nextcloud /
server
@@ -29,17 +29,13 @@ |
||
| 29 | 29 | |
| 30 | 30 | namespace OCA\FederatedFileSharing\Controller; |
| 31 | 31 | |
| 32 | -use OC\Files\Filesystem; |
|
| 33 | 32 | use OC\HintException; |
| 34 | -use OC\Share\Helper; |
|
| 35 | 33 | use OCA\FederatedFileSharing\AddressHandler; |
| 36 | 34 | use OCA\FederatedFileSharing\FederatedShareProvider; |
| 37 | -use OCA\Files_Sharing\External\Manager; |
|
| 38 | 35 | use OCP\AppFramework\Controller; |
| 39 | 36 | use OCP\AppFramework\Http; |
| 40 | 37 | use OCP\AppFramework\Http\JSONResponse; |
| 41 | 38 | use OCP\Federation\ICloudIdManager; |
| 42 | -use OCP\Files\StorageInvalidException; |
|
| 43 | 39 | use OCP\Http\Client\IClientService; |
| 44 | 40 | use OCP\IL10N; |
| 45 | 41 | use OCP\IRequest; |
@@ -57,177 +57,177 @@ |
||
| 57 | 57 | */ |
| 58 | 58 | class MountPublicLinkController extends Controller { |
| 59 | 59 | |
| 60 | - /** @var FederatedShareProvider */ |
|
| 61 | - private $federatedShareProvider; |
|
| 62 | - |
|
| 63 | - /** @var AddressHandler */ |
|
| 64 | - private $addressHandler; |
|
| 65 | - |
|
| 66 | - /** @var IManager */ |
|
| 67 | - private $shareManager; |
|
| 68 | - |
|
| 69 | - /** @var ISession */ |
|
| 70 | - private $session; |
|
| 71 | - |
|
| 72 | - /** @var IL10N */ |
|
| 73 | - private $l; |
|
| 74 | - |
|
| 75 | - /** @var IUserSession */ |
|
| 76 | - private $userSession; |
|
| 77 | - |
|
| 78 | - /** @var IClientService */ |
|
| 79 | - private $clientService; |
|
| 80 | - |
|
| 81 | - /** @var ICloudIdManager */ |
|
| 82 | - private $cloudIdManager; |
|
| 83 | - |
|
| 84 | - /** |
|
| 85 | - * MountPublicLinkController constructor. |
|
| 86 | - * |
|
| 87 | - * @param string $appName |
|
| 88 | - * @param IRequest $request |
|
| 89 | - * @param FederatedShareProvider $federatedShareProvider |
|
| 90 | - * @param IManager $shareManager |
|
| 91 | - * @param AddressHandler $addressHandler |
|
| 92 | - * @param ISession $session |
|
| 93 | - * @param IL10N $l |
|
| 94 | - * @param IUserSession $userSession |
|
| 95 | - * @param IClientService $clientService |
|
| 96 | - * @param ICloudIdManager $cloudIdManager |
|
| 97 | - */ |
|
| 98 | - public function __construct($appName, |
|
| 99 | - IRequest $request, |
|
| 100 | - FederatedShareProvider $federatedShareProvider, |
|
| 101 | - IManager $shareManager, |
|
| 102 | - AddressHandler $addressHandler, |
|
| 103 | - ISession $session, |
|
| 104 | - IL10N $l, |
|
| 105 | - IUserSession $userSession, |
|
| 106 | - IClientService $clientService, |
|
| 107 | - ICloudIdManager $cloudIdManager |
|
| 108 | - ) { |
|
| 109 | - parent::__construct($appName, $request); |
|
| 110 | - |
|
| 111 | - $this->federatedShareProvider = $federatedShareProvider; |
|
| 112 | - $this->shareManager = $shareManager; |
|
| 113 | - $this->addressHandler = $addressHandler; |
|
| 114 | - $this->session = $session; |
|
| 115 | - $this->l = $l; |
|
| 116 | - $this->userSession = $userSession; |
|
| 117 | - $this->clientService = $clientService; |
|
| 118 | - $this->cloudIdManager = $cloudIdManager; |
|
| 119 | - } |
|
| 120 | - |
|
| 121 | - /** |
|
| 122 | - * send federated share to a user of a public link |
|
| 123 | - * |
|
| 124 | - * @NoCSRFRequired |
|
| 125 | - * @PublicPage |
|
| 126 | - * @BruteForceProtection(action=publicLink2FederatedShare) |
|
| 127 | - * |
|
| 128 | - * @param string $shareWith |
|
| 129 | - * @param string $token |
|
| 130 | - * @param string $password |
|
| 131 | - * @return JSONResponse |
|
| 132 | - */ |
|
| 133 | - public function createFederatedShare($shareWith, $token, $password = '') { |
|
| 134 | - |
|
| 135 | - if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) { |
|
| 136 | - return new JSONResponse( |
|
| 137 | - ['message' => 'This server doesn\'t support outgoing federated shares'], |
|
| 138 | - Http::STATUS_BAD_REQUEST |
|
| 139 | - ); |
|
| 140 | - } |
|
| 141 | - |
|
| 142 | - try { |
|
| 143 | - list(, $server) = $this->addressHandler->splitUserRemote($shareWith); |
|
| 144 | - $share = $this->shareManager->getShareByToken($token); |
|
| 145 | - } catch (HintException $e) { |
|
| 146 | - return new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST); |
|
| 147 | - } |
|
| 148 | - |
|
| 149 | - // make sure that user is authenticated in case of a password protected link |
|
| 150 | - $storedPassword = $share->getPassword(); |
|
| 151 | - $authenticated = $this->session->get('public_link_authenticated') === $share->getId() || |
|
| 152 | - $this->shareManager->checkPassword($share, $password); |
|
| 153 | - if (!empty($storedPassword) && !$authenticated ) { |
|
| 154 | - $response = new JSONResponse( |
|
| 155 | - ['message' => 'No permission to access the share'], |
|
| 156 | - Http::STATUS_BAD_REQUEST |
|
| 157 | - ); |
|
| 158 | - $response->throttle(); |
|
| 159 | - return $response; |
|
| 160 | - } |
|
| 161 | - |
|
| 162 | - $share->setSharedWith($shareWith); |
|
| 163 | - |
|
| 164 | - try { |
|
| 165 | - $this->federatedShareProvider->create($share); |
|
| 166 | - } catch (\Exception $e) { |
|
| 167 | - \OC::$server->getLogger()->logException($e, [ |
|
| 168 | - 'level' => \OCP\Util::WARN, |
|
| 169 | - 'app' => 'federatedfilesharing', |
|
| 170 | - ]); |
|
| 171 | - return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST); |
|
| 172 | - } |
|
| 173 | - |
|
| 174 | - return new JSONResponse(['remoteUrl' => $server]); |
|
| 175 | - } |
|
| 176 | - |
|
| 177 | - /** |
|
| 178 | - * ask other server to get a federated share |
|
| 179 | - * |
|
| 180 | - * @NoAdminRequired |
|
| 181 | - * |
|
| 182 | - * @param string $token |
|
| 183 | - * @param string $remote |
|
| 184 | - * @param string $password |
|
| 185 | - * @param string $owner (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 186 | - * @param string $ownerDisplayName (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 187 | - * @param string $name (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 188 | - * @return JSONResponse |
|
| 189 | - */ |
|
| 190 | - public function askForFederatedShare($token, $remote, $password = '', $owner = '', $ownerDisplayName = '', $name = '') { |
|
| 191 | - // check if server admin allows to mount public links from other servers |
|
| 192 | - if ($this->federatedShareProvider->isIncomingServer2serverShareEnabled() === false) { |
|
| 193 | - return new JSONResponse(['message' => $this->l->t('Server to server sharing is not enabled on this server')], Http::STATUS_BAD_REQUEST); |
|
| 194 | - } |
|
| 195 | - |
|
| 196 | - $cloudId = $this->cloudIdManager->getCloudId($this->userSession->getUser()->getUID(), $this->addressHandler->generateRemoteURL()); |
|
| 197 | - |
|
| 198 | - $httpClient = $this->clientService->newClient(); |
|
| 199 | - |
|
| 200 | - try { |
|
| 201 | - $response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare', |
|
| 202 | - [ |
|
| 203 | - 'body' => |
|
| 204 | - [ |
|
| 205 | - 'token' => $token, |
|
| 206 | - 'shareWith' => rtrim($cloudId->getId(), '/'), |
|
| 207 | - 'password' => $password |
|
| 208 | - ], |
|
| 209 | - 'connect_timeout' => 10, |
|
| 210 | - ] |
|
| 211 | - ); |
|
| 212 | - } catch (\Exception $e) { |
|
| 213 | - if (empty($password)) { |
|
| 214 | - $message = $this->l->t("Couldn't establish a federated share."); |
|
| 215 | - } else { |
|
| 216 | - $message = $this->l->t("Couldn't establish a federated share, maybe the password was wrong."); |
|
| 217 | - } |
|
| 218 | - return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST); |
|
| 219 | - } |
|
| 220 | - |
|
| 221 | - $body = $response->getBody(); |
|
| 222 | - $result = json_decode($body, true); |
|
| 223 | - |
|
| 224 | - if (is_array($result) && isset($result['remoteUrl'])) { |
|
| 225 | - return new JSONResponse(['message' => $this->l->t('Federated Share request sent, you will receive an invitation. Check your notifications.')]); |
|
| 226 | - } |
|
| 227 | - |
|
| 228 | - // if we doesn't get the expected response we assume that we try to add |
|
| 229 | - // a federated share from a Nextcloud <= 9 server |
|
| 230 | - $message = $this->l->t("Couldn't establish a federated share, it looks like the server to federate with is too old (Nextcloud <= 9)."); |
|
| 231 | - return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST); |
|
| 232 | - } |
|
| 60 | + /** @var FederatedShareProvider */ |
|
| 61 | + private $federatedShareProvider; |
|
| 62 | + |
|
| 63 | + /** @var AddressHandler */ |
|
| 64 | + private $addressHandler; |
|
| 65 | + |
|
| 66 | + /** @var IManager */ |
|
| 67 | + private $shareManager; |
|
| 68 | + |
|
| 69 | + /** @var ISession */ |
|
| 70 | + private $session; |
|
| 71 | + |
|
| 72 | + /** @var IL10N */ |
|
| 73 | + private $l; |
|
| 74 | + |
|
| 75 | + /** @var IUserSession */ |
|
| 76 | + private $userSession; |
|
| 77 | + |
|
| 78 | + /** @var IClientService */ |
|
| 79 | + private $clientService; |
|
| 80 | + |
|
| 81 | + /** @var ICloudIdManager */ |
|
| 82 | + private $cloudIdManager; |
|
| 83 | + |
|
| 84 | + /** |
|
| 85 | + * MountPublicLinkController constructor. |
|
| 86 | + * |
|
| 87 | + * @param string $appName |
|
| 88 | + * @param IRequest $request |
|
| 89 | + * @param FederatedShareProvider $federatedShareProvider |
|
| 90 | + * @param IManager $shareManager |
|
| 91 | + * @param AddressHandler $addressHandler |
|
| 92 | + * @param ISession $session |
|
| 93 | + * @param IL10N $l |
|
| 94 | + * @param IUserSession $userSession |
|
| 95 | + * @param IClientService $clientService |
|
| 96 | + * @param ICloudIdManager $cloudIdManager |
|
| 97 | + */ |
|
| 98 | + public function __construct($appName, |
|
| 99 | + IRequest $request, |
|
| 100 | + FederatedShareProvider $federatedShareProvider, |
|
| 101 | + IManager $shareManager, |
|
| 102 | + AddressHandler $addressHandler, |
|
| 103 | + ISession $session, |
|
| 104 | + IL10N $l, |
|
| 105 | + IUserSession $userSession, |
|
| 106 | + IClientService $clientService, |
|
| 107 | + ICloudIdManager $cloudIdManager |
|
| 108 | + ) { |
|
| 109 | + parent::__construct($appName, $request); |
|
| 110 | + |
|
| 111 | + $this->federatedShareProvider = $federatedShareProvider; |
|
| 112 | + $this->shareManager = $shareManager; |
|
| 113 | + $this->addressHandler = $addressHandler; |
|
| 114 | + $this->session = $session; |
|
| 115 | + $this->l = $l; |
|
| 116 | + $this->userSession = $userSession; |
|
| 117 | + $this->clientService = $clientService; |
|
| 118 | + $this->cloudIdManager = $cloudIdManager; |
|
| 119 | + } |
|
| 120 | + |
|
| 121 | + /** |
|
| 122 | + * send federated share to a user of a public link |
|
| 123 | + * |
|
| 124 | + * @NoCSRFRequired |
|
| 125 | + * @PublicPage |
|
| 126 | + * @BruteForceProtection(action=publicLink2FederatedShare) |
|
| 127 | + * |
|
| 128 | + * @param string $shareWith |
|
| 129 | + * @param string $token |
|
| 130 | + * @param string $password |
|
| 131 | + * @return JSONResponse |
|
| 132 | + */ |
|
| 133 | + public function createFederatedShare($shareWith, $token, $password = '') { |
|
| 134 | + |
|
| 135 | + if (!$this->federatedShareProvider->isOutgoingServer2serverShareEnabled()) { |
|
| 136 | + return new JSONResponse( |
|
| 137 | + ['message' => 'This server doesn\'t support outgoing federated shares'], |
|
| 138 | + Http::STATUS_BAD_REQUEST |
|
| 139 | + ); |
|
| 140 | + } |
|
| 141 | + |
|
| 142 | + try { |
|
| 143 | + list(, $server) = $this->addressHandler->splitUserRemote($shareWith); |
|
| 144 | + $share = $this->shareManager->getShareByToken($token); |
|
| 145 | + } catch (HintException $e) { |
|
| 146 | + return new JSONResponse(['message' => $e->getHint()], Http::STATUS_BAD_REQUEST); |
|
| 147 | + } |
|
| 148 | + |
|
| 149 | + // make sure that user is authenticated in case of a password protected link |
|
| 150 | + $storedPassword = $share->getPassword(); |
|
| 151 | + $authenticated = $this->session->get('public_link_authenticated') === $share->getId() || |
|
| 152 | + $this->shareManager->checkPassword($share, $password); |
|
| 153 | + if (!empty($storedPassword) && !$authenticated ) { |
|
| 154 | + $response = new JSONResponse( |
|
| 155 | + ['message' => 'No permission to access the share'], |
|
| 156 | + Http::STATUS_BAD_REQUEST |
|
| 157 | + ); |
|
| 158 | + $response->throttle(); |
|
| 159 | + return $response; |
|
| 160 | + } |
|
| 161 | + |
|
| 162 | + $share->setSharedWith($shareWith); |
|
| 163 | + |
|
| 164 | + try { |
|
| 165 | + $this->federatedShareProvider->create($share); |
|
| 166 | + } catch (\Exception $e) { |
|
| 167 | + \OC::$server->getLogger()->logException($e, [ |
|
| 168 | + 'level' => \OCP\Util::WARN, |
|
| 169 | + 'app' => 'federatedfilesharing', |
|
| 170 | + ]); |
|
| 171 | + return new JSONResponse(['message' => $e->getMessage()], Http::STATUS_BAD_REQUEST); |
|
| 172 | + } |
|
| 173 | + |
|
| 174 | + return new JSONResponse(['remoteUrl' => $server]); |
|
| 175 | + } |
|
| 176 | + |
|
| 177 | + /** |
|
| 178 | + * ask other server to get a federated share |
|
| 179 | + * |
|
| 180 | + * @NoAdminRequired |
|
| 181 | + * |
|
| 182 | + * @param string $token |
|
| 183 | + * @param string $remote |
|
| 184 | + * @param string $password |
|
| 185 | + * @param string $owner (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 186 | + * @param string $ownerDisplayName (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 187 | + * @param string $name (only for legacy reasons, can be removed with legacyMountPublicLink()) |
|
| 188 | + * @return JSONResponse |
|
| 189 | + */ |
|
| 190 | + public function askForFederatedShare($token, $remote, $password = '', $owner = '', $ownerDisplayName = '', $name = '') { |
|
| 191 | + // check if server admin allows to mount public links from other servers |
|
| 192 | + if ($this->federatedShareProvider->isIncomingServer2serverShareEnabled() === false) { |
|
| 193 | + return new JSONResponse(['message' => $this->l->t('Server to server sharing is not enabled on this server')], Http::STATUS_BAD_REQUEST); |
|
| 194 | + } |
|
| 195 | + |
|
| 196 | + $cloudId = $this->cloudIdManager->getCloudId($this->userSession->getUser()->getUID(), $this->addressHandler->generateRemoteURL()); |
|
| 197 | + |
|
| 198 | + $httpClient = $this->clientService->newClient(); |
|
| 199 | + |
|
| 200 | + try { |
|
| 201 | + $response = $httpClient->post($remote . '/index.php/apps/federatedfilesharing/createFederatedShare', |
|
| 202 | + [ |
|
| 203 | + 'body' => |
|
| 204 | + [ |
|
| 205 | + 'token' => $token, |
|
| 206 | + 'shareWith' => rtrim($cloudId->getId(), '/'), |
|
| 207 | + 'password' => $password |
|
| 208 | + ], |
|
| 209 | + 'connect_timeout' => 10, |
|
| 210 | + ] |
|
| 211 | + ); |
|
| 212 | + } catch (\Exception $e) { |
|
| 213 | + if (empty($password)) { |
|
| 214 | + $message = $this->l->t("Couldn't establish a federated share."); |
|
| 215 | + } else { |
|
| 216 | + $message = $this->l->t("Couldn't establish a federated share, maybe the password was wrong."); |
|
| 217 | + } |
|
| 218 | + return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST); |
|
| 219 | + } |
|
| 220 | + |
|
| 221 | + $body = $response->getBody(); |
|
| 222 | + $result = json_decode($body, true); |
|
| 223 | + |
|
| 224 | + if (is_array($result) && isset($result['remoteUrl'])) { |
|
| 225 | + return new JSONResponse(['message' => $this->l->t('Federated Share request sent, you will receive an invitation. Check your notifications.')]); |
|
| 226 | + } |
|
| 227 | + |
|
| 228 | + // if we doesn't get the expected response we assume that we try to add |
|
| 229 | + // a federated share from a Nextcloud <= 9 server |
|
| 230 | + $message = $this->l->t("Couldn't establish a federated share, it looks like the server to federate with is too old (Nextcloud <= 9)."); |
|
| 231 | + return new JSONResponse(['message' => $message], Http::STATUS_BAD_REQUEST); |
|
| 232 | + } |
|
| 233 | 233 | } |
@@ -33,99 +33,99 @@ |
||
| 33 | 33 | * use server side events with caution, to many open requests can hang the server |
| 34 | 34 | */ |
| 35 | 35 | class OC_EventSource implements \OCP\IEventSource { |
| 36 | - /** |
|
| 37 | - * @var bool |
|
| 38 | - */ |
|
| 39 | - private $fallback; |
|
| 36 | + /** |
|
| 37 | + * @var bool |
|
| 38 | + */ |
|
| 39 | + private $fallback; |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * @var int |
|
| 43 | - */ |
|
| 44 | - private $fallBackId = 0; |
|
| 41 | + /** |
|
| 42 | + * @var int |
|
| 43 | + */ |
|
| 44 | + private $fallBackId = 0; |
|
| 45 | 45 | |
| 46 | - /** |
|
| 47 | - * @var bool |
|
| 48 | - */ |
|
| 49 | - private $started = false; |
|
| 46 | + /** |
|
| 47 | + * @var bool |
|
| 48 | + */ |
|
| 49 | + private $started = false; |
|
| 50 | 50 | |
| 51 | - protected function init() { |
|
| 52 | - if ($this->started) { |
|
| 53 | - return; |
|
| 54 | - } |
|
| 55 | - $this->started = true; |
|
| 51 | + protected function init() { |
|
| 52 | + if ($this->started) { |
|
| 53 | + return; |
|
| 54 | + } |
|
| 55 | + $this->started = true; |
|
| 56 | 56 | |
| 57 | - // prevent php output buffering, caching and nginx buffering |
|
| 58 | - OC_Util::obEnd(); |
|
| 59 | - header('Cache-Control: no-cache'); |
|
| 60 | - header('X-Accel-Buffering: no'); |
|
| 61 | - $this->fallback = isset($_GET['fallback']) and $_GET['fallback'] == 'true'; |
|
| 62 | - if ($this->fallback) { |
|
| 63 | - $this->fallBackId = (int)$_GET['fallback_id']; |
|
| 64 | - /** |
|
| 65 | - * FIXME: The default content-security-policy of ownCloud forbids inline |
|
| 66 | - * JavaScript for security reasons. IE starting on Windows 10 will |
|
| 67 | - * however also obey the CSP which will break the event source fallback. |
|
| 68 | - * |
|
| 69 | - * As a workaround thus we set a custom policy which allows the execution |
|
| 70 | - * of inline JavaScript. |
|
| 71 | - * |
|
| 72 | - * @link https://github.com/owncloud/core/issues/14286 |
|
| 73 | - */ |
|
| 74 | - header("Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'"); |
|
| 75 | - header("Content-Type: text/html"); |
|
| 76 | - echo str_repeat('<span></span>' . PHP_EOL, 10); //dummy data to keep IE happy |
|
| 77 | - } else { |
|
| 78 | - header("Content-Type: text/event-stream"); |
|
| 79 | - } |
|
| 80 | - if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 81 | - header('Location: '.\OC::$WEBROOT); |
|
| 82 | - exit(); |
|
| 83 | - } |
|
| 84 | - if (!\OC::$server->getRequest()->passesCSRFCheck()) { |
|
| 85 | - $this->send('error', 'Possible CSRF attack. Connection will be closed.'); |
|
| 86 | - $this->close(); |
|
| 87 | - exit(); |
|
| 88 | - } |
|
| 89 | - flush(); |
|
| 90 | - } |
|
| 57 | + // prevent php output buffering, caching and nginx buffering |
|
| 58 | + OC_Util::obEnd(); |
|
| 59 | + header('Cache-Control: no-cache'); |
|
| 60 | + header('X-Accel-Buffering: no'); |
|
| 61 | + $this->fallback = isset($_GET['fallback']) and $_GET['fallback'] == 'true'; |
|
| 62 | + if ($this->fallback) { |
|
| 63 | + $this->fallBackId = (int)$_GET['fallback_id']; |
|
| 64 | + /** |
|
| 65 | + * FIXME: The default content-security-policy of ownCloud forbids inline |
|
| 66 | + * JavaScript for security reasons. IE starting on Windows 10 will |
|
| 67 | + * however also obey the CSP which will break the event source fallback. |
|
| 68 | + * |
|
| 69 | + * As a workaround thus we set a custom policy which allows the execution |
|
| 70 | + * of inline JavaScript. |
|
| 71 | + * |
|
| 72 | + * @link https://github.com/owncloud/core/issues/14286 |
|
| 73 | + */ |
|
| 74 | + header("Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'"); |
|
| 75 | + header("Content-Type: text/html"); |
|
| 76 | + echo str_repeat('<span></span>' . PHP_EOL, 10); //dummy data to keep IE happy |
|
| 77 | + } else { |
|
| 78 | + header("Content-Type: text/event-stream"); |
|
| 79 | + } |
|
| 80 | + if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 81 | + header('Location: '.\OC::$WEBROOT); |
|
| 82 | + exit(); |
|
| 83 | + } |
|
| 84 | + if (!\OC::$server->getRequest()->passesCSRFCheck()) { |
|
| 85 | + $this->send('error', 'Possible CSRF attack. Connection will be closed.'); |
|
| 86 | + $this->close(); |
|
| 87 | + exit(); |
|
| 88 | + } |
|
| 89 | + flush(); |
|
| 90 | + } |
|
| 91 | 91 | |
| 92 | - /** |
|
| 93 | - * send a message to the client |
|
| 94 | - * |
|
| 95 | - * @param string $type |
|
| 96 | - * @param mixed $data |
|
| 97 | - * |
|
| 98 | - * @throws \BadMethodCallException |
|
| 99 | - * if only one parameter is given, a typeless message will be send with that parameter as data |
|
| 100 | - * @suppress PhanDeprecatedFunction |
|
| 101 | - */ |
|
| 102 | - public function send($type, $data = null) { |
|
| 103 | - if ($data and !preg_match('/^[A-Za-z0-9_]+$/', $type)) { |
|
| 104 | - throw new BadMethodCallException('Type needs to be alphanumeric ('. $type .')'); |
|
| 105 | - } |
|
| 106 | - $this->init(); |
|
| 107 | - if (is_null($data)) { |
|
| 108 | - $data = $type; |
|
| 109 | - $type = null; |
|
| 110 | - } |
|
| 111 | - if ($this->fallback) { |
|
| 112 | - $response = '<script type="text/javascript">window.parent.OC.EventSource.fallBackCallBack(' |
|
| 113 | - . $this->fallBackId . ',"' . $type . '",' . OC_JSON::encode($data) . ')</script>' . PHP_EOL; |
|
| 114 | - echo $response; |
|
| 115 | - } else { |
|
| 116 | - if ($type) { |
|
| 117 | - echo 'event: ' . $type . PHP_EOL; |
|
| 118 | - } |
|
| 119 | - echo 'data: ' . OC_JSON::encode($data) . PHP_EOL; |
|
| 120 | - } |
|
| 121 | - echo PHP_EOL; |
|
| 122 | - flush(); |
|
| 123 | - } |
|
| 92 | + /** |
|
| 93 | + * send a message to the client |
|
| 94 | + * |
|
| 95 | + * @param string $type |
|
| 96 | + * @param mixed $data |
|
| 97 | + * |
|
| 98 | + * @throws \BadMethodCallException |
|
| 99 | + * if only one parameter is given, a typeless message will be send with that parameter as data |
|
| 100 | + * @suppress PhanDeprecatedFunction |
|
| 101 | + */ |
|
| 102 | + public function send($type, $data = null) { |
|
| 103 | + if ($data and !preg_match('/^[A-Za-z0-9_]+$/', $type)) { |
|
| 104 | + throw new BadMethodCallException('Type needs to be alphanumeric ('. $type .')'); |
|
| 105 | + } |
|
| 106 | + $this->init(); |
|
| 107 | + if (is_null($data)) { |
|
| 108 | + $data = $type; |
|
| 109 | + $type = null; |
|
| 110 | + } |
|
| 111 | + if ($this->fallback) { |
|
| 112 | + $response = '<script type="text/javascript">window.parent.OC.EventSource.fallBackCallBack(' |
|
| 113 | + . $this->fallBackId . ',"' . $type . '",' . OC_JSON::encode($data) . ')</script>' . PHP_EOL; |
|
| 114 | + echo $response; |
|
| 115 | + } else { |
|
| 116 | + if ($type) { |
|
| 117 | + echo 'event: ' . $type . PHP_EOL; |
|
| 118 | + } |
|
| 119 | + echo 'data: ' . OC_JSON::encode($data) . PHP_EOL; |
|
| 120 | + } |
|
| 121 | + echo PHP_EOL; |
|
| 122 | + flush(); |
|
| 123 | + } |
|
| 124 | 124 | |
| 125 | - /** |
|
| 126 | - * close the connection of the event source |
|
| 127 | - */ |
|
| 128 | - public function close() { |
|
| 129 | - $this->send('__internal__', 'close'); //server side closing can be an issue, let the client do it |
|
| 130 | - } |
|
| 125 | + /** |
|
| 126 | + * close the connection of the event source |
|
| 127 | + */ |
|
| 128 | + public function close() { |
|
| 129 | + $this->send('__internal__', 'close'); //server side closing can be an issue, let the client do it |
|
| 130 | + } |
|
| 131 | 131 | } |
@@ -60,7 +60,7 @@ discard block |
||
| 60 | 60 | header('X-Accel-Buffering: no'); |
| 61 | 61 | $this->fallback = isset($_GET['fallback']) and $_GET['fallback'] == 'true'; |
| 62 | 62 | if ($this->fallback) { |
| 63 | - $this->fallBackId = (int)$_GET['fallback_id']; |
|
| 63 | + $this->fallBackId = (int) $_GET['fallback_id']; |
|
| 64 | 64 | /** |
| 65 | 65 | * FIXME: The default content-security-policy of ownCloud forbids inline |
| 66 | 66 | * JavaScript for security reasons. IE starting on Windows 10 will |
@@ -73,11 +73,11 @@ discard block |
||
| 73 | 73 | */ |
| 74 | 74 | header("Content-Security-Policy: default-src 'none'; script-src 'unsafe-inline'"); |
| 75 | 75 | header("Content-Type: text/html"); |
| 76 | - echo str_repeat('<span></span>' . PHP_EOL, 10); //dummy data to keep IE happy |
|
| 76 | + echo str_repeat('<span></span>'.PHP_EOL, 10); //dummy data to keep IE happy |
|
| 77 | 77 | } else { |
| 78 | 78 | header("Content-Type: text/event-stream"); |
| 79 | 79 | } |
| 80 | - if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 80 | + if (!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 81 | 81 | header('Location: '.\OC::$WEBROOT); |
| 82 | 82 | exit(); |
| 83 | 83 | } |
@@ -101,7 +101,7 @@ discard block |
||
| 101 | 101 | */ |
| 102 | 102 | public function send($type, $data = null) { |
| 103 | 103 | if ($data and !preg_match('/^[A-Za-z0-9_]+$/', $type)) { |
| 104 | - throw new BadMethodCallException('Type needs to be alphanumeric ('. $type .')'); |
|
| 104 | + throw new BadMethodCallException('Type needs to be alphanumeric ('.$type.')'); |
|
| 105 | 105 | } |
| 106 | 106 | $this->init(); |
| 107 | 107 | if (is_null($data)) { |
@@ -110,13 +110,13 @@ discard block |
||
| 110 | 110 | } |
| 111 | 111 | if ($this->fallback) { |
| 112 | 112 | $response = '<script type="text/javascript">window.parent.OC.EventSource.fallBackCallBack(' |
| 113 | - . $this->fallBackId . ',"' . $type . '",' . OC_JSON::encode($data) . ')</script>' . PHP_EOL; |
|
| 113 | + . $this->fallBackId.',"'.$type.'",'.OC_JSON::encode($data).')</script>'.PHP_EOL; |
|
| 114 | 114 | echo $response; |
| 115 | 115 | } else { |
| 116 | 116 | if ($type) { |
| 117 | - echo 'event: ' . $type . PHP_EOL; |
|
| 117 | + echo 'event: '.$type.PHP_EOL; |
|
| 118 | 118 | } |
| 119 | - echo 'data: ' . OC_JSON::encode($data) . PHP_EOL; |
|
| 119 | + echo 'data: '.OC_JSON::encode($data).PHP_EOL; |
|
| 120 | 120 | } |
| 121 | 121 | echo PHP_EOL; |
| 122 | 122 | flush(); |
@@ -38,125 +38,125 @@ |
||
| 38 | 38 | */ |
| 39 | 39 | class OC_JSON{ |
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * Check if the app is enabled, send json error msg if not |
|
| 43 | - * @param string $app |
|
| 44 | - * @deprecated Use the AppFramework instead. It will automatically check if the app is enabled. |
|
| 45 | - * @suppress PhanDeprecatedFunction |
|
| 46 | - */ |
|
| 47 | - public static function checkAppEnabled($app) { |
|
| 48 | - if( !\OC::$server->getAppManager()->isEnabledForUser($app)) { |
|
| 49 | - $l = \OC::$server->getL10N('lib'); |
|
| 50 | - self::error(array( 'data' => array( 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' ))); |
|
| 51 | - exit(); |
|
| 52 | - } |
|
| 53 | - } |
|
| 41 | + /** |
|
| 42 | + * Check if the app is enabled, send json error msg if not |
|
| 43 | + * @param string $app |
|
| 44 | + * @deprecated Use the AppFramework instead. It will automatically check if the app is enabled. |
|
| 45 | + * @suppress PhanDeprecatedFunction |
|
| 46 | + */ |
|
| 47 | + public static function checkAppEnabled($app) { |
|
| 48 | + if( !\OC::$server->getAppManager()->isEnabledForUser($app)) { |
|
| 49 | + $l = \OC::$server->getL10N('lib'); |
|
| 50 | + self::error(array( 'data' => array( 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' ))); |
|
| 51 | + exit(); |
|
| 52 | + } |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * Check if the user is logged in, send json error msg if not |
|
| 57 | - * @deprecated Use annotation based ACLs from the AppFramework instead |
|
| 58 | - * @suppress PhanDeprecatedFunction |
|
| 59 | - */ |
|
| 60 | - public static function checkLoggedIn() { |
|
| 61 | - $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager(); |
|
| 62 | - if( !\OC::$server->getUserSession()->isLoggedIn() |
|
| 63 | - || $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) { |
|
| 64 | - $l = \OC::$server->getL10N('lib'); |
|
| 65 | - http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED); |
|
| 66 | - self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 67 | - exit(); |
|
| 68 | - } |
|
| 69 | - } |
|
| 55 | + /** |
|
| 56 | + * Check if the user is logged in, send json error msg if not |
|
| 57 | + * @deprecated Use annotation based ACLs from the AppFramework instead |
|
| 58 | + * @suppress PhanDeprecatedFunction |
|
| 59 | + */ |
|
| 60 | + public static function checkLoggedIn() { |
|
| 61 | + $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager(); |
|
| 62 | + if( !\OC::$server->getUserSession()->isLoggedIn() |
|
| 63 | + || $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) { |
|
| 64 | + $l = \OC::$server->getL10N('lib'); |
|
| 65 | + http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED); |
|
| 66 | + self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 67 | + exit(); |
|
| 68 | + } |
|
| 69 | + } |
|
| 70 | 70 | |
| 71 | - /** |
|
| 72 | - * Check an ajax get/post call if the request token is valid, send json error msg if not. |
|
| 73 | - * @deprecated Use annotation based CSRF checks from the AppFramework instead |
|
| 74 | - * @suppress PhanDeprecatedFunction |
|
| 75 | - */ |
|
| 76 | - public static function callCheck() { |
|
| 77 | - if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 78 | - header('Location: '.\OC::$WEBROOT); |
|
| 79 | - exit(); |
|
| 80 | - } |
|
| 71 | + /** |
|
| 72 | + * Check an ajax get/post call if the request token is valid, send json error msg if not. |
|
| 73 | + * @deprecated Use annotation based CSRF checks from the AppFramework instead |
|
| 74 | + * @suppress PhanDeprecatedFunction |
|
| 75 | + */ |
|
| 76 | + public static function callCheck() { |
|
| 77 | + if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 78 | + header('Location: '.\OC::$WEBROOT); |
|
| 79 | + exit(); |
|
| 80 | + } |
|
| 81 | 81 | |
| 82 | - if( !\OC::$server->getRequest()->passesCSRFCheck()) { |
|
| 83 | - $l = \OC::$server->getL10N('lib'); |
|
| 84 | - self::error(array( 'data' => array( 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ))); |
|
| 85 | - exit(); |
|
| 86 | - } |
|
| 87 | - } |
|
| 82 | + if( !\OC::$server->getRequest()->passesCSRFCheck()) { |
|
| 83 | + $l = \OC::$server->getL10N('lib'); |
|
| 84 | + self::error(array( 'data' => array( 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ))); |
|
| 85 | + exit(); |
|
| 86 | + } |
|
| 87 | + } |
|
| 88 | 88 | |
| 89 | - /** |
|
| 90 | - * Check if the user is a admin, send json error msg if not. |
|
| 91 | - * @deprecated Use annotation based ACLs from the AppFramework instead |
|
| 92 | - * @suppress PhanDeprecatedFunction |
|
| 93 | - */ |
|
| 94 | - public static function checkAdminUser() { |
|
| 95 | - if( !OC_User::isAdminUser(OC_User::getUser())) { |
|
| 96 | - $l = \OC::$server->getL10N('lib'); |
|
| 97 | - self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 98 | - exit(); |
|
| 99 | - } |
|
| 100 | - } |
|
| 89 | + /** |
|
| 90 | + * Check if the user is a admin, send json error msg if not. |
|
| 91 | + * @deprecated Use annotation based ACLs from the AppFramework instead |
|
| 92 | + * @suppress PhanDeprecatedFunction |
|
| 93 | + */ |
|
| 94 | + public static function checkAdminUser() { |
|
| 95 | + if( !OC_User::isAdminUser(OC_User::getUser())) { |
|
| 96 | + $l = \OC::$server->getL10N('lib'); |
|
| 97 | + self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 98 | + exit(); |
|
| 99 | + } |
|
| 100 | + } |
|
| 101 | 101 | |
| 102 | - /** |
|
| 103 | - * Check if the user is a subadmin, send json error msg if not |
|
| 104 | - * @deprecated Use annotation based ACLs from the AppFramework instead |
|
| 105 | - * @suppress PhanDeprecatedFunction |
|
| 106 | - */ |
|
| 107 | - public static function checkSubAdminUser() { |
|
| 108 | - $userObject = \OC::$server->getUserSession()->getUser(); |
|
| 109 | - $isSubAdmin = false; |
|
| 110 | - if($userObject !== null) { |
|
| 111 | - $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); |
|
| 112 | - } |
|
| 102 | + /** |
|
| 103 | + * Check if the user is a subadmin, send json error msg if not |
|
| 104 | + * @deprecated Use annotation based ACLs from the AppFramework instead |
|
| 105 | + * @suppress PhanDeprecatedFunction |
|
| 106 | + */ |
|
| 107 | + public static function checkSubAdminUser() { |
|
| 108 | + $userObject = \OC::$server->getUserSession()->getUser(); |
|
| 109 | + $isSubAdmin = false; |
|
| 110 | + if($userObject !== null) { |
|
| 111 | + $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); |
|
| 112 | + } |
|
| 113 | 113 | |
| 114 | - if(!$isSubAdmin) { |
|
| 115 | - $l = \OC::$server->getL10N('lib'); |
|
| 116 | - self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 117 | - exit(); |
|
| 118 | - } |
|
| 119 | - } |
|
| 114 | + if(!$isSubAdmin) { |
|
| 115 | + $l = \OC::$server->getL10N('lib'); |
|
| 116 | + self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 117 | + exit(); |
|
| 118 | + } |
|
| 119 | + } |
|
| 120 | 120 | |
| 121 | - /** |
|
| 122 | - * Send json error msg |
|
| 123 | - * @deprecated Use a AppFramework JSONResponse instead |
|
| 124 | - * @suppress PhanDeprecatedFunction |
|
| 125 | - */ |
|
| 126 | - public static function error($data = array()) { |
|
| 127 | - $data['status'] = 'error'; |
|
| 128 | - header( 'Content-Type: application/json; charset=utf-8'); |
|
| 129 | - echo self::encode($data); |
|
| 130 | - } |
|
| 121 | + /** |
|
| 122 | + * Send json error msg |
|
| 123 | + * @deprecated Use a AppFramework JSONResponse instead |
|
| 124 | + * @suppress PhanDeprecatedFunction |
|
| 125 | + */ |
|
| 126 | + public static function error($data = array()) { |
|
| 127 | + $data['status'] = 'error'; |
|
| 128 | + header( 'Content-Type: application/json; charset=utf-8'); |
|
| 129 | + echo self::encode($data); |
|
| 130 | + } |
|
| 131 | 131 | |
| 132 | - /** |
|
| 133 | - * Send json success msg |
|
| 134 | - * @deprecated Use a AppFramework JSONResponse instead |
|
| 135 | - * @suppress PhanDeprecatedFunction |
|
| 136 | - */ |
|
| 137 | - public static function success($data = array()) { |
|
| 138 | - $data['status'] = 'success'; |
|
| 139 | - header( 'Content-Type: application/json; charset=utf-8'); |
|
| 140 | - echo self::encode($data); |
|
| 141 | - } |
|
| 132 | + /** |
|
| 133 | + * Send json success msg |
|
| 134 | + * @deprecated Use a AppFramework JSONResponse instead |
|
| 135 | + * @suppress PhanDeprecatedFunction |
|
| 136 | + */ |
|
| 137 | + public static function success($data = array()) { |
|
| 138 | + $data['status'] = 'success'; |
|
| 139 | + header( 'Content-Type: application/json; charset=utf-8'); |
|
| 140 | + echo self::encode($data); |
|
| 141 | + } |
|
| 142 | 142 | |
| 143 | - /** |
|
| 144 | - * Convert OC_L10N_String to string, for use in json encodings |
|
| 145 | - */ |
|
| 146 | - protected static function to_string(&$value) { |
|
| 147 | - if ($value instanceof \OC\L10N\L10NString) { |
|
| 148 | - $value = (string)$value; |
|
| 149 | - } |
|
| 150 | - } |
|
| 143 | + /** |
|
| 144 | + * Convert OC_L10N_String to string, for use in json encodings |
|
| 145 | + */ |
|
| 146 | + protected static function to_string(&$value) { |
|
| 147 | + if ($value instanceof \OC\L10N\L10NString) { |
|
| 148 | + $value = (string)$value; |
|
| 149 | + } |
|
| 150 | + } |
|
| 151 | 151 | |
| 152 | - /** |
|
| 153 | - * Encode JSON |
|
| 154 | - * @deprecated Use a AppFramework JSONResponse instead |
|
| 155 | - */ |
|
| 156 | - public static function encode($data) { |
|
| 157 | - if (is_array($data)) { |
|
| 158 | - array_walk_recursive($data, array('OC_JSON', 'to_string')); |
|
| 159 | - } |
|
| 160 | - return json_encode($data, JSON_HEX_TAG); |
|
| 161 | - } |
|
| 152 | + /** |
|
| 153 | + * Encode JSON |
|
| 154 | + * @deprecated Use a AppFramework JSONResponse instead |
|
| 155 | + */ |
|
| 156 | + public static function encode($data) { |
|
| 157 | + if (is_array($data)) { |
|
| 158 | + array_walk_recursive($data, array('OC_JSON', 'to_string')); |
|
| 159 | + } |
|
| 160 | + return json_encode($data, JSON_HEX_TAG); |
|
| 161 | + } |
|
| 162 | 162 | } |
@@ -36,7 +36,7 @@ discard block |
||
| 36 | 36 | * Class OC_JSON |
| 37 | 37 | * @deprecated Use a AppFramework JSONResponse instead |
| 38 | 38 | */ |
| 39 | -class OC_JSON{ |
|
| 39 | +class OC_JSON { |
|
| 40 | 40 | |
| 41 | 41 | /** |
| 42 | 42 | * Check if the app is enabled, send json error msg if not |
@@ -45,9 +45,9 @@ discard block |
||
| 45 | 45 | * @suppress PhanDeprecatedFunction |
| 46 | 46 | */ |
| 47 | 47 | public static function checkAppEnabled($app) { |
| 48 | - if( !\OC::$server->getAppManager()->isEnabledForUser($app)) { |
|
| 48 | + if (!\OC::$server->getAppManager()->isEnabledForUser($app)) { |
|
| 49 | 49 | $l = \OC::$server->getL10N('lib'); |
| 50 | - self::error(array( 'data' => array( 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' ))); |
|
| 50 | + self::error(array('data' => array('message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled'))); |
|
| 51 | 51 | exit(); |
| 52 | 52 | } |
| 53 | 53 | } |
@@ -59,11 +59,11 @@ discard block |
||
| 59 | 59 | */ |
| 60 | 60 | public static function checkLoggedIn() { |
| 61 | 61 | $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager(); |
| 62 | - if( !\OC::$server->getUserSession()->isLoggedIn() |
|
| 62 | + if (!\OC::$server->getUserSession()->isLoggedIn() |
|
| 63 | 63 | || $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) { |
| 64 | 64 | $l = \OC::$server->getL10N('lib'); |
| 65 | 65 | http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED); |
| 66 | - self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 66 | + self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error'))); |
|
| 67 | 67 | exit(); |
| 68 | 68 | } |
| 69 | 69 | } |
@@ -74,14 +74,14 @@ discard block |
||
| 74 | 74 | * @suppress PhanDeprecatedFunction |
| 75 | 75 | */ |
| 76 | 76 | public static function callCheck() { |
| 77 | - if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 77 | + if (!\OC::$server->getRequest()->passesStrictCookieCheck()) { |
|
| 78 | 78 | header('Location: '.\OC::$WEBROOT); |
| 79 | 79 | exit(); |
| 80 | 80 | } |
| 81 | 81 | |
| 82 | - if( !\OC::$server->getRequest()->passesCSRFCheck()) { |
|
| 82 | + if (!\OC::$server->getRequest()->passesCSRFCheck()) { |
|
| 83 | 83 | $l = \OC::$server->getL10N('lib'); |
| 84 | - self::error(array( 'data' => array( 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ))); |
|
| 84 | + self::error(array('data' => array('message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired'))); |
|
| 85 | 85 | exit(); |
| 86 | 86 | } |
| 87 | 87 | } |
@@ -92,9 +92,9 @@ discard block |
||
| 92 | 92 | * @suppress PhanDeprecatedFunction |
| 93 | 93 | */ |
| 94 | 94 | public static function checkAdminUser() { |
| 95 | - if( !OC_User::isAdminUser(OC_User::getUser())) { |
|
| 95 | + if (!OC_User::isAdminUser(OC_User::getUser())) { |
|
| 96 | 96 | $l = \OC::$server->getL10N('lib'); |
| 97 | - self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 97 | + self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error'))); |
|
| 98 | 98 | exit(); |
| 99 | 99 | } |
| 100 | 100 | } |
@@ -107,13 +107,13 @@ discard block |
||
| 107 | 107 | public static function checkSubAdminUser() { |
| 108 | 108 | $userObject = \OC::$server->getUserSession()->getUser(); |
| 109 | 109 | $isSubAdmin = false; |
| 110 | - if($userObject !== null) { |
|
| 110 | + if ($userObject !== null) { |
|
| 111 | 111 | $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject); |
| 112 | 112 | } |
| 113 | 113 | |
| 114 | - if(!$isSubAdmin) { |
|
| 114 | + if (!$isSubAdmin) { |
|
| 115 | 115 | $l = \OC::$server->getL10N('lib'); |
| 116 | - self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ))); |
|
| 116 | + self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error'))); |
|
| 117 | 117 | exit(); |
| 118 | 118 | } |
| 119 | 119 | } |
@@ -125,7 +125,7 @@ discard block |
||
| 125 | 125 | */ |
| 126 | 126 | public static function error($data = array()) { |
| 127 | 127 | $data['status'] = 'error'; |
| 128 | - header( 'Content-Type: application/json; charset=utf-8'); |
|
| 128 | + header('Content-Type: application/json; charset=utf-8'); |
|
| 129 | 129 | echo self::encode($data); |
| 130 | 130 | } |
| 131 | 131 | |
@@ -136,7 +136,7 @@ discard block |
||
| 136 | 136 | */ |
| 137 | 137 | public static function success($data = array()) { |
| 138 | 138 | $data['status'] = 'success'; |
| 139 | - header( 'Content-Type: application/json; charset=utf-8'); |
|
| 139 | + header('Content-Type: application/json; charset=utf-8'); |
|
| 140 | 140 | echo self::encode($data); |
| 141 | 141 | } |
| 142 | 142 | |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | */ |
| 146 | 146 | protected static function to_string(&$value) { |
| 147 | 147 | if ($value instanceof \OC\L10N\L10NString) { |
| 148 | - $value = (string)$value; |
|
| 148 | + $value = (string) $value; |
|
| 149 | 149 | } |
| 150 | 150 | } |
| 151 | 151 | |
@@ -41,126 +41,126 @@ |
||
| 41 | 41 | * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
| 42 | 42 | */ |
| 43 | 43 | class JSON { |
| 44 | - /** |
|
| 45 | - * Check if the user is logged in, send json error msg if not. |
|
| 46 | - * |
|
| 47 | - * This method checks if a user is logged in. If not, a json error |
|
| 48 | - * response will be return and the method will exit from execution |
|
| 49 | - * of the script. |
|
| 50 | - * The returned json will be in the format: |
|
| 51 | - * |
|
| 52 | - * {"status":"error","data":{"message":"Authentication error."}} |
|
| 53 | - * |
|
| 54 | - * Add this call to the start of all ajax method files that requires |
|
| 55 | - * an authenticated user. |
|
| 56 | - * @deprecated 8.1.0 Use annotation based ACLs from the AppFramework instead |
|
| 57 | - * |
|
| 58 | - * @suppress PhanDeprecatedFunction |
|
| 59 | - */ |
|
| 60 | - public static function checkLoggedIn() { |
|
| 61 | - \OC_JSON::checkLoggedIn(); |
|
| 62 | - } |
|
| 44 | + /** |
|
| 45 | + * Check if the user is logged in, send json error msg if not. |
|
| 46 | + * |
|
| 47 | + * This method checks if a user is logged in. If not, a json error |
|
| 48 | + * response will be return and the method will exit from execution |
|
| 49 | + * of the script. |
|
| 50 | + * The returned json will be in the format: |
|
| 51 | + * |
|
| 52 | + * {"status":"error","data":{"message":"Authentication error."}} |
|
| 53 | + * |
|
| 54 | + * Add this call to the start of all ajax method files that requires |
|
| 55 | + * an authenticated user. |
|
| 56 | + * @deprecated 8.1.0 Use annotation based ACLs from the AppFramework instead |
|
| 57 | + * |
|
| 58 | + * @suppress PhanDeprecatedFunction |
|
| 59 | + */ |
|
| 60 | + public static function checkLoggedIn() { |
|
| 61 | + \OC_JSON::checkLoggedIn(); |
|
| 62 | + } |
|
| 63 | 63 | |
| 64 | - /** |
|
| 65 | - * Check an ajax get/post call if the request token is valid. |
|
| 66 | - * |
|
| 67 | - * This method checks for a valid variable 'requesttoken' in $_GET, |
|
| 68 | - * $_POST and $_SERVER. If a valid token is not found, a json error |
|
| 69 | - * response will be return and the method will exit from execution |
|
| 70 | - * of the script. |
|
| 71 | - * The returned json will be in the format: |
|
| 72 | - * |
|
| 73 | - * {"status":"error","data":{"message":"Token expired. Please reload page."}} |
|
| 74 | - * |
|
| 75 | - * Add this call to the start of all ajax method files that creates, |
|
| 76 | - * updates or deletes anything. |
|
| 77 | - * In cases where you e.g. use an ajax call to load a dialog containing |
|
| 78 | - * a submittable form, you will need to add the requesttoken first as a |
|
| 79 | - * parameter to the ajax call, then assign it to the template and finally |
|
| 80 | - * add a hidden input field also named 'requesttoken' containing the value. |
|
| 81 | - * @deprecated 8.1.0 Use annotation based CSRF checks from the AppFramework instead |
|
| 82 | - * |
|
| 83 | - * @suppress PhanDeprecatedFunction |
|
| 84 | - */ |
|
| 85 | - public static function callCheck() { |
|
| 86 | - \OC_JSON::callCheck(); |
|
| 87 | - } |
|
| 64 | + /** |
|
| 65 | + * Check an ajax get/post call if the request token is valid. |
|
| 66 | + * |
|
| 67 | + * This method checks for a valid variable 'requesttoken' in $_GET, |
|
| 68 | + * $_POST and $_SERVER. If a valid token is not found, a json error |
|
| 69 | + * response will be return and the method will exit from execution |
|
| 70 | + * of the script. |
|
| 71 | + * The returned json will be in the format: |
|
| 72 | + * |
|
| 73 | + * {"status":"error","data":{"message":"Token expired. Please reload page."}} |
|
| 74 | + * |
|
| 75 | + * Add this call to the start of all ajax method files that creates, |
|
| 76 | + * updates or deletes anything. |
|
| 77 | + * In cases where you e.g. use an ajax call to load a dialog containing |
|
| 78 | + * a submittable form, you will need to add the requesttoken first as a |
|
| 79 | + * parameter to the ajax call, then assign it to the template and finally |
|
| 80 | + * add a hidden input field also named 'requesttoken' containing the value. |
|
| 81 | + * @deprecated 8.1.0 Use annotation based CSRF checks from the AppFramework instead |
|
| 82 | + * |
|
| 83 | + * @suppress PhanDeprecatedFunction |
|
| 84 | + */ |
|
| 85 | + public static function callCheck() { |
|
| 86 | + \OC_JSON::callCheck(); |
|
| 87 | + } |
|
| 88 | 88 | |
| 89 | - /** |
|
| 90 | - * Send json success msg |
|
| 91 | - * |
|
| 92 | - * Return a json success message with optional extra data. |
|
| 93 | - * @see \OCP\JSON::error() for the format to use. |
|
| 94 | - * |
|
| 95 | - * @param array $data The data to use |
|
| 96 | - * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
|
| 97 | - * @suppress PhanDeprecatedFunction |
|
| 98 | - */ |
|
| 99 | - public static function success( $data = array() ) { |
|
| 100 | - \OC_JSON::success($data); |
|
| 101 | - } |
|
| 89 | + /** |
|
| 90 | + * Send json success msg |
|
| 91 | + * |
|
| 92 | + * Return a json success message with optional extra data. |
|
| 93 | + * @see \OCP\JSON::error() for the format to use. |
|
| 94 | + * |
|
| 95 | + * @param array $data The data to use |
|
| 96 | + * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
|
| 97 | + * @suppress PhanDeprecatedFunction |
|
| 98 | + */ |
|
| 99 | + public static function success( $data = array() ) { |
|
| 100 | + \OC_JSON::success($data); |
|
| 101 | + } |
|
| 102 | 102 | |
| 103 | - /** |
|
| 104 | - * Send json error msg |
|
| 105 | - * |
|
| 106 | - * Return a json error message with optional extra data for |
|
| 107 | - * error message or app specific data. |
|
| 108 | - * |
|
| 109 | - * Example use: |
|
| 110 | - * |
|
| 111 | - * $id = [some value] |
|
| 112 | - * OCP\JSON::error(array('data':array('message':'An error happened', 'id': $id))); |
|
| 113 | - * |
|
| 114 | - * Will return the json formatted string: |
|
| 115 | - * |
|
| 116 | - * {"status":"error","data":{"message":"An error happened", "id":[some value]}} |
|
| 117 | - * |
|
| 118 | - * @param array $data The data to use |
|
| 119 | - * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
|
| 120 | - * @suppress PhanDeprecatedFunction |
|
| 121 | - */ |
|
| 122 | - public static function error( $data = array() ) { |
|
| 123 | - \OC_JSON::error($data); |
|
| 124 | - } |
|
| 103 | + /** |
|
| 104 | + * Send json error msg |
|
| 105 | + * |
|
| 106 | + * Return a json error message with optional extra data for |
|
| 107 | + * error message or app specific data. |
|
| 108 | + * |
|
| 109 | + * Example use: |
|
| 110 | + * |
|
| 111 | + * $id = [some value] |
|
| 112 | + * OCP\JSON::error(array('data':array('message':'An error happened', 'id': $id))); |
|
| 113 | + * |
|
| 114 | + * Will return the json formatted string: |
|
| 115 | + * |
|
| 116 | + * {"status":"error","data":{"message":"An error happened", "id":[some value]}} |
|
| 117 | + * |
|
| 118 | + * @param array $data The data to use |
|
| 119 | + * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
|
| 120 | + * @suppress PhanDeprecatedFunction |
|
| 121 | + */ |
|
| 122 | + public static function error( $data = array() ) { |
|
| 123 | + \OC_JSON::error($data); |
|
| 124 | + } |
|
| 125 | 125 | |
| 126 | - /** |
|
| 127 | - * Check if the App is enabled and send JSON error message instead |
|
| 128 | - * |
|
| 129 | - * This method checks if a specific app is enabled. If not, a json error |
|
| 130 | - * response will be return and the method will exit from execution |
|
| 131 | - * of the script. |
|
| 132 | - * The returned json will be in the format: |
|
| 133 | - * |
|
| 134 | - * {"status":"error","data":{"message":"Application is not enabled."}} |
|
| 135 | - * |
|
| 136 | - * Add this call to the start of all ajax method files that requires |
|
| 137 | - * a specific app to be enabled. |
|
| 138 | - * |
|
| 139 | - * @param string $app The app to check |
|
| 140 | - * @deprecated 8.1.0 Use the AppFramework instead. It will automatically check if the app is enabled. |
|
| 141 | - * @suppress PhanDeprecatedFunction |
|
| 142 | - */ |
|
| 143 | - public static function checkAppEnabled( $app ) { |
|
| 144 | - \OC_JSON::checkAppEnabled($app); |
|
| 145 | - } |
|
| 126 | + /** |
|
| 127 | + * Check if the App is enabled and send JSON error message instead |
|
| 128 | + * |
|
| 129 | + * This method checks if a specific app is enabled. If not, a json error |
|
| 130 | + * response will be return and the method will exit from execution |
|
| 131 | + * of the script. |
|
| 132 | + * The returned json will be in the format: |
|
| 133 | + * |
|
| 134 | + * {"status":"error","data":{"message":"Application is not enabled."}} |
|
| 135 | + * |
|
| 136 | + * Add this call to the start of all ajax method files that requires |
|
| 137 | + * a specific app to be enabled. |
|
| 138 | + * |
|
| 139 | + * @param string $app The app to check |
|
| 140 | + * @deprecated 8.1.0 Use the AppFramework instead. It will automatically check if the app is enabled. |
|
| 141 | + * @suppress PhanDeprecatedFunction |
|
| 142 | + */ |
|
| 143 | + public static function checkAppEnabled( $app ) { |
|
| 144 | + \OC_JSON::checkAppEnabled($app); |
|
| 145 | + } |
|
| 146 | 146 | |
| 147 | - /** |
|
| 148 | - * Check if the user is a admin, send json error msg if not |
|
| 149 | - * |
|
| 150 | - * This method checks if the current user has admin rights. If not, a json error |
|
| 151 | - * response will be return and the method will exit from execution |
|
| 152 | - * of the script. |
|
| 153 | - * The returned json will be in the format: |
|
| 154 | - * |
|
| 155 | - * {"status":"error","data":{"message":"Authentication error."}} |
|
| 156 | - * |
|
| 157 | - * Add this call to the start of all ajax method files that requires |
|
| 158 | - * administrative rights. |
|
| 159 | - * |
|
| 160 | - * @deprecated 8.1.0 Use annotation based ACLs from the AppFramework instead |
|
| 161 | - * @suppress PhanDeprecatedFunction |
|
| 162 | - */ |
|
| 163 | - public static function checkAdminUser() { |
|
| 164 | - \OC_JSON::checkAdminUser(); |
|
| 165 | - } |
|
| 147 | + /** |
|
| 148 | + * Check if the user is a admin, send json error msg if not |
|
| 149 | + * |
|
| 150 | + * This method checks if the current user has admin rights. If not, a json error |
|
| 151 | + * response will be return and the method will exit from execution |
|
| 152 | + * of the script. |
|
| 153 | + * The returned json will be in the format: |
|
| 154 | + * |
|
| 155 | + * {"status":"error","data":{"message":"Authentication error."}} |
|
| 156 | + * |
|
| 157 | + * Add this call to the start of all ajax method files that requires |
|
| 158 | + * administrative rights. |
|
| 159 | + * |
|
| 160 | + * @deprecated 8.1.0 Use annotation based ACLs from the AppFramework instead |
|
| 161 | + * @suppress PhanDeprecatedFunction |
|
| 162 | + */ |
|
| 163 | + public static function checkAdminUser() { |
|
| 164 | + \OC_JSON::checkAdminUser(); |
|
| 165 | + } |
|
| 166 | 166 | } |
@@ -96,7 +96,7 @@ discard block |
||
| 96 | 96 | * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
| 97 | 97 | * @suppress PhanDeprecatedFunction |
| 98 | 98 | */ |
| 99 | - public static function success( $data = array() ) { |
|
| 99 | + public static function success($data = array()) { |
|
| 100 | 100 | \OC_JSON::success($data); |
| 101 | 101 | } |
| 102 | 102 | |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | * @deprecated 8.1.0 Use a AppFramework JSONResponse instead |
| 120 | 120 | * @suppress PhanDeprecatedFunction |
| 121 | 121 | */ |
| 122 | - public static function error( $data = array() ) { |
|
| 122 | + public static function error($data = array()) { |
|
| 123 | 123 | \OC_JSON::error($data); |
| 124 | 124 | } |
| 125 | 125 | |
@@ -140,7 +140,7 @@ discard block |
||
| 140 | 140 | * @deprecated 8.1.0 Use the AppFramework instead. It will automatically check if the app is enabled. |
| 141 | 141 | * @suppress PhanDeprecatedFunction |
| 142 | 142 | */ |
| 143 | - public static function checkAppEnabled( $app ) { |
|
| 143 | + public static function checkAppEnabled($app) { |
|
| 144 | 144 | \OC_JSON::checkAppEnabled($app); |
| 145 | 145 | } |
| 146 | 146 | |
