nextcloud /
server
@@ -25,19 +25,19 @@ |
||
| 25 | 25 | namespace OCA\Files_External\Config; |
| 26 | 26 | |
| 27 | 27 | class UserPlaceholderHandler extends UserContext implements IConfigHandler { |
| 28 | - use SimpleSubstitutionTrait; |
|
| 28 | + use SimpleSubstitutionTrait; |
|
| 29 | 29 | |
| 30 | - /** |
|
| 31 | - * @param mixed $optionValue |
|
| 32 | - * @return mixed the same type as $optionValue |
|
| 33 | - * @since 16.0.0 |
|
| 34 | - */ |
|
| 35 | - public function handle($optionValue) { |
|
| 36 | - $this->placeholder = 'user'; |
|
| 37 | - $uid = $this->getUserId(); |
|
| 38 | - if ($uid === null) { |
|
| 39 | - return $optionValue; |
|
| 40 | - } |
|
| 41 | - return $this->processInput($optionValue, $uid); |
|
| 42 | - } |
|
| 30 | + /** |
|
| 31 | + * @param mixed $optionValue |
|
| 32 | + * @return mixed the same type as $optionValue |
|
| 33 | + * @since 16.0.0 |
|
| 34 | + */ |
|
| 35 | + public function handle($optionValue) { |
|
| 36 | + $this->placeholder = 'user'; |
|
| 37 | + $uid = $this->getUserId(); |
|
| 38 | + if ($uid === null) { |
|
| 39 | + return $optionValue; |
|
| 40 | + } |
|
| 41 | + return $this->processInput($optionValue, $uid); |
|
| 42 | + } |
|
| 43 | 43 | } |
@@ -31,57 +31,57 @@ |
||
| 31 | 31 | * @since 16.0.0 |
| 32 | 32 | */ |
| 33 | 33 | trait SimpleSubstitutionTrait { |
| 34 | - /** |
|
| 35 | - * @var string the placeholder without $ prefix |
|
| 36 | - * @since 16.0.0 |
|
| 37 | - */ |
|
| 38 | - protected $placeholder; |
|
| 34 | + /** |
|
| 35 | + * @var string the placeholder without $ prefix |
|
| 36 | + * @since 16.0.0 |
|
| 37 | + */ |
|
| 38 | + protected $placeholder; |
|
| 39 | 39 | |
| 40 | - /** @var string */ |
|
| 41 | - protected $sanitizedPlaceholder; |
|
| 40 | + /** @var string */ |
|
| 41 | + protected $sanitizedPlaceholder; |
|
| 42 | 42 | |
| 43 | - /** |
|
| 44 | - * @param mixed $optionValue |
|
| 45 | - * @param string $replacement |
|
| 46 | - * @return mixed |
|
| 47 | - * @since 16.0.0 |
|
| 48 | - */ |
|
| 49 | - private function processInput($optionValue, string $replacement) { |
|
| 50 | - $this->checkPlaceholder(); |
|
| 51 | - if (is_array($optionValue)) { |
|
| 52 | - foreach ($optionValue as &$value) { |
|
| 53 | - $value = $this->substituteIfString($value, $replacement); |
|
| 54 | - } |
|
| 55 | - } else { |
|
| 56 | - $optionValue = $this->substituteIfString($optionValue, $replacement); |
|
| 57 | - } |
|
| 58 | - return $optionValue; |
|
| 59 | - } |
|
| 43 | + /** |
|
| 44 | + * @param mixed $optionValue |
|
| 45 | + * @param string $replacement |
|
| 46 | + * @return mixed |
|
| 47 | + * @since 16.0.0 |
|
| 48 | + */ |
|
| 49 | + private function processInput($optionValue, string $replacement) { |
|
| 50 | + $this->checkPlaceholder(); |
|
| 51 | + if (is_array($optionValue)) { |
|
| 52 | + foreach ($optionValue as &$value) { |
|
| 53 | + $value = $this->substituteIfString($value, $replacement); |
|
| 54 | + } |
|
| 55 | + } else { |
|
| 56 | + $optionValue = $this->substituteIfString($optionValue, $replacement); |
|
| 57 | + } |
|
| 58 | + return $optionValue; |
|
| 59 | + } |
|
| 60 | 60 | |
| 61 | - /** |
|
| 62 | - * @throws \RuntimeException |
|
| 63 | - */ |
|
| 64 | - protected function checkPlaceholder(): void { |
|
| 65 | - $this->sanitizedPlaceholder = trim(strtolower($this->placeholder)); |
|
| 66 | - if (!(bool)\preg_match('/^[a-z0-9]*$/', $this->sanitizedPlaceholder)) { |
|
| 67 | - throw new \RuntimeException(sprintf( |
|
| 68 | - 'Invalid placeholder %s, only [a-z0-9] are allowed', $this->sanitizedPlaceholder |
|
| 69 | - )); |
|
| 70 | - } |
|
| 71 | - if ($this->sanitizedPlaceholder === '') { |
|
| 72 | - throw new \RuntimeException('Invalid empty placeholder'); |
|
| 73 | - } |
|
| 74 | - } |
|
| 61 | + /** |
|
| 62 | + * @throws \RuntimeException |
|
| 63 | + */ |
|
| 64 | + protected function checkPlaceholder(): void { |
|
| 65 | + $this->sanitizedPlaceholder = trim(strtolower($this->placeholder)); |
|
| 66 | + if (!(bool)\preg_match('/^[a-z0-9]*$/', $this->sanitizedPlaceholder)) { |
|
| 67 | + throw new \RuntimeException(sprintf( |
|
| 68 | + 'Invalid placeholder %s, only [a-z0-9] are allowed', $this->sanitizedPlaceholder |
|
| 69 | + )); |
|
| 70 | + } |
|
| 71 | + if ($this->sanitizedPlaceholder === '') { |
|
| 72 | + throw new \RuntimeException('Invalid empty placeholder'); |
|
| 73 | + } |
|
| 74 | + } |
|
| 75 | 75 | |
| 76 | - /** |
|
| 77 | - * @param mixed $value |
|
| 78 | - * @param string $replacement |
|
| 79 | - * @return mixed |
|
| 80 | - */ |
|
| 81 | - protected function substituteIfString($value, string $replacement) { |
|
| 82 | - if (is_string($value)) { |
|
| 83 | - return str_ireplace('$' . $this->sanitizedPlaceholder, $replacement, $value); |
|
| 84 | - } |
|
| 85 | - return $value; |
|
| 86 | - } |
|
| 76 | + /** |
|
| 77 | + * @param mixed $value |
|
| 78 | + * @param string $replacement |
|
| 79 | + * @return mixed |
|
| 80 | + */ |
|
| 81 | + protected function substituteIfString($value, string $replacement) { |
|
| 82 | + if (is_string($value)) { |
|
| 83 | + return str_ireplace('$' . $this->sanitizedPlaceholder, $replacement, $value); |
|
| 84 | + } |
|
| 85 | + return $value; |
|
| 86 | + } |
|
| 87 | 87 | } |
@@ -63,7 +63,7 @@ discard block |
||
| 63 | 63 | */ |
| 64 | 64 | protected function checkPlaceholder(): void { |
| 65 | 65 | $this->sanitizedPlaceholder = trim(strtolower($this->placeholder)); |
| 66 | - if (!(bool)\preg_match('/^[a-z0-9]*$/', $this->sanitizedPlaceholder)) { |
|
| 66 | + if (!(bool) \preg_match('/^[a-z0-9]*$/', $this->sanitizedPlaceholder)) { |
|
| 67 | 67 | throw new \RuntimeException(sprintf( |
| 68 | 68 | 'Invalid placeholder %s, only [a-z0-9] are allowed', $this->sanitizedPlaceholder |
| 69 | 69 | )); |
@@ -80,7 +80,7 @@ discard block |
||
| 80 | 80 | */ |
| 81 | 81 | protected function substituteIfString($value, string $replacement) { |
| 82 | 82 | if (is_string($value)) { |
| 83 | - return str_ireplace('$' . $this->sanitizedPlaceholder, $replacement, $value); |
|
| 83 | + return str_ireplace('$'.$this->sanitizedPlaceholder, $replacement, $value); |
|
| 84 | 84 | } |
| 85 | 85 | return $value; |
| 86 | 86 | } |
@@ -216,7 +216,7 @@ discard block |
||
| 216 | 216 | * @return Backend[] |
| 217 | 217 | */ |
| 218 | 218 | public function getAvailableBackends() { |
| 219 | - return array_filter($this->getBackends(), function ($backend) { |
|
| 219 | + return array_filter($this->getBackends(), function($backend) { |
|
| 220 | 220 | return !$backend->checkDependencies(); |
| 221 | 221 | }); |
| 222 | 222 | } |
@@ -255,7 +255,7 @@ discard block |
||
| 255 | 255 | * @return AuthMechanism[] |
| 256 | 256 | */ |
| 257 | 257 | public function getAuthMechanismsByScheme(array $schemes) { |
| 258 | - return array_filter($this->getAuthMechanisms(), function ($authMech) use ($schemes) { |
|
| 258 | + return array_filter($this->getAuthMechanisms(), function($authMech) use ($schemes) { |
|
| 259 | 259 | return in_array($authMech->getScheme(), $schemes, true); |
| 260 | 260 | }); |
| 261 | 261 | } |
@@ -322,7 +322,7 @@ discard block |
||
| 322 | 322 | */ |
| 323 | 323 | public function registerConfigHandler(string $placeholder, callable $configHandlerLoader) { |
| 324 | 324 | $placeholder = trim(strtolower($placeholder)); |
| 325 | - if (!(bool)\preg_match('/^[a-z0-9]*$/', $placeholder)) { |
|
| 325 | + if (!(bool) \preg_match('/^[a-z0-9]*$/', $placeholder)) { |
|
| 326 | 326 | throw new \RuntimeException(sprintf( |
| 327 | 327 | 'Invalid placeholder %s, only [a-z0-9] are allowed', $placeholder |
| 328 | 328 | )); |
@@ -353,7 +353,7 @@ discard block |
||
| 353 | 353 | if ($newLoaded) { |
| 354 | 354 | // ensure those with longest placeholders come first, |
| 355 | 355 | // to avoid substring matches |
| 356 | - uksort($this->configHandlers, function ($phA, $phB) { |
|
| 356 | + uksort($this->configHandlers, function($phA, $phB) { |
|
| 357 | 357 | return strlen($phB) <=> strlen($phA); |
| 358 | 358 | }); |
| 359 | 359 | } |
@@ -22,325 +22,325 @@ |
||
| 22 | 22 | */ |
| 23 | 23 | class BackendService { |
| 24 | 24 | |
| 25 | - /** Visibility constants for VisibilityTrait */ |
|
| 26 | - public const VISIBILITY_NONE = 0; |
|
| 27 | - public const VISIBILITY_PERSONAL = 1; |
|
| 28 | - public const VISIBILITY_ADMIN = 2; |
|
| 29 | - //const VISIBILITY_ALIENS = 4; |
|
| 30 | - |
|
| 31 | - public const VISIBILITY_DEFAULT = 3; // PERSONAL | ADMIN |
|
| 32 | - |
|
| 33 | - /** Priority constants for PriorityTrait */ |
|
| 34 | - public const PRIORITY_DEFAULT = 100; |
|
| 35 | - |
|
| 36 | - /** @var bool */ |
|
| 37 | - private $userMountingAllowed = true; |
|
| 38 | - |
|
| 39 | - /** @var string[] */ |
|
| 40 | - private $userMountingBackends = []; |
|
| 41 | - |
|
| 42 | - /** @var Backend[] */ |
|
| 43 | - private $backends = []; |
|
| 44 | - |
|
| 45 | - /** @var IBackendProvider[] */ |
|
| 46 | - private $backendProviders = []; |
|
| 47 | - |
|
| 48 | - /** @var AuthMechanism[] */ |
|
| 49 | - private $authMechanisms = []; |
|
| 50 | - |
|
| 51 | - /** @var IAuthMechanismProvider[] */ |
|
| 52 | - private $authMechanismProviders = []; |
|
| 53 | - |
|
| 54 | - /** @var callable[] */ |
|
| 55 | - private $configHandlerLoaders = []; |
|
| 56 | - |
|
| 57 | - private $configHandlers = []; |
|
| 58 | - |
|
| 59 | - /** |
|
| 60 | - * @param IConfig $config |
|
| 61 | - */ |
|
| 62 | - public function __construct( |
|
| 63 | - protected IConfig $config, |
|
| 64 | - ) { |
|
| 65 | - // Load config values |
|
| 66 | - if ($this->config->getAppValue('files_external', 'allow_user_mounting', 'yes') !== 'yes') { |
|
| 67 | - $this->userMountingAllowed = false; |
|
| 68 | - } |
|
| 69 | - $this->userMountingBackends = explode(',', |
|
| 70 | - $this->config->getAppValue('files_external', 'user_mounting_backends', '') |
|
| 71 | - ); |
|
| 72 | - |
|
| 73 | - // if no backend is in the list an empty string is in the array and user mounting is disabled |
|
| 74 | - if ($this->userMountingBackends === ['']) { |
|
| 75 | - $this->userMountingAllowed = false; |
|
| 76 | - } |
|
| 77 | - } |
|
| 78 | - |
|
| 79 | - /** |
|
| 80 | - * Register a backend provider |
|
| 81 | - * |
|
| 82 | - * @since 9.1.0 |
|
| 83 | - * @param IBackendProvider $provider |
|
| 84 | - */ |
|
| 85 | - public function registerBackendProvider(IBackendProvider $provider) { |
|
| 86 | - $this->backendProviders[] = $provider; |
|
| 87 | - } |
|
| 88 | - |
|
| 89 | - private function callForRegistrations() { |
|
| 90 | - static $eventSent = false; |
|
| 91 | - if (!$eventSent) { |
|
| 92 | - Server::get(IEventDispatcher::class)->dispatch( |
|
| 93 | - 'OCA\\Files_External::loadAdditionalBackends', |
|
| 94 | - new GenericEvent() |
|
| 95 | - ); |
|
| 96 | - $eventSent = true; |
|
| 97 | - } |
|
| 98 | - } |
|
| 99 | - |
|
| 100 | - private function loadBackendProviders() { |
|
| 101 | - $this->callForRegistrations(); |
|
| 102 | - foreach ($this->backendProviders as $provider) { |
|
| 103 | - $this->registerBackends($provider->getBackends()); |
|
| 104 | - } |
|
| 105 | - $this->backendProviders = []; |
|
| 106 | - } |
|
| 107 | - |
|
| 108 | - /** |
|
| 109 | - * Register an auth mechanism provider |
|
| 110 | - * |
|
| 111 | - * @since 9.1.0 |
|
| 112 | - * @param IAuthMechanismProvider $provider |
|
| 113 | - */ |
|
| 114 | - public function registerAuthMechanismProvider(IAuthMechanismProvider $provider) { |
|
| 115 | - $this->authMechanismProviders[] = $provider; |
|
| 116 | - } |
|
| 117 | - |
|
| 118 | - private function loadAuthMechanismProviders() { |
|
| 119 | - $this->callForRegistrations(); |
|
| 120 | - foreach ($this->authMechanismProviders as $provider) { |
|
| 121 | - $this->registerAuthMechanisms($provider->getAuthMechanisms()); |
|
| 122 | - } |
|
| 123 | - $this->authMechanismProviders = []; |
|
| 124 | - } |
|
| 125 | - |
|
| 126 | - /** |
|
| 127 | - * Register a backend |
|
| 128 | - * |
|
| 129 | - * @deprecated 9.1.0 use registerBackendProvider() |
|
| 130 | - * @param Backend $backend |
|
| 131 | - */ |
|
| 132 | - public function registerBackend(Backend $backend) { |
|
| 133 | - if (!$this->isAllowedUserBackend($backend)) { |
|
| 134 | - $backend->removeVisibility(BackendService::VISIBILITY_PERSONAL); |
|
| 135 | - } |
|
| 136 | - foreach ($backend->getIdentifierAliases() as $alias) { |
|
| 137 | - $this->backends[$alias] = $backend; |
|
| 138 | - } |
|
| 139 | - } |
|
| 140 | - |
|
| 141 | - /** |
|
| 142 | - * @deprecated 9.1.0 use registerBackendProvider() |
|
| 143 | - * @param Backend[] $backends |
|
| 144 | - */ |
|
| 145 | - public function registerBackends(array $backends) { |
|
| 146 | - foreach ($backends as $backend) { |
|
| 147 | - $this->registerBackend($backend); |
|
| 148 | - } |
|
| 149 | - } |
|
| 150 | - /** |
|
| 151 | - * Register an authentication mechanism |
|
| 152 | - * |
|
| 153 | - * @deprecated 9.1.0 use registerAuthMechanismProvider() |
|
| 154 | - * @param AuthMechanism $authMech |
|
| 155 | - */ |
|
| 156 | - public function registerAuthMechanism(AuthMechanism $authMech) { |
|
| 157 | - if (!$this->isAllowedAuthMechanism($authMech)) { |
|
| 158 | - $authMech->removeVisibility(BackendService::VISIBILITY_PERSONAL); |
|
| 159 | - } |
|
| 160 | - foreach ($authMech->getIdentifierAliases() as $alias) { |
|
| 161 | - $this->authMechanisms[$alias] = $authMech; |
|
| 162 | - } |
|
| 163 | - } |
|
| 164 | - |
|
| 165 | - /** |
|
| 166 | - * @deprecated 9.1.0 use registerAuthMechanismProvider() |
|
| 167 | - * @param AuthMechanism[] $mechanisms |
|
| 168 | - */ |
|
| 169 | - public function registerAuthMechanisms(array $mechanisms) { |
|
| 170 | - foreach ($mechanisms as $mechanism) { |
|
| 171 | - $this->registerAuthMechanism($mechanism); |
|
| 172 | - } |
|
| 173 | - } |
|
| 174 | - |
|
| 175 | - /** |
|
| 176 | - * Get all backends |
|
| 177 | - * |
|
| 178 | - * @return Backend[] |
|
| 179 | - */ |
|
| 180 | - public function getBackends() { |
|
| 181 | - $this->loadBackendProviders(); |
|
| 182 | - // only return real identifiers, no aliases |
|
| 183 | - $backends = []; |
|
| 184 | - foreach ($this->backends as $backend) { |
|
| 185 | - $backends[$backend->getIdentifier()] = $backend; |
|
| 186 | - } |
|
| 187 | - return $backends; |
|
| 188 | - } |
|
| 189 | - |
|
| 190 | - /** |
|
| 191 | - * Get all available backends |
|
| 192 | - * |
|
| 193 | - * @return Backend[] |
|
| 194 | - */ |
|
| 195 | - public function getAvailableBackends() { |
|
| 196 | - return array_filter($this->getBackends(), function ($backend) { |
|
| 197 | - return !$backend->checkDependencies(); |
|
| 198 | - }); |
|
| 199 | - } |
|
| 200 | - |
|
| 201 | - /** |
|
| 202 | - * @param string $identifier |
|
| 203 | - * @return Backend|null |
|
| 204 | - */ |
|
| 205 | - public function getBackend($identifier) { |
|
| 206 | - $this->loadBackendProviders(); |
|
| 207 | - if (isset($this->backends[$identifier])) { |
|
| 208 | - return $this->backends[$identifier]; |
|
| 209 | - } |
|
| 210 | - return null; |
|
| 211 | - } |
|
| 212 | - |
|
| 213 | - /** |
|
| 214 | - * Get all authentication mechanisms |
|
| 215 | - * |
|
| 216 | - * @return AuthMechanism[] |
|
| 217 | - */ |
|
| 218 | - public function getAuthMechanisms() { |
|
| 219 | - $this->loadAuthMechanismProviders(); |
|
| 220 | - // only return real identifiers, no aliases |
|
| 221 | - $mechanisms = []; |
|
| 222 | - foreach ($this->authMechanisms as $mechanism) { |
|
| 223 | - $mechanisms[$mechanism->getIdentifier()] = $mechanism; |
|
| 224 | - } |
|
| 225 | - return $mechanisms; |
|
| 226 | - } |
|
| 227 | - |
|
| 228 | - /** |
|
| 229 | - * Get all authentication mechanisms for schemes |
|
| 230 | - * |
|
| 231 | - * @param string[] $schemes |
|
| 232 | - * @return AuthMechanism[] |
|
| 233 | - */ |
|
| 234 | - public function getAuthMechanismsByScheme(array $schemes) { |
|
| 235 | - return array_filter($this->getAuthMechanisms(), function ($authMech) use ($schemes) { |
|
| 236 | - return in_array($authMech->getScheme(), $schemes, true); |
|
| 237 | - }); |
|
| 238 | - } |
|
| 239 | - |
|
| 240 | - /** |
|
| 241 | - * @param string $identifier |
|
| 242 | - * @return AuthMechanism|null |
|
| 243 | - */ |
|
| 244 | - public function getAuthMechanism($identifier) { |
|
| 245 | - $this->loadAuthMechanismProviders(); |
|
| 246 | - if (isset($this->authMechanisms[$identifier])) { |
|
| 247 | - return $this->authMechanisms[$identifier]; |
|
| 248 | - } |
|
| 249 | - return null; |
|
| 250 | - } |
|
| 251 | - |
|
| 252 | - /** |
|
| 253 | - * @return bool |
|
| 254 | - */ |
|
| 255 | - public function isUserMountingAllowed() { |
|
| 256 | - return $this->userMountingAllowed; |
|
| 257 | - } |
|
| 258 | - |
|
| 259 | - /** |
|
| 260 | - * Check a backend if a user is allowed to mount it |
|
| 261 | - * |
|
| 262 | - * @param Backend $backend |
|
| 263 | - * @return bool |
|
| 264 | - */ |
|
| 265 | - protected function isAllowedUserBackend(Backend $backend) { |
|
| 266 | - if ($this->userMountingAllowed && |
|
| 267 | - array_intersect($backend->getIdentifierAliases(), $this->userMountingBackends) |
|
| 268 | - ) { |
|
| 269 | - return true; |
|
| 270 | - } |
|
| 271 | - return false; |
|
| 272 | - } |
|
| 273 | - |
|
| 274 | - /** |
|
| 275 | - * Check an authentication mechanism if a user is allowed to use it |
|
| 276 | - * |
|
| 277 | - * @param AuthMechanism $authMechanism |
|
| 278 | - * @return bool |
|
| 279 | - */ |
|
| 280 | - protected function isAllowedAuthMechanism(AuthMechanism $authMechanism) { |
|
| 281 | - return true; // not implemented |
|
| 282 | - } |
|
| 283 | - |
|
| 284 | - /** |
|
| 285 | - * registers a configuration handler |
|
| 286 | - * |
|
| 287 | - * The function of the provided $placeholder is mostly to act a sorting |
|
| 288 | - * criteria, so longer placeholders are replaced first. This avoids |
|
| 289 | - * "$user" overwriting parts of "$userMail" and "$userLang", for example. |
|
| 290 | - * The provided value should not contain the $ prefix, only a-z0-9 are |
|
| 291 | - * allowed. Upper case letters are lower cased, the replacement is case- |
|
| 292 | - * insensitive. |
|
| 293 | - * |
|
| 294 | - * The configHandlerLoader should just instantiate the handler on demand. |
|
| 295 | - * For now all handlers are instantiated when a mount is loaded, independent |
|
| 296 | - * of whether the placeholder is present or not. This may change in future. |
|
| 297 | - * |
|
| 298 | - * @since 16.0.0 |
|
| 299 | - */ |
|
| 300 | - public function registerConfigHandler(string $placeholder, callable $configHandlerLoader) { |
|
| 301 | - $placeholder = trim(strtolower($placeholder)); |
|
| 302 | - if (!(bool)\preg_match('/^[a-z0-9]*$/', $placeholder)) { |
|
| 303 | - throw new \RuntimeException(sprintf( |
|
| 304 | - 'Invalid placeholder %s, only [a-z0-9] are allowed', $placeholder |
|
| 305 | - )); |
|
| 306 | - } |
|
| 307 | - if ($placeholder === '') { |
|
| 308 | - throw new \RuntimeException('Invalid empty placeholder'); |
|
| 309 | - } |
|
| 310 | - if (isset($this->configHandlerLoaders[$placeholder]) || isset($this->configHandlers[$placeholder])) { |
|
| 311 | - throw new \RuntimeException(sprintf('A handler is already registered for %s', $placeholder)); |
|
| 312 | - } |
|
| 313 | - $this->configHandlerLoaders[$placeholder] = $configHandlerLoader; |
|
| 314 | - } |
|
| 315 | - |
|
| 316 | - protected function loadConfigHandlers():void { |
|
| 317 | - $this->callForRegistrations(); |
|
| 318 | - $newLoaded = false; |
|
| 319 | - foreach ($this->configHandlerLoaders as $placeholder => $loader) { |
|
| 320 | - $handler = $loader(); |
|
| 321 | - if (!$handler instanceof IConfigHandler) { |
|
| 322 | - throw new \RuntimeException(sprintf( |
|
| 323 | - 'Handler for %s is not an instance of IConfigHandler', $placeholder |
|
| 324 | - )); |
|
| 325 | - } |
|
| 326 | - $this->configHandlers[$placeholder] = $handler; |
|
| 327 | - $newLoaded = true; |
|
| 328 | - } |
|
| 329 | - $this->configHandlerLoaders = []; |
|
| 330 | - if ($newLoaded) { |
|
| 331 | - // ensure those with longest placeholders come first, |
|
| 332 | - // to avoid substring matches |
|
| 333 | - uksort($this->configHandlers, function ($phA, $phB) { |
|
| 334 | - return strlen($phB) <=> strlen($phA); |
|
| 335 | - }); |
|
| 336 | - } |
|
| 337 | - } |
|
| 338 | - |
|
| 339 | - /** |
|
| 340 | - * @since 16.0.0 |
|
| 341 | - */ |
|
| 342 | - public function getConfigHandlers() { |
|
| 343 | - $this->loadConfigHandlers(); |
|
| 344 | - return $this->configHandlers; |
|
| 345 | - } |
|
| 25 | + /** Visibility constants for VisibilityTrait */ |
|
| 26 | + public const VISIBILITY_NONE = 0; |
|
| 27 | + public const VISIBILITY_PERSONAL = 1; |
|
| 28 | + public const VISIBILITY_ADMIN = 2; |
|
| 29 | + //const VISIBILITY_ALIENS = 4; |
|
| 30 | + |
|
| 31 | + public const VISIBILITY_DEFAULT = 3; // PERSONAL | ADMIN |
|
| 32 | + |
|
| 33 | + /** Priority constants for PriorityTrait */ |
|
| 34 | + public const PRIORITY_DEFAULT = 100; |
|
| 35 | + |
|
| 36 | + /** @var bool */ |
|
| 37 | + private $userMountingAllowed = true; |
|
| 38 | + |
|
| 39 | + /** @var string[] */ |
|
| 40 | + private $userMountingBackends = []; |
|
| 41 | + |
|
| 42 | + /** @var Backend[] */ |
|
| 43 | + private $backends = []; |
|
| 44 | + |
|
| 45 | + /** @var IBackendProvider[] */ |
|
| 46 | + private $backendProviders = []; |
|
| 47 | + |
|
| 48 | + /** @var AuthMechanism[] */ |
|
| 49 | + private $authMechanisms = []; |
|
| 50 | + |
|
| 51 | + /** @var IAuthMechanismProvider[] */ |
|
| 52 | + private $authMechanismProviders = []; |
|
| 53 | + |
|
| 54 | + /** @var callable[] */ |
|
| 55 | + private $configHandlerLoaders = []; |
|
| 56 | + |
|
| 57 | + private $configHandlers = []; |
|
| 58 | + |
|
| 59 | + /** |
|
| 60 | + * @param IConfig $config |
|
| 61 | + */ |
|
| 62 | + public function __construct( |
|
| 63 | + protected IConfig $config, |
|
| 64 | + ) { |
|
| 65 | + // Load config values |
|
| 66 | + if ($this->config->getAppValue('files_external', 'allow_user_mounting', 'yes') !== 'yes') { |
|
| 67 | + $this->userMountingAllowed = false; |
|
| 68 | + } |
|
| 69 | + $this->userMountingBackends = explode(',', |
|
| 70 | + $this->config->getAppValue('files_external', 'user_mounting_backends', '') |
|
| 71 | + ); |
|
| 72 | + |
|
| 73 | + // if no backend is in the list an empty string is in the array and user mounting is disabled |
|
| 74 | + if ($this->userMountingBackends === ['']) { |
|
| 75 | + $this->userMountingAllowed = false; |
|
| 76 | + } |
|
| 77 | + } |
|
| 78 | + |
|
| 79 | + /** |
|
| 80 | + * Register a backend provider |
|
| 81 | + * |
|
| 82 | + * @since 9.1.0 |
|
| 83 | + * @param IBackendProvider $provider |
|
| 84 | + */ |
|
| 85 | + public function registerBackendProvider(IBackendProvider $provider) { |
|
| 86 | + $this->backendProviders[] = $provider; |
|
| 87 | + } |
|
| 88 | + |
|
| 89 | + private function callForRegistrations() { |
|
| 90 | + static $eventSent = false; |
|
| 91 | + if (!$eventSent) { |
|
| 92 | + Server::get(IEventDispatcher::class)->dispatch( |
|
| 93 | + 'OCA\\Files_External::loadAdditionalBackends', |
|
| 94 | + new GenericEvent() |
|
| 95 | + ); |
|
| 96 | + $eventSent = true; |
|
| 97 | + } |
|
| 98 | + } |
|
| 99 | + |
|
| 100 | + private function loadBackendProviders() { |
|
| 101 | + $this->callForRegistrations(); |
|
| 102 | + foreach ($this->backendProviders as $provider) { |
|
| 103 | + $this->registerBackends($provider->getBackends()); |
|
| 104 | + } |
|
| 105 | + $this->backendProviders = []; |
|
| 106 | + } |
|
| 107 | + |
|
| 108 | + /** |
|
| 109 | + * Register an auth mechanism provider |
|
| 110 | + * |
|
| 111 | + * @since 9.1.0 |
|
| 112 | + * @param IAuthMechanismProvider $provider |
|
| 113 | + */ |
|
| 114 | + public function registerAuthMechanismProvider(IAuthMechanismProvider $provider) { |
|
| 115 | + $this->authMechanismProviders[] = $provider; |
|
| 116 | + } |
|
| 117 | + |
|
| 118 | + private function loadAuthMechanismProviders() { |
|
| 119 | + $this->callForRegistrations(); |
|
| 120 | + foreach ($this->authMechanismProviders as $provider) { |
|
| 121 | + $this->registerAuthMechanisms($provider->getAuthMechanisms()); |
|
| 122 | + } |
|
| 123 | + $this->authMechanismProviders = []; |
|
| 124 | + } |
|
| 125 | + |
|
| 126 | + /** |
|
| 127 | + * Register a backend |
|
| 128 | + * |
|
| 129 | + * @deprecated 9.1.0 use registerBackendProvider() |
|
| 130 | + * @param Backend $backend |
|
| 131 | + */ |
|
| 132 | + public function registerBackend(Backend $backend) { |
|
| 133 | + if (!$this->isAllowedUserBackend($backend)) { |
|
| 134 | + $backend->removeVisibility(BackendService::VISIBILITY_PERSONAL); |
|
| 135 | + } |
|
| 136 | + foreach ($backend->getIdentifierAliases() as $alias) { |
|
| 137 | + $this->backends[$alias] = $backend; |
|
| 138 | + } |
|
| 139 | + } |
|
| 140 | + |
|
| 141 | + /** |
|
| 142 | + * @deprecated 9.1.0 use registerBackendProvider() |
|
| 143 | + * @param Backend[] $backends |
|
| 144 | + */ |
|
| 145 | + public function registerBackends(array $backends) { |
|
| 146 | + foreach ($backends as $backend) { |
|
| 147 | + $this->registerBackend($backend); |
|
| 148 | + } |
|
| 149 | + } |
|
| 150 | + /** |
|
| 151 | + * Register an authentication mechanism |
|
| 152 | + * |
|
| 153 | + * @deprecated 9.1.0 use registerAuthMechanismProvider() |
|
| 154 | + * @param AuthMechanism $authMech |
|
| 155 | + */ |
|
| 156 | + public function registerAuthMechanism(AuthMechanism $authMech) { |
|
| 157 | + if (!$this->isAllowedAuthMechanism($authMech)) { |
|
| 158 | + $authMech->removeVisibility(BackendService::VISIBILITY_PERSONAL); |
|
| 159 | + } |
|
| 160 | + foreach ($authMech->getIdentifierAliases() as $alias) { |
|
| 161 | + $this->authMechanisms[$alias] = $authMech; |
|
| 162 | + } |
|
| 163 | + } |
|
| 164 | + |
|
| 165 | + /** |
|
| 166 | + * @deprecated 9.1.0 use registerAuthMechanismProvider() |
|
| 167 | + * @param AuthMechanism[] $mechanisms |
|
| 168 | + */ |
|
| 169 | + public function registerAuthMechanisms(array $mechanisms) { |
|
| 170 | + foreach ($mechanisms as $mechanism) { |
|
| 171 | + $this->registerAuthMechanism($mechanism); |
|
| 172 | + } |
|
| 173 | + } |
|
| 174 | + |
|
| 175 | + /** |
|
| 176 | + * Get all backends |
|
| 177 | + * |
|
| 178 | + * @return Backend[] |
|
| 179 | + */ |
|
| 180 | + public function getBackends() { |
|
| 181 | + $this->loadBackendProviders(); |
|
| 182 | + // only return real identifiers, no aliases |
|
| 183 | + $backends = []; |
|
| 184 | + foreach ($this->backends as $backend) { |
|
| 185 | + $backends[$backend->getIdentifier()] = $backend; |
|
| 186 | + } |
|
| 187 | + return $backends; |
|
| 188 | + } |
|
| 189 | + |
|
| 190 | + /** |
|
| 191 | + * Get all available backends |
|
| 192 | + * |
|
| 193 | + * @return Backend[] |
|
| 194 | + */ |
|
| 195 | + public function getAvailableBackends() { |
|
| 196 | + return array_filter($this->getBackends(), function ($backend) { |
|
| 197 | + return !$backend->checkDependencies(); |
|
| 198 | + }); |
|
| 199 | + } |
|
| 200 | + |
|
| 201 | + /** |
|
| 202 | + * @param string $identifier |
|
| 203 | + * @return Backend|null |
|
| 204 | + */ |
|
| 205 | + public function getBackend($identifier) { |
|
| 206 | + $this->loadBackendProviders(); |
|
| 207 | + if (isset($this->backends[$identifier])) { |
|
| 208 | + return $this->backends[$identifier]; |
|
| 209 | + } |
|
| 210 | + return null; |
|
| 211 | + } |
|
| 212 | + |
|
| 213 | + /** |
|
| 214 | + * Get all authentication mechanisms |
|
| 215 | + * |
|
| 216 | + * @return AuthMechanism[] |
|
| 217 | + */ |
|
| 218 | + public function getAuthMechanisms() { |
|
| 219 | + $this->loadAuthMechanismProviders(); |
|
| 220 | + // only return real identifiers, no aliases |
|
| 221 | + $mechanisms = []; |
|
| 222 | + foreach ($this->authMechanisms as $mechanism) { |
|
| 223 | + $mechanisms[$mechanism->getIdentifier()] = $mechanism; |
|
| 224 | + } |
|
| 225 | + return $mechanisms; |
|
| 226 | + } |
|
| 227 | + |
|
| 228 | + /** |
|
| 229 | + * Get all authentication mechanisms for schemes |
|
| 230 | + * |
|
| 231 | + * @param string[] $schemes |
|
| 232 | + * @return AuthMechanism[] |
|
| 233 | + */ |
|
| 234 | + public function getAuthMechanismsByScheme(array $schemes) { |
|
| 235 | + return array_filter($this->getAuthMechanisms(), function ($authMech) use ($schemes) { |
|
| 236 | + return in_array($authMech->getScheme(), $schemes, true); |
|
| 237 | + }); |
|
| 238 | + } |
|
| 239 | + |
|
| 240 | + /** |
|
| 241 | + * @param string $identifier |
|
| 242 | + * @return AuthMechanism|null |
|
| 243 | + */ |
|
| 244 | + public function getAuthMechanism($identifier) { |
|
| 245 | + $this->loadAuthMechanismProviders(); |
|
| 246 | + if (isset($this->authMechanisms[$identifier])) { |
|
| 247 | + return $this->authMechanisms[$identifier]; |
|
| 248 | + } |
|
| 249 | + return null; |
|
| 250 | + } |
|
| 251 | + |
|
| 252 | + /** |
|
| 253 | + * @return bool |
|
| 254 | + */ |
|
| 255 | + public function isUserMountingAllowed() { |
|
| 256 | + return $this->userMountingAllowed; |
|
| 257 | + } |
|
| 258 | + |
|
| 259 | + /** |
|
| 260 | + * Check a backend if a user is allowed to mount it |
|
| 261 | + * |
|
| 262 | + * @param Backend $backend |
|
| 263 | + * @return bool |
|
| 264 | + */ |
|
| 265 | + protected function isAllowedUserBackend(Backend $backend) { |
|
| 266 | + if ($this->userMountingAllowed && |
|
| 267 | + array_intersect($backend->getIdentifierAliases(), $this->userMountingBackends) |
|
| 268 | + ) { |
|
| 269 | + return true; |
|
| 270 | + } |
|
| 271 | + return false; |
|
| 272 | + } |
|
| 273 | + |
|
| 274 | + /** |
|
| 275 | + * Check an authentication mechanism if a user is allowed to use it |
|
| 276 | + * |
|
| 277 | + * @param AuthMechanism $authMechanism |
|
| 278 | + * @return bool |
|
| 279 | + */ |
|
| 280 | + protected function isAllowedAuthMechanism(AuthMechanism $authMechanism) { |
|
| 281 | + return true; // not implemented |
|
| 282 | + } |
|
| 283 | + |
|
| 284 | + /** |
|
| 285 | + * registers a configuration handler |
|
| 286 | + * |
|
| 287 | + * The function of the provided $placeholder is mostly to act a sorting |
|
| 288 | + * criteria, so longer placeholders are replaced first. This avoids |
|
| 289 | + * "$user" overwriting parts of "$userMail" and "$userLang", for example. |
|
| 290 | + * The provided value should not contain the $ prefix, only a-z0-9 are |
|
| 291 | + * allowed. Upper case letters are lower cased, the replacement is case- |
|
| 292 | + * insensitive. |
|
| 293 | + * |
|
| 294 | + * The configHandlerLoader should just instantiate the handler on demand. |
|
| 295 | + * For now all handlers are instantiated when a mount is loaded, independent |
|
| 296 | + * of whether the placeholder is present or not. This may change in future. |
|
| 297 | + * |
|
| 298 | + * @since 16.0.0 |
|
| 299 | + */ |
|
| 300 | + public function registerConfigHandler(string $placeholder, callable $configHandlerLoader) { |
|
| 301 | + $placeholder = trim(strtolower($placeholder)); |
|
| 302 | + if (!(bool)\preg_match('/^[a-z0-9]*$/', $placeholder)) { |
|
| 303 | + throw new \RuntimeException(sprintf( |
|
| 304 | + 'Invalid placeholder %s, only [a-z0-9] are allowed', $placeholder |
|
| 305 | + )); |
|
| 306 | + } |
|
| 307 | + if ($placeholder === '') { |
|
| 308 | + throw new \RuntimeException('Invalid empty placeholder'); |
|
| 309 | + } |
|
| 310 | + if (isset($this->configHandlerLoaders[$placeholder]) || isset($this->configHandlers[$placeholder])) { |
|
| 311 | + throw new \RuntimeException(sprintf('A handler is already registered for %s', $placeholder)); |
|
| 312 | + } |
|
| 313 | + $this->configHandlerLoaders[$placeholder] = $configHandlerLoader; |
|
| 314 | + } |
|
| 315 | + |
|
| 316 | + protected function loadConfigHandlers():void { |
|
| 317 | + $this->callForRegistrations(); |
|
| 318 | + $newLoaded = false; |
|
| 319 | + foreach ($this->configHandlerLoaders as $placeholder => $loader) { |
|
| 320 | + $handler = $loader(); |
|
| 321 | + if (!$handler instanceof IConfigHandler) { |
|
| 322 | + throw new \RuntimeException(sprintf( |
|
| 323 | + 'Handler for %s is not an instance of IConfigHandler', $placeholder |
|
| 324 | + )); |
|
| 325 | + } |
|
| 326 | + $this->configHandlers[$placeholder] = $handler; |
|
| 327 | + $newLoaded = true; |
|
| 328 | + } |
|
| 329 | + $this->configHandlerLoaders = []; |
|
| 330 | + if ($newLoaded) { |
|
| 331 | + // ensure those with longest placeholders come first, |
|
| 332 | + // to avoid substring matches |
|
| 333 | + uksort($this->configHandlers, function ($phA, $phB) { |
|
| 334 | + return strlen($phB) <=> strlen($phA); |
|
| 335 | + }); |
|
| 336 | + } |
|
| 337 | + } |
|
| 338 | + |
|
| 339 | + /** |
|
| 340 | + * @since 16.0.0 |
|
| 341 | + */ |
|
| 342 | + public function getConfigHandlers() { |
|
| 343 | + $this->loadConfigHandlers(); |
|
| 344 | + return $this->configHandlers; |
|
| 345 | + } |
|
| 346 | 346 | } |
@@ -60,11 +60,11 @@ |
||
| 60 | 60 | // at least on PHP 5.6 usort turned out to be not stable. So we add |
| 61 | 61 | // the current index to the value and compare it on a draw |
| 62 | 62 | $i = 0; |
| 63 | - $workArray = array_map(function ($element) use (&$i) { |
|
| 63 | + $workArray = array_map(function($element) use (&$i) { |
|
| 64 | 64 | return [$i++, $element]; |
| 65 | 65 | }, $byType); |
| 66 | 66 | |
| 67 | - usort($workArray, function ($a, $b) use ($commenters, $type) { |
|
| 67 | + usort($workArray, function($a, $b) use ($commenters, $type) { |
|
| 68 | 68 | $r = $this->compare($a[1], $b[1], $commenters[$type]); |
| 69 | 69 | if ($r === 0) { |
| 70 | 70 | $r = $a[0] - $b[0]; |
@@ -9,83 +9,83 @@ |
||
| 9 | 9 | use OCP\Comments\ICommentsManager; |
| 10 | 10 | |
| 11 | 11 | class CommentersSorter implements ISorter { |
| 12 | - public function __construct( |
|
| 13 | - private ICommentsManager $commentsManager, |
|
| 14 | - ) { |
|
| 15 | - } |
|
| 12 | + public function __construct( |
|
| 13 | + private ICommentsManager $commentsManager, |
|
| 14 | + ) { |
|
| 15 | + } |
|
| 16 | 16 | |
| 17 | - public function getId(): string { |
|
| 18 | - return 'commenters'; |
|
| 19 | - } |
|
| 17 | + public function getId(): string { |
|
| 18 | + return 'commenters'; |
|
| 19 | + } |
|
| 20 | 20 | |
| 21 | - /** |
|
| 22 | - * Sorts people who commented on the given item atop (descelating) of the |
|
| 23 | - * others |
|
| 24 | - * |
|
| 25 | - * @param array &$sortArray |
|
| 26 | - * @param array $context |
|
| 27 | - */ |
|
| 28 | - public function sort(array &$sortArray, array $context): void { |
|
| 29 | - $commenters = $this->retrieveCommentsInformation($context['itemType'], $context['itemId']); |
|
| 30 | - if (count($commenters) === 0) { |
|
| 31 | - return; |
|
| 32 | - } |
|
| 21 | + /** |
|
| 22 | + * Sorts people who commented on the given item atop (descelating) of the |
|
| 23 | + * others |
|
| 24 | + * |
|
| 25 | + * @param array &$sortArray |
|
| 26 | + * @param array $context |
|
| 27 | + */ |
|
| 28 | + public function sort(array &$sortArray, array $context): void { |
|
| 29 | + $commenters = $this->retrieveCommentsInformation($context['itemType'], $context['itemId']); |
|
| 30 | + if (count($commenters) === 0) { |
|
| 31 | + return; |
|
| 32 | + } |
|
| 33 | 33 | |
| 34 | - foreach ($sortArray as $type => &$byType) { |
|
| 35 | - if (!isset($commenters[$type])) { |
|
| 36 | - continue; |
|
| 37 | - } |
|
| 34 | + foreach ($sortArray as $type => &$byType) { |
|
| 35 | + if (!isset($commenters[$type])) { |
|
| 36 | + continue; |
|
| 37 | + } |
|
| 38 | 38 | |
| 39 | - // at least on PHP 5.6 usort turned out to be not stable. So we add |
|
| 40 | - // the current index to the value and compare it on a draw |
|
| 41 | - $i = 0; |
|
| 42 | - $workArray = array_map(function ($element) use (&$i) { |
|
| 43 | - return [$i++, $element]; |
|
| 44 | - }, $byType); |
|
| 39 | + // at least on PHP 5.6 usort turned out to be not stable. So we add |
|
| 40 | + // the current index to the value and compare it on a draw |
|
| 41 | + $i = 0; |
|
| 42 | + $workArray = array_map(function ($element) use (&$i) { |
|
| 43 | + return [$i++, $element]; |
|
| 44 | + }, $byType); |
|
| 45 | 45 | |
| 46 | - usort($workArray, function ($a, $b) use ($commenters, $type) { |
|
| 47 | - $r = $this->compare($a[1], $b[1], $commenters[$type]); |
|
| 48 | - if ($r === 0) { |
|
| 49 | - $r = $a[0] - $b[0]; |
|
| 50 | - } |
|
| 51 | - return $r; |
|
| 52 | - }); |
|
| 46 | + usort($workArray, function ($a, $b) use ($commenters, $type) { |
|
| 47 | + $r = $this->compare($a[1], $b[1], $commenters[$type]); |
|
| 48 | + if ($r === 0) { |
|
| 49 | + $r = $a[0] - $b[0]; |
|
| 50 | + } |
|
| 51 | + return $r; |
|
| 52 | + }); |
|
| 53 | 53 | |
| 54 | - // and remove the index values again |
|
| 55 | - $byType = array_column($workArray, 1); |
|
| 56 | - } |
|
| 57 | - } |
|
| 54 | + // and remove the index values again |
|
| 55 | + $byType = array_column($workArray, 1); |
|
| 56 | + } |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - /** |
|
| 60 | - * @return array<string, array<string, int>> |
|
| 61 | - */ |
|
| 62 | - protected function retrieveCommentsInformation(string $type, string $id): array { |
|
| 63 | - $comments = $this->commentsManager->getForObject($type, $id); |
|
| 64 | - if (count($comments) === 0) { |
|
| 65 | - return []; |
|
| 66 | - } |
|
| 59 | + /** |
|
| 60 | + * @return array<string, array<string, int>> |
|
| 61 | + */ |
|
| 62 | + protected function retrieveCommentsInformation(string $type, string $id): array { |
|
| 63 | + $comments = $this->commentsManager->getForObject($type, $id); |
|
| 64 | + if (count($comments) === 0) { |
|
| 65 | + return []; |
|
| 66 | + } |
|
| 67 | 67 | |
| 68 | - $actors = []; |
|
| 69 | - foreach ($comments as $comment) { |
|
| 70 | - if (!isset($actors[$comment->getActorType()])) { |
|
| 71 | - $actors[$comment->getActorType()] = []; |
|
| 72 | - } |
|
| 73 | - if (!isset($actors[$comment->getActorType()][$comment->getActorId()])) { |
|
| 74 | - $actors[$comment->getActorType()][$comment->getActorId()] = 1; |
|
| 75 | - } else { |
|
| 76 | - $actors[$comment->getActorType()][$comment->getActorId()]++; |
|
| 77 | - } |
|
| 78 | - } |
|
| 79 | - return $actors; |
|
| 80 | - } |
|
| 68 | + $actors = []; |
|
| 69 | + foreach ($comments as $comment) { |
|
| 70 | + if (!isset($actors[$comment->getActorType()])) { |
|
| 71 | + $actors[$comment->getActorType()] = []; |
|
| 72 | + } |
|
| 73 | + if (!isset($actors[$comment->getActorType()][$comment->getActorId()])) { |
|
| 74 | + $actors[$comment->getActorType()][$comment->getActorId()] = 1; |
|
| 75 | + } else { |
|
| 76 | + $actors[$comment->getActorType()][$comment->getActorId()]++; |
|
| 77 | + } |
|
| 78 | + } |
|
| 79 | + return $actors; |
|
| 80 | + } |
|
| 81 | 81 | |
| 82 | - protected function compare(array $a, array $b, array $commenters): int { |
|
| 83 | - $a = $a['value']['shareWith']; |
|
| 84 | - $b = $b['value']['shareWith']; |
|
| 82 | + protected function compare(array $a, array $b, array $commenters): int { |
|
| 83 | + $a = $a['value']['shareWith']; |
|
| 84 | + $b = $b['value']['shareWith']; |
|
| 85 | 85 | |
| 86 | - $valueA = $commenters[$a] ?? 0; |
|
| 87 | - $valueB = $commenters[$b] ?? 0; |
|
| 86 | + $valueA = $commenters[$a] ?? 0; |
|
| 87 | + $valueB = $commenters[$b] ?? 0; |
|
| 88 | 88 | |
| 89 | - return $valueB - $valueA; |
|
| 90 | - } |
|
| 89 | + return $valueB - $valueA; |
|
| 90 | + } |
|
| 91 | 91 | } |
@@ -7,7 +7,7 @@ |
||
| 7 | 7 | require_once '../../lib/base.php'; |
| 8 | 8 | |
| 9 | 9 | $urlGenerator = \OC::$server->getURLGenerator(); |
| 10 | - header('Location: ' . $urlGenerator->getAbsoluteURL('/')); |
|
| 10 | + header('Location: '.$urlGenerator->getAbsoluteURL('/')); |
|
| 11 | 11 | exit; |
| 12 | 12 | } |
| 13 | 13 | // @codeCoverageIgnoreEnd |
@@ -4,11 +4,11 @@ |
||
| 4 | 4 | /** @var \OCP\Defaults $theme */ |
| 5 | 5 | // @codeCoverageIgnoreStart |
| 6 | 6 | if (!isset($_)) {//standalone page is not supported anymore - redirect to / |
| 7 | - require_once '../../lib/base.php'; |
|
| 7 | + require_once '../../lib/base.php'; |
|
| 8 | 8 | |
| 9 | - $urlGenerator = \OC::$server->getURLGenerator(); |
|
| 10 | - header('Location: ' . $urlGenerator->getAbsoluteURL('/')); |
|
| 11 | - exit; |
|
| 9 | + $urlGenerator = \OC::$server->getURLGenerator(); |
|
| 10 | + header('Location: ' . $urlGenerator->getAbsoluteURL('/')); |
|
| 11 | + exit; |
|
| 12 | 12 | } |
| 13 | 13 | // @codeCoverageIgnoreEnd |
| 14 | 14 | ?> |
@@ -14,10 +14,13 @@ |
||
| 14 | 14 | ?> |
| 15 | 15 | <?php if (isset($_['content'])): ?> |
| 16 | 16 | <?php print_unescaped($_['content']) ?> |
| 17 | -<?php else: ?> |
|
| 17 | +<?php else { |
|
| 18 | + : ?> |
|
| 18 | 19 | <div class="body-login-container update"> |
| 19 | 20 | <div class="icon-big icon-search"></div> |
| 20 | - <h2><?php p($l->t('Page not found')); ?></h2> |
|
| 21 | + <h2><?php p($l->t('Page not found')); |
|
| 22 | +} |
|
| 23 | +?></h2> |
|
| 21 | 24 | <p class="infogroup"><?php p($l->t('The page could not be found on the server or you may not be allowed to view it.')); ?></p> |
| 22 | 25 | <p><a class="button primary" href="<?php p(\OC::$server->getURLGenerator()->linkTo('', 'index.php')) ?>"> |
| 23 | 26 | <?php p($l->t('Back to %s', [$theme->getName()])); ?> |
@@ -30,7 +30,7 @@ |
||
| 30 | 30 | <h2><?php p($l->t('Connect to your account')) ?></h2> |
| 31 | 31 | <p class="info"> |
| 32 | 32 | <?php print_unescaped($l->t('Please log in before granting %1$s access to your %2$s account.', [ |
| 33 | - '<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>', |
|
| 33 | + '<strong>'.\OCP\Util::sanitizeHTML($_['client']).'</strong>', |
|
| 34 | 34 | \OCP\Util::sanitizeHTML($_['instanceName']) |
| 35 | 35 | ])) ?> |
| 36 | 36 | </p> |
@@ -31,9 +31,9 @@ |
||
| 31 | 31 | <h2><?php p($l->t('Connect to your account')) ?></h2> |
| 32 | 32 | <p class="info"> |
| 33 | 33 | <?php print_unescaped($l->t('Please log in before granting %1$s access to your %2$s account.', [ |
| 34 | - '<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>', |
|
| 35 | - \OCP\Util::sanitizeHTML($_['instanceName']) |
|
| 36 | - ])) ?> |
|
| 34 | + '<strong>' . \OCP\Util::sanitizeHTML($_['client']) . '</strong>', |
|
| 35 | + \OCP\Util::sanitizeHTML($_['instanceName']) |
|
| 36 | + ])) ?> |
|
| 37 | 37 | </p> |
| 38 | 38 | |
| 39 | 39 | <div class="notecard warning"> |
@@ -6,7 +6,7 @@ |
||
| 6 | 6 | <p><?php p($error['error']) ?></p> |
| 7 | 7 | <?php if (isset($error['hint']) && $error['hint']): ?> |
| 8 | 8 | <p class='hint'><?php p($error['hint']) ?></p> |
| 9 | - <?php endif;?> |
|
| 9 | + <?php endif; ?> |
|
| 10 | 10 | </li> |
| 11 | 11 | <?php endforeach ?> |
| 12 | 12 | </ul> |
@@ -27,11 +27,15 @@ discard block |
||
| 27 | 27 | <?php p($l->t('Set up two-factor authentication')) ?> |
| 28 | 28 | </a> |
| 29 | 29 | <?php } ?> |
| 30 | - <?php else: ?> |
|
| 30 | + <?php else { |
|
| 31 | + : ?> |
|
| 31 | 32 | <strong><?php p($l->t('Two-factor authentication is enforced but has not been configured on your account. Use one of your backup codes to log in or contact your admin for assistance.')) ?></strong> |
| 32 | - <?php endif; ?> |
|
| 33 | + <?php endif; |
|
| 34 | +} |
|
| 35 | +?> |
|
| 33 | 36 | </p> |
| 34 | - <?php else: ?> |
|
| 37 | + <?php else { |
|
| 38 | + : ?> |
|
| 35 | 39 | <ul> |
| 36 | 40 | <?php foreach ($_['providers'] as $provider): ?> |
| 37 | 41 | <li> |
@@ -45,6 +49,7 @@ discard block |
||
| 45 | 49 | <?php |
| 46 | 50 | if ($provider instanceof \OCP\Authentication\TwoFactorAuth\IProvidesIcons) { |
| 47 | 51 | $icon = $provider->getLightIcon(); |
| 52 | +} |
|
| 48 | 53 | } else { |
| 49 | 54 | $icon = image_path('core', 'actions/password-white.svg'); |
| 50 | 55 | } |
@@ -61,7 +66,8 @@ discard block |
||
| 61 | 66 | <?php endif ?> |
| 62 | 67 | <?php if (!is_null($_['backupProvider'])): ?> |
| 63 | 68 | <p> |
| 64 | - <a class="<?php if ($noProviders): ?>button primary two-factor-primary<?php else: ?>two-factor-secondary<?php endif ?>" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge', |
|
| 69 | + <a class="<?php if ($noProviders): ?>button primary two-factor-primary<?php else { |
|
| 70 | + : ?>two-factor-secondary<?php endif ?>" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge', |
|
| 65 | 71 | [ |
| 66 | 72 | 'challengeProviderId' => $_['backupProvider']->getId(), |
| 67 | 73 | 'redirect_url' => $_['redirect_url'], |
@@ -70,7 +76,9 @@ discard block |
||
| 70 | 76 | <?php p($l->t('Use backup code')) ?> |
| 71 | 77 | </a> |
| 72 | 78 | </p> |
| 73 | - <?php endif; ?> |
|
| 79 | + <?php endif; |
|
| 80 | +} |
|
| 81 | +?> |
|
| 74 | 82 | <p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>"> |
| 75 | 83 | <?php p($l->t('Cancel login')) ?> |
| 76 | 84 | </a></p> |
@@ -20,10 +20,10 @@ discard block |
||
| 20 | 20 | <?php } else { ?> |
| 21 | 21 | <strong><?php p($l->t('Two-factor authentication is enforced but has not been configured on your account. Please continue to setup two-factor authentication.')) ?></strong> |
| 22 | 22 | <a class="button primary two-factor-primary" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.setupProviders', |
| 23 | - [ |
|
| 24 | - 'redirect_url' => $_['redirect_url'], |
|
| 25 | - ] |
|
| 26 | - )) ?>"> |
|
| 23 | + [ |
|
| 24 | + 'redirect_url' => $_['redirect_url'], |
|
| 25 | + ] |
|
| 26 | + )) ?>"> |
|
| 27 | 27 | <?php p($l->t('Set up two-factor authentication')) ?> |
| 28 | 28 | </a> |
| 29 | 29 | <?php } ?> |
@@ -37,18 +37,18 @@ discard block |
||
| 37 | 37 | <li> |
| 38 | 38 | <a class="two-factor-provider" |
| 39 | 39 | href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge', |
| 40 | - [ |
|
| 41 | - 'challengeProviderId' => $provider->getId(), |
|
| 42 | - 'redirect_url' => $_['redirect_url'], |
|
| 43 | - ] |
|
| 44 | - )) ?>"> |
|
| 40 | + [ |
|
| 41 | + 'challengeProviderId' => $provider->getId(), |
|
| 42 | + 'redirect_url' => $_['redirect_url'], |
|
| 43 | + ] |
|
| 44 | + )) ?>"> |
|
| 45 | 45 | <?php |
| 46 | - if ($provider instanceof \OCP\Authentication\TwoFactorAuth\IProvidesIcons) { |
|
| 47 | - $icon = $provider->getLightIcon(); |
|
| 48 | - } else { |
|
| 49 | - $icon = image_path('core', 'actions/password-white.svg'); |
|
| 50 | - } |
|
| 51 | - ?> |
|
| 46 | + if ($provider instanceof \OCP\Authentication\TwoFactorAuth\IProvidesIcons) { |
|
| 47 | + $icon = $provider->getLightIcon(); |
|
| 48 | + } else { |
|
| 49 | + $icon = image_path('core', 'actions/password-white.svg'); |
|
| 50 | + } |
|
| 51 | + ?> |
|
| 52 | 52 | <img src="<?php p($icon) ?>" alt="" /> |
| 53 | 53 | <div> |
| 54 | 54 | <h3><?php p($provider->getDisplayName()) ?></h3> |
@@ -62,11 +62,11 @@ discard block |
||
| 62 | 62 | <?php if (!is_null($_['backupProvider'])): ?> |
| 63 | 63 | <p> |
| 64 | 64 | <a class="<?php if ($noProviders): ?>button primary two-factor-primary<?php else: ?>two-factor-secondary<?php endif ?>" href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.showChallenge', |
| 65 | - [ |
|
| 66 | - 'challengeProviderId' => $_['backupProvider']->getId(), |
|
| 67 | - 'redirect_url' => $_['redirect_url'], |
|
| 68 | - ] |
|
| 69 | - )) ?>"> |
|
| 65 | + [ |
|
| 66 | + 'challengeProviderId' => $_['backupProvider']->getId(), |
|
| 67 | + 'redirect_url' => $_['redirect_url'], |
|
| 68 | + ] |
|
| 69 | + )) ?>"> |
|
| 70 | 70 | <?php p($l->t('Use backup code')) ?> |
| 71 | 71 | </a> |
| 72 | 72 | </p> |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | } |
| 143 | 143 | |
| 144 | 144 | $result = $this->rootView->file_put_contents( |
| 145 | - $newRoot . '/' . Storage::KEY_STORAGE_MARKER, |
|
| 145 | + $newRoot.'/'.Storage::KEY_STORAGE_MARKER, |
|
| 146 | 146 | 'Nextcloud will detect this folder as key storage root only if this file exists' |
| 147 | 147 | ); |
| 148 | 148 | |
@@ -160,10 +160,10 @@ discard block |
||
| 160 | 160 | */ |
| 161 | 161 | protected function moveSystemKeys($oldRoot, $newRoot) { |
| 162 | 162 | if ( |
| 163 | - $this->rootView->is_dir($oldRoot . '/files_encryption') && |
|
| 164 | - $this->targetExists($newRoot . '/files_encryption') === false |
|
| 163 | + $this->rootView->is_dir($oldRoot.'/files_encryption') && |
|
| 164 | + $this->targetExists($newRoot.'/files_encryption') === false |
|
| 165 | 165 | ) { |
| 166 | - $this->rootView->rename($oldRoot . '/files_encryption', $newRoot . '/files_encryption'); |
|
| 166 | + $this->rootView->rename($oldRoot.'/files_encryption', $newRoot.'/files_encryption'); |
|
| 167 | 167 | } |
| 168 | 168 | } |
| 169 | 169 | |
@@ -217,13 +217,13 @@ discard block |
||
| 217 | 217 | */ |
| 218 | 218 | protected function moveUserEncryptionFolder($user, $oldRoot, $newRoot) { |
| 219 | 219 | if ($this->userManager->userExists($user)) { |
| 220 | - $source = $oldRoot . '/' . $user . '/files_encryption'; |
|
| 221 | - $target = $newRoot . '/' . $user . '/files_encryption'; |
|
| 220 | + $source = $oldRoot.'/'.$user.'/files_encryption'; |
|
| 221 | + $target = $newRoot.'/'.$user.'/files_encryption'; |
|
| 222 | 222 | if ( |
| 223 | 223 | $this->rootView->is_dir($source) && |
| 224 | 224 | $this->targetExists($target) === false |
| 225 | 225 | ) { |
| 226 | - $this->prepareParentFolder($newRoot . '/' . $user); |
|
| 226 | + $this->prepareParentFolder($newRoot.'/'.$user); |
|
| 227 | 227 | $this->rootView->rename($source, $target); |
| 228 | 228 | } |
| 229 | 229 | } |
@@ -241,7 +241,7 @@ discard block |
||
| 241 | 241 | $sub_dirs = explode('/', ltrim($path, '/')); |
| 242 | 242 | $dir = ''; |
| 243 | 243 | foreach ($sub_dirs as $sub_dir) { |
| 244 | - $dir .= '/' . $sub_dir; |
|
| 244 | + $dir .= '/'.$sub_dir; |
|
| 245 | 245 | if ($this->rootView->file_exists($dir) === false) { |
| 246 | 246 | $this->rootView->mkdir($dir); |
| 247 | 247 | } |
@@ -22,208 +22,208 @@ |
||
| 22 | 22 | use Symfony\Component\Console\Question\ConfirmationQuestion; |
| 23 | 23 | |
| 24 | 24 | class ChangeKeyStorageRoot extends Command { |
| 25 | - public function __construct( |
|
| 26 | - protected View $rootView, |
|
| 27 | - protected IUserManager $userManager, |
|
| 28 | - protected IConfig $config, |
|
| 29 | - protected Util $util, |
|
| 30 | - protected QuestionHelper $questionHelper, |
|
| 31 | - ) { |
|
| 32 | - parent::__construct(); |
|
| 33 | - } |
|
| 34 | - |
|
| 35 | - protected function configure() { |
|
| 36 | - parent::configure(); |
|
| 37 | - $this |
|
| 38 | - ->setName('encryption:change-key-storage-root') |
|
| 39 | - ->setDescription('Change key storage root') |
|
| 40 | - ->addArgument( |
|
| 41 | - 'newRoot', |
|
| 42 | - InputArgument::OPTIONAL, |
|
| 43 | - 'new root of the key storage relative to the data folder' |
|
| 44 | - ); |
|
| 45 | - } |
|
| 46 | - |
|
| 47 | - protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 48 | - $oldRoot = $this->util->getKeyStorageRoot(); |
|
| 49 | - $newRoot = $input->getArgument('newRoot'); |
|
| 50 | - |
|
| 51 | - if ($newRoot === null) { |
|
| 52 | - $question = new ConfirmationQuestion('No storage root given, do you want to reset the key storage root to the default location? (y/n) ', false); |
|
| 53 | - if (!$this->questionHelper->ask($input, $output, $question)) { |
|
| 54 | - return 1; |
|
| 55 | - } |
|
| 56 | - $newRoot = ''; |
|
| 57 | - } |
|
| 58 | - |
|
| 59 | - $oldRootDescription = $oldRoot !== '' ? $oldRoot : 'default storage location'; |
|
| 60 | - $newRootDescription = $newRoot !== '' ? $newRoot : 'default storage location'; |
|
| 61 | - $output->writeln("Change key storage root from <info>$oldRootDescription</info> to <info>$newRootDescription</info>"); |
|
| 62 | - $success = $this->moveAllKeys($oldRoot, $newRoot, $output); |
|
| 63 | - if ($success) { |
|
| 64 | - $this->util->setKeyStorageRoot($newRoot); |
|
| 65 | - $output->writeln(''); |
|
| 66 | - $output->writeln("Key storage root successfully changed to <info>$newRootDescription</info>"); |
|
| 67 | - return 0; |
|
| 68 | - } |
|
| 69 | - return 1; |
|
| 70 | - } |
|
| 71 | - |
|
| 72 | - /** |
|
| 73 | - * move keys to new key storage root |
|
| 74 | - * |
|
| 75 | - * @param string $oldRoot |
|
| 76 | - * @param string $newRoot |
|
| 77 | - * @param OutputInterface $output |
|
| 78 | - * @return bool |
|
| 79 | - * @throws \Exception |
|
| 80 | - */ |
|
| 81 | - protected function moveAllKeys($oldRoot, $newRoot, OutputInterface $output) { |
|
| 82 | - $output->writeln('Start to move keys:'); |
|
| 83 | - |
|
| 84 | - if ($this->rootView->is_dir($oldRoot) === false) { |
|
| 85 | - $output->writeln('No old keys found: Nothing needs to be moved'); |
|
| 86 | - return false; |
|
| 87 | - } |
|
| 88 | - |
|
| 89 | - $this->prepareNewRoot($newRoot); |
|
| 90 | - $this->moveSystemKeys($oldRoot, $newRoot); |
|
| 91 | - $this->moveUserKeys($oldRoot, $newRoot, $output); |
|
| 92 | - |
|
| 93 | - return true; |
|
| 94 | - } |
|
| 95 | - |
|
| 96 | - /** |
|
| 97 | - * prepare new key storage |
|
| 98 | - * |
|
| 99 | - * @param string $newRoot |
|
| 100 | - * @throws \Exception |
|
| 101 | - */ |
|
| 102 | - protected function prepareNewRoot($newRoot) { |
|
| 103 | - if ($this->rootView->is_dir($newRoot) === false) { |
|
| 104 | - throw new \Exception("New root folder doesn't exist. Please create the folder or check the permissions and try again."); |
|
| 105 | - } |
|
| 106 | - |
|
| 107 | - $result = $this->rootView->file_put_contents( |
|
| 108 | - $newRoot . '/' . Storage::KEY_STORAGE_MARKER, |
|
| 109 | - 'Nextcloud will detect this folder as key storage root only if this file exists' |
|
| 110 | - ); |
|
| 111 | - |
|
| 112 | - if (!$result) { |
|
| 113 | - throw new \Exception("Can't access the new root folder. Please check the permissions and make sure that the folder is in your data folder"); |
|
| 114 | - } |
|
| 115 | - } |
|
| 116 | - |
|
| 117 | - |
|
| 118 | - /** |
|
| 119 | - * move system key folder |
|
| 120 | - * |
|
| 121 | - * @param string $oldRoot |
|
| 122 | - * @param string $newRoot |
|
| 123 | - */ |
|
| 124 | - protected function moveSystemKeys($oldRoot, $newRoot) { |
|
| 125 | - if ( |
|
| 126 | - $this->rootView->is_dir($oldRoot . '/files_encryption') && |
|
| 127 | - $this->targetExists($newRoot . '/files_encryption') === false |
|
| 128 | - ) { |
|
| 129 | - $this->rootView->rename($oldRoot . '/files_encryption', $newRoot . '/files_encryption'); |
|
| 130 | - } |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - |
|
| 134 | - /** |
|
| 135 | - * setup file system for the given user |
|
| 136 | - * |
|
| 137 | - * @param string $uid |
|
| 138 | - */ |
|
| 139 | - protected function setupUserFS($uid) { |
|
| 140 | - \OC_Util::tearDownFS(); |
|
| 141 | - \OC_Util::setupFS($uid); |
|
| 142 | - } |
|
| 143 | - |
|
| 144 | - |
|
| 145 | - /** |
|
| 146 | - * iterate over each user and move the keys to the new storage |
|
| 147 | - * |
|
| 148 | - * @param string $oldRoot |
|
| 149 | - * @param string $newRoot |
|
| 150 | - * @param OutputInterface $output |
|
| 151 | - */ |
|
| 152 | - protected function moveUserKeys($oldRoot, $newRoot, OutputInterface $output) { |
|
| 153 | - $progress = new ProgressBar($output); |
|
| 154 | - $progress->start(); |
|
| 155 | - |
|
| 156 | - |
|
| 157 | - foreach ($this->userManager->getBackends() as $backend) { |
|
| 158 | - $limit = 500; |
|
| 159 | - $offset = 0; |
|
| 160 | - do { |
|
| 161 | - $users = $backend->getUsers('', $limit, $offset); |
|
| 162 | - foreach ($users as $user) { |
|
| 163 | - $progress->advance(); |
|
| 164 | - $this->setupUserFS($user); |
|
| 165 | - $this->moveUserEncryptionFolder($user, $oldRoot, $newRoot); |
|
| 166 | - } |
|
| 167 | - $offset += $limit; |
|
| 168 | - } while (count($users) >= $limit); |
|
| 169 | - } |
|
| 170 | - $progress->finish(); |
|
| 171 | - } |
|
| 172 | - |
|
| 173 | - /** |
|
| 174 | - * move user encryption folder to new root folder |
|
| 175 | - * |
|
| 176 | - * @param string $user |
|
| 177 | - * @param string $oldRoot |
|
| 178 | - * @param string $newRoot |
|
| 179 | - * @throws \Exception |
|
| 180 | - */ |
|
| 181 | - protected function moveUserEncryptionFolder($user, $oldRoot, $newRoot) { |
|
| 182 | - if ($this->userManager->userExists($user)) { |
|
| 183 | - $source = $oldRoot . '/' . $user . '/files_encryption'; |
|
| 184 | - $target = $newRoot . '/' . $user . '/files_encryption'; |
|
| 185 | - if ( |
|
| 186 | - $this->rootView->is_dir($source) && |
|
| 187 | - $this->targetExists($target) === false |
|
| 188 | - ) { |
|
| 189 | - $this->prepareParentFolder($newRoot . '/' . $user); |
|
| 190 | - $this->rootView->rename($source, $target); |
|
| 191 | - } |
|
| 192 | - } |
|
| 193 | - } |
|
| 194 | - |
|
| 195 | - /** |
|
| 196 | - * Make preparations to filesystem for saving a key file |
|
| 197 | - * |
|
| 198 | - * @param string $path relative to data/ |
|
| 199 | - */ |
|
| 200 | - protected function prepareParentFolder($path) { |
|
| 201 | - $path = Filesystem::normalizePath($path); |
|
| 202 | - // If the file resides within a subdirectory, create it |
|
| 203 | - if ($this->rootView->file_exists($path) === false) { |
|
| 204 | - $sub_dirs = explode('/', ltrim($path, '/')); |
|
| 205 | - $dir = ''; |
|
| 206 | - foreach ($sub_dirs as $sub_dir) { |
|
| 207 | - $dir .= '/' . $sub_dir; |
|
| 208 | - if ($this->rootView->file_exists($dir) === false) { |
|
| 209 | - $this->rootView->mkdir($dir); |
|
| 210 | - } |
|
| 211 | - } |
|
| 212 | - } |
|
| 213 | - } |
|
| 214 | - |
|
| 215 | - /** |
|
| 216 | - * check if target already exists |
|
| 217 | - * |
|
| 218 | - * @param $path |
|
| 219 | - * @return bool |
|
| 220 | - * @throws \Exception |
|
| 221 | - */ |
|
| 222 | - protected function targetExists($path) { |
|
| 223 | - if ($this->rootView->file_exists($path)) { |
|
| 224 | - throw new \Exception("new folder '$path' already exists"); |
|
| 225 | - } |
|
| 226 | - |
|
| 227 | - return false; |
|
| 228 | - } |
|
| 25 | + public function __construct( |
|
| 26 | + protected View $rootView, |
|
| 27 | + protected IUserManager $userManager, |
|
| 28 | + protected IConfig $config, |
|
| 29 | + protected Util $util, |
|
| 30 | + protected QuestionHelper $questionHelper, |
|
| 31 | + ) { |
|
| 32 | + parent::__construct(); |
|
| 33 | + } |
|
| 34 | + |
|
| 35 | + protected function configure() { |
|
| 36 | + parent::configure(); |
|
| 37 | + $this |
|
| 38 | + ->setName('encryption:change-key-storage-root') |
|
| 39 | + ->setDescription('Change key storage root') |
|
| 40 | + ->addArgument( |
|
| 41 | + 'newRoot', |
|
| 42 | + InputArgument::OPTIONAL, |
|
| 43 | + 'new root of the key storage relative to the data folder' |
|
| 44 | + ); |
|
| 45 | + } |
|
| 46 | + |
|
| 47 | + protected function execute(InputInterface $input, OutputInterface $output): int { |
|
| 48 | + $oldRoot = $this->util->getKeyStorageRoot(); |
|
| 49 | + $newRoot = $input->getArgument('newRoot'); |
|
| 50 | + |
|
| 51 | + if ($newRoot === null) { |
|
| 52 | + $question = new ConfirmationQuestion('No storage root given, do you want to reset the key storage root to the default location? (y/n) ', false); |
|
| 53 | + if (!$this->questionHelper->ask($input, $output, $question)) { |
|
| 54 | + return 1; |
|
| 55 | + } |
|
| 56 | + $newRoot = ''; |
|
| 57 | + } |
|
| 58 | + |
|
| 59 | + $oldRootDescription = $oldRoot !== '' ? $oldRoot : 'default storage location'; |
|
| 60 | + $newRootDescription = $newRoot !== '' ? $newRoot : 'default storage location'; |
|
| 61 | + $output->writeln("Change key storage root from <info>$oldRootDescription</info> to <info>$newRootDescription</info>"); |
|
| 62 | + $success = $this->moveAllKeys($oldRoot, $newRoot, $output); |
|
| 63 | + if ($success) { |
|
| 64 | + $this->util->setKeyStorageRoot($newRoot); |
|
| 65 | + $output->writeln(''); |
|
| 66 | + $output->writeln("Key storage root successfully changed to <info>$newRootDescription</info>"); |
|
| 67 | + return 0; |
|
| 68 | + } |
|
| 69 | + return 1; |
|
| 70 | + } |
|
| 71 | + |
|
| 72 | + /** |
|
| 73 | + * move keys to new key storage root |
|
| 74 | + * |
|
| 75 | + * @param string $oldRoot |
|
| 76 | + * @param string $newRoot |
|
| 77 | + * @param OutputInterface $output |
|
| 78 | + * @return bool |
|
| 79 | + * @throws \Exception |
|
| 80 | + */ |
|
| 81 | + protected function moveAllKeys($oldRoot, $newRoot, OutputInterface $output) { |
|
| 82 | + $output->writeln('Start to move keys:'); |
|
| 83 | + |
|
| 84 | + if ($this->rootView->is_dir($oldRoot) === false) { |
|
| 85 | + $output->writeln('No old keys found: Nothing needs to be moved'); |
|
| 86 | + return false; |
|
| 87 | + } |
|
| 88 | + |
|
| 89 | + $this->prepareNewRoot($newRoot); |
|
| 90 | + $this->moveSystemKeys($oldRoot, $newRoot); |
|
| 91 | + $this->moveUserKeys($oldRoot, $newRoot, $output); |
|
| 92 | + |
|
| 93 | + return true; |
|
| 94 | + } |
|
| 95 | + |
|
| 96 | + /** |
|
| 97 | + * prepare new key storage |
|
| 98 | + * |
|
| 99 | + * @param string $newRoot |
|
| 100 | + * @throws \Exception |
|
| 101 | + */ |
|
| 102 | + protected function prepareNewRoot($newRoot) { |
|
| 103 | + if ($this->rootView->is_dir($newRoot) === false) { |
|
| 104 | + throw new \Exception("New root folder doesn't exist. Please create the folder or check the permissions and try again."); |
|
| 105 | + } |
|
| 106 | + |
|
| 107 | + $result = $this->rootView->file_put_contents( |
|
| 108 | + $newRoot . '/' . Storage::KEY_STORAGE_MARKER, |
|
| 109 | + 'Nextcloud will detect this folder as key storage root only if this file exists' |
|
| 110 | + ); |
|
| 111 | + |
|
| 112 | + if (!$result) { |
|
| 113 | + throw new \Exception("Can't access the new root folder. Please check the permissions and make sure that the folder is in your data folder"); |
|
| 114 | + } |
|
| 115 | + } |
|
| 116 | + |
|
| 117 | + |
|
| 118 | + /** |
|
| 119 | + * move system key folder |
|
| 120 | + * |
|
| 121 | + * @param string $oldRoot |
|
| 122 | + * @param string $newRoot |
|
| 123 | + */ |
|
| 124 | + protected function moveSystemKeys($oldRoot, $newRoot) { |
|
| 125 | + if ( |
|
| 126 | + $this->rootView->is_dir($oldRoot . '/files_encryption') && |
|
| 127 | + $this->targetExists($newRoot . '/files_encryption') === false |
|
| 128 | + ) { |
|
| 129 | + $this->rootView->rename($oldRoot . '/files_encryption', $newRoot . '/files_encryption'); |
|
| 130 | + } |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + |
|
| 134 | + /** |
|
| 135 | + * setup file system for the given user |
|
| 136 | + * |
|
| 137 | + * @param string $uid |
|
| 138 | + */ |
|
| 139 | + protected function setupUserFS($uid) { |
|
| 140 | + \OC_Util::tearDownFS(); |
|
| 141 | + \OC_Util::setupFS($uid); |
|
| 142 | + } |
|
| 143 | + |
|
| 144 | + |
|
| 145 | + /** |
|
| 146 | + * iterate over each user and move the keys to the new storage |
|
| 147 | + * |
|
| 148 | + * @param string $oldRoot |
|
| 149 | + * @param string $newRoot |
|
| 150 | + * @param OutputInterface $output |
|
| 151 | + */ |
|
| 152 | + protected function moveUserKeys($oldRoot, $newRoot, OutputInterface $output) { |
|
| 153 | + $progress = new ProgressBar($output); |
|
| 154 | + $progress->start(); |
|
| 155 | + |
|
| 156 | + |
|
| 157 | + foreach ($this->userManager->getBackends() as $backend) { |
|
| 158 | + $limit = 500; |
|
| 159 | + $offset = 0; |
|
| 160 | + do { |
|
| 161 | + $users = $backend->getUsers('', $limit, $offset); |
|
| 162 | + foreach ($users as $user) { |
|
| 163 | + $progress->advance(); |
|
| 164 | + $this->setupUserFS($user); |
|
| 165 | + $this->moveUserEncryptionFolder($user, $oldRoot, $newRoot); |
|
| 166 | + } |
|
| 167 | + $offset += $limit; |
|
| 168 | + } while (count($users) >= $limit); |
|
| 169 | + } |
|
| 170 | + $progress->finish(); |
|
| 171 | + } |
|
| 172 | + |
|
| 173 | + /** |
|
| 174 | + * move user encryption folder to new root folder |
|
| 175 | + * |
|
| 176 | + * @param string $user |
|
| 177 | + * @param string $oldRoot |
|
| 178 | + * @param string $newRoot |
|
| 179 | + * @throws \Exception |
|
| 180 | + */ |
|
| 181 | + protected function moveUserEncryptionFolder($user, $oldRoot, $newRoot) { |
|
| 182 | + if ($this->userManager->userExists($user)) { |
|
| 183 | + $source = $oldRoot . '/' . $user . '/files_encryption'; |
|
| 184 | + $target = $newRoot . '/' . $user . '/files_encryption'; |
|
| 185 | + if ( |
|
| 186 | + $this->rootView->is_dir($source) && |
|
| 187 | + $this->targetExists($target) === false |
|
| 188 | + ) { |
|
| 189 | + $this->prepareParentFolder($newRoot . '/' . $user); |
|
| 190 | + $this->rootView->rename($source, $target); |
|
| 191 | + } |
|
| 192 | + } |
|
| 193 | + } |
|
| 194 | + |
|
| 195 | + /** |
|
| 196 | + * Make preparations to filesystem for saving a key file |
|
| 197 | + * |
|
| 198 | + * @param string $path relative to data/ |
|
| 199 | + */ |
|
| 200 | + protected function prepareParentFolder($path) { |
|
| 201 | + $path = Filesystem::normalizePath($path); |
|
| 202 | + // If the file resides within a subdirectory, create it |
|
| 203 | + if ($this->rootView->file_exists($path) === false) { |
|
| 204 | + $sub_dirs = explode('/', ltrim($path, '/')); |
|
| 205 | + $dir = ''; |
|
| 206 | + foreach ($sub_dirs as $sub_dir) { |
|
| 207 | + $dir .= '/' . $sub_dir; |
|
| 208 | + if ($this->rootView->file_exists($dir) === false) { |
|
| 209 | + $this->rootView->mkdir($dir); |
|
| 210 | + } |
|
| 211 | + } |
|
| 212 | + } |
|
| 213 | + } |
|
| 214 | + |
|
| 215 | + /** |
|
| 216 | + * check if target already exists |
|
| 217 | + * |
|
| 218 | + * @param $path |
|
| 219 | + * @return bool |
|
| 220 | + * @throws \Exception |
|
| 221 | + */ |
|
| 222 | + protected function targetExists($path) { |
|
| 223 | + if ($this->rootView->file_exists($path)) { |
|
| 224 | + throw new \Exception("new folder '$path' already exists"); |
|
| 225 | + } |
|
| 226 | + |
|
| 227 | + return false; |
|
| 228 | + } |
|
| 229 | 229 | } |
