nextcloud /
server
@@ -27,27 +27,27 @@ |
||
| 27 | 27 | |
| 28 | 28 | class Settings { |
| 29 | 29 | |
| 30 | - /** @var SettingsManager */ |
|
| 31 | - private $settingsManager; |
|
| 32 | - |
|
| 33 | - public function __construct(SettingsManager $settingsManager) { |
|
| 34 | - $this->settingsManager = $settingsManager; |
|
| 35 | - } |
|
| 36 | - |
|
| 37 | - /** |
|
| 38 | - * announce that the share-by-mail share provider is enabled |
|
| 39 | - * |
|
| 40 | - * @param array $settings |
|
| 41 | - */ |
|
| 42 | - public function announceShareProvider(array $settings) { |
|
| 43 | - $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 44 | - $array['shareByMailEnabled'] = true; |
|
| 45 | - $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - public function announceShareByMailSettings(array $settings) { |
|
| 49 | - $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 50 | - $array['shareByMail']['enforcePasswordProtection'] = $this->settingsManager->enforcePasswordProtection(); |
|
| 51 | - $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 52 | - } |
|
| 30 | + /** @var SettingsManager */ |
|
| 31 | + private $settingsManager; |
|
| 32 | + |
|
| 33 | + public function __construct(SettingsManager $settingsManager) { |
|
| 34 | + $this->settingsManager = $settingsManager; |
|
| 35 | + } |
|
| 36 | + |
|
| 37 | + /** |
|
| 38 | + * announce that the share-by-mail share provider is enabled |
|
| 39 | + * |
|
| 40 | + * @param array $settings |
|
| 41 | + */ |
|
| 42 | + public function announceShareProvider(array $settings) { |
|
| 43 | + $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 44 | + $array['shareByMailEnabled'] = true; |
|
| 45 | + $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + public function announceShareByMailSettings(array $settings) { |
|
| 49 | + $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 50 | + $array['shareByMail']['enforcePasswordProtection'] = $this->settingsManager->enforcePasswordProtection(); |
|
| 51 | + $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 52 | + } |
|
| 53 | 53 | } |
@@ -28,13 +28,13 @@ |
||
| 28 | 28 | * @brief wraps around static Nextcloud core methods |
| 29 | 29 | */ |
| 30 | 30 | class LogWrapper { |
| 31 | - protected $app = 'user_ldap'; |
|
| 31 | + protected $app = 'user_ldap'; |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * @brief states whether the filesystem was loaded |
|
| 35 | - * @return bool |
|
| 36 | - */ |
|
| 37 | - public function log($msg, $level) { |
|
| 38 | - \OCP\Util::writeLog($this->app, $msg, $level); |
|
| 39 | - } |
|
| 33 | + /** |
|
| 34 | + * @brief states whether the filesystem was loaded |
|
| 35 | + * @return bool |
|
| 36 | + */ |
|
| 37 | + public function log($msg, $level) { |
|
| 38 | + \OCP\Util::writeLog($this->app, $msg, $level); |
|
| 39 | + } |
|
| 40 | 40 | } |
@@ -29,19 +29,19 @@ |
||
| 29 | 29 | */ |
| 30 | 30 | class FilesystemHelper { |
| 31 | 31 | |
| 32 | - /** |
|
| 33 | - * @brief states whether the filesystem was loaded |
|
| 34 | - * @return bool |
|
| 35 | - */ |
|
| 36 | - public function isLoaded() { |
|
| 37 | - return \OC\Files\Filesystem::$loaded; |
|
| 38 | - } |
|
| 32 | + /** |
|
| 33 | + * @brief states whether the filesystem was loaded |
|
| 34 | + * @return bool |
|
| 35 | + */ |
|
| 36 | + public function isLoaded() { |
|
| 37 | + return \OC\Files\Filesystem::$loaded; |
|
| 38 | + } |
|
| 39 | 39 | |
| 40 | - /** |
|
| 41 | - * @brief initializes the filesystem for the given user |
|
| 42 | - * @param string $uid the Nextcloud username of the user |
|
| 43 | - */ |
|
| 44 | - public function setup($uid) { |
|
| 45 | - \OC_Util::setupFS($uid); |
|
| 46 | - } |
|
| 40 | + /** |
|
| 41 | + * @brief initializes the filesystem for the given user |
|
| 42 | + * @param string $uid the Nextcloud username of the user |
|
| 43 | + */ |
|
| 44 | + public function setup($uid) { |
|
| 45 | + \OC_Util::setupFS($uid); |
|
| 46 | + } |
|
| 47 | 47 | } |
@@ -42,97 +42,97 @@ |
||
| 42 | 42 | * Migrate mount config from mount.json to the database |
| 43 | 43 | */ |
| 44 | 44 | class StorageMigrator { |
| 45 | - /** |
|
| 46 | - * @var BackendService |
|
| 47 | - */ |
|
| 48 | - private $backendService; |
|
| 45 | + /** |
|
| 46 | + * @var BackendService |
|
| 47 | + */ |
|
| 48 | + private $backendService; |
|
| 49 | 49 | |
| 50 | - /** |
|
| 51 | - * @var DBConfigService |
|
| 52 | - */ |
|
| 53 | - private $dbConfig; |
|
| 50 | + /** |
|
| 51 | + * @var DBConfigService |
|
| 52 | + */ |
|
| 53 | + private $dbConfig; |
|
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * @var IConfig |
|
| 57 | - */ |
|
| 58 | - private $config; |
|
| 55 | + /** |
|
| 56 | + * @var IConfig |
|
| 57 | + */ |
|
| 58 | + private $config; |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * @var IDBConnection |
|
| 62 | - */ |
|
| 63 | - private $connection; |
|
| 60 | + /** |
|
| 61 | + * @var IDBConnection |
|
| 62 | + */ |
|
| 63 | + private $connection; |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * @var ILogger |
|
| 67 | - */ |
|
| 68 | - private $logger; |
|
| 65 | + /** |
|
| 66 | + * @var ILogger |
|
| 67 | + */ |
|
| 68 | + private $logger; |
|
| 69 | 69 | |
| 70 | - /** @var IUserMountCache */ |
|
| 71 | - private $userMountCache; |
|
| 70 | + /** @var IUserMountCache */ |
|
| 71 | + private $userMountCache; |
|
| 72 | 72 | |
| 73 | - /** |
|
| 74 | - * StorageMigrator constructor. |
|
| 75 | - * |
|
| 76 | - * @param BackendService $backendService |
|
| 77 | - * @param DBConfigService $dbConfig |
|
| 78 | - * @param IConfig $config |
|
| 79 | - * @param IDBConnection $connection |
|
| 80 | - * @param ILogger $logger |
|
| 81 | - * @param IUserMountCache $userMountCache |
|
| 82 | - */ |
|
| 83 | - public function __construct( |
|
| 84 | - BackendService $backendService, |
|
| 85 | - DBConfigService $dbConfig, |
|
| 86 | - IConfig $config, |
|
| 87 | - IDBConnection $connection, |
|
| 88 | - ILogger $logger, |
|
| 89 | - IUserMountCache $userMountCache |
|
| 90 | - ) { |
|
| 91 | - $this->backendService = $backendService; |
|
| 92 | - $this->dbConfig = $dbConfig; |
|
| 93 | - $this->config = $config; |
|
| 94 | - $this->connection = $connection; |
|
| 95 | - $this->logger = $logger; |
|
| 96 | - $this->userMountCache = $userMountCache; |
|
| 97 | - } |
|
| 73 | + /** |
|
| 74 | + * StorageMigrator constructor. |
|
| 75 | + * |
|
| 76 | + * @param BackendService $backendService |
|
| 77 | + * @param DBConfigService $dbConfig |
|
| 78 | + * @param IConfig $config |
|
| 79 | + * @param IDBConnection $connection |
|
| 80 | + * @param ILogger $logger |
|
| 81 | + * @param IUserMountCache $userMountCache |
|
| 82 | + */ |
|
| 83 | + public function __construct( |
|
| 84 | + BackendService $backendService, |
|
| 85 | + DBConfigService $dbConfig, |
|
| 86 | + IConfig $config, |
|
| 87 | + IDBConnection $connection, |
|
| 88 | + ILogger $logger, |
|
| 89 | + IUserMountCache $userMountCache |
|
| 90 | + ) { |
|
| 91 | + $this->backendService = $backendService; |
|
| 92 | + $this->dbConfig = $dbConfig; |
|
| 93 | + $this->config = $config; |
|
| 94 | + $this->connection = $connection; |
|
| 95 | + $this->logger = $logger; |
|
| 96 | + $this->userMountCache = $userMountCache; |
|
| 97 | + } |
|
| 98 | 98 | |
| 99 | - private function migrate(LegacyStoragesService $legacyService, StoragesService $storageService) { |
|
| 100 | - $existingStorage = $legacyService->getAllStorages(); |
|
| 99 | + private function migrate(LegacyStoragesService $legacyService, StoragesService $storageService) { |
|
| 100 | + $existingStorage = $legacyService->getAllStorages(); |
|
| 101 | 101 | |
| 102 | - $this->connection->beginTransaction(); |
|
| 103 | - try { |
|
| 104 | - foreach ($existingStorage as $storage) { |
|
| 105 | - $mountOptions = $storage->getMountOptions(); |
|
| 106 | - if (!empty($mountOptions) && !isset($mountOptions['enable_sharing'])) { |
|
| 107 | - // existing mounts must have sharing enabled by default to avoid surprises |
|
| 108 | - $mountOptions['enable_sharing'] = true; |
|
| 109 | - $storage->setMountOptions($mountOptions); |
|
| 110 | - } |
|
| 111 | - $storageService->addStorage($storage); |
|
| 112 | - } |
|
| 113 | - $this->connection->commit(); |
|
| 114 | - } catch (\Exception $e) { |
|
| 115 | - $this->logger->logException($e); |
|
| 116 | - $this->connection->rollBack(); |
|
| 117 | - } |
|
| 118 | - } |
|
| 102 | + $this->connection->beginTransaction(); |
|
| 103 | + try { |
|
| 104 | + foreach ($existingStorage as $storage) { |
|
| 105 | + $mountOptions = $storage->getMountOptions(); |
|
| 106 | + if (!empty($mountOptions) && !isset($mountOptions['enable_sharing'])) { |
|
| 107 | + // existing mounts must have sharing enabled by default to avoid surprises |
|
| 108 | + $mountOptions['enable_sharing'] = true; |
|
| 109 | + $storage->setMountOptions($mountOptions); |
|
| 110 | + } |
|
| 111 | + $storageService->addStorage($storage); |
|
| 112 | + } |
|
| 113 | + $this->connection->commit(); |
|
| 114 | + } catch (\Exception $e) { |
|
| 115 | + $this->logger->logException($e); |
|
| 116 | + $this->connection->rollBack(); |
|
| 117 | + } |
|
| 118 | + } |
|
| 119 | 119 | |
| 120 | - /** |
|
| 121 | - * Migrate personal storages configured by the current user |
|
| 122 | - * |
|
| 123 | - * @param IUser $user |
|
| 124 | - */ |
|
| 125 | - public function migrateUser(IUser $user) { |
|
| 126 | - $dummySession = new DummyUserSession(); |
|
| 127 | - $dummySession->setUser($user); |
|
| 128 | - $userId = $user->getUID(); |
|
| 129 | - $userVersion = $this->config->getUserValue($userId, 'files_external', 'config_version', '0.0.0'); |
|
| 130 | - if (version_compare($userVersion, '0.5.0', '<')) { |
|
| 131 | - $this->config->setUserValue($userId, 'files_external', 'config_version', '0.5.0'); |
|
| 132 | - $legacyService = new UserLegacyStoragesService($this->backendService, $dummySession); |
|
| 133 | - $storageService = new UserStoragesService($this->backendService, $this->dbConfig, $dummySession, $this->userMountCache); |
|
| 120 | + /** |
|
| 121 | + * Migrate personal storages configured by the current user |
|
| 122 | + * |
|
| 123 | + * @param IUser $user |
|
| 124 | + */ |
|
| 125 | + public function migrateUser(IUser $user) { |
|
| 126 | + $dummySession = new DummyUserSession(); |
|
| 127 | + $dummySession->setUser($user); |
|
| 128 | + $userId = $user->getUID(); |
|
| 129 | + $userVersion = $this->config->getUserValue($userId, 'files_external', 'config_version', '0.0.0'); |
|
| 130 | + if (version_compare($userVersion, '0.5.0', '<')) { |
|
| 131 | + $this->config->setUserValue($userId, 'files_external', 'config_version', '0.5.0'); |
|
| 132 | + $legacyService = new UserLegacyStoragesService($this->backendService, $dummySession); |
|
| 133 | + $storageService = new UserStoragesService($this->backendService, $this->dbConfig, $dummySession, $this->userMountCache); |
|
| 134 | 134 | |
| 135 | - $this->migrate($legacyService, $storageService); |
|
| 136 | - } |
|
| 137 | - } |
|
| 135 | + $this->migrate($legacyService, $storageService); |
|
| 136 | + } |
|
| 137 | + } |
|
| 138 | 138 | } |
@@ -31,52 +31,52 @@ |
||
| 31 | 31 | * Scanner for SharedStorage |
| 32 | 32 | */ |
| 33 | 33 | class Scanner extends \OC\Files\Cache\Scanner { |
| 34 | - /** |
|
| 35 | - * @var \OCA\Files_Sharing\SharedStorage $storage |
|
| 36 | - */ |
|
| 37 | - protected $storage; |
|
| 34 | + /** |
|
| 35 | + * @var \OCA\Files_Sharing\SharedStorage $storage |
|
| 36 | + */ |
|
| 37 | + protected $storage; |
|
| 38 | 38 | |
| 39 | - private $sourceScanner; |
|
| 39 | + private $sourceScanner; |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * Returns metadata from the shared storage, but |
|
| 43 | - * with permissions from the source storage. |
|
| 44 | - * |
|
| 45 | - * @param string $path path of the file for which to retrieve metadata |
|
| 46 | - * |
|
| 47 | - * @return array an array of metadata of the file |
|
| 48 | - */ |
|
| 49 | - public function getData($path) { |
|
| 50 | - $data = parent::getData($path); |
|
| 51 | - if ($data === null) { |
|
| 52 | - return null; |
|
| 53 | - } |
|
| 54 | - $internalPath = $this->storage->getUnjailedPath($path); |
|
| 55 | - $data['permissions'] = $this->storage->getSourceStorage()->getPermissions($internalPath); |
|
| 56 | - return $data; |
|
| 57 | - } |
|
| 41 | + /** |
|
| 42 | + * Returns metadata from the shared storage, but |
|
| 43 | + * with permissions from the source storage. |
|
| 44 | + * |
|
| 45 | + * @param string $path path of the file for which to retrieve metadata |
|
| 46 | + * |
|
| 47 | + * @return array an array of metadata of the file |
|
| 48 | + */ |
|
| 49 | + public function getData($path) { |
|
| 50 | + $data = parent::getData($path); |
|
| 51 | + if ($data === null) { |
|
| 52 | + return null; |
|
| 53 | + } |
|
| 54 | + $internalPath = $this->storage->getUnjailedPath($path); |
|
| 55 | + $data['permissions'] = $this->storage->getSourceStorage()->getPermissions($internalPath); |
|
| 56 | + return $data; |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - private function getSourceScanner() { |
|
| 60 | - if ($this->sourceScanner) { |
|
| 61 | - return $this->sourceScanner; |
|
| 62 | - } |
|
| 63 | - if ($this->storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage')) { |
|
| 64 | - /** @var \OC\Files\Storage\Storage $storage */ |
|
| 65 | - list($storage) = $this->storage->resolvePath(''); |
|
| 66 | - $this->sourceScanner = $storage->getScanner(); |
|
| 67 | - return $this->sourceScanner; |
|
| 68 | - } else { |
|
| 69 | - return null; |
|
| 70 | - } |
|
| 71 | - } |
|
| 59 | + private function getSourceScanner() { |
|
| 60 | + if ($this->sourceScanner) { |
|
| 61 | + return $this->sourceScanner; |
|
| 62 | + } |
|
| 63 | + if ($this->storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage')) { |
|
| 64 | + /** @var \OC\Files\Storage\Storage $storage */ |
|
| 65 | + list($storage) = $this->storage->resolvePath(''); |
|
| 66 | + $this->sourceScanner = $storage->getScanner(); |
|
| 67 | + return $this->sourceScanner; |
|
| 68 | + } else { |
|
| 69 | + return null; |
|
| 70 | + } |
|
| 71 | + } |
|
| 72 | 72 | |
| 73 | - public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true) { |
|
| 74 | - $sourceScanner = $this->getSourceScanner(); |
|
| 75 | - if ($sourceScanner instanceof NoopScanner) { |
|
| 76 | - return []; |
|
| 77 | - } else { |
|
| 78 | - return parent::scanFile($file, $reuseExisting, $parentId, $cacheData, $lock); |
|
| 79 | - } |
|
| 80 | - } |
|
| 73 | + public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true) { |
|
| 74 | + $sourceScanner = $this->getSourceScanner(); |
|
| 75 | + if ($sourceScanner instanceof NoopScanner) { |
|
| 76 | + return []; |
|
| 77 | + } else { |
|
| 78 | + return parent::scanFile($file, $reuseExisting, $parentId, $cacheData, $lock); |
|
| 79 | + } |
|
| 80 | + } |
|
| 81 | 81 | } |
| 82 | 82 | |
@@ -25,28 +25,28 @@ |
||
| 25 | 25 | use OCP\AppFramework\Http\JSONResponse; |
| 26 | 26 | |
| 27 | 27 | class RateLimitTestController extends Controller { |
| 28 | - /** |
|
| 29 | - * @PublicPage |
|
| 30 | - * @NoCSRFRequired |
|
| 31 | - * |
|
| 32 | - * @UserRateThrottle(limit=5, period=100) |
|
| 33 | - * @AnonRateThrottle(limit=1, period=100) |
|
| 34 | - * |
|
| 35 | - * @return JSONResponse |
|
| 36 | - */ |
|
| 37 | - public function userAndAnonProtected() { |
|
| 38 | - return new JSONResponse(); |
|
| 39 | - } |
|
| 28 | + /** |
|
| 29 | + * @PublicPage |
|
| 30 | + * @NoCSRFRequired |
|
| 31 | + * |
|
| 32 | + * @UserRateThrottle(limit=5, period=100) |
|
| 33 | + * @AnonRateThrottle(limit=1, period=100) |
|
| 34 | + * |
|
| 35 | + * @return JSONResponse |
|
| 36 | + */ |
|
| 37 | + public function userAndAnonProtected() { |
|
| 38 | + return new JSONResponse(); |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * @PublicPage |
|
| 43 | - * @NoCSRFRequired |
|
| 44 | - * |
|
| 45 | - * @AnonRateThrottle(limit=1, period=10) |
|
| 46 | - * |
|
| 47 | - * @return JSONResponse |
|
| 48 | - */ |
|
| 49 | - public function onlyAnonProtected() { |
|
| 50 | - return new JSONResponse(); |
|
| 51 | - } |
|
| 41 | + /** |
|
| 42 | + * @PublicPage |
|
| 43 | + * @NoCSRFRequired |
|
| 44 | + * |
|
| 45 | + * @AnonRateThrottle(limit=1, period=10) |
|
| 46 | + * |
|
| 47 | + * @return JSONResponse |
|
| 48 | + */ |
|
| 49 | + public function onlyAnonProtected() { |
|
| 50 | + return new JSONResponse(); |
|
| 51 | + } |
|
| 52 | 52 | } |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | use OCP\AppFramework\Http; |
| 26 | 26 | |
| 27 | 27 | class RateLimitExceededException extends SecurityException { |
| 28 | - public function __construct() { |
|
| 29 | - parent::__construct('Rate limit exceeded', Http::STATUS_TOO_MANY_REQUESTS); |
|
| 30 | - } |
|
| 28 | + public function __construct() { |
|
| 29 | + parent::__construct('Rate limit exceeded', Http::STATUS_TOO_MANY_REQUESTS); |
|
| 30 | + } |
|
| 31 | 31 | } |
@@ -48,87 +48,87 @@ |
||
| 48 | 48 | * @package OC\AppFramework\Middleware\Security |
| 49 | 49 | */ |
| 50 | 50 | class RateLimitingMiddleware extends Middleware { |
| 51 | - /** @var IRequest $request */ |
|
| 52 | - private $request; |
|
| 53 | - /** @var IUserSession */ |
|
| 54 | - private $userSession; |
|
| 55 | - /** @var ControllerMethodReflector */ |
|
| 56 | - private $reflector; |
|
| 57 | - /** @var Limiter */ |
|
| 58 | - private $limiter; |
|
| 51 | + /** @var IRequest $request */ |
|
| 52 | + private $request; |
|
| 53 | + /** @var IUserSession */ |
|
| 54 | + private $userSession; |
|
| 55 | + /** @var ControllerMethodReflector */ |
|
| 56 | + private $reflector; |
|
| 57 | + /** @var Limiter */ |
|
| 58 | + private $limiter; |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * @param IRequest $request |
|
| 62 | - * @param IUserSession $userSession |
|
| 63 | - * @param ControllerMethodReflector $reflector |
|
| 64 | - * @param Limiter $limiter |
|
| 65 | - */ |
|
| 66 | - public function __construct(IRequest $request, |
|
| 67 | - IUserSession $userSession, |
|
| 68 | - ControllerMethodReflector $reflector, |
|
| 69 | - Limiter $limiter) { |
|
| 70 | - $this->request = $request; |
|
| 71 | - $this->userSession = $userSession; |
|
| 72 | - $this->reflector = $reflector; |
|
| 73 | - $this->limiter = $limiter; |
|
| 74 | - } |
|
| 60 | + /** |
|
| 61 | + * @param IRequest $request |
|
| 62 | + * @param IUserSession $userSession |
|
| 63 | + * @param ControllerMethodReflector $reflector |
|
| 64 | + * @param Limiter $limiter |
|
| 65 | + */ |
|
| 66 | + public function __construct(IRequest $request, |
|
| 67 | + IUserSession $userSession, |
|
| 68 | + ControllerMethodReflector $reflector, |
|
| 69 | + Limiter $limiter) { |
|
| 70 | + $this->request = $request; |
|
| 71 | + $this->userSession = $userSession; |
|
| 72 | + $this->reflector = $reflector; |
|
| 73 | + $this->limiter = $limiter; |
|
| 74 | + } |
|
| 75 | 75 | |
| 76 | - /** |
|
| 77 | - * {@inheritDoc} |
|
| 78 | - * @throws RateLimitExceededException |
|
| 79 | - */ |
|
| 80 | - public function beforeController($controller, $methodName) { |
|
| 81 | - parent::beforeController($controller, $methodName); |
|
| 76 | + /** |
|
| 77 | + * {@inheritDoc} |
|
| 78 | + * @throws RateLimitExceededException |
|
| 79 | + */ |
|
| 80 | + public function beforeController($controller, $methodName) { |
|
| 81 | + parent::beforeController($controller, $methodName); |
|
| 82 | 82 | |
| 83 | - $anonLimit = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'limit'); |
|
| 84 | - $anonPeriod = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'period'); |
|
| 85 | - $userLimit = $this->reflector->getAnnotationParameter('UserRateThrottle', 'limit'); |
|
| 86 | - $userPeriod = $this->reflector->getAnnotationParameter('UserRateThrottle', 'period'); |
|
| 87 | - $rateLimitIdentifier = get_class($controller) . '::' . $methodName; |
|
| 88 | - if($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { |
|
| 89 | - $this->limiter->registerUserRequest( |
|
| 90 | - $rateLimitIdentifier, |
|
| 91 | - $userLimit, |
|
| 92 | - $userPeriod, |
|
| 93 | - $this->userSession->getUser() |
|
| 94 | - ); |
|
| 95 | - } elseif ($anonLimit !== '' && $anonPeriod !== '') { |
|
| 96 | - $this->limiter->registerAnonRequest( |
|
| 97 | - $rateLimitIdentifier, |
|
| 98 | - $anonLimit, |
|
| 99 | - $anonPeriod, |
|
| 100 | - $this->request->getRemoteAddress() |
|
| 101 | - ); |
|
| 102 | - } |
|
| 103 | - } |
|
| 83 | + $anonLimit = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'limit'); |
|
| 84 | + $anonPeriod = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'period'); |
|
| 85 | + $userLimit = $this->reflector->getAnnotationParameter('UserRateThrottle', 'limit'); |
|
| 86 | + $userPeriod = $this->reflector->getAnnotationParameter('UserRateThrottle', 'period'); |
|
| 87 | + $rateLimitIdentifier = get_class($controller) . '::' . $methodName; |
|
| 88 | + if($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { |
|
| 89 | + $this->limiter->registerUserRequest( |
|
| 90 | + $rateLimitIdentifier, |
|
| 91 | + $userLimit, |
|
| 92 | + $userPeriod, |
|
| 93 | + $this->userSession->getUser() |
|
| 94 | + ); |
|
| 95 | + } elseif ($anonLimit !== '' && $anonPeriod !== '') { |
|
| 96 | + $this->limiter->registerAnonRequest( |
|
| 97 | + $rateLimitIdentifier, |
|
| 98 | + $anonLimit, |
|
| 99 | + $anonPeriod, |
|
| 100 | + $this->request->getRemoteAddress() |
|
| 101 | + ); |
|
| 102 | + } |
|
| 103 | + } |
|
| 104 | 104 | |
| 105 | - /** |
|
| 106 | - * {@inheritDoc} |
|
| 107 | - */ |
|
| 108 | - public function afterException($controller, $methodName, \Exception $exception) { |
|
| 109 | - if($exception instanceof RateLimitExceededException) { |
|
| 110 | - if (stripos($this->request->getHeader('Accept'),'html') === false) { |
|
| 111 | - $response = new JSONResponse( |
|
| 112 | - [ |
|
| 113 | - 'message' => $exception->getMessage(), |
|
| 114 | - ], |
|
| 115 | - $exception->getCode() |
|
| 116 | - ); |
|
| 117 | - } else { |
|
| 118 | - $response = new TemplateResponse( |
|
| 119 | - 'core', |
|
| 120 | - '403', |
|
| 121 | - [ |
|
| 122 | - 'file' => $exception->getMessage() |
|
| 123 | - ], |
|
| 124 | - 'guest' |
|
| 125 | - ); |
|
| 126 | - $response->setStatus($exception->getCode()); |
|
| 127 | - } |
|
| 105 | + /** |
|
| 106 | + * {@inheritDoc} |
|
| 107 | + */ |
|
| 108 | + public function afterException($controller, $methodName, \Exception $exception) { |
|
| 109 | + if($exception instanceof RateLimitExceededException) { |
|
| 110 | + if (stripos($this->request->getHeader('Accept'),'html') === false) { |
|
| 111 | + $response = new JSONResponse( |
|
| 112 | + [ |
|
| 113 | + 'message' => $exception->getMessage(), |
|
| 114 | + ], |
|
| 115 | + $exception->getCode() |
|
| 116 | + ); |
|
| 117 | + } else { |
|
| 118 | + $response = new TemplateResponse( |
|
| 119 | + 'core', |
|
| 120 | + '403', |
|
| 121 | + [ |
|
| 122 | + 'file' => $exception->getMessage() |
|
| 123 | + ], |
|
| 124 | + 'guest' |
|
| 125 | + ); |
|
| 126 | + $response->setStatus($exception->getCode()); |
|
| 127 | + } |
|
| 128 | 128 | |
| 129 | - return $response; |
|
| 130 | - } |
|
| 129 | + return $response; |
|
| 130 | + } |
|
| 131 | 131 | |
| 132 | - throw $exception; |
|
| 133 | - } |
|
| 132 | + throw $exception; |
|
| 133 | + } |
|
| 134 | 134 | } |
@@ -46,280 +46,280 @@ |
||
| 46 | 46 | */ |
| 47 | 47 | class SystemTagPlugin extends \Sabre\DAV\ServerPlugin { |
| 48 | 48 | |
| 49 | - // namespace |
|
| 50 | - const NS_OWNCLOUD = 'http://owncloud.org/ns'; |
|
| 51 | - const ID_PROPERTYNAME = '{http://owncloud.org/ns}id'; |
|
| 52 | - const DISPLAYNAME_PROPERTYNAME = '{http://owncloud.org/ns}display-name'; |
|
| 53 | - const USERVISIBLE_PROPERTYNAME = '{http://owncloud.org/ns}user-visible'; |
|
| 54 | - const USERASSIGNABLE_PROPERTYNAME = '{http://owncloud.org/ns}user-assignable'; |
|
| 55 | - const GROUPS_PROPERTYNAME = '{http://owncloud.org/ns}groups'; |
|
| 56 | - const CANASSIGN_PROPERTYNAME = '{http://owncloud.org/ns}can-assign'; |
|
| 57 | - |
|
| 58 | - /** |
|
| 59 | - * @var \Sabre\DAV\Server $server |
|
| 60 | - */ |
|
| 61 | - private $server; |
|
| 62 | - |
|
| 63 | - /** |
|
| 64 | - * @var ISystemTagManager |
|
| 65 | - */ |
|
| 66 | - protected $tagManager; |
|
| 67 | - |
|
| 68 | - /** |
|
| 69 | - * @var IUserSession |
|
| 70 | - */ |
|
| 71 | - protected $userSession; |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * @var IGroupManager |
|
| 75 | - */ |
|
| 76 | - protected $groupManager; |
|
| 77 | - |
|
| 78 | - /** |
|
| 79 | - * @param ISystemTagManager $tagManager tag manager |
|
| 80 | - * @param IGroupManager $groupManager |
|
| 81 | - * @param IUserSession $userSession |
|
| 82 | - */ |
|
| 83 | - public function __construct(ISystemTagManager $tagManager, |
|
| 84 | - IGroupManager $groupManager, |
|
| 85 | - IUserSession $userSession) { |
|
| 86 | - $this->tagManager = $tagManager; |
|
| 87 | - $this->userSession = $userSession; |
|
| 88 | - $this->groupManager = $groupManager; |
|
| 89 | - } |
|
| 90 | - |
|
| 91 | - /** |
|
| 92 | - * This initializes the plugin. |
|
| 93 | - * |
|
| 94 | - * This function is called by \Sabre\DAV\Server, after |
|
| 95 | - * addPlugin is called. |
|
| 96 | - * |
|
| 97 | - * This method should set up the required event subscriptions. |
|
| 98 | - * |
|
| 99 | - * @param \Sabre\DAV\Server $server |
|
| 100 | - * @return void |
|
| 101 | - */ |
|
| 102 | - public function initialize(\Sabre\DAV\Server $server) { |
|
| 103 | - |
|
| 104 | - $server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc'; |
|
| 105 | - |
|
| 106 | - $server->protectedProperties[] = self::ID_PROPERTYNAME; |
|
| 107 | - |
|
| 108 | - $server->on('propFind', array($this, 'handleGetProperties')); |
|
| 109 | - $server->on('propPatch', array($this, 'handleUpdateProperties')); |
|
| 110 | - $server->on('method:POST', [$this, 'httpPost']); |
|
| 111 | - |
|
| 112 | - $this->server = $server; |
|
| 113 | - } |
|
| 114 | - |
|
| 115 | - /** |
|
| 116 | - * POST operation on system tag collections |
|
| 117 | - * |
|
| 118 | - * @param RequestInterface $request request object |
|
| 119 | - * @param ResponseInterface $response response object |
|
| 120 | - * @return null|false |
|
| 121 | - */ |
|
| 122 | - public function httpPost(RequestInterface $request, ResponseInterface $response) { |
|
| 123 | - $path = $request->getPath(); |
|
| 124 | - |
|
| 125 | - // Making sure the node exists |
|
| 126 | - $node = $this->server->tree->getNodeForPath($path); |
|
| 127 | - if ($node instanceof SystemTagsByIdCollection || $node instanceof SystemTagsObjectMappingCollection) { |
|
| 128 | - $data = $request->getBodyAsString(); |
|
| 129 | - |
|
| 130 | - $tag = $this->createTag($data, $request->getHeader('Content-Type')); |
|
| 131 | - |
|
| 132 | - if ($node instanceof SystemTagsObjectMappingCollection) { |
|
| 133 | - // also add to collection |
|
| 134 | - $node->createFile($tag->getId()); |
|
| 135 | - $url = $request->getBaseUrl() . 'systemtags/'; |
|
| 136 | - } else { |
|
| 137 | - $url = $request->getUrl(); |
|
| 138 | - } |
|
| 139 | - |
|
| 140 | - if ($url[strlen($url) - 1] !== '/') { |
|
| 141 | - $url .= '/'; |
|
| 142 | - } |
|
| 143 | - |
|
| 144 | - $response->setHeader('Content-Location', $url . $tag->getId()); |
|
| 145 | - |
|
| 146 | - // created |
|
| 147 | - $response->setStatus(201); |
|
| 148 | - return false; |
|
| 149 | - } |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - /** |
|
| 153 | - * Creates a new tag |
|
| 154 | - * |
|
| 155 | - * @param string $data JSON encoded string containing the properties of the tag to create |
|
| 156 | - * @param string $contentType content type of the data |
|
| 157 | - * @return ISystemTag newly created system tag |
|
| 158 | - * |
|
| 159 | - * @throws BadRequest if a field was missing |
|
| 160 | - * @throws Conflict if a tag with the same properties already exists |
|
| 161 | - * @throws UnsupportedMediaType if the content type is not supported |
|
| 162 | - */ |
|
| 163 | - private function createTag($data, $contentType = 'application/json') { |
|
| 164 | - if (explode(';', $contentType)[0] === 'application/json') { |
|
| 165 | - $data = json_decode($data, true); |
|
| 166 | - } else { |
|
| 167 | - throw new UnsupportedMediaType(); |
|
| 168 | - } |
|
| 169 | - |
|
| 170 | - if (!isset($data['name'])) { |
|
| 171 | - throw new BadRequest('Missing "name" attribute'); |
|
| 172 | - } |
|
| 173 | - |
|
| 174 | - $tagName = $data['name']; |
|
| 175 | - $userVisible = true; |
|
| 176 | - $userAssignable = true; |
|
| 177 | - |
|
| 178 | - if (isset($data['userVisible'])) { |
|
| 179 | - $userVisible = (bool)$data['userVisible']; |
|
| 180 | - } |
|
| 181 | - |
|
| 182 | - if (isset($data['userAssignable'])) { |
|
| 183 | - $userAssignable = (bool)$data['userAssignable']; |
|
| 184 | - } |
|
| 185 | - |
|
| 186 | - $groups = []; |
|
| 187 | - if (isset($data['groups'])) { |
|
| 188 | - $groups = $data['groups']; |
|
| 189 | - if (is_string($groups)) { |
|
| 190 | - $groups = explode('|', $groups); |
|
| 191 | - } |
|
| 192 | - } |
|
| 193 | - |
|
| 194 | - if($userVisible === false || $userAssignable === false || !empty($groups)) { |
|
| 195 | - if(!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) { |
|
| 196 | - throw new BadRequest('Not sufficient permissions'); |
|
| 197 | - } |
|
| 198 | - } |
|
| 199 | - |
|
| 200 | - try { |
|
| 201 | - $tag = $this->tagManager->createTag($tagName, $userVisible, $userAssignable); |
|
| 202 | - if (!empty($groups)) { |
|
| 203 | - $this->tagManager->setTagGroups($tag, $groups); |
|
| 204 | - } |
|
| 205 | - return $tag; |
|
| 206 | - } catch (TagAlreadyExistsException $e) { |
|
| 207 | - throw new Conflict('Tag already exists', 0, $e); |
|
| 208 | - } |
|
| 209 | - } |
|
| 210 | - |
|
| 211 | - |
|
| 212 | - /** |
|
| 213 | - * Retrieves system tag properties |
|
| 214 | - * |
|
| 215 | - * @param PropFind $propFind |
|
| 216 | - * @param \Sabre\DAV\INode $node |
|
| 217 | - */ |
|
| 218 | - public function handleGetProperties( |
|
| 219 | - PropFind $propFind, |
|
| 220 | - \Sabre\DAV\INode $node |
|
| 221 | - ) { |
|
| 222 | - if (!($node instanceof SystemTagNode) && !($node instanceof SystemTagMappingNode)) { |
|
| 223 | - return; |
|
| 224 | - } |
|
| 225 | - |
|
| 226 | - $propFind->handle(self::ID_PROPERTYNAME, function() use ($node) { |
|
| 227 | - return $node->getSystemTag()->getId(); |
|
| 228 | - }); |
|
| 229 | - |
|
| 230 | - $propFind->handle(self::DISPLAYNAME_PROPERTYNAME, function() use ($node) { |
|
| 231 | - return $node->getSystemTag()->getName(); |
|
| 232 | - }); |
|
| 233 | - |
|
| 234 | - $propFind->handle(self::USERVISIBLE_PROPERTYNAME, function() use ($node) { |
|
| 235 | - return $node->getSystemTag()->isUserVisible() ? 'true' : 'false'; |
|
| 236 | - }); |
|
| 237 | - |
|
| 238 | - $propFind->handle(self::USERASSIGNABLE_PROPERTYNAME, function() use ($node) { |
|
| 239 | - // this is the tag's inherent property "is user assignable" |
|
| 240 | - return $node->getSystemTag()->isUserAssignable() ? 'true' : 'false'; |
|
| 241 | - }); |
|
| 242 | - |
|
| 243 | - $propFind->handle(self::CANASSIGN_PROPERTYNAME, function() use ($node) { |
|
| 244 | - // this is the effective permission for the current user |
|
| 245 | - return $this->tagManager->canUserAssignTag($node->getSystemTag(), $this->userSession->getUser()) ? 'true' : 'false'; |
|
| 246 | - }); |
|
| 247 | - |
|
| 248 | - $propFind->handle(self::GROUPS_PROPERTYNAME, function() use ($node) { |
|
| 249 | - if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) { |
|
| 250 | - // property only available for admins |
|
| 251 | - throw new Forbidden(); |
|
| 252 | - } |
|
| 253 | - $groups = []; |
|
| 254 | - // no need to retrieve groups for namespaces that don't qualify |
|
| 255 | - if ($node->getSystemTag()->isUserVisible() && !$node->getSystemTag()->isUserAssignable()) { |
|
| 256 | - $groups = $this->tagManager->getTagGroups($node->getSystemTag()); |
|
| 257 | - } |
|
| 258 | - return implode('|', $groups); |
|
| 259 | - }); |
|
| 260 | - } |
|
| 261 | - |
|
| 262 | - /** |
|
| 263 | - * Updates tag attributes |
|
| 264 | - * |
|
| 265 | - * @param string $path |
|
| 266 | - * @param PropPatch $propPatch |
|
| 267 | - * |
|
| 268 | - * @return void |
|
| 269 | - */ |
|
| 270 | - public function handleUpdateProperties($path, PropPatch $propPatch) { |
|
| 271 | - $node = $this->server->tree->getNodeForPath($path); |
|
| 272 | - if (!($node instanceof SystemTagNode)) { |
|
| 273 | - return; |
|
| 274 | - } |
|
| 275 | - |
|
| 276 | - $propPatch->handle([ |
|
| 277 | - self::DISPLAYNAME_PROPERTYNAME, |
|
| 278 | - self::USERVISIBLE_PROPERTYNAME, |
|
| 279 | - self::USERASSIGNABLE_PROPERTYNAME, |
|
| 280 | - self::GROUPS_PROPERTYNAME, |
|
| 281 | - ], function($props) use ($node) { |
|
| 282 | - $tag = $node->getSystemTag(); |
|
| 283 | - $name = $tag->getName(); |
|
| 284 | - $userVisible = $tag->isUserVisible(); |
|
| 285 | - $userAssignable = $tag->isUserAssignable(); |
|
| 286 | - |
|
| 287 | - $updateTag = false; |
|
| 288 | - |
|
| 289 | - if (isset($props[self::DISPLAYNAME_PROPERTYNAME])) { |
|
| 290 | - $name = $props[self::DISPLAYNAME_PROPERTYNAME]; |
|
| 291 | - $updateTag = true; |
|
| 292 | - } |
|
| 293 | - |
|
| 294 | - if (isset($props[self::USERVISIBLE_PROPERTYNAME])) { |
|
| 295 | - $propValue = $props[self::USERVISIBLE_PROPERTYNAME]; |
|
| 296 | - $userVisible = ($propValue !== 'false' && $propValue !== '0'); |
|
| 297 | - $updateTag = true; |
|
| 298 | - } |
|
| 299 | - |
|
| 300 | - if (isset($props[self::USERASSIGNABLE_PROPERTYNAME])) { |
|
| 301 | - $propValue = $props[self::USERASSIGNABLE_PROPERTYNAME]; |
|
| 302 | - $userAssignable = ($propValue !== 'false' && $propValue !== '0'); |
|
| 303 | - $updateTag = true; |
|
| 304 | - } |
|
| 305 | - |
|
| 306 | - if (isset($props[self::GROUPS_PROPERTYNAME])) { |
|
| 307 | - if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) { |
|
| 308 | - // property only available for admins |
|
| 309 | - throw new Forbidden(); |
|
| 310 | - } |
|
| 311 | - |
|
| 312 | - $propValue = $props[self::GROUPS_PROPERTYNAME]; |
|
| 313 | - $groupIds = explode('|', $propValue); |
|
| 314 | - $this->tagManager->setTagGroups($tag, $groupIds); |
|
| 315 | - } |
|
| 316 | - |
|
| 317 | - if ($updateTag) { |
|
| 318 | - $node->update($name, $userVisible, $userAssignable); |
|
| 319 | - } |
|
| 320 | - |
|
| 321 | - return true; |
|
| 322 | - }); |
|
| 323 | - |
|
| 324 | - } |
|
| 49 | + // namespace |
|
| 50 | + const NS_OWNCLOUD = 'http://owncloud.org/ns'; |
|
| 51 | + const ID_PROPERTYNAME = '{http://owncloud.org/ns}id'; |
|
| 52 | + const DISPLAYNAME_PROPERTYNAME = '{http://owncloud.org/ns}display-name'; |
|
| 53 | + const USERVISIBLE_PROPERTYNAME = '{http://owncloud.org/ns}user-visible'; |
|
| 54 | + const USERASSIGNABLE_PROPERTYNAME = '{http://owncloud.org/ns}user-assignable'; |
|
| 55 | + const GROUPS_PROPERTYNAME = '{http://owncloud.org/ns}groups'; |
|
| 56 | + const CANASSIGN_PROPERTYNAME = '{http://owncloud.org/ns}can-assign'; |
|
| 57 | + |
|
| 58 | + /** |
|
| 59 | + * @var \Sabre\DAV\Server $server |
|
| 60 | + */ |
|
| 61 | + private $server; |
|
| 62 | + |
|
| 63 | + /** |
|
| 64 | + * @var ISystemTagManager |
|
| 65 | + */ |
|
| 66 | + protected $tagManager; |
|
| 67 | + |
|
| 68 | + /** |
|
| 69 | + * @var IUserSession |
|
| 70 | + */ |
|
| 71 | + protected $userSession; |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * @var IGroupManager |
|
| 75 | + */ |
|
| 76 | + protected $groupManager; |
|
| 77 | + |
|
| 78 | + /** |
|
| 79 | + * @param ISystemTagManager $tagManager tag manager |
|
| 80 | + * @param IGroupManager $groupManager |
|
| 81 | + * @param IUserSession $userSession |
|
| 82 | + */ |
|
| 83 | + public function __construct(ISystemTagManager $tagManager, |
|
| 84 | + IGroupManager $groupManager, |
|
| 85 | + IUserSession $userSession) { |
|
| 86 | + $this->tagManager = $tagManager; |
|
| 87 | + $this->userSession = $userSession; |
|
| 88 | + $this->groupManager = $groupManager; |
|
| 89 | + } |
|
| 90 | + |
|
| 91 | + /** |
|
| 92 | + * This initializes the plugin. |
|
| 93 | + * |
|
| 94 | + * This function is called by \Sabre\DAV\Server, after |
|
| 95 | + * addPlugin is called. |
|
| 96 | + * |
|
| 97 | + * This method should set up the required event subscriptions. |
|
| 98 | + * |
|
| 99 | + * @param \Sabre\DAV\Server $server |
|
| 100 | + * @return void |
|
| 101 | + */ |
|
| 102 | + public function initialize(\Sabre\DAV\Server $server) { |
|
| 103 | + |
|
| 104 | + $server->xml->namespaceMap[self::NS_OWNCLOUD] = 'oc'; |
|
| 105 | + |
|
| 106 | + $server->protectedProperties[] = self::ID_PROPERTYNAME; |
|
| 107 | + |
|
| 108 | + $server->on('propFind', array($this, 'handleGetProperties')); |
|
| 109 | + $server->on('propPatch', array($this, 'handleUpdateProperties')); |
|
| 110 | + $server->on('method:POST', [$this, 'httpPost']); |
|
| 111 | + |
|
| 112 | + $this->server = $server; |
|
| 113 | + } |
|
| 114 | + |
|
| 115 | + /** |
|
| 116 | + * POST operation on system tag collections |
|
| 117 | + * |
|
| 118 | + * @param RequestInterface $request request object |
|
| 119 | + * @param ResponseInterface $response response object |
|
| 120 | + * @return null|false |
|
| 121 | + */ |
|
| 122 | + public function httpPost(RequestInterface $request, ResponseInterface $response) { |
|
| 123 | + $path = $request->getPath(); |
|
| 124 | + |
|
| 125 | + // Making sure the node exists |
|
| 126 | + $node = $this->server->tree->getNodeForPath($path); |
|
| 127 | + if ($node instanceof SystemTagsByIdCollection || $node instanceof SystemTagsObjectMappingCollection) { |
|
| 128 | + $data = $request->getBodyAsString(); |
|
| 129 | + |
|
| 130 | + $tag = $this->createTag($data, $request->getHeader('Content-Type')); |
|
| 131 | + |
|
| 132 | + if ($node instanceof SystemTagsObjectMappingCollection) { |
|
| 133 | + // also add to collection |
|
| 134 | + $node->createFile($tag->getId()); |
|
| 135 | + $url = $request->getBaseUrl() . 'systemtags/'; |
|
| 136 | + } else { |
|
| 137 | + $url = $request->getUrl(); |
|
| 138 | + } |
|
| 139 | + |
|
| 140 | + if ($url[strlen($url) - 1] !== '/') { |
|
| 141 | + $url .= '/'; |
|
| 142 | + } |
|
| 143 | + |
|
| 144 | + $response->setHeader('Content-Location', $url . $tag->getId()); |
|
| 145 | + |
|
| 146 | + // created |
|
| 147 | + $response->setStatus(201); |
|
| 148 | + return false; |
|
| 149 | + } |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + /** |
|
| 153 | + * Creates a new tag |
|
| 154 | + * |
|
| 155 | + * @param string $data JSON encoded string containing the properties of the tag to create |
|
| 156 | + * @param string $contentType content type of the data |
|
| 157 | + * @return ISystemTag newly created system tag |
|
| 158 | + * |
|
| 159 | + * @throws BadRequest if a field was missing |
|
| 160 | + * @throws Conflict if a tag with the same properties already exists |
|
| 161 | + * @throws UnsupportedMediaType if the content type is not supported |
|
| 162 | + */ |
|
| 163 | + private function createTag($data, $contentType = 'application/json') { |
|
| 164 | + if (explode(';', $contentType)[0] === 'application/json') { |
|
| 165 | + $data = json_decode($data, true); |
|
| 166 | + } else { |
|
| 167 | + throw new UnsupportedMediaType(); |
|
| 168 | + } |
|
| 169 | + |
|
| 170 | + if (!isset($data['name'])) { |
|
| 171 | + throw new BadRequest('Missing "name" attribute'); |
|
| 172 | + } |
|
| 173 | + |
|
| 174 | + $tagName = $data['name']; |
|
| 175 | + $userVisible = true; |
|
| 176 | + $userAssignable = true; |
|
| 177 | + |
|
| 178 | + if (isset($data['userVisible'])) { |
|
| 179 | + $userVisible = (bool)$data['userVisible']; |
|
| 180 | + } |
|
| 181 | + |
|
| 182 | + if (isset($data['userAssignable'])) { |
|
| 183 | + $userAssignable = (bool)$data['userAssignable']; |
|
| 184 | + } |
|
| 185 | + |
|
| 186 | + $groups = []; |
|
| 187 | + if (isset($data['groups'])) { |
|
| 188 | + $groups = $data['groups']; |
|
| 189 | + if (is_string($groups)) { |
|
| 190 | + $groups = explode('|', $groups); |
|
| 191 | + } |
|
| 192 | + } |
|
| 193 | + |
|
| 194 | + if($userVisible === false || $userAssignable === false || !empty($groups)) { |
|
| 195 | + if(!$this->userSession->isLoggedIn() || !$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) { |
|
| 196 | + throw new BadRequest('Not sufficient permissions'); |
|
| 197 | + } |
|
| 198 | + } |
|
| 199 | + |
|
| 200 | + try { |
|
| 201 | + $tag = $this->tagManager->createTag($tagName, $userVisible, $userAssignable); |
|
| 202 | + if (!empty($groups)) { |
|
| 203 | + $this->tagManager->setTagGroups($tag, $groups); |
|
| 204 | + } |
|
| 205 | + return $tag; |
|
| 206 | + } catch (TagAlreadyExistsException $e) { |
|
| 207 | + throw new Conflict('Tag already exists', 0, $e); |
|
| 208 | + } |
|
| 209 | + } |
|
| 210 | + |
|
| 211 | + |
|
| 212 | + /** |
|
| 213 | + * Retrieves system tag properties |
|
| 214 | + * |
|
| 215 | + * @param PropFind $propFind |
|
| 216 | + * @param \Sabre\DAV\INode $node |
|
| 217 | + */ |
|
| 218 | + public function handleGetProperties( |
|
| 219 | + PropFind $propFind, |
|
| 220 | + \Sabre\DAV\INode $node |
|
| 221 | + ) { |
|
| 222 | + if (!($node instanceof SystemTagNode) && !($node instanceof SystemTagMappingNode)) { |
|
| 223 | + return; |
|
| 224 | + } |
|
| 225 | + |
|
| 226 | + $propFind->handle(self::ID_PROPERTYNAME, function() use ($node) { |
|
| 227 | + return $node->getSystemTag()->getId(); |
|
| 228 | + }); |
|
| 229 | + |
|
| 230 | + $propFind->handle(self::DISPLAYNAME_PROPERTYNAME, function() use ($node) { |
|
| 231 | + return $node->getSystemTag()->getName(); |
|
| 232 | + }); |
|
| 233 | + |
|
| 234 | + $propFind->handle(self::USERVISIBLE_PROPERTYNAME, function() use ($node) { |
|
| 235 | + return $node->getSystemTag()->isUserVisible() ? 'true' : 'false'; |
|
| 236 | + }); |
|
| 237 | + |
|
| 238 | + $propFind->handle(self::USERASSIGNABLE_PROPERTYNAME, function() use ($node) { |
|
| 239 | + // this is the tag's inherent property "is user assignable" |
|
| 240 | + return $node->getSystemTag()->isUserAssignable() ? 'true' : 'false'; |
|
| 241 | + }); |
|
| 242 | + |
|
| 243 | + $propFind->handle(self::CANASSIGN_PROPERTYNAME, function() use ($node) { |
|
| 244 | + // this is the effective permission for the current user |
|
| 245 | + return $this->tagManager->canUserAssignTag($node->getSystemTag(), $this->userSession->getUser()) ? 'true' : 'false'; |
|
| 246 | + }); |
|
| 247 | + |
|
| 248 | + $propFind->handle(self::GROUPS_PROPERTYNAME, function() use ($node) { |
|
| 249 | + if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) { |
|
| 250 | + // property only available for admins |
|
| 251 | + throw new Forbidden(); |
|
| 252 | + } |
|
| 253 | + $groups = []; |
|
| 254 | + // no need to retrieve groups for namespaces that don't qualify |
|
| 255 | + if ($node->getSystemTag()->isUserVisible() && !$node->getSystemTag()->isUserAssignable()) { |
|
| 256 | + $groups = $this->tagManager->getTagGroups($node->getSystemTag()); |
|
| 257 | + } |
|
| 258 | + return implode('|', $groups); |
|
| 259 | + }); |
|
| 260 | + } |
|
| 261 | + |
|
| 262 | + /** |
|
| 263 | + * Updates tag attributes |
|
| 264 | + * |
|
| 265 | + * @param string $path |
|
| 266 | + * @param PropPatch $propPatch |
|
| 267 | + * |
|
| 268 | + * @return void |
|
| 269 | + */ |
|
| 270 | + public function handleUpdateProperties($path, PropPatch $propPatch) { |
|
| 271 | + $node = $this->server->tree->getNodeForPath($path); |
|
| 272 | + if (!($node instanceof SystemTagNode)) { |
|
| 273 | + return; |
|
| 274 | + } |
|
| 275 | + |
|
| 276 | + $propPatch->handle([ |
|
| 277 | + self::DISPLAYNAME_PROPERTYNAME, |
|
| 278 | + self::USERVISIBLE_PROPERTYNAME, |
|
| 279 | + self::USERASSIGNABLE_PROPERTYNAME, |
|
| 280 | + self::GROUPS_PROPERTYNAME, |
|
| 281 | + ], function($props) use ($node) { |
|
| 282 | + $tag = $node->getSystemTag(); |
|
| 283 | + $name = $tag->getName(); |
|
| 284 | + $userVisible = $tag->isUserVisible(); |
|
| 285 | + $userAssignable = $tag->isUserAssignable(); |
|
| 286 | + |
|
| 287 | + $updateTag = false; |
|
| 288 | + |
|
| 289 | + if (isset($props[self::DISPLAYNAME_PROPERTYNAME])) { |
|
| 290 | + $name = $props[self::DISPLAYNAME_PROPERTYNAME]; |
|
| 291 | + $updateTag = true; |
|
| 292 | + } |
|
| 293 | + |
|
| 294 | + if (isset($props[self::USERVISIBLE_PROPERTYNAME])) { |
|
| 295 | + $propValue = $props[self::USERVISIBLE_PROPERTYNAME]; |
|
| 296 | + $userVisible = ($propValue !== 'false' && $propValue !== '0'); |
|
| 297 | + $updateTag = true; |
|
| 298 | + } |
|
| 299 | + |
|
| 300 | + if (isset($props[self::USERASSIGNABLE_PROPERTYNAME])) { |
|
| 301 | + $propValue = $props[self::USERASSIGNABLE_PROPERTYNAME]; |
|
| 302 | + $userAssignable = ($propValue !== 'false' && $propValue !== '0'); |
|
| 303 | + $updateTag = true; |
|
| 304 | + } |
|
| 305 | + |
|
| 306 | + if (isset($props[self::GROUPS_PROPERTYNAME])) { |
|
| 307 | + if (!$this->groupManager->isAdmin($this->userSession->getUser()->getUID())) { |
|
| 308 | + // property only available for admins |
|
| 309 | + throw new Forbidden(); |
|
| 310 | + } |
|
| 311 | + |
|
| 312 | + $propValue = $props[self::GROUPS_PROPERTYNAME]; |
|
| 313 | + $groupIds = explode('|', $propValue); |
|
| 314 | + $this->tagManager->setTagGroups($tag, $groupIds); |
|
| 315 | + } |
|
| 316 | + |
|
| 317 | + if ($updateTag) { |
|
| 318 | + $node->update($name, $userVisible, $userAssignable); |
|
| 319 | + } |
|
| 320 | + |
|
| 321 | + return true; |
|
| 322 | + }); |
|
| 323 | + |
|
| 324 | + } |
|
| 325 | 325 | } |
