Inspection of "Improve readability of login logic" - nextcloud/server - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#4430)

by Morris

created 2017-04-26 04:10 UTC

Status

Spacing +9 added lines, -9 removed lines patch added patch discarded remove patch

@@ -94,7 +94,7 @@  discard block
 block discarded – undo
 				case 'database':
 				case 'mysql':
 				case 'sqlite':
-					\OCP\Util::writeLog('core', 'Adding user backend ' . $backend . '.', \OCP\Util::DEBUG);
+					\OCP\Util::writeLog('core', 'Adding user backend '.$backend.'.', \OCP\Util::DEBUG);
 					self::$_usedBackends[$backend] = new \OC\User\Database();
 					\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
 					break;
@@ -103,8 +103,8 @@  discard block
 block discarded – undo
 					\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
 					break;
 				default:
-					\OCP\Util::writeLog('core', 'Adding default user backend ' . $backend . '.', \OCP\Util::DEBUG);
-					$className = 'OC_USER_' . strtoupper($backend);
+					\OCP\Util::writeLog('core', 'Adding default user backend '.$backend.'.', \OCP\Util::DEBUG);
+					$className = 'OC_USER_'.strtoupper($backend);
 					self::$_usedBackends[$backend] = new $className();
 					\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
 					break;
@@ -147,10 +147,10 @@  discard block
 block discarded – undo
 					self::useBackend($backend);
 					self::$_setupedBackends[] = $i;
 				} else {
-					\OCP\Util::writeLog('core', 'User backend ' . $class . ' already initialized.', \OCP\Util::DEBUG);
+					\OCP\Util::writeLog('core', 'User backend '.$class.' already initialized.', \OCP\Util::DEBUG);
 				}
 			} else {
-				\OCP\Util::writeLog('core', 'User backend ' . $class . ' not found.', \OCP\Util::ERROR);
+				\OCP\Util::writeLog('core', 'User backend '.$class.' not found.', \OCP\Util::ERROR);
 			}
 		}
 	}
@@ -188,15 +188,15 @@  discard block
 block discarded – undo
 			if (self::getUser() !== $uid) {
 				self::setUserId($uid);
 				$setUidAsDisplayName = true;
-				if($backend instanceof \OCP\UserInterface
+				if ($backend instanceof \OCP\UserInterface
 					&& $backend->implementsActions(OC_User_Backend::GET_DISPLAYNAME)) {
 
 					$backendDisplayName = $backend->getDisplayName($uid);
-					if(is_string($backendDisplayName) && trim($backendDisplayName) !== '') {
+					if (is_string($backendDisplayName) && trim($backendDisplayName) !== '') {
 						$setUidAsDisplayName = false;
 					}
 				}
-				if($setUidAsDisplayName) {
+				if ($setUidAsDisplayName) {
 					self::setDisplayName($uid);
 				}
 				$userSession = self::getUserSession();
@@ -494,7 +494,7 @@  discard block
 block discarded – undo
 		if ($user) {
 			return $user->getHome();
 		} else {
-			return \OC::$server->getSystemConfig()->getValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $uid;
+			return \OC::$server->getSystemConfig()->getValue('datadirectory', OC::$SERVERROOT.'/data').'/'.$uid;
 		}
 	}
 

Please login to merge, or discard this patch.

Indentation +560 added lines, -561 removed lines patch added patch discarded remove patch

@@ -57,565 +57,564 @@
 block discarded – undo
  */
 class OC_User {
 
-	/**
-	 * @return \OC\User\Session
-	 */
-	public static function getUserSession() {
-		return OC::$server->getUserSession();
-	}
-
-	private static $_usedBackends = array();
-
-	private static $_setupedBackends = array();
-
-	// bool, stores if a user want to access a resource anonymously, e.g if they open a public link
-	private static $incognitoMode = false;
-
-	/**
-	 * Adds the backend to the list of used backends
-	 *
-	 * @param string|\OCP\UserInterface $backend default: database The backend to use for user management
-	 * @return bool
-	 *
-	 * Set the User Authentication Module
-	 */
-	public static function useBackend($backend = 'database') {
-		if ($backend instanceof \OCP\UserInterface) {
-			self::$_usedBackends[get_class($backend)] = $backend;
-			\OC::$server->getUserManager()->registerBackend($backend);
-		} else {
-			// You'll never know what happens
-			if (null === $backend OR !is_string($backend)) {
-				$backend = 'database';
-			}
-
-			// Load backend
-			switch ($backend) {
-				case 'database':
-				case 'mysql':
-				case 'sqlite':
-					\OCP\Util::writeLog('core', 'Adding user backend ' . $backend . '.', \OCP\Util::DEBUG);
-					self::$_usedBackends[$backend] = new \OC\User\Database();
-					\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
-					break;
-				case 'dummy':
-					self::$_usedBackends[$backend] = new \Test\Util\User\Dummy();
-					\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
-					break;
-				default:
-					\OCP\Util::writeLog('core', 'Adding default user backend ' . $backend . '.', \OCP\Util::DEBUG);
-					$className = 'OC_USER_' . strtoupper($backend);
-					self::$_usedBackends[$backend] = new $className();
-					\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
-					break;
-			}
-		}
-		return true;
-	}
-
-	/**
-	 * remove all used backends
-	 */
-	public static function clearBackends() {
-		self::$_usedBackends = array();
-		\OC::$server->getUserManager()->clearBackends();
-	}
-
-	/**
-	 * setup the configured backends in config.php
-	 */
-	public static function setupBackends() {
-		OC_App::loadApps(['prelogin']);
-		$backends = \OC::$server->getSystemConfig()->getValue('user_backends', []);
-		if (isset($backends['default']) && !$backends['default']) {
-			// clear default backends
-			self::clearBackends();
-		}
-		foreach ($backends as $i => $config) {
-			if (!is_array($config)) {
-				continue;
-			}
-			$class = $config['class'];
-			$arguments = $config['arguments'];
-			if (class_exists($class)) {
-				if (array_search($i, self::$_setupedBackends) === false) {
-					// make a reflection object
-					$reflectionObj = new ReflectionClass($class);
-
-					// use Reflection to create a new instance, using the $args
-					$backend = $reflectionObj->newInstanceArgs($arguments);
-					self::useBackend($backend);
-					self::$_setupedBackends[] = $i;
-				} else {
-					\OCP\Util::writeLog('core', 'User backend ' . $class . ' already initialized.', \OCP\Util::DEBUG);
-				}
-			} else {
-				\OCP\Util::writeLog('core', 'User backend ' . $class . ' not found.', \OCP\Util::ERROR);
-			}
-		}
-	}
-
-	/**
-
-	 * Try to login a user using the magic cookie (remember login)
-	 *
-	 * @deprecated use \OCP\IUserSession::loginWithCookie()
-	 * @param string $uid The username of the user to log in
-	 * @param string $token
-	 * @param string $oldSessionId
-	 * @return bool
-	 */
-	public static function loginWithCookie($uid, $token, $oldSessionId) {
-		return self::getUserSession()->loginWithCookie($uid, $token, $oldSessionId);
-	}
-
-	/**
-	 * Try to login a user, assuming authentication
-	 * has already happened (e.g. via Single Sign On).
-	 *
-	 * Log in a user and regenerate a new session.
-	 *
-	 * @param \OCP\Authentication\IApacheBackend $backend
-	 * @return bool
-	 */
-	public static function loginWithApache(\OCP\Authentication\IApacheBackend $backend) {
-
-		$uid = $backend->getCurrentUserId();
-		$run = true;
-		OC_Hook::emit("OC_User", "pre_login", array("run" => &$run, "uid" => $uid));
-
-		if ($uid) {
-			if (self::getUser() !== $uid) {
-				self::setUserId($uid);
-				$setUidAsDisplayName = true;
-				if($backend instanceof \OCP\UserInterface
-					&& $backend->implementsActions(OC_User_Backend::GET_DISPLAYNAME)) {
-
-					$backendDisplayName = $backend->getDisplayName($uid);
-					if(is_string($backendDisplayName) && trim($backendDisplayName) !== '') {
-						$setUidAsDisplayName = false;
-					}
-				}
-				if($setUidAsDisplayName) {
-					self::setDisplayName($uid);
-				}
-				$userSession = self::getUserSession();
-				$userSession->setLoginName($uid);
-				$request = OC::$server->getRequest();
-				$userSession->createSessionToken($request, $uid, $uid);
-				// setup the filesystem
-				OC_Util::setupFS($uid);
-				// first call the post_login hooks, the login-process needs to be
-				// completed before we can safely create the users folder.
-				// For example encryption needs to initialize the users keys first
-				// before we can create the user folder with the skeleton files
-				OC_Hook::emit("OC_User", "post_login", array("uid" => $uid, 'password' => ''));
-				//trigger creation of user home and /files folder
-				\OC::$server->getUserFolder($uid);
-			}
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * Verify with Apache whether user is authenticated.
-	 *
-	 * @return boolean|null
-	 *          true: authenticated
-	 *          false: not authenticated
-	 *          null: not handled / no backend available
-	 */
-	public static function handleApacheAuth() {
-		$backend = self::findFirstActiveUsedBackend();
-		if ($backend) {
-			OC_App::loadApps();
-
-			//setup extra user backends
-			self::setupBackends();
-			self::unsetMagicInCookie();
-
-			return self::loginWithApache($backend);
-		}
-
-		return null;
-	}
-
-
-	/**
-	 * Sets user id for session and triggers emit
-	 *
-	 * @param string $uid
-	 */
-	public static function setUserId($uid) {
-		$userSession = \OC::$server->getUserSession();
-		$userManager = \OC::$server->getUserManager();
-		if ($user = $userManager->get($uid)) {
-			$userSession->setUser($user);
-		} else {
-			\OC::$server->getSession()->set('user_id', $uid);
-		}
-	}
-
-	/**
-	 * Sets user display name for session
-	 *
-	 * @param string $uid
-	 * @param string $displayName
-	 * @return bool Whether the display name could get set
-	 */
-	public static function setDisplayName($uid, $displayName = null) {
-		if (is_null($displayName)) {
-			$displayName = $uid;
-		}
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->setDisplayName($displayName);
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * Check if the user is logged in, considers also the HTTP basic credentials
-	 *
-	 * @deprecated use \OC::$server->getUserSession()->isLoggedIn()
-	 * @return bool
-	 */
-	public static function isLoggedIn() {
-		return \OC::$server->getUserSession()->isLoggedIn();
-	}
-
-	/**
-	 * set incognito mode, e.g. if a user wants to open a public link
-	 *
-	 * @param bool $status
-	 */
-	public static function setIncognitoMode($status) {
-		self::$incognitoMode = $status;
-	}
-
-	/**
-	 * get incognito mode status
-	 *
-	 * @return bool
-	 */
-	public static function isIncognitoMode() {
-		return self::$incognitoMode;
-	}
-
-	/**
-	 * Supplies an attribute to the logout hyperlink. The default behaviour
-	 * is to return an href with '?logout=true' appended. However, it can
-	 * supply any attribute(s) which are valid for <a>.
-	 *
-	 * @return string with one or more HTML attributes.
-	 */
-	public static function getLogoutAttribute() {
-		$backend = self::findFirstActiveUsedBackend();
-		if ($backend) {
-			return $backend->getLogoutAttribute();
-		}
-
-		$logoutUrl = \OC::$server->getURLGenerator()->linkToRouteAbsolute(
-			'core.login.logout',
-			[
-				'requesttoken' => \OCP\Util::callRegister(),
-			]
-		);
-
-		return 'href="'.$logoutUrl.'"';
-	}
-
-	/**
-	 * Check if the user is an admin user
-	 *
-	 * @param string $uid uid of the admin
-	 * @return bool
-	 */
-	public static function isAdminUser($uid) {
-		$group = \OC::$server->getGroupManager()->get('admin');
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($group && $user && $group->inGroup($user) && self::$incognitoMode === false) {
-			return true;
-		}
-		return false;
-	}
-
-
-	/**
-	 * get the user id of the user currently logged in.
-	 *
-	 * @return string|bool uid or false
-	 */
-	public static function getUser() {
-		$uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
-		if (!is_null($uid) && self::$incognitoMode === false) {
-			return $uid;
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * get the display name of the user currently logged in.
-	 *
-	 * @param string $uid
-	 * @return string uid or false
-	 */
-	public static function getDisplayName($uid = null) {
-		if ($uid) {
-			$user = \OC::$server->getUserManager()->get($uid);
-			if ($user) {
-				return $user->getDisplayName();
-			} else {
-				return $uid;
-			}
-		} else {
-			$user = self::getUserSession()->getUser();
-			if ($user) {
-				return $user->getDisplayName();
-			} else {
-				return false;
-			}
-		}
-	}
-
-	/**
-	 * Autogenerate a password
-	 *
-	 * @return string
-	 *
-	 * generates a password
-	 */
-	public static function generatePassword() {
-		return \OC::$server->getSecureRandom()->generate(30);
-	}
-
-	/**
-	 * Set password
-	 *
-	 * @param string $uid The username
-	 * @param string $password The new password
-	 * @param string $recoveryPassword for the encryption app to reset encryption keys
-	 * @return bool
-	 *
-	 * Change the password of a user
-	 */
-	public static function setPassword($uid, $password, $recoveryPassword = null) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->setPassword($password, $recoveryPassword);
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * Check whether user can change his avatar
-	 *
-	 * @param string $uid The username
-	 * @return bool
-	 *
-	 * Check whether a specified user can change his avatar
-	 */
-	public static function canUserChangeAvatar($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->canChangeAvatar();
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * Check whether user can change his password
-	 *
-	 * @param string $uid The username
-	 * @return bool
-	 *
-	 * Check whether a specified user can change his password
-	 */
-	public static function canUserChangePassword($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->canChangePassword();
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * Check whether user can change his display name
-	 *
-	 * @param string $uid The username
-	 * @return bool
-	 *
-	 * Check whether a specified user can change his display name
-	 */
-	public static function canUserChangeDisplayName($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->canChangeDisplayName();
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * Check if the password is correct
-	 *
-	 * @param string $uid The username
-	 * @param string $password The password
-	 * @return string|false user id a string on success, false otherwise
-	 *
-	 * Check if the password is correct without logging in the user
-	 * returns the user id or false
-	 */
-	public static function checkPassword($uid, $password) {
-		$manager = \OC::$server->getUserManager();
-		$username = $manager->checkPassword($uid, $password);
-		if ($username !== false) {
-			return $username->getUID();
-		}
-		return false;
-	}
-
-	/**
-	 * @param string $uid The username
-	 * @return string
-	 *
-	 * returns the path to the users home directory
-	 * @deprecated Use \OC::$server->getUserManager->getHome()
-	 */
-	public static function getHome($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->getHome();
-		} else {
-			return \OC::$server->getSystemConfig()->getValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $uid;
-		}
-	}
-
-	/**
-	 * Get a list of all users
-	 *
-	 * @return array an array of all uids
-	 *
-	 * Get a list of all users.
-	 * @param string $search
-	 * @param integer $limit
-	 * @param integer $offset
-	 */
-	public static function getUsers($search = '', $limit = null, $offset = null) {
-		$users = \OC::$server->getUserManager()->search($search, $limit, $offset);
-		$uids = array();
-		foreach ($users as $user) {
-			$uids[] = $user->getUID();
-		}
-		return $uids;
-	}
-
-	/**
-	 * Get a list of all users display name
-	 *
-	 * @param string $search
-	 * @param int $limit
-	 * @param int $offset
-	 * @return array associative array with all display names (value) and corresponding uids (key)
-	 *
-	 * Get a list of all display names and user ids.
-	 * @deprecated Use \OC::$server->getUserManager->searchDisplayName($search, $limit, $offset) instead.
-	 */
-	public static function getDisplayNames($search = '', $limit = null, $offset = null) {
-		$displayNames = array();
-		$users = \OC::$server->getUserManager()->searchDisplayName($search, $limit, $offset);
-		foreach ($users as $user) {
-			$displayNames[$user->getUID()] = $user->getDisplayName();
-		}
-		return $displayNames;
-	}
-
-	/**
-	 * check if a user exists
-	 *
-	 * @param string $uid the username
-	 * @return boolean
-	 */
-	public static function userExists($uid) {
-		return \OC::$server->getUserManager()->userExists($uid);
-	}
-
-	/**
-	 * disables a user
-	 *
-	 * @param string $uid the user to disable
-	 */
-	public static function disableUser($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			$user->setEnabled(false);
-		}
-	}
-
-	/**
-	 * enable a user
-	 *
-	 * @param string $uid
-	 */
-	public static function enableUser($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			$user->setEnabled(true);
-		}
-	}
-
-	/**
-	 * checks if a user is enabled
-	 *
-	 * @param string $uid
-	 * @return bool
-	 */
-	public static function isEnabled($uid) {
-		$user = \OC::$server->getUserManager()->get($uid);
-		if ($user) {
-			return $user->isEnabled();
-		} else {
-			return false;
-		}
-	}
-
-	/**
-	 * Set cookie value to use in next page load
-	 *
-	 * @param string $username username to be set
-	 * @param string $token
-	 */
-	public static function setMagicInCookie($username, $token) {
-		self::getUserSession()->setMagicInCookie($username, $token);
-	}
-
-	/**
-	 * Remove cookie for "remember username"
-	 */
-	public static function unsetMagicInCookie() {
-		self::getUserSession()->unsetMagicInCookie();
-	}
-
-	/**
-	 * Returns the first active backend from self::$_usedBackends.
-	 *
-	 * @return OCP\Authentication\IApacheBackend|null if no backend active, otherwise OCP\Authentication\IApacheBackend
-	 */
-	private static function findFirstActiveUsedBackend() {
-		foreach (self::$_usedBackends as $backend) {
-			if ($backend instanceof OCP\Authentication\IApacheBackend) {
-				if ($backend->isSessionActive()) {
-					return $backend;
-				}
-			}
-		}
-
-		return null;
-	}
+    /**
+     * @return \OC\User\Session
+     */
+    public static function getUserSession() {
+        return OC::$server->getUserSession();
+    }
+
+    private static $_usedBackends = array();
+
+    private static $_setupedBackends = array();
+
+    // bool, stores if a user want to access a resource anonymously, e.g if they open a public link
+    private static $incognitoMode = false;
+
+    /**
+     * Adds the backend to the list of used backends
+     *
+     * @param string|\OCP\UserInterface $backend default: database The backend to use for user management
+     * @return bool
+     *
+     * Set the User Authentication Module
+     */
+    public static function useBackend($backend = 'database') {
+        if ($backend instanceof \OCP\UserInterface) {
+            self::$_usedBackends[get_class($backend)] = $backend;
+            \OC::$server->getUserManager()->registerBackend($backend);
+        } else {
+            // You'll never know what happens
+            if (null === $backend OR !is_string($backend)) {
+                $backend = 'database';
+            }
+
+            // Load backend
+            switch ($backend) {
+                case 'database':
+                case 'mysql':
+                case 'sqlite':
+                    \OCP\Util::writeLog('core', 'Adding user backend ' . $backend . '.', \OCP\Util::DEBUG);
+                    self::$_usedBackends[$backend] = new \OC\User\Database();
+                    \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
+                    break;
+                case 'dummy':
+                    self::$_usedBackends[$backend] = new \Test\Util\User\Dummy();
+                    \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
+                    break;
+                default:
+                    \OCP\Util::writeLog('core', 'Adding default user backend ' . $backend . '.', \OCP\Util::DEBUG);
+                    $className = 'OC_USER_' . strtoupper($backend);
+                    self::$_usedBackends[$backend] = new $className();
+                    \OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
+                    break;
+            }
+        }
+        return true;
+    }
+
+    /**
+     * remove all used backends
+     */
+    public static function clearBackends() {
+        self::$_usedBackends = array();
+        \OC::$server->getUserManager()->clearBackends();
+    }
+
+    /**
+     * setup the configured backends in config.php
+     */
+    public static function setupBackends() {
+        OC_App::loadApps(['prelogin']);
+        $backends = \OC::$server->getSystemConfig()->getValue('user_backends', []);
+        if (isset($backends['default']) && !$backends['default']) {
+            // clear default backends
+            self::clearBackends();
+        }
+        foreach ($backends as $i => $config) {
+            if (!is_array($config)) {
+                continue;
+            }
+            $class = $config['class'];
+            $arguments = $config['arguments'];
+            if (class_exists($class)) {
+                if (array_search($i, self::$_setupedBackends) === false) {
+                    // make a reflection object
+                    $reflectionObj = new ReflectionClass($class);
+
+                    // use Reflection to create a new instance, using the $args
+                    $backend = $reflectionObj->newInstanceArgs($arguments);
+                    self::useBackend($backend);
+                    self::$_setupedBackends[] = $i;
+                } else {
+                    \OCP\Util::writeLog('core', 'User backend ' . $class . ' already initialized.', \OCP\Util::DEBUG);
+                }
+            } else {
+                \OCP\Util::writeLog('core', 'User backend ' . $class . ' not found.', \OCP\Util::ERROR);
+            }
+        }
+    }
+
+    /**
+     * Try to login a user using the magic cookie (remember login)
+     *
+     * @deprecated use \OCP\IUserSession::loginWithCookie()
+     * @param string $uid The username of the user to log in
+     * @param string $token
+     * @param string $oldSessionId
+     * @return bool
+     */
+    public static function loginWithCookie($uid, $token, $oldSessionId) {
+        return self::getUserSession()->loginWithCookie($uid, $token, $oldSessionId);
+    }
+
+    /**
+     * Try to login a user, assuming authentication
+     * has already happened (e.g. via Single Sign On).
+     *
+     * Log in a user and regenerate a new session.
+     *
+     * @param \OCP\Authentication\IApacheBackend $backend
+     * @return bool
+     */
+    public static function loginWithApache(\OCP\Authentication\IApacheBackend $backend) {
+
+        $uid = $backend->getCurrentUserId();
+        $run = true;
+        OC_Hook::emit("OC_User", "pre_login", array("run" => &$run, "uid" => $uid));
+
+        if ($uid) {
+            if (self::getUser() !== $uid) {
+                self::setUserId($uid);
+                $setUidAsDisplayName = true;
+                if($backend instanceof \OCP\UserInterface
+                    && $backend->implementsActions(OC_User_Backend::GET_DISPLAYNAME)) {
+
+                    $backendDisplayName = $backend->getDisplayName($uid);
+                    if(is_string($backendDisplayName) && trim($backendDisplayName) !== '') {
+                        $setUidAsDisplayName = false;
+                    }
+                }
+                if($setUidAsDisplayName) {
+                    self::setDisplayName($uid);
+                }
+                $userSession = self::getUserSession();
+                $userSession->setLoginName($uid);
+                $request = OC::$server->getRequest();
+                $userSession->createSessionToken($request, $uid, $uid);
+                // setup the filesystem
+                OC_Util::setupFS($uid);
+                // first call the post_login hooks, the login-process needs to be
+                // completed before we can safely create the users folder.
+                // For example encryption needs to initialize the users keys first
+                // before we can create the user folder with the skeleton files
+                OC_Hook::emit("OC_User", "post_login", array("uid" => $uid, 'password' => ''));
+                //trigger creation of user home and /files folder
+                \OC::$server->getUserFolder($uid);
+            }
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Verify with Apache whether user is authenticated.
+     *
+     * @return boolean|null
+     *          true: authenticated
+     *          false: not authenticated
+     *          null: not handled / no backend available
+     */
+    public static function handleApacheAuth() {
+        $backend = self::findFirstActiveUsedBackend();
+        if ($backend) {
+            OC_App::loadApps();
+
+            //setup extra user backends
+            self::setupBackends();
+            self::unsetMagicInCookie();
+
+            return self::loginWithApache($backend);
+        }
+
+        return null;
+    }
+
+
+    /**
+     * Sets user id for session and triggers emit
+     *
+     * @param string $uid
+     */
+    public static function setUserId($uid) {
+        $userSession = \OC::$server->getUserSession();
+        $userManager = \OC::$server->getUserManager();
+        if ($user = $userManager->get($uid)) {
+            $userSession->setUser($user);
+        } else {
+            \OC::$server->getSession()->set('user_id', $uid);
+        }
+    }
+
+    /**
+     * Sets user display name for session
+     *
+     * @param string $uid
+     * @param string $displayName
+     * @return bool Whether the display name could get set
+     */
+    public static function setDisplayName($uid, $displayName = null) {
+        if (is_null($displayName)) {
+            $displayName = $uid;
+        }
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->setDisplayName($displayName);
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Check if the user is logged in, considers also the HTTP basic credentials
+     *
+     * @deprecated use \OC::$server->getUserSession()->isLoggedIn()
+     * @return bool
+     */
+    public static function isLoggedIn() {
+        return \OC::$server->getUserSession()->isLoggedIn();
+    }
+
+    /**
+     * set incognito mode, e.g. if a user wants to open a public link
+     *
+     * @param bool $status
+     */
+    public static function setIncognitoMode($status) {
+        self::$incognitoMode = $status;
+    }
+
+    /**
+     * get incognito mode status
+     *
+     * @return bool
+     */
+    public static function isIncognitoMode() {
+        return self::$incognitoMode;
+    }
+
+    /**
+     * Supplies an attribute to the logout hyperlink. The default behaviour
+     * is to return an href with '?logout=true' appended. However, it can
+     * supply any attribute(s) which are valid for <a>.
+     *
+     * @return string with one or more HTML attributes.
+     */
+    public static function getLogoutAttribute() {
+        $backend = self::findFirstActiveUsedBackend();
+        if ($backend) {
+            return $backend->getLogoutAttribute();
+        }
+
+        $logoutUrl = \OC::$server->getURLGenerator()->linkToRouteAbsolute(
+            'core.login.logout',
+            [
+                'requesttoken' => \OCP\Util::callRegister(),
+            ]
+        );
+
+        return 'href="'.$logoutUrl.'"';
+    }
+
+    /**
+     * Check if the user is an admin user
+     *
+     * @param string $uid uid of the admin
+     * @return bool
+     */
+    public static function isAdminUser($uid) {
+        $group = \OC::$server->getGroupManager()->get('admin');
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($group && $user && $group->inGroup($user) && self::$incognitoMode === false) {
+            return true;
+        }
+        return false;
+    }
+
+
+    /**
+     * get the user id of the user currently logged in.
+     *
+     * @return string|bool uid or false
+     */
+    public static function getUser() {
+        $uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null;
+        if (!is_null($uid) && self::$incognitoMode === false) {
+            return $uid;
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * get the display name of the user currently logged in.
+     *
+     * @param string $uid
+     * @return string uid or false
+     */
+    public static function getDisplayName($uid = null) {
+        if ($uid) {
+            $user = \OC::$server->getUserManager()->get($uid);
+            if ($user) {
+                return $user->getDisplayName();
+            } else {
+                return $uid;
+            }
+        } else {
+            $user = self::getUserSession()->getUser();
+            if ($user) {
+                return $user->getDisplayName();
+            } else {
+                return false;
+            }
+        }
+    }
+
+    /**
+     * Autogenerate a password
+     *
+     * @return string
+     *
+     * generates a password
+     */
+    public static function generatePassword() {
+        return \OC::$server->getSecureRandom()->generate(30);
+    }
+
+    /**
+     * Set password
+     *
+     * @param string $uid The username
+     * @param string $password The new password
+     * @param string $recoveryPassword for the encryption app to reset encryption keys
+     * @return bool
+     *
+     * Change the password of a user
+     */
+    public static function setPassword($uid, $password, $recoveryPassword = null) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->setPassword($password, $recoveryPassword);
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Check whether user can change his avatar
+     *
+     * @param string $uid The username
+     * @return bool
+     *
+     * Check whether a specified user can change his avatar
+     */
+    public static function canUserChangeAvatar($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->canChangeAvatar();
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Check whether user can change his password
+     *
+     * @param string $uid The username
+     * @return bool
+     *
+     * Check whether a specified user can change his password
+     */
+    public static function canUserChangePassword($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->canChangePassword();
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Check whether user can change his display name
+     *
+     * @param string $uid The username
+     * @return bool
+     *
+     * Check whether a specified user can change his display name
+     */
+    public static function canUserChangeDisplayName($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->canChangeDisplayName();
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Check if the password is correct
+     *
+     * @param string $uid The username
+     * @param string $password The password
+     * @return string|false user id a string on success, false otherwise
+     *
+     * Check if the password is correct without logging in the user
+     * returns the user id or false
+     */
+    public static function checkPassword($uid, $password) {
+        $manager = \OC::$server->getUserManager();
+        $username = $manager->checkPassword($uid, $password);
+        if ($username !== false) {
+            return $username->getUID();
+        }
+        return false;
+    }
+
+    /**
+     * @param string $uid The username
+     * @return string
+     *
+     * returns the path to the users home directory
+     * @deprecated Use \OC::$server->getUserManager->getHome()
+     */
+    public static function getHome($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->getHome();
+        } else {
+            return \OC::$server->getSystemConfig()->getValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $uid;
+        }
+    }
+
+    /**
+     * Get a list of all users
+     *
+     * @return array an array of all uids
+     *
+     * Get a list of all users.
+     * @param string $search
+     * @param integer $limit
+     * @param integer $offset
+     */
+    public static function getUsers($search = '', $limit = null, $offset = null) {
+        $users = \OC::$server->getUserManager()->search($search, $limit, $offset);
+        $uids = array();
+        foreach ($users as $user) {
+            $uids[] = $user->getUID();
+        }
+        return $uids;
+    }
+
+    /**
+     * Get a list of all users display name
+     *
+     * @param string $search
+     * @param int $limit
+     * @param int $offset
+     * @return array associative array with all display names (value) and corresponding uids (key)
+     *
+     * Get a list of all display names and user ids.
+     * @deprecated Use \OC::$server->getUserManager->searchDisplayName($search, $limit, $offset) instead.
+     */
+    public static function getDisplayNames($search = '', $limit = null, $offset = null) {
+        $displayNames = array();
+        $users = \OC::$server->getUserManager()->searchDisplayName($search, $limit, $offset);
+        foreach ($users as $user) {
+            $displayNames[$user->getUID()] = $user->getDisplayName();
+        }
+        return $displayNames;
+    }
+
+    /**
+     * check if a user exists
+     *
+     * @param string $uid the username
+     * @return boolean
+     */
+    public static function userExists($uid) {
+        return \OC::$server->getUserManager()->userExists($uid);
+    }
+
+    /**
+     * disables a user
+     *
+     * @param string $uid the user to disable
+     */
+    public static function disableUser($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            $user->setEnabled(false);
+        }
+    }
+
+    /**
+     * enable a user
+     *
+     * @param string $uid
+     */
+    public static function enableUser($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            $user->setEnabled(true);
+        }
+    }
+
+    /**
+     * checks if a user is enabled
+     *
+     * @param string $uid
+     * @return bool
+     */
+    public static function isEnabled($uid) {
+        $user = \OC::$server->getUserManager()->get($uid);
+        if ($user) {
+            return $user->isEnabled();
+        } else {
+            return false;
+        }
+    }
+
+    /**
+     * Set cookie value to use in next page load
+     *
+     * @param string $username username to be set
+     * @param string $token
+     */
+    public static function setMagicInCookie($username, $token) {
+        self::getUserSession()->setMagicInCookie($username, $token);
+    }
+
+    /**
+     * Remove cookie for "remember username"
+     */
+    public static function unsetMagicInCookie() {
+        self::getUserSession()->unsetMagicInCookie();
+    }
+
+    /**
+     * Returns the first active backend from self::$_usedBackends.
+     *
+     * @return OCP\Authentication\IApacheBackend|null if no backend active, otherwise OCP\Authentication\IApacheBackend
+     */
+    private static function findFirstActiveUsedBackend() {
+        foreach (self::$_usedBackends as $backend) {
+            if ($backend instanceof OCP\Authentication\IApacheBackend) {
+                if ($backend->isSessionActive()) {
+                    return $backend;
+                }
+            }
+        }
+
+        return null;
+    }
 }

Please login to merge, or discard this patch.

lib/private/legacy/api.php 1 patch

Indentation +458 added lines, -458 removed lines patch added patch discarded remove patch

@@ -37,462 +37,462 @@
 block discarded – undo
 
 class OC_API {
 
-	/**
-	 * API authentication levels
-	 */
-
-	/** @deprecated Use \OCP\API::GUEST_AUTH instead */
-	const GUEST_AUTH = 0;
-
-	/** @deprecated Use \OCP\API::USER_AUTH instead */
-	const USER_AUTH = 1;
-
-	/** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
-	const SUBADMIN_AUTH = 2;
-
-	/** @deprecated Use \OCP\API::ADMIN_AUTH instead */
-	const ADMIN_AUTH = 3;
-
-	/**
-	 * API Response Codes
-	 */
-
-	/** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
-	const RESPOND_UNAUTHORISED = 997;
-
-	/** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
-	const RESPOND_SERVER_ERROR = 996;
-
-	/** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
-	const RESPOND_NOT_FOUND = 998;
-
-	/** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
-	const RESPOND_UNKNOWN_ERROR = 999;
-
-	/**
-	 * api actions
-	 */
-	protected static $actions = array();
-	private static $logoutRequired = false;
-	private static $isLoggedIn = false;
-
-	/**
-	 * registers an api call
-	 * @param string $method the http method
-	 * @param string $url the url to match
-	 * @param callable $action the function to run
-	 * @param string $app the id of the app registering the call
-	 * @param int $authLevel the level of authentication required for the call
-	 * @param array $defaults
-	 * @param array $requirements
-	 */
-	public static function register($method, $url, $action, $app,
-				$authLevel = API::USER_AUTH,
-				$defaults = array(),
-				$requirements = array()) {
-		$name = strtolower($method).$url;
-		$name = str_replace(array('/', '{', '}'), '_', $name);
-		if(!isset(self::$actions[$name])) {
-			$oldCollection = OC::$server->getRouter()->getCurrentCollection();
-			OC::$server->getRouter()->useCollection('ocs');
-			OC::$server->getRouter()->create($name, $url)
-				->method($method)
-				->defaults($defaults)
-				->requirements($requirements)
-				->action('OC_API', 'call');
-			self::$actions[$name] = array();
-			OC::$server->getRouter()->useCollection($oldCollection);
-		}
-		self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
-	}
-
-	/**
-	 * handles an api call
-	 * @param array $parameters
-	 */
-	public static function call($parameters) {
-		$request = \OC::$server->getRequest();
-		$method = $request->getMethod();
-
-		// Prepare the request variables
-		if($method === 'PUT') {
-			$parameters['_put'] = $request->getParams();
-		} else if($method === 'DELETE') {
-			$parameters['_delete'] = $request->getParams();
-		}
-		$name = $parameters['_route'];
-		// Foreach registered action
-		$responses = array();
-		foreach(self::$actions[$name] as $action) {
-			// Check authentication and availability
-			if(!self::isAuthorised($action)) {
-				$responses[] = array(
-					'app' => $action['app'],
-					'response' => new OC_OCS_Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
-					'shipped' => OC_App::isShipped($action['app']),
-					);
-				continue;
-			}
-			if(!is_callable($action['action'])) {
-				$responses[] = array(
-					'app' => $action['app'],
-					'response' => new OC_OCS_Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
-					'shipped' => OC_App::isShipped($action['app']),
-					);
-				continue;
-			}
-			// Run the action
-			$responses[] = array(
-				'app' => $action['app'],
-				'response' => call_user_func($action['action'], $parameters),
-				'shipped' => OC_App::isShipped($action['app']),
-				);
-		}
-		$response = self::mergeResponses($responses);
-		$format = self::requestedFormat();
-		if (self::$logoutRequired) {
-			\OC::$server->getUserSession()->logout();
-		}
-
-		self::respond($response, $format);
-	}
-
-	/**
-	 * merge the returned result objects into one response
-	 * @param array $responses
-	 * @return OC_OCS_Result
-	 */
-	public static function mergeResponses($responses) {
-		// Sort into shipped and third-party
-		$shipped = array(
-			'succeeded' => array(),
-			'failed' => array(),
-			);
-		$thirdparty = array(
-			'succeeded' => array(),
-			'failed' => array(),
-			);
-
-		foreach($responses as $response) {
-			if($response['shipped'] || ($response['app'] === 'core')) {
-				if($response['response']->succeeded()) {
-					$shipped['succeeded'][$response['app']] = $response;
-				} else {
-					$shipped['failed'][$response['app']] = $response;
-				}
-			} else {
-				if($response['response']->succeeded()) {
-					$thirdparty['succeeded'][$response['app']] = $response;
-				} else {
-					$thirdparty['failed'][$response['app']] = $response;
-				}
-			}
-		}
-
-		// Remove any error responses if there is one shipped response that succeeded
-		if(!empty($shipped['failed'])) {
-			// Which shipped response do we use if they all failed?
-			// They may have failed for different reasons (different status codes)
-			// Which response code should we return?
-			// Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
-			// Merge failed responses if more than one
-			$data = array();
-			foreach($shipped['failed'] as $failure) {
-				$data = array_merge_recursive($data, $failure['response']->getData());
-			}
-			$picked = reset($shipped['failed']);
-			$code = $picked['response']->getStatusCode();
-			$meta = $picked['response']->getMeta();
-			$headers = $picked['response']->getHeaders();
-			$response = new OC_OCS_Result($data, $code, $meta['message'], $headers);
-			return $response;
-		} elseif(!empty($shipped['succeeded'])) {
-			$responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
-		} elseif(!empty($thirdparty['failed'])) {
-			// Merge failed responses if more than one
-			$data = array();
-			foreach($thirdparty['failed'] as $failure) {
-				$data = array_merge_recursive($data, $failure['response']->getData());
-			}
-			$picked = reset($thirdparty['failed']);
-			$code = $picked['response']->getStatusCode();
-			$meta = $picked['response']->getMeta();
-			$headers = $picked['response']->getHeaders();
-			$response = new OC_OCS_Result($data, $code, $meta['message'], $headers);
-			return $response;
-		} else {
-			$responses = $thirdparty['succeeded'];
-		}
-		// Merge the successful responses
-		$data = [];
-		$codes = [];
-		$header = [];
-
-		foreach($responses as $response) {
-			if($response['shipped']) {
-				$data = array_merge_recursive($response['response']->getData(), $data);
-			} else {
-				$data = array_merge_recursive($data, $response['response']->getData());
-			}
-			$header = array_merge_recursive($header, $response['response']->getHeaders());
-			$codes[] = ['code' => $response['response']->getStatusCode(),
-				'meta' => $response['response']->getMeta()];
-		}
-
-		// Use any non 100 status codes
-		$statusCode = 100;
-		$statusMessage = null;
-		foreach($codes as $code) {
-			if($code['code'] != 100) {
-				$statusCode = $code['code'];
-				$statusMessage = $code['meta']['message'];
-				break;
-			}
-		}
-
-		return new OC_OCS_Result($data, $statusCode, $statusMessage, $header);
-	}
-
-	/**
-	 * authenticate the api call
-	 * @param array $action the action details as supplied to OC_API::register()
-	 * @return bool
-	 */
-	private static function isAuthorised($action) {
-		$level = $action['authlevel'];
-		switch($level) {
-			case API::GUEST_AUTH:
-				// Anyone can access
-				return true;
-			case API::USER_AUTH:
-				// User required
-				return self::loginUser();
-			case API::SUBADMIN_AUTH:
-				// Check for subadmin
-				$user = self::loginUser();
-				if(!$user) {
-					return false;
-				} else {
-					$userObject = \OC::$server->getUserSession()->getUser();
-					if($userObject === null) {
-						return false;
-					}
-					$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
-					$admin = OC_User::isAdminUser($user);
-					if($isSubAdmin || $admin) {
-						return true;
-					} else {
-						return false;
-					}
-				}
-			case API::ADMIN_AUTH:
-				// Check for admin
-				$user = self::loginUser();
-				if(!$user) {
-					return false;
-				} else {
-					return OC_User::isAdminUser($user);
-				}
-			default:
-				// oops looks like invalid level supplied
-				return false;
-		}
-	}
-
-	/**
-	 * http basic auth
-	 * @return string|false (username, or false on failure)
-	 */
-	private static function loginUser() {
-		if(self::$isLoggedIn === true) {
-			return \OC_User::getUser();
-		}
-
-		// reuse existing login
-		$loggedIn = \OC::$server->getUserSession()->isLoggedIn();
-		if ($loggedIn === true) {
-			if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
-				// Do not allow access to OCS until the 2FA challenge was solved successfully
-				return false;
-			}
-			$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
-			if ($ocsApiRequest) {
-
-				// initialize the user's filesystem
-				\OC_Util::setupFS(\OC_User::getUser());
-				self::$isLoggedIn = true;
-
-				return OC_User::getUser();
-			}
-			return false;
-		}
-
-		// basic auth - because OC_User::login will create a new session we shall only try to login
-		// if user and pass are set
-		$userSession = \OC::$server->getUserSession();
-		$request = \OC::$server->getRequest();
-		try {
-			if ($userSession->tryTokenLogin($request)
-				|| $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
-				self::$logoutRequired = true;
-			} else {
-				return false;
-			}
-			// initialize the user's filesystem
-			\OC_Util::setupFS(\OC_User::getUser());
-			self::$isLoggedIn = true;
-
-			return \OC_User::getUser();
-		} catch (\OC\User\LoginException $e) {
-			return false;
-		}
-	}
-
-	/**
-	 * respond to a call
-	 * @param OC_OCS_Result $result
-	 * @param string $format the format xml|json
-	 */
-	public static function respond($result, $format='xml') {
-		$request = \OC::$server->getRequest();
-
-		// Send 401 headers if unauthorised
-		if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
-			// If request comes from JS return dummy auth request
-			if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
-				header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
-			} else {
-				header('WWW-Authenticate: Basic realm="Authorisation Required"');
-			}
-			header('HTTP/1.0 401 Unauthorized');
-		}
-
-		foreach($result->getHeaders() as $name => $value) {
-			header($name . ': ' . $value);
-		}
-
-		$meta = $result->getMeta();
-		$data = $result->getData();
-		if (self::isV2($request)) {
-			$statusCode = self::mapStatusCodes($result->getStatusCode());
-			if (!is_null($statusCode)) {
-				$meta['statuscode'] = $statusCode;
-				OC_Response::setStatus($statusCode);
-			}
-		}
-
-		self::setContentType($format);
-		$body = self::renderResult($format, $meta, $data);
-		echo $body;
-	}
-
-	/**
-	 * @param XMLWriter $writer
-	 */
-	private static function toXML($array, $writer) {
-		foreach($array as $k => $v) {
-			if ($k[0] === '@') {
-				$writer->writeAttribute(substr($k, 1), $v);
-				continue;
-			} else if (is_numeric($k)) {
-				$k = 'element';
-			}
-			if(is_array($v)) {
-				$writer->startElement($k);
-				self::toXML($v, $writer);
-				$writer->endElement();
-			} else {
-				$writer->writeElement($k, $v);
-			}
-		}
-	}
-
-	/**
-	 * @return string
-	 */
-	public static function requestedFormat() {
-		$formats = array('json', 'xml');
-
-		$format = !empty($_GET['format']) && in_array($_GET['format'], $formats) ? $_GET['format'] : 'xml';
-		return $format;
-	}
-
-	/**
-	 * Based on the requested format the response content type is set
-	 * @param string $format
-	 */
-	public static function setContentType($format = null) {
-		$format = is_null($format) ? self::requestedFormat() : $format;
-		if ($format === 'xml') {
-			header('Content-type: text/xml; charset=UTF-8');
-			return;
-		}
-
-		if ($format === 'json') {
-			header('Content-Type: application/json; charset=utf-8');
-			return;
-		}
-
-		header('Content-Type: application/octet-stream; charset=utf-8');
-	}
-
-	/**
-	 * @param \OCP\IRequest $request
-	 * @return bool
-	 */
-	protected static function isV2(\OCP\IRequest $request) {
-		$script = $request->getScriptName();
-
-		return substr($script, -11) === '/ocs/v2.php';
-	}
-
-	/**
-	 * @param integer $sc
-	 * @return int
-	 */
-	public static function mapStatusCodes($sc) {
-		switch ($sc) {
-			case API::RESPOND_NOT_FOUND:
-				return Http::STATUS_NOT_FOUND;
-			case API::RESPOND_SERVER_ERROR:
-				return Http::STATUS_INTERNAL_SERVER_ERROR;
-			case API::RESPOND_UNKNOWN_ERROR:
-				return Http::STATUS_INTERNAL_SERVER_ERROR;
-			case API::RESPOND_UNAUTHORISED:
-				// already handled for v1
-				return null;
-			case 100:
-				return Http::STATUS_OK;
-		}
-		// any 2xx, 4xx and 5xx will be used as is
-		if ($sc >= 200 && $sc < 600) {
-			return $sc;
-		}
-
-		return Http::STATUS_BAD_REQUEST;
-	}
-
-	/**
-	 * @param string $format
-	 * @return string
-	 */
-	public static function renderResult($format, $meta, $data) {
-		$response = array(
-			'ocs' => array(
-				'meta' => $meta,
-				'data' => $data,
-			),
-		);
-		if ($format == 'json') {
-			return OC_JSON::encode($response);
-		}
-
-		$writer = new XMLWriter();
-		$writer->openMemory();
-		$writer->setIndent(true);
-		$writer->startDocument();
-		self::toXML($response, $writer);
-		$writer->endDocument();
-		return $writer->outputMemory(true);
-	}
+    /**
+     * API authentication levels
+     */
+
+    /** @deprecated Use \OCP\API::GUEST_AUTH instead */
+    const GUEST_AUTH = 0;
+
+    /** @deprecated Use \OCP\API::USER_AUTH instead */
+    const USER_AUTH = 1;
+
+    /** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
+    const SUBADMIN_AUTH = 2;
+
+    /** @deprecated Use \OCP\API::ADMIN_AUTH instead */
+    const ADMIN_AUTH = 3;
+
+    /**
+     * API Response Codes
+     */
+
+    /** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
+    const RESPOND_UNAUTHORISED = 997;
+
+    /** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
+    const RESPOND_SERVER_ERROR = 996;
+
+    /** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
+    const RESPOND_NOT_FOUND = 998;
+
+    /** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
+    const RESPOND_UNKNOWN_ERROR = 999;
+
+    /**
+     * api actions
+     */
+    protected static $actions = array();
+    private static $logoutRequired = false;
+    private static $isLoggedIn = false;
+
+    /**
+     * registers an api call
+     * @param string $method the http method
+     * @param string $url the url to match
+     * @param callable $action the function to run
+     * @param string $app the id of the app registering the call
+     * @param int $authLevel the level of authentication required for the call
+     * @param array $defaults
+     * @param array $requirements
+     */
+    public static function register($method, $url, $action, $app,
+                $authLevel = API::USER_AUTH,
+                $defaults = array(),
+                $requirements = array()) {
+        $name = strtolower($method).$url;
+        $name = str_replace(array('/', '{', '}'), '_', $name);
+        if(!isset(self::$actions[$name])) {
+            $oldCollection = OC::$server->getRouter()->getCurrentCollection();
+            OC::$server->getRouter()->useCollection('ocs');
+            OC::$server->getRouter()->create($name, $url)
+                ->method($method)
+                ->defaults($defaults)
+                ->requirements($requirements)
+                ->action('OC_API', 'call');
+            self::$actions[$name] = array();
+            OC::$server->getRouter()->useCollection($oldCollection);
+        }
+        self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
+    }
+
+    /**
+     * handles an api call
+     * @param array $parameters
+     */
+    public static function call($parameters) {
+        $request = \OC::$server->getRequest();
+        $method = $request->getMethod();
+
+        // Prepare the request variables
+        if($method === 'PUT') {
+            $parameters['_put'] = $request->getParams();
+        } else if($method === 'DELETE') {
+            $parameters['_delete'] = $request->getParams();
+        }
+        $name = $parameters['_route'];
+        // Foreach registered action
+        $responses = array();
+        foreach(self::$actions[$name] as $action) {
+            // Check authentication and availability
+            if(!self::isAuthorised($action)) {
+                $responses[] = array(
+                    'app' => $action['app'],
+                    'response' => new OC_OCS_Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
+                    'shipped' => OC_App::isShipped($action['app']),
+                    );
+                continue;
+            }
+            if(!is_callable($action['action'])) {
+                $responses[] = array(
+                    'app' => $action['app'],
+                    'response' => new OC_OCS_Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
+                    'shipped' => OC_App::isShipped($action['app']),
+                    );
+                continue;
+            }
+            // Run the action
+            $responses[] = array(
+                'app' => $action['app'],
+                'response' => call_user_func($action['action'], $parameters),
+                'shipped' => OC_App::isShipped($action['app']),
+                );
+        }
+        $response = self::mergeResponses($responses);
+        $format = self::requestedFormat();
+        if (self::$logoutRequired) {
+            \OC::$server->getUserSession()->logout();
+        }
+
+        self::respond($response, $format);
+    }
+
+    /**
+     * merge the returned result objects into one response
+     * @param array $responses
+     * @return OC_OCS_Result
+     */
+    public static function mergeResponses($responses) {
+        // Sort into shipped and third-party
+        $shipped = array(
+            'succeeded' => array(),
+            'failed' => array(),
+            );
+        $thirdparty = array(
+            'succeeded' => array(),
+            'failed' => array(),
+            );
+
+        foreach($responses as $response) {
+            if($response['shipped'] || ($response['app'] === 'core')) {
+                if($response['response']->succeeded()) {
+                    $shipped['succeeded'][$response['app']] = $response;
+                } else {
+                    $shipped['failed'][$response['app']] = $response;
+                }
+            } else {
+                if($response['response']->succeeded()) {
+                    $thirdparty['succeeded'][$response['app']] = $response;
+                } else {
+                    $thirdparty['failed'][$response['app']] = $response;
+                }
+            }
+        }
+
+        // Remove any error responses if there is one shipped response that succeeded
+        if(!empty($shipped['failed'])) {
+            // Which shipped response do we use if they all failed?
+            // They may have failed for different reasons (different status codes)
+            // Which response code should we return?
+            // Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
+            // Merge failed responses if more than one
+            $data = array();
+            foreach($shipped['failed'] as $failure) {
+                $data = array_merge_recursive($data, $failure['response']->getData());
+            }
+            $picked = reset($shipped['failed']);
+            $code = $picked['response']->getStatusCode();
+            $meta = $picked['response']->getMeta();
+            $headers = $picked['response']->getHeaders();
+            $response = new OC_OCS_Result($data, $code, $meta['message'], $headers);
+            return $response;
+        } elseif(!empty($shipped['succeeded'])) {
+            $responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
+        } elseif(!empty($thirdparty['failed'])) {
+            // Merge failed responses if more than one
+            $data = array();
+            foreach($thirdparty['failed'] as $failure) {
+                $data = array_merge_recursive($data, $failure['response']->getData());
+            }
+            $picked = reset($thirdparty['failed']);
+            $code = $picked['response']->getStatusCode();
+            $meta = $picked['response']->getMeta();
+            $headers = $picked['response']->getHeaders();
+            $response = new OC_OCS_Result($data, $code, $meta['message'], $headers);
+            return $response;
+        } else {
+            $responses = $thirdparty['succeeded'];
+        }
+        // Merge the successful responses
+        $data = [];
+        $codes = [];
+        $header = [];
+
+        foreach($responses as $response) {
+            if($response['shipped']) {
+                $data = array_merge_recursive($response['response']->getData(), $data);
+            } else {
+                $data = array_merge_recursive($data, $response['response']->getData());
+            }
+            $header = array_merge_recursive($header, $response['response']->getHeaders());
+            $codes[] = ['code' => $response['response']->getStatusCode(),
+                'meta' => $response['response']->getMeta()];
+        }
+
+        // Use any non 100 status codes
+        $statusCode = 100;
+        $statusMessage = null;
+        foreach($codes as $code) {
+            if($code['code'] != 100) {
+                $statusCode = $code['code'];
+                $statusMessage = $code['meta']['message'];
+                break;
+            }
+        }
+
+        return new OC_OCS_Result($data, $statusCode, $statusMessage, $header);
+    }
+
+    /**
+     * authenticate the api call
+     * @param array $action the action details as supplied to OC_API::register()
+     * @return bool
+     */
+    private static function isAuthorised($action) {
+        $level = $action['authlevel'];
+        switch($level) {
+            case API::GUEST_AUTH:
+                // Anyone can access
+                return true;
+            case API::USER_AUTH:
+                // User required
+                return self::loginUser();
+            case API::SUBADMIN_AUTH:
+                // Check for subadmin
+                $user = self::loginUser();
+                if(!$user) {
+                    return false;
+                } else {
+                    $userObject = \OC::$server->getUserSession()->getUser();
+                    if($userObject === null) {
+                        return false;
+                    }
+                    $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
+                    $admin = OC_User::isAdminUser($user);
+                    if($isSubAdmin || $admin) {
+                        return true;
+                    } else {
+                        return false;
+                    }
+                }
+            case API::ADMIN_AUTH:
+                // Check for admin
+                $user = self::loginUser();
+                if(!$user) {
+                    return false;
+                } else {
+                    return OC_User::isAdminUser($user);
+                }
+            default:
+                // oops looks like invalid level supplied
+                return false;
+        }
+    }
+
+    /**
+     * http basic auth
+     * @return string|false (username, or false on failure)
+     */
+    private static function loginUser() {
+        if(self::$isLoggedIn === true) {
+            return \OC_User::getUser();
+        }
+
+        // reuse existing login
+        $loggedIn = \OC::$server->getUserSession()->isLoggedIn();
+        if ($loggedIn === true) {
+            if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
+                // Do not allow access to OCS until the 2FA challenge was solved successfully
+                return false;
+            }
+            $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
+            if ($ocsApiRequest) {
+
+                // initialize the user's filesystem
+                \OC_Util::setupFS(\OC_User::getUser());
+                self::$isLoggedIn = true;
+
+                return OC_User::getUser();
+            }
+            return false;
+        }
+
+        // basic auth - because OC_User::login will create a new session we shall only try to login
+        // if user and pass are set
+        $userSession = \OC::$server->getUserSession();
+        $request = \OC::$server->getRequest();
+        try {
+            if ($userSession->tryTokenLogin($request)
+                || $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
+                self::$logoutRequired = true;
+            } else {
+                return false;
+            }
+            // initialize the user's filesystem
+            \OC_Util::setupFS(\OC_User::getUser());
+            self::$isLoggedIn = true;
+
+            return \OC_User::getUser();
+        } catch (\OC\User\LoginException $e) {
+            return false;
+        }
+    }
+
+    /**
+     * respond to a call
+     * @param OC_OCS_Result $result
+     * @param string $format the format xml|json
+     */
+    public static function respond($result, $format='xml') {
+        $request = \OC::$server->getRequest();
+
+        // Send 401 headers if unauthorised
+        if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
+            // If request comes from JS return dummy auth request
+            if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
+                header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
+            } else {
+                header('WWW-Authenticate: Basic realm="Authorisation Required"');
+            }
+            header('HTTP/1.0 401 Unauthorized');
+        }
+
+        foreach($result->getHeaders() as $name => $value) {
+            header($name . ': ' . $value);
+        }
+
+        $meta = $result->getMeta();
+        $data = $result->getData();
+        if (self::isV2($request)) {
+            $statusCode = self::mapStatusCodes($result->getStatusCode());
+            if (!is_null($statusCode)) {
+                $meta['statuscode'] = $statusCode;
+                OC_Response::setStatus($statusCode);
+            }
+        }
+
+        self::setContentType($format);
+        $body = self::renderResult($format, $meta, $data);
+        echo $body;
+    }
+
+    /**
+     * @param XMLWriter $writer
+     */
+    private static function toXML($array, $writer) {
+        foreach($array as $k => $v) {
+            if ($k[0] === '@') {
+                $writer->writeAttribute(substr($k, 1), $v);
+                continue;
+            } else if (is_numeric($k)) {
+                $k = 'element';
+            }
+            if(is_array($v)) {
+                $writer->startElement($k);
+                self::toXML($v, $writer);
+                $writer->endElement();
+            } else {
+                $writer->writeElement($k, $v);
+            }
+        }
+    }
+
+    /**
+     * @return string
+     */
+    public static function requestedFormat() {
+        $formats = array('json', 'xml');
+
+        $format = !empty($_GET['format']) && in_array($_GET['format'], $formats) ? $_GET['format'] : 'xml';
+        return $format;
+    }
+
+    /**
+     * Based on the requested format the response content type is set
+     * @param string $format
+     */
+    public static function setContentType($format = null) {
+        $format = is_null($format) ? self::requestedFormat() : $format;
+        if ($format === 'xml') {
+            header('Content-type: text/xml; charset=UTF-8');
+            return;
+        }
+
+        if ($format === 'json') {
+            header('Content-Type: application/json; charset=utf-8');
+            return;
+        }
+
+        header('Content-Type: application/octet-stream; charset=utf-8');
+    }
+
+    /**
+     * @param \OCP\IRequest $request
+     * @return bool
+     */
+    protected static function isV2(\OCP\IRequest $request) {
+        $script = $request->getScriptName();
+
+        return substr($script, -11) === '/ocs/v2.php';
+    }
+
+    /**
+     * @param integer $sc
+     * @return int
+     */
+    public static function mapStatusCodes($sc) {
+        switch ($sc) {
+            case API::RESPOND_NOT_FOUND:
+                return Http::STATUS_NOT_FOUND;
+            case API::RESPOND_SERVER_ERROR:
+                return Http::STATUS_INTERNAL_SERVER_ERROR;
+            case API::RESPOND_UNKNOWN_ERROR:
+                return Http::STATUS_INTERNAL_SERVER_ERROR;
+            case API::RESPOND_UNAUTHORISED:
+                // already handled for v1
+                return null;
+            case 100:
+                return Http::STATUS_OK;
+        }
+        // any 2xx, 4xx and 5xx will be used as is
+        if ($sc >= 200 && $sc < 600) {
+            return $sc;
+        }
+
+        return Http::STATUS_BAD_REQUEST;
+    }
+
+    /**
+     * @param string $format
+     * @return string
+     */
+    public static function renderResult($format, $meta, $data) {
+        $response = array(
+            'ocs' => array(
+                'meta' => $meta,
+                'data' => $data,
+            ),
+        );
+        if ($format == 'json') {
+            return OC_JSON::encode($response);
+        }
+
+        $writer = new XMLWriter();
+        $writer->openMemory();
+        $writer->setIndent(true);
+        $writer->startDocument();
+        self::toXML($response, $writer);
+        $writer->endDocument();
+        return $writer->outputMemory(true);
+    }
 }

Please login to merge, or discard this patch.

		@@ -94,7 +94,7 @@ discard block
		block discarded – undo
94	94	case 'database':
95	95	case 'mysql':
96	96	case 'sqlite':
97		- \OCP\Util::writeLog('core', 'Adding user backend ' . $backend . '.', \OCP\Util::DEBUG);
	97	+ \OCP\Util::writeLog('core', 'Adding user backend '.$backend.'.', \OCP\Util::DEBUG);
98	98	self::$_usedBackends[$backend] = new \OC\User\Database();
99	99	\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
100	100	break;
		@@ -103,8 +103,8 @@ discard block
		block discarded – undo
103	103	\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
104	104	break;
105	105	default:
106		- \OCP\Util::writeLog('core', 'Adding default user backend ' . $backend . '.', \OCP\Util::DEBUG);
107		- $className = 'OC_USER_' . strtoupper($backend);
	106	+ \OCP\Util::writeLog('core', 'Adding default user backend '.$backend.'.', \OCP\Util::DEBUG);
	107	+ $className = 'OC_USER_'.strtoupper($backend);
108	108	self::$_usedBackends[$backend] = new $className();
109	109	\OC::$server->getUserManager()->registerBackend(self::$_usedBackends[$backend]);
110	110	break;
		@@ -147,10 +147,10 @@ discard block
		block discarded – undo
147	147	self::useBackend($backend);
148	148	self::$_setupedBackends[] = $i;
149	149	} else {
150		- \OCP\Util::writeLog('core', 'User backend ' . $class . ' already initialized.', \OCP\Util::DEBUG);
	150	+ \OCP\Util::writeLog('core', 'User backend '.$class.' already initialized.', \OCP\Util::DEBUG);
151	151	}
152	152	} else {
153		- \OCP\Util::writeLog('core', 'User backend ' . $class . ' not found.', \OCP\Util::ERROR);
	153	+ \OCP\Util::writeLog('core', 'User backend '.$class.' not found.', \OCP\Util::ERROR);
154	154	}
155	155	}
156	156	}
		@@ -188,15 +188,15 @@ discard block
		block discarded – undo
188	188	if (self::getUser() !== $uid) {
189	189	self::setUserId($uid);
190	190	$setUidAsDisplayName = true;
191		- if($backend instanceof \OCP\UserInterface
	191	+ if ($backend instanceof \OCP\UserInterface
192	192	&& $backend->implementsActions(OC_User_Backend::GET_DISPLAYNAME)) {
193	193
194	194	$backendDisplayName = $backend->getDisplayName($uid);
195		- if(is_string($backendDisplayName) && trim($backendDisplayName) !== '') {
	195	+ if (is_string($backendDisplayName) && trim($backendDisplayName) !== '') {
196	196	$setUidAsDisplayName = false;
197	197	}
198	198	}
199		- if($setUidAsDisplayName) {
	199	+ if ($setUidAsDisplayName) {
200	200	self::setDisplayName($uid);
201	201	}
202	202	$userSession = self::getUserSession();
		@@ -494,7 +494,7 @@ discard block
		block discarded – undo
494	494	if ($user) {
495	495	return $user->getHome();
496	496	} else {
497		- return \OC::$server->getSystemConfig()->getValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $uid;
	497	+ return \OC::$server->getSystemConfig()->getValue('datadirectory', OC::$SERVERROOT.'/data').'/'.$uid;
498	498	}
499	499	}
500	500

nextcloud / server

Pull Request — master (#4430)

Status

Category

Spacing +9 added lines, -9 removed lines patch added patch discarded remove patch

Indentation +560 added lines, -561 removed lines patch added patch discarded remove patch

Indentation +458 added lines, -458 removed lines patch added patch discarded remove patch