nextcloud /
server
| Total Complexity | 81 |
| Total Lines | 595 |
| Duplicated Lines | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 0 |
Complex classes like Installer often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use Installer, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 61 | class Installer { |
||
| 62 | /** @var AppFetcher */ |
||
| 63 | private $appFetcher; |
||
| 64 | /** @var IClientService */ |
||
| 65 | private $clientService; |
||
| 66 | /** @var ITempManager */ |
||
| 67 | private $tempManager; |
||
| 68 | /** @var ILogger */ |
||
| 69 | private $logger; |
||
| 70 | /** @var IConfig */ |
||
| 71 | private $config; |
||
| 72 | /** @var array - for caching the result of app fetcher */ |
||
| 73 | private $apps = null; |
||
| 74 | /** @var bool|null - for caching the result of the ready status */ |
||
| 75 | private $isInstanceReadyForUpdates = null; |
||
| 76 | /** @var bool */ |
||
| 77 | private $isCLI; |
||
| 78 | |||
| 79 | /** |
||
| 80 | * @param AppFetcher $appFetcher |
||
| 81 | * @param IClientService $clientService |
||
| 82 | * @param ITempManager $tempManager |
||
| 83 | * @param ILogger $logger |
||
| 84 | * @param IConfig $config |
||
| 85 | */ |
||
| 86 | public function __construct( |
||
| 100 | } |
||
| 101 | |||
| 102 | /** |
||
| 103 | * Installs an app that is located in one of the app folders already |
||
| 104 | * |
||
| 105 | * @param string $appId App to install |
||
| 106 | * @param bool $forceEnable |
||
| 107 | * @throws \Exception |
||
| 108 | * @return string app ID |
||
| 109 | */ |
||
| 110 | public function installApp(string $appId, bool $forceEnable = false): string { |
||
| 192 | } |
||
| 193 | |||
| 194 | /** |
||
| 195 | * Updates the specified app from the appstore |
||
| 196 | * |
||
| 197 | * @param string $appId |
||
| 198 | * @param bool [$allowUnstable] Allow unstable releases |
||
| 199 | * @return bool |
||
| 200 | */ |
||
| 201 | public function updateAppstoreApp($appId, $allowUnstable = false) { |
||
| 216 | } |
||
| 217 | |||
| 218 | /** |
||
| 219 | * Split the certificate file in individual certs |
||
| 220 | * |
||
| 221 | * @param string $cert |
||
| 222 | * @return string[] |
||
| 223 | */ |
||
| 224 | private function splitCerts(string $cert): array { |
||
| 225 | preg_match_all('([\-]{3,}[\S\ ]+?[\-]{3,}[\S\s]+?[\-]{3,}[\S\ ]+?[\-]{3,})', $cert, $matches); |
||
| 226 | |||
| 227 | return $matches[0]; |
||
| 228 | } |
||
| 229 | |||
| 230 | /** |
||
| 231 | * Downloads an app and puts it into the app directory |
||
| 232 | * |
||
| 233 | * @param string $appId |
||
| 234 | * @param bool [$allowUnstable] |
||
| 235 | * |
||
| 236 | * @throws \Exception If the installation was not successful |
||
| 237 | */ |
||
| 238 | public function downloadApp($appId, $allowUnstable = false) { |
||
| 239 | $appId = strtolower($appId); |
||
| 240 | |||
| 241 | $apps = $this->appFetcher->get($allowUnstable); |
||
| 242 | foreach ($apps as $app) { |
||
| 243 | if ($app['id'] === $appId) { |
||
| 244 | // Load the certificate |
||
| 245 | $certificate = new X509(); |
||
| 246 | $rootCrt = file_get_contents(__DIR__ . '/../../resources/codesigning/root.crt'); |
||
| 247 | $rootCrts = $this->splitCerts($rootCrt); |
||
| 248 | foreach ($rootCrts as $rootCrt) { |
||
| 249 | $certificate->loadCA($rootCrt); |
||
| 250 | } |
||
| 251 | $loadedCertificate = $certificate->loadX509($app['certificate']); |
||
| 252 | |||
| 253 | // Verify if the certificate has been revoked |
||
| 254 | $crl = new X509(); |
||
| 255 | foreach ($rootCrts as $rootCrt) { |
||
| 256 | $crl->loadCA($rootCrt); |
||
| 257 | } |
||
| 258 | $crl->loadCRL(file_get_contents(__DIR__ . '/../../resources/codesigning/root.crl')); |
||
| 259 | if ($crl->validateSignature() !== true) { |
||
| 260 | throw new \Exception('Could not validate CRL signature'); |
||
| 261 | } |
||
| 262 | $csn = $loadedCertificate['tbsCertificate']['serialNumber']->toString(); |
||
| 263 | $revoked = $crl->getRevoked($csn); |
||
| 264 | if ($revoked !== false) { |
||
| 265 | throw new \Exception( |
||
| 266 | sprintf( |
||
| 267 | 'Certificate "%s" has been revoked', |
||
| 268 | $csn |
||
| 269 | ) |
||
| 270 | ); |
||
| 271 | } |
||
| 272 | |||
| 273 | // Verify if the certificate has been issued by the Nextcloud Code Authority CA |
||
| 274 | if ($certificate->validateSignature() !== true) { |
||
| 275 | throw new \Exception( |
||
| 276 | sprintf( |
||
| 277 | 'App with id %s has a certificate not issued by a trusted Code Signing Authority', |
||
| 278 | $appId |
||
| 279 | ) |
||
| 280 | ); |
||
| 281 | } |
||
| 282 | |||
| 283 | // Verify if the certificate is issued for the requested app id |
||
| 284 | $certInfo = openssl_x509_parse($app['certificate']); |
||
| 285 | if (!isset($certInfo['subject']['CN'])) { |
||
| 286 | throw new \Exception( |
||
| 287 | sprintf( |
||
| 288 | 'App with id %s has a cert with no CN', |
||
| 289 | $appId |
||
| 290 | ) |
||
| 291 | ); |
||
| 292 | } |
||
| 293 | if ($certInfo['subject']['CN'] !== $appId) { |
||
| 294 | throw new \Exception( |
||
| 295 | sprintf( |
||
| 296 | 'App with id %s has a cert issued to %s', |
||
| 297 | $appId, |
||
| 298 | $certInfo['subject']['CN'] |
||
| 299 | ) |
||
| 300 | ); |
||
| 301 | } |
||
| 302 | |||
| 303 | // Download the release |
||
| 304 | $tempFile = $this->tempManager->getTemporaryFile('.tar.gz'); |
||
| 305 | $timeout = $this->isCLI ? 0 : 120; |
||
| 306 | $client = $this->clientService->newClient(); |
||
| 307 | $client->get($app['releases'][0]['download'], ['sink' => $tempFile, 'timeout' => $timeout]); |
||
| 308 | |||
| 309 | // Check if the signature actually matches the downloaded content |
||
| 310 | $certificate = openssl_get_publickey($app['certificate']); |
||
| 311 | $verified = (bool)openssl_verify(file_get_contents($tempFile), base64_decode($app['releases'][0]['signature']), $certificate, OPENSSL_ALGO_SHA512); |
||
| 312 | openssl_free_key($certificate); |
||
| 313 | |||
| 314 | if ($verified === true) { |
||
| 315 | // Seems to match, let's proceed |
||
| 316 | $extractDir = $this->tempManager->getTemporaryFolder(); |
||
| 317 | $archive = new TAR($tempFile); |
||
| 318 | |||
| 319 | if ($archive) { |
||
| 320 | if (!$archive->extract($extractDir)) { |
||
| 321 | $errorMessage = 'Could not extract app ' . $appId; |
||
| 322 | |||
| 323 | $archiveError = $archive->getError(); |
||
| 324 | if ($archiveError instanceof \PEAR_Error) { |
||
| 325 | $errorMessage .= ': ' . $archiveError->getMessage(); |
||
| 326 | } |
||
| 327 | |||
| 328 | throw new \Exception($errorMessage); |
||
| 329 | } |
||
| 330 | $allFiles = scandir($extractDir); |
||
| 331 | $folders = array_diff($allFiles, ['.', '..']); |
||
| 332 | $folders = array_values($folders); |
||
| 333 | |||
| 334 | if (count($folders) > 1) { |
||
| 335 | throw new \Exception( |
||
| 336 | sprintf( |
||
| 337 | 'Extracted app %s has more than 1 folder', |
||
| 338 | $appId |
||
| 339 | ) |
||
| 340 | ); |
||
| 341 | } |
||
| 342 | |||
| 343 | // Check if appinfo/info.xml has the same app ID as well |
||
| 344 | $loadEntities = libxml_disable_entity_loader(false); |
||
| 345 | $xml = simplexml_load_file($extractDir . '/' . $folders[0] . '/appinfo/info.xml'); |
||
| 346 | libxml_disable_entity_loader($loadEntities); |
||
| 347 | if ((string)$xml->id !== $appId) { |
||
| 348 | throw new \Exception( |
||
| 349 | sprintf( |
||
| 350 | 'App for id %s has a wrong app ID in info.xml: %s', |
||
| 351 | $appId, |
||
| 352 | (string)$xml->id |
||
| 353 | ) |
||
| 354 | ); |
||
| 355 | } |
||
| 356 | |||
| 357 | // Check if the version is lower than before |
||
| 358 | $currentVersion = OC_App::getAppVersion($appId); |
||
| 359 | $newVersion = (string)$xml->version; |
||
| 360 | if (version_compare($currentVersion, $newVersion) === 1) { |
||
| 361 | throw new \Exception( |
||
| 362 | sprintf( |
||
| 363 | 'App for id %s has version %s and tried to update to lower version %s', |
||
| 364 | $appId, |
||
| 365 | $currentVersion, |
||
| 366 | $newVersion |
||
| 367 | ) |
||
| 368 | ); |
||
| 369 | } |
||
| 370 | |||
| 371 | $baseDir = OC_App::getInstallPath() . '/' . $appId; |
||
| 372 | // Remove old app with the ID if existent |
||
| 373 | OC_Helper::rmdirr($baseDir); |
||
| 374 | // Move to app folder |
||
| 375 | if (@mkdir($baseDir)) { |
||
| 376 | $extractDir .= '/' . $folders[0]; |
||
| 377 | OC_Helper::copyr($extractDir, $baseDir); |
||
| 378 | } |
||
| 379 | OC_Helper::copyr($extractDir, $baseDir); |
||
| 380 | OC_Helper::rmdirr($extractDir); |
||
| 381 | return; |
||
| 382 | } else { |
||
| 383 | throw new \Exception( |
||
| 384 | sprintf( |
||
| 385 | 'Could not extract app with ID %s to %s', |
||
| 386 | $appId, |
||
| 387 | $extractDir |
||
| 388 | ) |
||
| 389 | ); |
||
| 390 | } |
||
| 391 | } else { |
||
| 392 | // Signature does not match |
||
| 393 | throw new \Exception( |
||
| 394 | sprintf( |
||
| 395 | 'App with id %s has invalid signature', |
||
| 396 | $appId |
||
| 397 | ) |
||
| 398 | ); |
||
| 399 | } |
||
| 400 | } |
||
| 401 | } |
||
| 402 | |||
| 403 | throw new \Exception( |
||
| 404 | sprintf( |
||
| 405 | 'Could not download app %s', |
||
| 406 | $appId |
||
| 407 | ) |
||
| 408 | ); |
||
| 409 | } |
||
| 410 | |||
| 411 | /** |
||
| 412 | * Check if an update for the app is available |
||
| 413 | * |
||
| 414 | * @param string $appId |
||
| 415 | * @param bool $allowUnstable |
||
| 416 | * @return string|false false or the version number of the update |
||
| 417 | */ |
||
| 418 | public function isUpdateAvailable($appId, $allowUnstable = false) { |
||
| 419 | if ($this->isInstanceReadyForUpdates === null) { |
||
| 420 | $installPath = OC_App::getInstallPath(); |
||
| 421 | if ($installPath === false || $installPath === null) { |
||
| 422 | $this->isInstanceReadyForUpdates = false; |
||
| 423 | } else { |
||
| 424 | $this->isInstanceReadyForUpdates = true; |
||
| 425 | } |
||
| 426 | } |
||
| 427 | |||
| 428 | if ($this->isInstanceReadyForUpdates === false) { |
||
| 429 | return false; |
||
| 430 | } |
||
| 431 | |||
| 432 | if ($this->isInstalledFromGit($appId) === true) { |
||
| 433 | return false; |
||
| 434 | } |
||
| 435 | |||
| 436 | if ($this->apps === null) { |
||
| 437 | $this->apps = $this->appFetcher->get($allowUnstable); |
||
| 438 | } |
||
| 439 | |||
| 440 | foreach ($this->apps as $app) { |
||
| 441 | if ($app['id'] === $appId) { |
||
| 442 | $currentVersion = OC_App::getAppVersion($appId); |
||
| 443 | |||
| 444 | if (!isset($app['releases'][0]['version'])) { |
||
| 445 | return false; |
||
| 446 | } |
||
| 447 | $newestVersion = $app['releases'][0]['version']; |
||
| 448 | if ($currentVersion !== '0' && version_compare($newestVersion, $currentVersion, '>')) { |
||
| 449 | return $newestVersion; |
||
| 450 | } else { |
||
| 451 | return false; |
||
| 452 | } |
||
| 453 | } |
||
| 454 | } |
||
| 455 | |||
| 456 | return false; |
||
| 457 | } |
||
| 458 | |||
| 459 | /** |
||
| 460 | * Check if app has been installed from git |
||
| 461 | * @param string $name name of the application to remove |
||
| 462 | * @return boolean |
||
| 463 | * |
||
| 464 | * The function will check if the path contains a .git folder |
||
| 465 | */ |
||
| 466 | private function isInstalledFromGit($appId) { |
||
| 467 | $app = \OC_App::findAppInDirectories($appId); |
||
| 468 | if ($app === false) { |
||
| 469 | return false; |
||
| 470 | } |
||
| 471 | $basedir = $app['path'].'/'.$appId; |
||
| 472 | return file_exists($basedir.'/.git/'); |
||
| 473 | } |
||
| 474 | |||
| 475 | /** |
||
| 476 | * Check if app is already downloaded |
||
| 477 | * @param string $name name of the application to remove |
||
| 478 | * @return boolean |
||
| 479 | * |
||
| 480 | * The function will check if the app is already downloaded in the apps repository |
||
| 481 | */ |
||
| 482 | public function isDownloaded($name) { |
||
| 495 | } |
||
| 496 | |||
| 497 | /** |
||
| 498 | * Removes an app |
||
| 499 | * @param string $appId ID of the application to remove |
||
| 500 | * @return boolean |
||
| 501 | * |
||
| 502 | * |
||
| 503 | * This function works as follows |
||
| 504 | * -# call uninstall repair steps |
||
| 505 | * -# removing the files |
||
| 506 | * |
||
| 507 | * The function will not delete preferences, tables and the configuration, |
||
| 508 | * this has to be done by the function oc_app_uninstall(). |
||
| 509 | */ |
||
| 510 | public function removeApp($appId) { |
||
| 511 | if ($this->isDownloaded($appId)) { |
||
| 512 | if (\OC::$server->getAppManager()->isShipped($appId)) { |
||
| 513 | return false; |
||
| 514 | } |
||
| 515 | $appDir = OC_App::getInstallPath() . '/' . $appId; |
||
| 516 | OC_Helper::rmdirr($appDir); |
||
| 517 | return true; |
||
| 518 | } else { |
||
| 519 | \OCP\Util::writeLog('core', 'can\'t remove app '.$appId.'. It is not installed.', ILogger::ERROR); |
||
| 520 | |||
| 521 | return false; |
||
| 522 | } |
||
| 523 | } |
||
| 524 | |||
| 525 | /** |
||
| 526 | * Installs the app within the bundle and marks the bundle as installed |
||
| 527 | * |
||
| 528 | * @param Bundle $bundle |
||
| 529 | * @throws \Exception If app could not get installed |
||
| 530 | */ |
||
| 531 | public function installAppBundle(Bundle $bundle) { |
||
| 532 | $appIds = $bundle->getAppIdentifiers(); |
||
| 533 | foreach ($appIds as $appId) { |
||
| 534 | if (!$this->isDownloaded($appId)) { |
||
| 535 | $this->downloadApp($appId); |
||
| 536 | } |
||
| 537 | $this->installApp($appId); |
||
| 538 | $app = new OC_App(); |
||
| 539 | $app->enable($appId); |
||
| 540 | } |
||
| 541 | $bundles = json_decode($this->config->getAppValue('core', 'installed.bundles', json_encode([])), true); |
||
| 542 | $bundles[] = $bundle->getIdentifier(); |
||
| 543 | $this->config->setAppValue('core', 'installed.bundles', json_encode($bundles)); |
||
| 544 | } |
||
| 545 | |||
| 546 | /** |
||
| 547 | * Installs shipped apps |
||
| 548 | * |
||
| 549 | * This function installs all apps found in the 'apps' directory that should be enabled by default; |
||
| 550 | * @param bool $softErrors When updating we ignore errors and simply log them, better to have a |
||
| 551 | * working ownCloud at the end instead of an aborted update. |
||
| 552 | * @return array Array of error messages (appid => Exception) |
||
| 553 | */ |
||
| 554 | public static function installShippedApps($softErrors = false) { |
||
| 555 | $appManager = \OC::$server->getAppManager(); |
||
| 556 | $config = \OC::$server->getConfig(); |
||
| 557 | $errors = []; |
||
| 558 | foreach (\OC::$APPSROOTS as $app_dir) { |
||
| 559 | if ($dir = opendir($app_dir['path'])) { |
||
| 560 | while (false !== ($filename = readdir($dir))) { |
||
| 561 | if ($filename[0] !== '.' and is_dir($app_dir['path']."/$filename")) { |
||
| 562 | if (file_exists($app_dir['path']."/$filename/appinfo/info.xml")) { |
||
| 563 | if ($config->getAppValue($filename, "installed_version", null) === null) { |
||
| 564 | $info = OC_App::getAppInfo($filename); |
||
| 565 | $enabled = isset($info['default_enable']); |
||
| 566 | if (($enabled || in_array($filename, $appManager->getAlwaysEnabledApps())) |
||
| 567 | && $config->getAppValue($filename, 'enabled') !== 'no') { |
||
| 568 | if ($softErrors) { |
||
| 569 | try { |
||
| 570 | Installer::installShippedApp($filename); |
||
| 571 | } catch (HintException $e) { |
||
| 572 | if ($e->getPrevious() instanceof TableExistsException) { |
||
| 573 | $errors[$filename] = $e; |
||
| 574 | continue; |
||
| 575 | } |
||
| 576 | throw $e; |
||
| 577 | } |
||
| 578 | } else { |
||
| 579 | Installer::installShippedApp($filename); |
||
| 580 | } |
||
| 581 | $config->setAppValue($filename, 'enabled', 'yes'); |
||
| 582 | } |
||
| 583 | } |
||
| 584 | } |
||
| 585 | } |
||
| 586 | } |
||
| 587 | closedir($dir); |
||
| 588 | } |
||
| 589 | } |
||
| 590 | |||
| 591 | return $errors; |
||
| 592 | } |
||
| 593 | |||
| 594 | /** |
||
| 595 | * install an app already placed in the app folder |
||
| 596 | * @param string $app id of the app to install |
||
| 597 | * @return integer |
||
| 598 | */ |
||
| 599 | public static function installShippedApp($app) { |
||
| 600 | //install the database |
||
| 601 | $appPath = OC_App::getAppPath($app); |
||
| 602 | \OC_App::registerAutoloading($app, $appPath); |
||
| 603 | |||
| 604 | if (is_file("$appPath/appinfo/database.xml")) { |
||
| 605 | try { |
||
| 606 | OC_DB::createDbFromStructure("$appPath/appinfo/database.xml"); |
||
| 607 | } catch (TableExistsException $e) { |
||
| 608 | throw new HintException( |
||
| 609 | 'Failed to enable app ' . $app, |
||
| 610 | 'Please ask for help via one of our <a href="https://nextcloud.com/support/" target="_blank" rel="noreferrer noopener">support channels</a>.', |
||
| 611 | 0, $e |
||
| 612 | ); |
||
| 613 | } |
||
| 614 | } else { |
||
| 615 | $ms = new \OC\DB\MigrationService($app, \OC::$server->get(Connection::class)); |
||
| 616 | $ms->migrate('latest', true); |
||
| 617 | } |
||
| 618 | |||
| 619 | //run appinfo/install.php |
||
| 620 | self::includeAppScript("$appPath/appinfo/install.php"); |
||
| 621 | |||
| 622 | $info = OC_App::getAppInfo($app); |
||
| 623 | if (is_null($info)) { |
||
| 624 | return false; |
||
| 625 | } |
||
| 626 | \OC_App::setupBackgroundJobs($info['background-jobs']); |
||
| 627 | |||
| 628 | OC_App::executeRepairSteps($app, $info['repair-steps']['install']); |
||
| 629 | |||
| 630 | $config = \OC::$server->getConfig(); |
||
| 631 | |||
| 632 | $config->setAppValue($app, 'installed_version', OC_App::getAppVersion($app)); |
||
| 633 | if (array_key_exists('ocsid', $info)) { |
||
| 634 | $config->setAppValue($app, 'ocsid', $info['ocsid']); |
||
| 635 | } |
||
| 636 | |||
| 637 | //set remote/public handlers |
||
| 638 | foreach ($info['remote'] as $name => $path) { |
||
| 639 | $config->setAppValue('core', 'remote_'.$name, $app.'/'.$path); |
||
| 640 | } |
||
| 641 | foreach ($info['public'] as $name => $path) { |
||
| 642 | $config->setAppValue('core', 'public_'.$name, $app.'/'.$path); |
||
| 643 | } |
||
| 644 | |||
| 645 | OC_App::setAppTypes($info['id']); |
||
| 646 | |||
| 647 | return $info['id']; |
||
| 648 | } |
||
| 649 | |||
| 650 | /** |
||
| 651 | * @param string $script |
||
| 652 | */ |
||
| 653 | private static function includeAppScript($script) { |
||
| 656 | } |
||
| 657 | } |
||
| 658 | } |
||
| 659 |
Loading history...
