298	public function getScssVariables() {
299		- if($this->themeExist('getScssVariables')) {
	299	+ if ($this->themeExist('getScssVariables')) {
300	300	return $this->theme->getScssVariables();
301	301	}
302	302	return [];
		@@ -317,12 +317,12 @@ discard block
		block discarded – undo
317	317	return $this->theme->getLogo($useSvg);
318	318	}
319	319
320		- if($useSvg) {
	320	+ if ($useSvg) {
321	321	$logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.svg');
322	322	} else {
323	323	$logo = \OC::$server->getURLGenerator()->imagePath('core', 'logo/logo.png');
324	324	}
325		- return $logo . '?v=' . hash('sha1', implode('.', \OCP\Util::getVersion()));
	325	+ return $logo.'?v='.hash('sha1', implode('.', \OCP\Util::getVersion()));
326	326	}
327	327
328	328	public function getTextColorPrimary() {

		@@ -89,13 +89,11 @@ discard block
		block discarded – undo
89	89	if (count($rangeArray) > 1) {
90	90	$type = 'multipart/byteranges; boundary='.self::getBoundary();
91	91	// no Content-Length header here
92		- }
93		- else {
	92	+ } else {
94	93	header(sprintf('Content-Range: bytes %d-%d/%d', $rangeArray[0]['from'], $rangeArray[0]['to'], $fileSize), true);
95	94	OC_Response::setContentLengthHeader($rangeArray[0]['to'] - $rangeArray[0]['from'] + 1);
96	95	}
97		- }
98		- else {
	96	+ } else {
99	97	OC_Response::setContentLengthHeader($fileSize);
100	98	}
101	99	}
		@@ -263,13 +261,11 @@ discard block
		block discarded – undo
263	261	if ($minOffset >= $fileSize) {
264	262	break;
265	263	}
266		- }
267		- elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
	264	+ } elseif (is_numeric($ranges[0]) && $ranges[0] < $fileSize) {
268	265	// case: x-
269	266	$rangeArray[$ind++] = [ 'from' => $ranges[0], 'to' => $fileSize-1, 'size' => $fileSize ];
270	267	break;
271		- }
272		- elseif (is_numeric($ranges[1])) {
	268	+ } elseif (is_numeric($ranges[1])) {
273	269	// case: -x
274	270	if ($ranges[1] > $fileSize) {
275	271	$ranges[1] = $fileSize;
		@@ -331,8 +327,7 @@ discard block
		block discarded – undo
331	327	try {
332	328	if (count($rangeArray) == 1) {
333	329	$view->readfilePart($filename, $rangeArray[0]['from'], $rangeArray[0]['to']);
334		- }
335		- else {
	330	+ } else {
336	331	// check if file is seekable (if not throw UnseekableException)
337	332	// we have to check it before body contents
338	333	$view->readfilePart($filename, $rangeArray[0]['size'], $rangeArray[0]['size']);
		@@ -355,8 +350,7 @@ discard block
		block discarded – undo
355	350	self::sendHeaders($filename, $name, []);
356	351	$view->readfile($filename);
357	352	}
358		- }
359		- else {
	353	+ } else {
360	354	$view->readfile($filename);
361	355	}
362	356	}

		@@ -34,118 +34,118 @@
		block discarded – undo
34	34	* @deprecated 18.0.0 use events and the \OCP\EventDispatcher\IEventDispatcher service
35	35	*/
36	36	class OC_Hook {
37		- public static $thrownExceptions = [];
	37	+ public static $thrownExceptions = [];
38	38
39		- static private $registered = [];
	39	+ static private $registered = [];
40	40
41		- /**
42		- * connects a function to a hook
43		- *
44		- * @param string $signalClass class name of emitter
45		- * @param string $signalName name of signal
46		- * @param string\|object $slotClass class name of slot
47		- * @param string $slotName name of slot
48		- * @return bool
49		- *
50		- * This function makes it very easy to connect to use hooks.
51		- *
52		- * TODO: write example
53		- */
54		- static public function connect($signalClass, $signalName, $slotClass, $slotName ) {
55		- // If we're trying to connect to an emitting class that isn't
56		- // yet registered, register it
57		- if( !array_key_exists($signalClass, self::$registered )) {
58		- self::$registered[$signalClass] = [];
59		- }
60		- // If we're trying to connect to an emitting method that isn't
61		- // yet registered, register it with the emitting class
62		- if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
63		- self::$registered[$signalClass][$signalName] = [];
64		- }
	41	+ /**
	42	+ * connects a function to a hook
	43	+ *
	44	+ * @param string $signalClass class name of emitter
	45	+ * @param string $signalName name of signal
	46	+ * @param string\|object $slotClass class name of slot
	47	+ * @param string $slotName name of slot
	48	+ * @return bool
	49	+ *
	50	+ * This function makes it very easy to connect to use hooks.
	51	+ *
	52	+ * TODO: write example
	53	+ */
	54	+ static public function connect($signalClass, $signalName, $slotClass, $slotName ) {
	55	+ // If we're trying to connect to an emitting class that isn't
	56	+ // yet registered, register it
	57	+ if( !array_key_exists($signalClass, self::$registered )) {
	58	+ self::$registered[$signalClass] = [];
	59	+ }
	60	+ // If we're trying to connect to an emitting method that isn't
	61	+ // yet registered, register it with the emitting class
	62	+ if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
	63	+ self::$registered[$signalClass][$signalName] = [];
	64	+ }
65	65
66		- // don't connect hooks twice
67		- foreach (self::$registered[$signalClass][$signalName] as $hook) {
68		- if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
69		- return false;
70		- }
71		- }
72		- // Connect the hook handler to the requested emitter
73		- self::$registered[$signalClass][$signalName][] = [
74		- "class" => $slotClass,
75		- "name" => $slotName
76		- ];
	66	+ // don't connect hooks twice
	67	+ foreach (self::$registered[$signalClass][$signalName] as $hook) {
	68	+ if ($hook['class'] === $slotClass and $hook['name'] === $slotName) {
	69	+ return false;
	70	+ }
	71	+ }
	72	+ // Connect the hook handler to the requested emitter
	73	+ self::$registered[$signalClass][$signalName][] = [
	74	+ "class" => $slotClass,
	75	+ "name" => $slotName
	76	+ ];
77	77
78		- // No chance for failure ;-)
79		- return true;
80		- }
	78	+ // No chance for failure ;-)
	79	+ return true;
	80	+ }
81	81
82		- /**
83		- * emits a signal
84		- *
85		- * @param string $signalClass class name of emitter
86		- * @param string $signalName name of signal
87		- * @param mixed $params default: array() array with additional data
88		- * @return bool true if slots exists or false if not
89		- * @throws \OC\HintException
90		- * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
91		- *
92		- * TODO: write example
93		- */
94		- static public function emit($signalClass, $signalName, $params = []) {
	82	+ /**
	83	+ * emits a signal
	84	+ *
	85	+ * @param string $signalClass class name of emitter
	86	+ * @param string $signalName name of signal
	87	+ * @param mixed $params default: array() array with additional data
	88	+ * @return bool true if slots exists or false if not
	89	+ * @throws \OC\HintException
	90	+ * @throws \OC\ServerNotAvailableException Emits a signal. To get data from the slot use references!
	91	+ *
	92	+ * TODO: write example
	93	+ */
	94	+ static public function emit($signalClass, $signalName, $params = []) {
95	95
96		- // Return false if no hook handlers are listening to this
97		- // emitting class
98		- if( !array_key_exists($signalClass, self::$registered )) {
99		- return false;
100		- }
	96	+ // Return false if no hook handlers are listening to this
	97	+ // emitting class
	98	+ if( !array_key_exists($signalClass, self::$registered )) {
	99	+ return false;
	100	+ }
101	101
102		- // Return false if no hook handlers are listening to this
103		- // emitting method
104		- if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
105		- return false;
106		- }
	102	+ // Return false if no hook handlers are listening to this
	103	+ // emitting method
	104	+ if( !array_key_exists( $signalName, self::$registered[$signalClass] )) {
	105	+ return false;
	106	+ }
107	107
108		- // Call all slots
109		- foreach( self::$registered[$signalClass][$signalName] as $i ) {
110		- try {
111		- call_user_func( [ $i["class"], $i["name"] ], $params );
112		- } catch (Exception $e){
113		- self::$thrownExceptions[] = $e;
114		- \OC::$server->getLogger()->logException($e);
115		- if($e instanceof \OC\HintException) {
116		- throw $e;
117		- }
118		- if($e instanceof \OC\ServerNotAvailableException) {
119		- throw $e;
120		- }
121		- }
122		- }
	108	+ // Call all slots
	109	+ foreach( self::$registered[$signalClass][$signalName] as $i ) {
	110	+ try {
	111	+ call_user_func( [ $i["class"], $i["name"] ], $params );
	112	+ } catch (Exception $e){
	113	+ self::$thrownExceptions[] = $e;
	114	+ \OC::$server->getLogger()->logException($e);
	115	+ if($e instanceof \OC\HintException) {
	116	+ throw $e;
	117	+ }
	118	+ if($e instanceof \OC\ServerNotAvailableException) {
	119	+ throw $e;
	120	+ }
	121	+ }
	122	+ }
123	123
124		- return true;
125		- }
	124	+ return true;
	125	+ }
126	126
127		- /**
128		- * clear hooks
129		- * @param string $signalClass
130		- * @param string $signalName
131		- */
132		- static public function clear($signalClass='', $signalName='') {
133		- if ($signalClass) {
134		- if ($signalName) {
135		- self::$registered[$signalClass][$signalName]=[];
136		- }else{
137		- self::$registered[$signalClass]=[];
138		- }
139		- }else{
140		- self::$registered=[];
141		- }
142		- }
	127	+ /**
	128	+ * clear hooks
	129	+ * @param string $signalClass
	130	+ * @param string $signalName
	131	+ */
	132	+ static public function clear($signalClass='', $signalName='') {
	133	+ if ($signalClass) {
	134	+ if ($signalName) {
	135	+ self::$registered[$signalClass][$signalName]=[];
	136	+ }else{
	137	+ self::$registered[$signalClass]=[];
	138	+ }
	139	+ }else{
	140	+ self::$registered=[];
	141	+ }
	142	+ }
143	143
144		- /**
145		- * DO NOT USE!
146		- * For unit tests ONLY!
147		- */
148		- static public function getHooks() {
149		- return self::$registered;
150		- }
	144	+ /**
	145	+ * DO NOT USE!
	146	+ * For unit tests ONLY!
	147	+ */
	148	+ static public function getHooks() {
	149	+ return self::$registered;
	150	+ }
151	151	}

		@@ -111,7 +111,7 @@ discard block
		block discarded – undo
111	111	$this->configuration = new Configuration($configPrefix,
112	112	!is_null($configID));
113	113	$memcache = \OC::$server->getMemCacheFactory();
114		- if($memcache->isAvailable()) {
	114	+ if ($memcache->isAvailable()) {
115	115	$this->cache = $memcache->createDistributed();
116	116	}
117	117	$helper = new Helper(\OC::$server->getConfig());
		@@ -120,7 +120,7 @@ discard block
		block discarded – undo
120	120	}
121	121
122	122	public function __destruct() {
123		- if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
	123	+ if (!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
124	124	@$this->ldap->unbind($this->ldapConnectionRes);
125	125	$this->bindResult = [];
126	126	}
		@@ -132,7 +132,7 @@ discard block
		block discarded – undo
132	132	public function __clone() {
133	133	$this->configuration = new Configuration($this->configPrefix,
134	134	!is_null($this->configID));
135		- if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
	135	+ if (count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
136	136	$this->bindResult = [];
137	137	}
138	138	$this->ldapConnectionRes = null;
		@@ -144,7 +144,7 @@ discard block
		block discarded – undo
144	144	* @return bool\|mixed
145	145	*/
146	146	public function __get($name) {
147		- if(!$this->configured) {
	147	+ if (!$this->configured) {
148	148	$this->readConfiguration();
149	149	}
150	150
		@@ -160,7 +160,7 @@ discard block
		block discarded – undo
160	160	$before = $this->configuration->$name;
161	161	$this->configuration->$name = $value;
162	162	$after = $this->configuration->$name;
163		- if($before !== $after) {
	163	+ if ($before !== $after) {
164	164	if ($this->configID !== '' && $this->configID !== null) {
165	165	$this->configuration->saveConfiguration();
166	166	}
		@@ -184,7 +184,7 @@ discard block
		block discarded – undo
184	184	* @param bool $state
185	185	*/
186	186	public function setIgnoreValidation($state) {
187		- $this->ignoreValidation = (bool)$state;
	187	+ $this->ignoreValidation = (bool) $state;
188	188	}
189	189
190	190	/**
		@@ -200,14 +200,14 @@ discard block
		block discarded – undo
200	200	* Returns the LDAP handler
201	201	*/
202	202	public function getConnectionResource() {
203		- if(!$this->ldapConnectionRes) {
	203	+ if (!$this->ldapConnectionRes) {
204	204	$this->init();
205		- } else if(!$this->ldap->isResource($this->ldapConnectionRes)) {
	205	+ } else if (!$this->ldap->isResource($this->ldapConnectionRes)) {
206	206	$this->ldapConnectionRes = null;
207	207	$this->establishConnection();
208	208	}
209		- if(is_null($this->ldapConnectionRes)) {
210		- \OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
	209	+ if (is_null($this->ldapConnectionRes)) {
	210	+ \OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server '.$this->configuration->ldapHost, ILogger::ERROR);
211	211	throw new ServerNotAvailableException('Connection to LDAP server could not be established');
212	212	}
213	213	return $this->ldapConnectionRes;
		@@ -217,7 +217,7 @@ discard block
		block discarded – undo
217	217	* resets the connection resource
218	218	*/
219	219	public function resetConnectionResource() {
220		- if(!is_null($this->ldapConnectionRes)) {
	220	+ if (!is_null($this->ldapConnectionRes)) {
221	221	@$this->ldap->unbind($this->ldapConnectionRes);
222	222	$this->ldapConnectionRes = null;
223	223	$this->bindResult = [];
		@@ -230,7 +230,7 @@ discard block
		block discarded – undo
230	230	*/
231	231	private function getCacheKey($key) {
232	232	$prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-';
233		- if(is_null($key)) {
	233	+ if (is_null($key)) {
234	234	return $prefix;
235	235	}
236	236	return $prefix.hash('sha256', $key);
		@@ -241,10 +241,10 @@ discard block
		block discarded – undo
241	241	* @return mixed\|null
242	242	*/
243	243	public function getFromCache($key) {
244		- if(!$this->configured) {
	244	+ if (!$this->configured) {
245	245	$this->readConfiguration();
246	246	}
247		- if(is_null($this->cache) \|\| !$this->configuration->ldapCacheTTL) {
	247	+ if (is_null($this->cache) \|\| !$this->configuration->ldapCacheTTL) {
248	248	return null;
249	249	}
250	250	$key = $this->getCacheKey($key);
		@@ -259,10 +259,10 @@ discard block
		block discarded – undo
259	259	* @return string
260	260	*/
261	261	public function writeToCache($key, $value) {
262		- if(!$this->configured) {
	262	+ if (!$this->configured) {
263	263	$this->readConfiguration();
264	264	}
265		- if(is_null($this->cache)
	265	+ if (is_null($this->cache)
266	266	\|\| !$this->configuration->ldapCacheTTL
267	267	\|\| !$this->configuration->ldapConfigurationActive) {
268	268	return null;
		@@ -273,7 +273,7 @@ discard block
		block discarded – undo
273	273	}
274	274
275	275	public function clearCache() {
276		- if(!is_null($this->cache)) {
	276	+ if (!is_null($this->cache)) {
277	277	$this->cache->clear($this->getCacheKey(null));
278	278	}
279	279	}
		@@ -285,7 +285,7 @@ discard block
		block discarded – undo
285	285	* @return null
286	286	*/
287	287	private function readConfiguration($force = false) {
288		- if((!$this->configured \|\| $force) && !is_null($this->configID)) {
	288	+ if ((!$this->configured \|\| $force) && !is_null($this->configID)) {
289	289	$this->configuration->readConfiguration();
290	290	$this->configured = $this->validateConfiguration();
291	291	}
		@@ -298,12 +298,12 @@ discard block
		block discarded – undo
298	298	* @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters
299	299	*/
300	300	public function setConfiguration($config, &$setParameters = null) {
301		- if(is_null($setParameters)) {
	301	+ if (is_null($setParameters)) {
302	302	$setParameters = [];
303	303	}
304	304	$this->doNotValidate = false;
305	305	$this->configuration->setConfiguration($config, $setParameters);
306		- if(count($setParameters) > 0) {
	306	+ if (count($setParameters) > 0) {
307	307	$this->configured = $this->validateConfiguration();
308	308	}
309	309
		@@ -330,10 +330,10 @@ discard block
		block discarded – undo
330	330	$config = $this->configuration->getConfiguration();
331	331	$cta = $this->configuration->getConfigTranslationArray();
332	332	$result = [];
333		- foreach($cta as $dbkey => $configkey) {
334		- switch($configkey) {
	333	+ foreach ($cta as $dbkey => $configkey) {
	334	+ switch ($configkey) {
335	335	case 'homeFolderNamingRule':
336		- if(strpos($config[$configkey], 'attr:') === 0) {
	336	+ if (strpos($config[$configkey], 'attr:') === 0) {
337	337	$result[$dbkey] = substr($config[$configkey], 5);
338	338	} else {
339	339	$result[$dbkey] = '';
		@@ -344,7 +344,7 @@ discard block
		block discarded – undo
344	344	case 'ldapBaseGroups':
345	345	case 'ldapAttributesForUserSearch':
346	346	case 'ldapAttributesForGroupSearch':
347		- if(is_array($config[$configkey])) {
	347	+ if (is_array($config[$configkey])) {
348	348	$result[$dbkey] = implode("\n", $config[$configkey]);
349	349	break;
350	350	} //else follows default
		@@ -357,23 +357,23 @@ discard block
		block discarded – undo
357	357
358	358	private function doSoftValidation() {
359	359	//if User or Group Base are not set, take over Base DN setting
360		- foreach(['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
	360	+ foreach (['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
361	361	$val = $this->configuration->$keyBase;
362		- if(empty($val)) {
	362	+ if (empty($val)) {
363	363	$this->configuration->$keyBase = $this->configuration->ldapBase;
364	364	}
365	365	}
366	366
367		- foreach(['ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute',
	367	+ foreach (['ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute',
368	368	'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute']
369	369	as $expertSetting => $effectiveSetting) {
370	370	$uuidOverride = $this->configuration->$expertSetting;
371		- if(!empty($uuidOverride)) {
	371	+ if (!empty($uuidOverride)) {
372	372	$this->configuration->$effectiveSetting = $uuidOverride;
373	373	} else {
374	374	$uuidAttributes = Access::UUID_ATTRIBUTES;
375	375	array_unshift($uuidAttributes, 'auto');
376		- if(!in_array($this->configuration->$effectiveSetting,
	376	+ if (!in_array($this->configuration->$effectiveSetting,
377	377	$uuidAttributes)
378	378	&& (!is_null($this->configID))) {
379	379	$this->configuration->$effectiveSetting = 'auto';
		@@ -387,7 +387,7 @@ discard block
		block discarded – undo
387	387	}
388	388	}
389	389
390		- $backupPort = (int)$this->configuration->ldapBackupPort;
	390	+ $backupPort = (int) $this->configuration->ldapBackupPort;
391	391	if ($backupPort <= 0) {
392	392	$this->configuration->backupPort = $this->configuration->ldapPort;
393	393	}
		@@ -395,14 +395,14 @@ discard block
		block discarded – undo
395	395	//make sure empty search attributes are saved as simple, empty array
396	396	$saKeys = ['ldapAttributesForUserSearch',
397	397	'ldapAttributesForGroupSearch'];
398		- foreach($saKeys as $key) {
	398	+ foreach ($saKeys as $key) {
399	399	$val = $this->configuration->$key;
400		- if(is_array($val) && count($val) === 1 && empty($val[0])) {
	400	+ if (is_array($val) && count($val) === 1 && empty($val[0])) {
401	401	$this->configuration->$key = [];
402	402	}
403	403	}
404	404
405		- if((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
	405	+ if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
406	406	&& $this->configuration->ldapTLS) {
407	407	$this->configuration->ldapTLS = false;
408	408	\OCP\Util::writeLog(
		@@ -419,15 +419,15 @@ discard block
		block discarded – undo
419	419	private function doCriticalValidation() {
420	420	$configurationOK = true;
421	421	$errorStr = 'Configuration Error (prefix '.
422		- (string)$this->configPrefix .'): ';
	422	+ (string) $this->configPrefix.'): ';
423	423
424	424	//options that shall not be empty
425	425	$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
426	426	'ldapGroupDisplayName', 'ldapLoginFilter'];
427		- foreach($options as $key) {
	427	+ foreach ($options as $key) {
428	428	$val = $this->configuration->$key;
429		- if(empty($val)) {
430		- switch($key) {
	429	+ if (empty($val)) {
	430	+ switch ($key) {
431	431	case 'ldapHost':
432	432	$subj = 'LDAP Host';
433	433	break;
		@@ -460,12 +460,12 @@ discard block
		block discarded – undo
460	460	$agent = $this->configuration->ldapAgentName;
461	461	$pwd = $this->configuration->ldapAgentPassword;
462	462	if (
463		- ($agent === '' && $pwd !== '')
	463	+ ($agent === '' && $pwd !== '')
464	464	\|\| ($agent !== '' && $pwd === '')
465	465	) {
466	466	\OCP\Util::writeLog(
467	467	'user_ldap',
468		- $errorStr.'either no password is given for the user ' .
	468	+ $errorStr.'either no password is given for the user '.
469	469	'agent or a password is given, but not an LDAP agent.',
470	470	ILogger::WARN);
471	471	$configurationOK = false;
		@@ -475,7 +475,7 @@ discard block
		block discarded – undo
475	475	$baseUsers = $this->configuration->ldapBaseUsers;
476	476	$baseGroups = $this->configuration->ldapBaseGroups;
477	477
478		- if(empty($base) && empty($baseUsers) && empty($baseGroups)) {
	478	+ if (empty($base) && empty($baseUsers) && empty($baseGroups)) {
479	479	\OCP\Util::writeLog(
480	480	'user_ldap',
481	481	$errorStr.'Not a single Base DN given.',
		@@ -484,7 +484,7 @@ discard block
		block discarded – undo
484	484	$configurationOK = false;
485	485	}
486	486
487		- if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
	487	+ if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
488	488	=== false) {
489	489	\OCP\Util::writeLog(
490	490	'user_ldap',
		@@ -503,7 +503,7 @@ discard block
		block discarded – undo
503	503	*/
504	504	private function validateConfiguration() {
505	505
506		- if($this->doNotValidate) {
	506	+ if ($this->doNotValidate) {
507	507	//don't do a validation if it is a new configuration with pure
508	508	//default values. Will be allowed on changes via __set or
509	509	//setConfiguration
		@@ -526,14 +526,14 @@ discard block
		block discarded – undo
526	526	* @throws ServerNotAvailableException
527	527	*/
528	528	private function establishConnection() {
529		- if(!$this->configuration->ldapConfigurationActive) {
	529	+ if (!$this->configuration->ldapConfigurationActive) {
530	530	return null;
531	531	}
532	532	static $phpLDAPinstalled = true;
533		- if(!$phpLDAPinstalled) {
	533	+ if (!$phpLDAPinstalled) {
534	534	return false;
535	535	}
536		- if(!$this->ignoreValidation && !$this->configured) {
	536	+ if (!$this->ignoreValidation && !$this->configured) {
537	537	\OCP\Util::writeLog(
538	538	'user_ldap',
539	539	'Configuration is invalid, cannot connect',
		@@ -541,8 +541,8 @@ discard block
		block discarded – undo
541	541	);
542	542	return false;
543	543	}
544		- if(!$this->ldapConnectionRes) {
545		- if(!$this->ldap->areLDAPFunctionsAvailable()) {
	544	+ if (!$this->ldapConnectionRes) {
	545	+ if (!$this->ldap->areLDAPFunctionsAvailable()) {
546	546	$phpLDAPinstalled = false;
547	547	\OCP\Util::writeLog(
548	548	'user_ldap',
		@@ -552,8 +552,8 @@ discard block
		block discarded – undo
552	552
553	553	return false;
554	554	}
555		- if($this->configuration->turnOffCertCheck) {
556		- if(putenv('LDAPTLS_REQCERT=never')) {
	555	+ if ($this->configuration->turnOffCertCheck) {
	556	+ if (putenv('LDAPTLS_REQCERT=never')) {
557	557	\OCP\Util::writeLog('user_ldap',
558	558	'Turned off SSL certificate validation successfully.',
559	559	ILogger::DEBUG);
		@@ -577,20 +577,20 @@ discard block
		block discarded – undo
577	577	return $this->bind();
578	578	}
579	579	} catch (ServerNotAvailableException $e) {
580		- if(!$isBackupHost) {
	580	+ if (!$isBackupHost) {
581	581	throw $e;
582	582	}
583	583	}
584	584
585	585	//if LDAP server is not reachable, try the Backup (Replica!) Server
586		- if($isBackupHost \|\| $isOverrideMainServer) {
	586	+ if ($isBackupHost \|\| $isOverrideMainServer) {
587	587	$this->doConnect($this->configuration->ldapBackupHost,
588	588	$this->configuration->ldapBackupPort);
589	589	$this->bindResult = [];
590	590	$bindStatus = $this->bind();
591	591	$error = $this->ldap->isResource($this->ldapConnectionRes) ?
592	592	$this->ldap->errno($this->ldapConnectionRes) : -1;
593		- if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
	593	+ if ($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
594	594	//when bind to backup server succeeded and failed to main server,
595	595	//skip contacting him until next cache refresh
596	596	$this->writeToCache('overrideMainServer', true);
		@@ -615,17 +615,17 @@ discard block
		block discarded – undo
615	615
616	616	$this->ldapConnectionRes = $this->ldap->connect($host, $port);
617	617
618		- if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
	618	+ if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
619	619	throw new ServerNotAvailableException('Could not set required LDAP Protocol version.');
620	620	}
621	621
622		- if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
	622	+ if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
623	623	throw new ServerNotAvailableException('Could not disable LDAP referrals.');
624	624	}
625	625
626		- if($this->configuration->ldapTLS) {
627		- if(!$this->ldap->startTls($this->ldapConnectionRes)) {
628		- throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
	626	+ if ($this->configuration->ldapTLS) {
	627	+ if (!$this->ldap->startTls($this->ldapConnectionRes)) {
	628	+ throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host '.$host.'.');
629	629	}
630	630	}
631	631
		@@ -636,19 +636,19 @@ discard block
		block discarded – undo
636	636	* Binds to LDAP
637	637	*/
638	638	public function bind() {
639		- if(!$this->configuration->ldapConfigurationActive) {
	639	+ if (!$this->configuration->ldapConfigurationActive) {
640	640	return false;
641	641	}
642	642	$cr = $this->ldapConnectionRes;
643		- if(!$this->ldap->isResource($cr)) {
	643	+ if (!$this->ldap->isResource($cr)) {
644	644	$cr = $this->getConnectionResource();
645	645	}
646	646
647		- if(
	647	+ if (
648	648	count($this->bindResult) !== 0
649	649	&& $this->bindResult['dn'] === $this->configuration->ldapAgentName
650	650	&& \OC::$server->getHasher()->verify(
651		- $this->configPrefix . $this->configuration->ldapAgentPassword,
	651	+ $this->configPrefix.$this->configuration->ldapAgentPassword,
652	652	$this->bindResult['hash']
653	653	)
654	654	) {
		@@ -664,20 +664,20 @@ discard block
		block discarded – undo
664	664
665	665	$this->bindResult = [
666	666	'dn' => $this->configuration->ldapAgentName,
667		- 'hash' => \OC::$server->getHasher()->hash($this->configPrefix . $this->configuration->ldapAgentPassword),
	667	+ 'hash' => \OC::$server->getHasher()->hash($this->configPrefix.$this->configuration->ldapAgentPassword),
668	668	'result' => $ldapLogin,
669	669	];
670	670
671		- if(!$ldapLogin) {
	671	+ if (!$ldapLogin) {
672	672	$errno = $this->ldap->errno($cr);
673	673
674	674	\OCP\Util::writeLog('user_ldap',
675		- 'Bind failed: ' . $errno . ': ' . $this->ldap->error($cr),
	675	+ 'Bind failed: '.$errno.': '.$this->ldap->error($cr),
676	676	ILogger::WARN);
677	677
678	678	// Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS
679	679	// or (needed for Apple Open Directory:) LDAP_INSUFFICIENT_ACCESS
680		- if($errno !== 0 && $errno !== 49 && $errno !== 50) {
	680	+ if ($errno !== 0 && $errno !== 49 && $errno !== 50) {
681	681	$this->ldapConnectionRes = null;
682	682	}
683	683

nextcloud / server

Push — master ( 21b7e5...813bdc )

Status

Category

Indentation +246 added lines, -246 removed lines patch added patch discarded remove patch

Indentation +1496 added lines, -1496 removed lines patch added patch discarded remove patch

Indentation +109 added lines, -109 removed lines patch added patch discarded remove patch

Indentation +167 added lines, -167 removed lines patch added patch discarded remove patch

Spacing +12 added lines, -12 removed lines patch added patch discarded remove patch

Indentation +115 added lines, -115 removed lines patch added patch discarded remove patch

Spacing +7 added lines, -7 removed lines patch added patch discarded remove patch

Indentation +265 added lines, -265 removed lines patch added patch discarded remove patch

Spacing +8 added lines, -8 removed lines patch added patch discarded remove patch

Indentation +380 added lines, -380 removed lines patch added patch discarded remove patch

Braces +6 added lines, -12 removed lines patch added patch discarded remove patch

Indentation +103 added lines, -103 removed lines patch added patch discarded remove patch

Indentation +616 added lines, -616 removed lines patch added patch discarded remove patch

Spacing +65 added lines, -65 removed lines patch added patch discarded remove patch