nextcloud /
server
@@ -50,7 +50,7 @@ |
||
| 50 | 50 | ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
| 51 | 51 | ]) |
| 52 | 52 | ->addAuthScheme(AuthMechanism::SCHEME_OPENSTACK) |
| 53 | - ->setLegacyAuthMechanismCallback(function (array $params) use ($openstackAuth, $rackspaceAuth) { |
|
| 53 | + ->setLegacyAuthMechanismCallback(function(array $params) use ($openstackAuth, $rackspaceAuth) { |
|
| 54 | 54 | if (isset($params['options']['key']) && $params['options']['key']) { |
| 55 | 55 | return $rackspaceAuth; |
| 56 | 56 | } |
@@ -33,29 +33,29 @@ |
||
| 33 | 33 | use OCP\IL10N; |
| 34 | 34 | |
| 35 | 35 | class Swift extends Backend { |
| 36 | - use LegacyDependencyCheckPolyfill; |
|
| 36 | + use LegacyDependencyCheckPolyfill; |
|
| 37 | 37 | |
| 38 | - public function __construct(IL10N $l, OpenStackV2 $openstackAuth, Rackspace $rackspaceAuth) { |
|
| 39 | - $this |
|
| 40 | - ->setIdentifier('swift') |
|
| 41 | - ->addIdentifierAlias('\OC\Files\Storage\Swift') // legacy compat |
|
| 42 | - ->setStorageClass('\OCA\Files_External\Lib\Storage\Swift') |
|
| 43 | - ->setText($l->t('OpenStack Object Storage')) |
|
| 44 | - ->addParameters([ |
|
| 45 | - (new DefinitionParameter('service_name', $l->t('Service name'))) |
|
| 46 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 47 | - new DefinitionParameter('region', $l->t('Region')), |
|
| 48 | - new DefinitionParameter('bucket', $l->t('Bucket')), |
|
| 49 | - (new DefinitionParameter('timeout', $l->t('Request timeout (seconds)'))) |
|
| 50 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 51 | - ]) |
|
| 52 | - ->addAuthScheme(AuthMechanism::SCHEME_OPENSTACK) |
|
| 53 | - ->setLegacyAuthMechanismCallback(function (array $params) use ($openstackAuth, $rackspaceAuth) { |
|
| 54 | - if (isset($params['options']['key']) && $params['options']['key']) { |
|
| 55 | - return $rackspaceAuth; |
|
| 56 | - } |
|
| 57 | - return $openstackAuth; |
|
| 58 | - }) |
|
| 59 | - ; |
|
| 60 | - } |
|
| 38 | + public function __construct(IL10N $l, OpenStackV2 $openstackAuth, Rackspace $rackspaceAuth) { |
|
| 39 | + $this |
|
| 40 | + ->setIdentifier('swift') |
|
| 41 | + ->addIdentifierAlias('\OC\Files\Storage\Swift') // legacy compat |
|
| 42 | + ->setStorageClass('\OCA\Files_External\Lib\Storage\Swift') |
|
| 43 | + ->setText($l->t('OpenStack Object Storage')) |
|
| 44 | + ->addParameters([ |
|
| 45 | + (new DefinitionParameter('service_name', $l->t('Service name'))) |
|
| 46 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 47 | + new DefinitionParameter('region', $l->t('Region')), |
|
| 48 | + new DefinitionParameter('bucket', $l->t('Bucket')), |
|
| 49 | + (new DefinitionParameter('timeout', $l->t('Request timeout (seconds)'))) |
|
| 50 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 51 | + ]) |
|
| 52 | + ->addAuthScheme(AuthMechanism::SCHEME_OPENSTACK) |
|
| 53 | + ->setLegacyAuthMechanismCallback(function (array $params) use ($openstackAuth, $rackspaceAuth) { |
|
| 54 | + if (isset($params['options']['key']) && $params['options']['key']) { |
|
| 55 | + return $rackspaceAuth; |
|
| 56 | + } |
|
| 57 | + return $openstackAuth; |
|
| 58 | + }) |
|
| 59 | + ; |
|
| 60 | + } |
|
| 61 | 61 | } |
@@ -36,101 +36,101 @@ |
||
| 36 | 36 | */ |
| 37 | 37 | trait VisibilityTrait { |
| 38 | 38 | |
| 39 | - /** @var int visibility */ |
|
| 40 | - protected $visibility = BackendService::VISIBILITY_DEFAULT; |
|
| 39 | + /** @var int visibility */ |
|
| 40 | + protected $visibility = BackendService::VISIBILITY_DEFAULT; |
|
| 41 | 41 | |
| 42 | - /** @var int allowed visibilities */ |
|
| 43 | - protected $allowedVisibility = BackendService::VISIBILITY_DEFAULT; |
|
| 42 | + /** @var int allowed visibilities */ |
|
| 43 | + protected $allowedVisibility = BackendService::VISIBILITY_DEFAULT; |
|
| 44 | 44 | |
| 45 | - /** |
|
| 46 | - * @return int |
|
| 47 | - */ |
|
| 48 | - public function getVisibility() { |
|
| 49 | - return $this->visibility; |
|
| 50 | - } |
|
| 45 | + /** |
|
| 46 | + * @return int |
|
| 47 | + */ |
|
| 48 | + public function getVisibility() { |
|
| 49 | + return $this->visibility; |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - /** |
|
| 53 | - * Check if the backend is visible for a user type |
|
| 54 | - * |
|
| 55 | - * @param int $visibility |
|
| 56 | - * @return bool |
|
| 57 | - */ |
|
| 58 | - public function isVisibleFor($visibility) { |
|
| 59 | - if ($this->visibility & $visibility) { |
|
| 60 | - return true; |
|
| 61 | - } |
|
| 62 | - return false; |
|
| 63 | - } |
|
| 52 | + /** |
|
| 53 | + * Check if the backend is visible for a user type |
|
| 54 | + * |
|
| 55 | + * @param int $visibility |
|
| 56 | + * @return bool |
|
| 57 | + */ |
|
| 58 | + public function isVisibleFor($visibility) { |
|
| 59 | + if ($this->visibility & $visibility) { |
|
| 60 | + return true; |
|
| 61 | + } |
|
| 62 | + return false; |
|
| 63 | + } |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * @param int $visibility |
|
| 67 | - * @return self |
|
| 68 | - */ |
|
| 69 | - public function setVisibility($visibility) { |
|
| 70 | - $this->visibility = $visibility; |
|
| 71 | - $this->allowedVisibility |= $visibility; |
|
| 72 | - return $this; |
|
| 73 | - } |
|
| 65 | + /** |
|
| 66 | + * @param int $visibility |
|
| 67 | + * @return self |
|
| 68 | + */ |
|
| 69 | + public function setVisibility($visibility) { |
|
| 70 | + $this->visibility = $visibility; |
|
| 71 | + $this->allowedVisibility |= $visibility; |
|
| 72 | + return $this; |
|
| 73 | + } |
|
| 74 | 74 | |
| 75 | - /** |
|
| 76 | - * @param int $visibility |
|
| 77 | - * @return self |
|
| 78 | - */ |
|
| 79 | - public function addVisibility($visibility) { |
|
| 80 | - return $this->setVisibility($this->visibility | $visibility); |
|
| 81 | - } |
|
| 75 | + /** |
|
| 76 | + * @param int $visibility |
|
| 77 | + * @return self |
|
| 78 | + */ |
|
| 79 | + public function addVisibility($visibility) { |
|
| 80 | + return $this->setVisibility($this->visibility | $visibility); |
|
| 81 | + } |
|
| 82 | 82 | |
| 83 | - /** |
|
| 84 | - * @param int $visibility |
|
| 85 | - * @return self |
|
| 86 | - */ |
|
| 87 | - public function removeVisibility($visibility) { |
|
| 88 | - return $this->setVisibility($this->visibility & ~$visibility); |
|
| 89 | - } |
|
| 83 | + /** |
|
| 84 | + * @param int $visibility |
|
| 85 | + * @return self |
|
| 86 | + */ |
|
| 87 | + public function removeVisibility($visibility) { |
|
| 88 | + return $this->setVisibility($this->visibility & ~$visibility); |
|
| 89 | + } |
|
| 90 | 90 | |
| 91 | - /** |
|
| 92 | - * @return int |
|
| 93 | - */ |
|
| 94 | - public function getAllowedVisibility() { |
|
| 95 | - return $this->allowedVisibility; |
|
| 96 | - } |
|
| 91 | + /** |
|
| 92 | + * @return int |
|
| 93 | + */ |
|
| 94 | + public function getAllowedVisibility() { |
|
| 95 | + return $this->allowedVisibility; |
|
| 96 | + } |
|
| 97 | 97 | |
| 98 | - /** |
|
| 99 | - * Check if the backend is allowed to be visible for a user type |
|
| 100 | - * |
|
| 101 | - * @param int $allowedVisibility |
|
| 102 | - * @return bool |
|
| 103 | - */ |
|
| 104 | - public function isAllowedVisibleFor($allowedVisibility) { |
|
| 105 | - if ($this->allowedVisibility & $allowedVisibility) { |
|
| 106 | - return true; |
|
| 107 | - } |
|
| 108 | - return false; |
|
| 109 | - } |
|
| 98 | + /** |
|
| 99 | + * Check if the backend is allowed to be visible for a user type |
|
| 100 | + * |
|
| 101 | + * @param int $allowedVisibility |
|
| 102 | + * @return bool |
|
| 103 | + */ |
|
| 104 | + public function isAllowedVisibleFor($allowedVisibility) { |
|
| 105 | + if ($this->allowedVisibility & $allowedVisibility) { |
|
| 106 | + return true; |
|
| 107 | + } |
|
| 108 | + return false; |
|
| 109 | + } |
|
| 110 | 110 | |
| 111 | - /** |
|
| 112 | - * @param int $allowedVisibility |
|
| 113 | - * @return self |
|
| 114 | - */ |
|
| 115 | - public function setAllowedVisibility($allowedVisibility) { |
|
| 116 | - $this->allowedVisibility = $allowedVisibility; |
|
| 117 | - $this->visibility &= $allowedVisibility; |
|
| 118 | - return $this; |
|
| 119 | - } |
|
| 111 | + /** |
|
| 112 | + * @param int $allowedVisibility |
|
| 113 | + * @return self |
|
| 114 | + */ |
|
| 115 | + public function setAllowedVisibility($allowedVisibility) { |
|
| 116 | + $this->allowedVisibility = $allowedVisibility; |
|
| 117 | + $this->visibility &= $allowedVisibility; |
|
| 118 | + return $this; |
|
| 119 | + } |
|
| 120 | 120 | |
| 121 | - /** |
|
| 122 | - * @param int $allowedVisibility |
|
| 123 | - * @return self |
|
| 124 | - */ |
|
| 125 | - public function addAllowedVisibility($allowedVisibility) { |
|
| 126 | - return $this->setAllowedVisibility($this->allowedVisibility | $allowedVisibility); |
|
| 127 | - } |
|
| 121 | + /** |
|
| 122 | + * @param int $allowedVisibility |
|
| 123 | + * @return self |
|
| 124 | + */ |
|
| 125 | + public function addAllowedVisibility($allowedVisibility) { |
|
| 126 | + return $this->setAllowedVisibility($this->allowedVisibility | $allowedVisibility); |
|
| 127 | + } |
|
| 128 | 128 | |
| 129 | - /** |
|
| 130 | - * @param int $allowedVisibility |
|
| 131 | - * @return self |
|
| 132 | - */ |
|
| 133 | - public function removeAllowedVisibility($allowedVisibility) { |
|
| 134 | - return $this->setAllowedVisibility($this->allowedVisibility & ~$allowedVisibility); |
|
| 135 | - } |
|
| 129 | + /** |
|
| 130 | + * @param int $allowedVisibility |
|
| 131 | + * @return self |
|
| 132 | + */ |
|
| 133 | + public function removeAllowedVisibility($allowedVisibility) { |
|
| 134 | + return $this->setAllowedVisibility($this->allowedVisibility & ~$allowedVisibility); |
|
| 135 | + } |
|
| 136 | 136 | } |
@@ -28,11 +28,11 @@ |
||
| 28 | 28 | * Builtin authentication mechanism, for legacy backends |
| 29 | 29 | */ |
| 30 | 30 | class Builtin extends AuthMechanism { |
| 31 | - public function __construct(IL10N $l) { |
|
| 32 | - $this |
|
| 33 | - ->setIdentifier('builtin::builtin') |
|
| 34 | - ->setScheme(self::SCHEME_BUILTIN) |
|
| 35 | - ->setText($l->t('Builtin')) |
|
| 36 | - ; |
|
| 37 | - } |
|
| 31 | + public function __construct(IL10N $l) { |
|
| 32 | + $this |
|
| 33 | + ->setIdentifier('builtin::builtin') |
|
| 34 | + ->setScheme(self::SCHEME_BUILTIN) |
|
| 35 | + ->setText($l->t('Builtin')) |
|
| 36 | + ; |
|
| 37 | + } |
|
| 38 | 38 | } |
@@ -28,11 +28,11 @@ |
||
| 28 | 28 | * Null authentication mechanism |
| 29 | 29 | */ |
| 30 | 30 | class NullMechanism extends AuthMechanism { |
| 31 | - public function __construct(IL10N $l) { |
|
| 32 | - $this |
|
| 33 | - ->setIdentifier('null::null') |
|
| 34 | - ->setScheme(self::SCHEME_NULL) |
|
| 35 | - ->setText($l->t('None')) |
|
| 36 | - ; |
|
| 37 | - } |
|
| 31 | + public function __construct(IL10N $l) { |
|
| 32 | + $this |
|
| 33 | + ->setIdentifier('null::null') |
|
| 34 | + ->setScheme(self::SCHEME_NULL) |
|
| 35 | + ->setText($l->t('None')) |
|
| 36 | + ; |
|
| 37 | + } |
|
| 38 | 38 | } |
@@ -41,48 +41,48 @@ |
||
| 41 | 41 | $is_optional = $parameter->isFlagSet(DefinitionParameter::FLAG_OPTIONAL); |
| 42 | 42 | |
| 43 | 43 | switch ($parameter->getType()) { |
| 44 | - case DefinitionParameter::VALUE_PASSWORD: ?> |
|
| 45 | - <?php if ($is_optional) { |
|
| 46 | - $classes[] = 'optional'; |
|
| 47 | - } ?> |
|
| 48 | - <input type="password" |
|
| 44 | + case DefinitionParameter::VALUE_PASSWORD: ?> |
|
| 45 | + <?php if ($is_optional) { |
|
| 46 | + $classes[] = 'optional'; |
|
| 47 | + } ?> |
|
| 48 | + <input type="password" |
|
| 49 | 49 | <?php if (!empty($classes)): ?> class="<?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 50 | - data-parameter="<?php p($parameter->getName()); ?>" |
|
| 50 | + data-parameter="<?php p($parameter->getName()); ?>" |
|
| 51 | 51 | value="<?php p($value); ?>" |
| 52 | 52 | placeholder="<?php p($placeholder); ?>" |
| 53 | 53 | /> |
| 54 | 54 | <?php |
| 55 | - break; |
|
| 56 | - case DefinitionParameter::VALUE_BOOLEAN: ?> |
|
| 57 | - <?php $checkboxId = uniqid("checkbox_"); ?> |
|
| 55 | + break; |
|
| 56 | + case DefinitionParameter::VALUE_BOOLEAN: ?> |
|
| 57 | + <?php $checkboxId = uniqid("checkbox_"); ?> |
|
| 58 | 58 | <div> |
| 59 | 59 | <label> |
| 60 | 60 | <input type="checkbox" |
| 61 | 61 | id="<?php p($checkboxId); ?>" |
| 62 | 62 | <?php if (!empty($classes)): ?> class="checkbox <?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 63 | - data-parameter="<?php p($parameter->getName()); ?>" |
|
| 63 | + data-parameter="<?php p($parameter->getName()); ?>" |
|
| 64 | 64 | <?php if ($value === true): ?> checked="checked"<?php endif; ?> |
| 65 | - /> |
|
| 65 | + /> |
|
| 66 | 66 | <?php p($placeholder); ?> |
| 67 | 67 | </label> |
| 68 | 68 | </div> |
| 69 | 69 | <?php |
| 70 | - break; |
|
| 71 | - case DefinitionParameter::VALUE_HIDDEN: ?> |
|
| 72 | - <input type="hidden" |
|
| 70 | + break; |
|
| 71 | + case DefinitionParameter::VALUE_HIDDEN: ?> |
|
| 72 | + <input type="hidden" |
|
| 73 | 73 | <?php if (!empty($classes)): ?> class="<?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 74 | - data-parameter="<?php p($parameter->getName()); ?>" |
|
| 74 | + data-parameter="<?php p($parameter->getName()); ?>" |
|
| 75 | 75 | value="<?php p($value); ?>" |
| 76 | 76 | /> |
| 77 | 77 | <?php |
| 78 | - break; |
|
| 79 | - default: ?> |
|
| 80 | - <?php if ($is_optional) { |
|
| 81 | - $classes[] = 'optional'; |
|
| 82 | - } ?> |
|
| 83 | - <input type="text" |
|
| 78 | + break; |
|
| 79 | + default: ?> |
|
| 80 | + <?php if ($is_optional) { |
|
| 81 | + $classes[] = 'optional'; |
|
| 82 | + } ?> |
|
| 83 | + <input type="text" |
|
| 84 | 84 | <?php if (!empty($classes)): ?> class="<?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 85 | - data-parameter="<?php p($parameter->getName()); ?>" |
|
| 85 | + data-parameter="<?php p($parameter->getName()); ?>" |
|
| 86 | 86 | value="<?php p($value); ?>" |
| 87 | 87 | placeholder="<?php p($placeholder); ?>" |
| 88 | 88 | /> |
@@ -194,8 +194,11 @@ |
||
| 194 | 194 | <?php $i = 0; foreach ($userBackends as $backend): ?> |
| 195 | 195 | <?php if ($deprecateTo = $backend->getDeprecateTo()): ?> |
| 196 | 196 | <input type="hidden" id="allowUserMountingBackends<?php p($i); ?>" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" data-deprecate-to="<?php p($deprecateTo->getIdentifier()); ?>" /> |
| 197 | - <?php else: ?> |
|
| 198 | - <input type="checkbox" id="allowUserMountingBackends<?php p($i); ?>" class="checkbox" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" <?php if ($backend->isVisibleFor(BackendService::VISIBILITY_PERSONAL)) { |
|
| 197 | + <?php else { |
|
| 198 | + : ?> |
|
| 199 | + <input type="checkbox" id="allowUserMountingBackends<?php p($i); |
|
| 200 | +} |
|
| 201 | +?>" class="checkbox" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" <?php if ($backend->isVisibleFor(BackendService::VISIBILITY_PERSONAL)) { |
|
| 199 | 202 | print_unescaped(' checked="checked"'); |
| 200 | 203 | } ?> /> |
| 201 | 204 | <label for="allowUserMountingBackends<?php p($i); ?>"><?php p($backend->getText()); ?></label> <br /> |
@@ -1,54 +1,54 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | - use \OCA\Files_External\Lib\Backend\Backend; |
|
| 2 | + use \OCA\Files_External\Lib\Backend\Backend; |
|
| 3 | 3 | use \OCA\Files_External\Lib\Auth\AuthMechanism; |
| 4 | 4 | use \OCA\Files_External\Lib\DefinitionParameter; |
| 5 | 5 | use \OCA\Files_External\Service\BackendService; |
| 6 | 6 | |
| 7 | 7 | $canCreateMounts = $_['visibilityType'] === BackendService::VISIBILITY_ADMIN || $_['allowUserMounting']; |
| 8 | 8 | |
| 9 | - $l->t("Enable encryption"); |
|
| 10 | - $l->t("Enable previews"); |
|
| 11 | - $l->t("Enable sharing"); |
|
| 12 | - $l->t("Check for changes"); |
|
| 13 | - $l->t("Never"); |
|
| 14 | - $l->t("Once every direct access"); |
|
| 15 | - $l->t('Read only'); |
|
| 9 | + $l->t("Enable encryption"); |
|
| 10 | + $l->t("Enable previews"); |
|
| 11 | + $l->t("Enable sharing"); |
|
| 12 | + $l->t("Check for changes"); |
|
| 13 | + $l->t("Never"); |
|
| 14 | + $l->t("Once every direct access"); |
|
| 15 | + $l->t('Read only'); |
|
| 16 | 16 | |
| 17 | - script('files_external', [ |
|
| 18 | - 'settings', |
|
| 19 | - 'templates' |
|
| 20 | - ]); |
|
| 21 | - style('files_external', 'settings'); |
|
| 17 | + script('files_external', [ |
|
| 18 | + 'settings', |
|
| 19 | + 'templates' |
|
| 20 | + ]); |
|
| 21 | + style('files_external', 'settings'); |
|
| 22 | 22 | |
| 23 | - // load custom JS |
|
| 24 | - foreach ($_['backends'] as $backend) { |
|
| 25 | - /** @var Backend $backend */ |
|
| 26 | - $scripts = $backend->getCustomJs(); |
|
| 27 | - foreach ($scripts as $script) { |
|
| 28 | - script('files_external', $script); |
|
| 29 | - } |
|
| 30 | - } |
|
| 31 | - foreach ($_['authMechanisms'] as $authMechanism) { |
|
| 32 | - /** @var AuthMechanism $authMechanism */ |
|
| 33 | - $scripts = $authMechanism->getCustomJs(); |
|
| 34 | - foreach ($scripts as $script) { |
|
| 35 | - script('files_external', $script); |
|
| 36 | - } |
|
| 37 | - } |
|
| 23 | + // load custom JS |
|
| 24 | + foreach ($_['backends'] as $backend) { |
|
| 25 | + /** @var Backend $backend */ |
|
| 26 | + $scripts = $backend->getCustomJs(); |
|
| 27 | + foreach ($scripts as $script) { |
|
| 28 | + script('files_external', $script); |
|
| 29 | + } |
|
| 30 | + } |
|
| 31 | + foreach ($_['authMechanisms'] as $authMechanism) { |
|
| 32 | + /** @var AuthMechanism $authMechanism */ |
|
| 33 | + $scripts = $authMechanism->getCustomJs(); |
|
| 34 | + foreach ($scripts as $script) { |
|
| 35 | + script('files_external', $script); |
|
| 36 | + } |
|
| 37 | + } |
|
| 38 | 38 | |
| 39 | - function writeParameterInput($parameter, $options, $classes = []) { |
|
| 40 | - $value = ''; |
|
| 41 | - if (isset($options[$parameter->getName()])) { |
|
| 42 | - $value = $options[$parameter->getName()]; |
|
| 43 | - } |
|
| 44 | - $placeholder = $parameter->getText(); |
|
| 45 | - $is_optional = $parameter->isFlagSet(DefinitionParameter::FLAG_OPTIONAL); |
|
| 39 | + function writeParameterInput($parameter, $options, $classes = []) { |
|
| 40 | + $value = ''; |
|
| 41 | + if (isset($options[$parameter->getName()])) { |
|
| 42 | + $value = $options[$parameter->getName()]; |
|
| 43 | + } |
|
| 44 | + $placeholder = $parameter->getText(); |
|
| 45 | + $is_optional = $parameter->isFlagSet(DefinitionParameter::FLAG_OPTIONAL); |
|
| 46 | 46 | |
| 47 | - switch ($parameter->getType()) { |
|
| 48 | - case DefinitionParameter::VALUE_PASSWORD: ?> |
|
| 47 | + switch ($parameter->getType()) { |
|
| 48 | + case DefinitionParameter::VALUE_PASSWORD: ?> |
|
| 49 | 49 | <?php if ($is_optional) { |
| 50 | - $classes[] = 'optional'; |
|
| 51 | - } ?> |
|
| 50 | + $classes[] = 'optional'; |
|
| 51 | + } ?> |
|
| 52 | 52 | <input type="password" |
| 53 | 53 | <?php if (!empty($classes)): ?> class="<?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 54 | 54 | data-parameter="<?php p($parameter->getName()); ?>" |
@@ -56,8 +56,8 @@ discard block |
||
| 56 | 56 | placeholder="<?php p($placeholder); ?>" |
| 57 | 57 | /> |
| 58 | 58 | <?php |
| 59 | - break; |
|
| 60 | - case DefinitionParameter::VALUE_BOOLEAN: ?> |
|
| 59 | + break; |
|
| 60 | + case DefinitionParameter::VALUE_BOOLEAN: ?> |
|
| 61 | 61 | <?php $checkboxId = uniqid("checkbox_"); ?> |
| 62 | 62 | <div> |
| 63 | 63 | <label> |
@@ -71,19 +71,19 @@ discard block |
||
| 71 | 71 | </label> |
| 72 | 72 | </div> |
| 73 | 73 | <?php |
| 74 | - break; |
|
| 75 | - case DefinitionParameter::VALUE_HIDDEN: ?> |
|
| 74 | + break; |
|
| 75 | + case DefinitionParameter::VALUE_HIDDEN: ?> |
|
| 76 | 76 | <input type="hidden" |
| 77 | 77 | <?php if (!empty($classes)): ?> class="<?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 78 | 78 | data-parameter="<?php p($parameter->getName()); ?>" |
| 79 | 79 | value="<?php p($value); ?>" |
| 80 | 80 | /> |
| 81 | 81 | <?php |
| 82 | - break; |
|
| 83 | - default: ?> |
|
| 82 | + break; |
|
| 83 | + default: ?> |
|
| 84 | 84 | <?php if ($is_optional) { |
| 85 | - $classes[] = 'optional'; |
|
| 86 | - } ?> |
|
| 85 | + $classes[] = 'optional'; |
|
| 86 | + } ?> |
|
| 87 | 87 | <input type="text" |
| 88 | 88 | <?php if (!empty($classes)): ?> class="<?php p(implode(' ', $classes)); ?>"<?php endif; ?> |
| 89 | 89 | data-parameter="<?php p($parameter->getName()); ?>" |
@@ -91,8 +91,8 @@ discard block |
||
| 91 | 91 | placeholder="<?php p($placeholder); ?>" |
| 92 | 92 | /> |
| 93 | 93 | <?php |
| 94 | - } |
|
| 95 | - } |
|
| 94 | + } |
|
| 95 | + } |
|
| 96 | 96 | ?> |
| 97 | 97 | |
| 98 | 98 | <div id="emptycontent" class="hidden"> |
@@ -105,7 +105,7 @@ discard block |
||
| 105 | 105 | <a target="_blank" rel="noreferrer" class="icon-info" title="<?php p($l->t('Open documentation'));?>" href="<?php p(link_to_docs('admin-external-storage')); ?>"></a> |
| 106 | 106 | <p class="settings-hint"><?php p($l->t('External storage enables you to mount external storage services and devices as secondary Nextcloud storage devices. You may also allow users to mount their own external storage services.')); ?></p> |
| 107 | 107 | <?php if (isset($_['dependencies']) and ($_['dependencies'] !== '') and $canCreateMounts) { |
| 108 | - print_unescaped(''.$_['dependencies'].''); |
|
| 108 | + print_unescaped(''.$_['dependencies'].''); |
|
| 109 | 109 | } ?> |
| 110 | 110 | <table id="externalStorage" class="grid" data-admin='<?php print_unescaped(json_encode($_['visibilityType'] === BackendService::VISIBILITY_ADMIN)); ?>'> |
| 111 | 111 | <thead> |
@@ -116,7 +116,7 @@ discard block |
||
| 116 | 116 | <th><?php p($l->t('Authentication')); ?></th> |
| 117 | 117 | <th><?php p($l->t('Configuration')); ?></th> |
| 118 | 118 | <?php if ($_['visibilityType'] === BackendService::VISIBILITY_ADMIN) { |
| 119 | - print_unescaped('<th>'.$l->t('Available for').'</th>'); |
|
| 119 | + print_unescaped('<th>'.$l->t('Available for').'</th>'); |
|
| 120 | 120 | } ?> |
| 121 | 121 | <th> </th> |
| 122 | 122 | <th> </th> |
@@ -142,17 +142,17 @@ discard block |
||
| 142 | 142 | <?php p($l->t('Add storage')); ?> |
| 143 | 143 | </option> |
| 144 | 144 | <?php |
| 145 | - $sortedBackends = array_filter($_['backends'], function ($backend) use ($_) { |
|
| 146 | - return $backend->isVisibleFor($_['visibilityType']); |
|
| 147 | - }); |
|
| 148 | - uasort($sortedBackends, function ($a, $b) { |
|
| 149 | - return strcasecmp($a->getText(), $b->getText()); |
|
| 150 | - }); |
|
| 151 | - ?> |
|
| 145 | + $sortedBackends = array_filter($_['backends'], function ($backend) use ($_) { |
|
| 146 | + return $backend->isVisibleFor($_['visibilityType']); |
|
| 147 | + }); |
|
| 148 | + uasort($sortedBackends, function ($a, $b) { |
|
| 149 | + return strcasecmp($a->getText(), $b->getText()); |
|
| 150 | + }); |
|
| 151 | + ?> |
|
| 152 | 152 | <?php foreach ($sortedBackends as $backend): ?> |
| 153 | 153 | <?php if ($backend->getDeprecateTo()) { |
| 154 | - continue; |
|
| 155 | - } // ignore deprecated backends?> |
|
| 154 | + continue; |
|
| 155 | + } // ignore deprecated backends?> |
|
| 156 | 156 | <option value="<?php p($backend->getIdentifier()); ?>"><?php p($backend->getText()); ?></option> |
| 157 | 157 | <?php endforeach; ?> |
| 158 | 158 | </select> |
@@ -178,23 +178,23 @@ discard block |
||
| 178 | 178 | <?php if ($_['visibilityType'] === BackendService::VISIBILITY_ADMIN): ?> |
| 179 | 179 | <input type="checkbox" name="allowUserMounting" id="allowUserMounting" class="checkbox" |
| 180 | 180 | value="1" <?php if ($_['allowUserMounting']) { |
| 181 | - print_unescaped(' checked="checked"'); |
|
| 182 | - } ?> /> |
|
| 181 | + print_unescaped(' checked="checked"'); |
|
| 182 | + } ?> /> |
|
| 183 | 183 | <label for="allowUserMounting"><?php p($l->t('Allow users to mount external storage')); ?></label> <span id="userMountingMsg" class="msg"></span> |
| 184 | 184 | |
| 185 | 185 | <p id="userMountingBackends"<?php if (!$_['allowUserMounting']): ?> class="hidden"<?php endif; ?>> |
| 186 | 186 | <?php |
| 187 | - $userBackends = array_filter($_['backends'], function ($backend) { |
|
| 188 | - return $backend->isAllowedVisibleFor(BackendService::VISIBILITY_PERSONAL); |
|
| 189 | - }); |
|
| 190 | - ?> |
|
| 187 | + $userBackends = array_filter($_['backends'], function ($backend) { |
|
| 188 | + return $backend->isAllowedVisibleFor(BackendService::VISIBILITY_PERSONAL); |
|
| 189 | + }); |
|
| 190 | + ?> |
|
| 191 | 191 | <?php $i = 0; foreach ($userBackends as $backend): ?> |
| 192 | 192 | <?php if ($deprecateTo = $backend->getDeprecateTo()): ?> |
| 193 | 193 | <input type="hidden" id="allowUserMountingBackends<?php p($i); ?>" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" data-deprecate-to="<?php p($deprecateTo->getIdentifier()); ?>" /> |
| 194 | 194 | <?php else: ?> |
| 195 | 195 | <input type="checkbox" id="allowUserMountingBackends<?php p($i); ?>" class="checkbox" name="allowUserMountingBackends[]" value="<?php p($backend->getIdentifier()); ?>" <?php if ($backend->isVisibleFor(BackendService::VISIBILITY_PERSONAL)) { |
| 196 | - print_unescaped(' checked="checked"'); |
|
| 197 | - } ?> /> |
|
| 196 | + print_unescaped(' checked="checked"'); |
|
| 197 | + } ?> /> |
|
| 198 | 198 | <label for="allowUserMountingBackends<?php p($i); ?>"><?php p($backend->getText()); ?></label> <br /> |
| 199 | 199 | <?php endif; ?> |
| 200 | 200 | <?php $i++; ?> |
@@ -100,9 +100,9 @@ discard block |
||
| 100 | 100 | <h2><?php p($l->t('No external storage configured or you don\'t have the permission to configure them')); ?></h2> |
| 101 | 101 | </div> |
| 102 | 102 | |
| 103 | -<form data-can-create="<?php echo $canCreateMounts?'true':'false' ?>" id="files_external" class="section" data-encryption-enabled="<?php echo $_['encryptionEnabled']?'true': 'false'; ?>"> |
|
| 103 | +<form data-can-create="<?php echo $canCreateMounts ? 'true' : 'false' ?>" id="files_external" class="section" data-encryption-enabled="<?php echo $_['encryptionEnabled'] ? 'true' : 'false'; ?>"> |
|
| 104 | 104 | <h2 class="inlineblock" data-anchor-name="external-storage"><?php p($l->t('External storage')); ?></h2> |
| 105 | - <a target="_blank" rel="noreferrer" class="icon-info" title="<?php p($l->t('Open documentation'));?>" href="<?php p(link_to_docs('admin-external-storage')); ?>"></a> |
|
| 105 | + <a target="_blank" rel="noreferrer" class="icon-info" title="<?php p($l->t('Open documentation')); ?>" href="<?php p(link_to_docs('admin-external-storage')); ?>"></a> |
|
| 106 | 106 | <p class="settings-hint"><?php p($l->t('External storage enables you to mount external storage services and devices as secondary Nextcloud storage devices. You may also allow users to mount their own external storage services.')); ?></p> |
| 107 | 107 | <?php if (isset($_['dependencies']) and ($_['dependencies'] !== '') and $canCreateMounts) { |
| 108 | 108 | print_unescaped(''.$_['dependencies'].''); |
@@ -142,10 +142,10 @@ discard block |
||
| 142 | 142 | <?php p($l->t('Add storage')); ?> |
| 143 | 143 | </option> |
| 144 | 144 | <?php |
| 145 | - $sortedBackends = array_filter($_['backends'], function ($backend) use ($_) { |
|
| 145 | + $sortedBackends = array_filter($_['backends'], function($backend) use ($_) { |
|
| 146 | 146 | return $backend->isVisibleFor($_['visibilityType']); |
| 147 | 147 | }); |
| 148 | - uasort($sortedBackends, function ($a, $b) { |
|
| 148 | + uasort($sortedBackends, function($a, $b) { |
|
| 149 | 149 | return strcasecmp($a->getText(), $b->getText()); |
| 150 | 150 | }); |
| 151 | 151 | ?> |
@@ -184,7 +184,7 @@ discard block |
||
| 184 | 184 | |
| 185 | 185 | <p id="userMountingBackends"<?php if (!$_['allowUserMounting']): ?> class="hidden"<?php endif; ?>> |
| 186 | 186 | <?php |
| 187 | - $userBackends = array_filter($_['backends'], function ($backend) { |
|
| 187 | + $userBackends = array_filter($_['backends'], function($backend) { |
|
| 188 | 188 | return $backend->isAllowedVisibleFor(BackendService::VISIBILITY_PERSONAL); |
| 189 | 189 | }); |
| 190 | 190 | ?> |
@@ -29,40 +29,40 @@ |
||
| 29 | 29 | |
| 30 | 30 | class FedAuth extends AbstractBasic { |
| 31 | 31 | |
| 32 | - /** @var DbHandler */ |
|
| 33 | - private $db; |
|
| 32 | + /** @var DbHandler */ |
|
| 33 | + private $db; |
|
| 34 | 34 | |
| 35 | - /** |
|
| 36 | - * FedAuth constructor. |
|
| 37 | - * |
|
| 38 | - * @param DbHandler $db |
|
| 39 | - */ |
|
| 40 | - public function __construct(DbHandler $db) { |
|
| 41 | - $this->db = $db; |
|
| 42 | - $this->principalPrefix = 'principals/system/'; |
|
| 35 | + /** |
|
| 36 | + * FedAuth constructor. |
|
| 37 | + * |
|
| 38 | + * @param DbHandler $db |
|
| 39 | + */ |
|
| 40 | + public function __construct(DbHandler $db) { |
|
| 41 | + $this->db = $db; |
|
| 42 | + $this->principalPrefix = 'principals/system/'; |
|
| 43 | 43 | |
| 44 | - // setup realm |
|
| 45 | - $defaults = new \OCP\Defaults(); |
|
| 46 | - $this->realm = $defaults->getName(); |
|
| 47 | - } |
|
| 44 | + // setup realm |
|
| 45 | + $defaults = new \OCP\Defaults(); |
|
| 46 | + $this->realm = $defaults->getName(); |
|
| 47 | + } |
|
| 48 | 48 | |
| 49 | - /** |
|
| 50 | - * Validates a username and password |
|
| 51 | - * |
|
| 52 | - * This method should return true or false depending on if login |
|
| 53 | - * succeeded. |
|
| 54 | - * |
|
| 55 | - * @param string $username |
|
| 56 | - * @param string $password |
|
| 57 | - * @return bool |
|
| 58 | - */ |
|
| 59 | - protected function validateUserPass($username, $password) { |
|
| 60 | - return $this->db->auth($username, $password); |
|
| 61 | - } |
|
| 49 | + /** |
|
| 50 | + * Validates a username and password |
|
| 51 | + * |
|
| 52 | + * This method should return true or false depending on if login |
|
| 53 | + * succeeded. |
|
| 54 | + * |
|
| 55 | + * @param string $username |
|
| 56 | + * @param string $password |
|
| 57 | + * @return bool |
|
| 58 | + */ |
|
| 59 | + protected function validateUserPass($username, $password) { |
|
| 60 | + return $this->db->auth($username, $password); |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - /** |
|
| 64 | - * @inheritdoc |
|
| 65 | - */ |
|
| 66 | - public function challenge(RequestInterface $request, ResponseInterface $response) { |
|
| 67 | - } |
|
| 63 | + /** |
|
| 64 | + * @inheritdoc |
|
| 65 | + */ |
|
| 66 | + public function challenge(RequestInterface $request, ResponseInterface $response) { |
|
| 67 | + } |
|
| 68 | 68 | } |
@@ -134,7 +134,7 @@ discard block |
||
| 134 | 134 | */ |
| 135 | 135 | public function requestSharedSecret($url, $token) { |
| 136 | 136 | if ($this->trustedServers->isTrustedServer($url) === false) { |
| 137 | - $this->logger->error('remote server not trusted (' . $url . ') while requesting shared secret', ['app' => 'federation']); |
|
| 137 | + $this->logger->error('remote server not trusted ('.$url.') while requesting shared secret', ['app' => 'federation']); |
|
| 138 | 138 | throw new OCSForbiddenException(); |
| 139 | 139 | } |
| 140 | 140 | |
@@ -143,7 +143,7 @@ discard block |
||
| 143 | 143 | $localToken = $this->dbHandler->getToken($url); |
| 144 | 144 | if (strcmp($localToken, $token) > 0) { |
| 145 | 145 | $this->logger->info( |
| 146 | - 'remote server (' . $url . ') presented lower token. We will initiate the exchange of the shared secret.', |
|
| 146 | + 'remote server ('.$url.') presented lower token. We will initiate the exchange of the shared secret.', |
|
| 147 | 147 | ['app' => 'federation'] |
| 148 | 148 | ); |
| 149 | 149 | throw new OCSForbiddenException(); |
@@ -183,14 +183,14 @@ discard block |
||
| 183 | 183 | */ |
| 184 | 184 | public function getSharedSecret($url, $token) { |
| 185 | 185 | if ($this->trustedServers->isTrustedServer($url) === false) { |
| 186 | - $this->logger->error('remote server not trusted (' . $url . ') while getting shared secret', ['app' => 'federation']); |
|
| 186 | + $this->logger->error('remote server not trusted ('.$url.') while getting shared secret', ['app' => 'federation']); |
|
| 187 | 187 | throw new OCSForbiddenException(); |
| 188 | 188 | } |
| 189 | 189 | |
| 190 | 190 | if ($this->isValidToken($url, $token) === false) { |
| 191 | 191 | $expectedToken = $this->dbHandler->getToken($url); |
| 192 | 192 | $this->logger->error( |
| 193 | - 'remote server (' . $url . ') didn\'t send a valid token (got "' . $token . '" but expected "'. $expectedToken . '") while getting shared secret', |
|
| 193 | + 'remote server ('.$url.') didn\'t send a valid token (got "'.$token.'" but expected "'.$expectedToken.'") while getting shared secret', |
|
| 194 | 194 | ['app' => 'federation'] |
| 195 | 195 | ); |
| 196 | 196 | throw new OCSForbiddenException(); |
@@ -48,164 +48,164 @@ |
||
| 48 | 48 | */ |
| 49 | 49 | class OCSAuthAPIController extends OCSController { |
| 50 | 50 | |
| 51 | - /** @var ISecureRandom */ |
|
| 52 | - private $secureRandom; |
|
| 53 | - |
|
| 54 | - /** @var IJobList */ |
|
| 55 | - private $jobList; |
|
| 56 | - |
|
| 57 | - /** @var TrustedServers */ |
|
| 58 | - private $trustedServers; |
|
| 59 | - |
|
| 60 | - /** @var DbHandler */ |
|
| 61 | - private $dbHandler; |
|
| 62 | - |
|
| 63 | - /** @var ILogger */ |
|
| 64 | - private $logger; |
|
| 65 | - |
|
| 66 | - /** @var ITimeFactory */ |
|
| 67 | - private $timeFactory; |
|
| 68 | - |
|
| 69 | - /** |
|
| 70 | - * OCSAuthAPI constructor. |
|
| 71 | - * |
|
| 72 | - * @param string $appName |
|
| 73 | - * @param IRequest $request |
|
| 74 | - * @param ISecureRandom $secureRandom |
|
| 75 | - * @param IJobList $jobList |
|
| 76 | - * @param TrustedServers $trustedServers |
|
| 77 | - * @param DbHandler $dbHandler |
|
| 78 | - * @param ILogger $logger |
|
| 79 | - * @param ITimeFactory $timeFactory |
|
| 80 | - */ |
|
| 81 | - public function __construct( |
|
| 82 | - $appName, |
|
| 83 | - IRequest $request, |
|
| 84 | - ISecureRandom $secureRandom, |
|
| 85 | - IJobList $jobList, |
|
| 86 | - TrustedServers $trustedServers, |
|
| 87 | - DbHandler $dbHandler, |
|
| 88 | - ILogger $logger, |
|
| 89 | - ITimeFactory $timeFactory |
|
| 90 | - ) { |
|
| 91 | - parent::__construct($appName, $request); |
|
| 92 | - |
|
| 93 | - $this->secureRandom = $secureRandom; |
|
| 94 | - $this->jobList = $jobList; |
|
| 95 | - $this->trustedServers = $trustedServers; |
|
| 96 | - $this->dbHandler = $dbHandler; |
|
| 97 | - $this->logger = $logger; |
|
| 98 | - $this->timeFactory = $timeFactory; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - /** |
|
| 102 | - * @NoCSRFRequired |
|
| 103 | - * @PublicPage |
|
| 104 | - * |
|
| 105 | - * request received to ask remote server for a shared secret, for legacy end-points |
|
| 106 | - * |
|
| 107 | - * @param string $url |
|
| 108 | - * @param string $token |
|
| 109 | - * @return Http\DataResponse |
|
| 110 | - * @throws OCSForbiddenException |
|
| 111 | - */ |
|
| 112 | - public function requestSharedSecretLegacy($url, $token) { |
|
| 113 | - return $this->requestSharedSecret($url, $token); |
|
| 114 | - } |
|
| 115 | - |
|
| 116 | - |
|
| 117 | - /** |
|
| 118 | - * @NoCSRFRequired |
|
| 119 | - * @PublicPage |
|
| 120 | - * |
|
| 121 | - * create shared secret and return it, for legacy end-points |
|
| 122 | - * |
|
| 123 | - * @param string $url |
|
| 124 | - * @param string $token |
|
| 125 | - * @return Http\DataResponse |
|
| 126 | - * @throws OCSForbiddenException |
|
| 127 | - */ |
|
| 128 | - public function getSharedSecretLegacy($url, $token) { |
|
| 129 | - return $this->getSharedSecret($url, $token); |
|
| 130 | - } |
|
| 131 | - |
|
| 132 | - /** |
|
| 133 | - * @NoCSRFRequired |
|
| 134 | - * @PublicPage |
|
| 135 | - * |
|
| 136 | - * request received to ask remote server for a shared secret |
|
| 137 | - * |
|
| 138 | - * @param string $url |
|
| 139 | - * @param string $token |
|
| 140 | - * @return Http\DataResponse |
|
| 141 | - * @throws OCSForbiddenException |
|
| 142 | - */ |
|
| 143 | - public function requestSharedSecret($url, $token) { |
|
| 144 | - if ($this->trustedServers->isTrustedServer($url) === false) { |
|
| 145 | - $this->logger->error('remote server not trusted (' . $url . ') while requesting shared secret', ['app' => 'federation']); |
|
| 146 | - throw new OCSForbiddenException(); |
|
| 147 | - } |
|
| 148 | - |
|
| 149 | - // if both server initiated the exchange of the shared secret the greater |
|
| 150 | - // token wins |
|
| 151 | - $localToken = $this->dbHandler->getToken($url); |
|
| 152 | - if (strcmp($localToken, $token) > 0) { |
|
| 153 | - $this->logger->info( |
|
| 154 | - 'remote server (' . $url . ') presented lower token. We will initiate the exchange of the shared secret.', |
|
| 155 | - ['app' => 'federation'] |
|
| 156 | - ); |
|
| 157 | - throw new OCSForbiddenException(); |
|
| 158 | - } |
|
| 159 | - |
|
| 160 | - $this->jobList->add( |
|
| 161 | - 'OCA\Federation\BackgroundJob\GetSharedSecret', |
|
| 162 | - [ |
|
| 163 | - 'url' => $url, |
|
| 164 | - 'token' => $token, |
|
| 165 | - 'created' => $this->timeFactory->getTime() |
|
| 166 | - ] |
|
| 167 | - ); |
|
| 168 | - |
|
| 169 | - return new Http\DataResponse(); |
|
| 170 | - } |
|
| 171 | - |
|
| 172 | - /** |
|
| 173 | - * @NoCSRFRequired |
|
| 174 | - * @PublicPage |
|
| 175 | - * |
|
| 176 | - * create shared secret and return it |
|
| 177 | - * |
|
| 178 | - * @param string $url |
|
| 179 | - * @param string $token |
|
| 180 | - * @return Http\DataResponse |
|
| 181 | - * @throws OCSForbiddenException |
|
| 182 | - */ |
|
| 183 | - public function getSharedSecret($url, $token) { |
|
| 184 | - if ($this->trustedServers->isTrustedServer($url) === false) { |
|
| 185 | - $this->logger->error('remote server not trusted (' . $url . ') while getting shared secret', ['app' => 'federation']); |
|
| 186 | - throw new OCSForbiddenException(); |
|
| 187 | - } |
|
| 188 | - |
|
| 189 | - if ($this->isValidToken($url, $token) === false) { |
|
| 190 | - $expectedToken = $this->dbHandler->getToken($url); |
|
| 191 | - $this->logger->error( |
|
| 192 | - 'remote server (' . $url . ') didn\'t send a valid token (got "' . $token . '" but expected "'. $expectedToken . '") while getting shared secret', |
|
| 193 | - ['app' => 'federation'] |
|
| 194 | - ); |
|
| 195 | - throw new OCSForbiddenException(); |
|
| 196 | - } |
|
| 197 | - |
|
| 198 | - $sharedSecret = $this->secureRandom->generate(32); |
|
| 199 | - |
|
| 200 | - $this->trustedServers->addSharedSecret($url, $sharedSecret); |
|
| 201 | - |
|
| 202 | - return new Http\DataResponse([ |
|
| 203 | - 'sharedSecret' => $sharedSecret |
|
| 204 | - ]); |
|
| 205 | - } |
|
| 206 | - |
|
| 207 | - protected function isValidToken($url, $token) { |
|
| 208 | - $storedToken = $this->dbHandler->getToken($url); |
|
| 209 | - return hash_equals($storedToken, $token); |
|
| 210 | - } |
|
| 51 | + /** @var ISecureRandom */ |
|
| 52 | + private $secureRandom; |
|
| 53 | + |
|
| 54 | + /** @var IJobList */ |
|
| 55 | + private $jobList; |
|
| 56 | + |
|
| 57 | + /** @var TrustedServers */ |
|
| 58 | + private $trustedServers; |
|
| 59 | + |
|
| 60 | + /** @var DbHandler */ |
|
| 61 | + private $dbHandler; |
|
| 62 | + |
|
| 63 | + /** @var ILogger */ |
|
| 64 | + private $logger; |
|
| 65 | + |
|
| 66 | + /** @var ITimeFactory */ |
|
| 67 | + private $timeFactory; |
|
| 68 | + |
|
| 69 | + /** |
|
| 70 | + * OCSAuthAPI constructor. |
|
| 71 | + * |
|
| 72 | + * @param string $appName |
|
| 73 | + * @param IRequest $request |
|
| 74 | + * @param ISecureRandom $secureRandom |
|
| 75 | + * @param IJobList $jobList |
|
| 76 | + * @param TrustedServers $trustedServers |
|
| 77 | + * @param DbHandler $dbHandler |
|
| 78 | + * @param ILogger $logger |
|
| 79 | + * @param ITimeFactory $timeFactory |
|
| 80 | + */ |
|
| 81 | + public function __construct( |
|
| 82 | + $appName, |
|
| 83 | + IRequest $request, |
|
| 84 | + ISecureRandom $secureRandom, |
|
| 85 | + IJobList $jobList, |
|
| 86 | + TrustedServers $trustedServers, |
|
| 87 | + DbHandler $dbHandler, |
|
| 88 | + ILogger $logger, |
|
| 89 | + ITimeFactory $timeFactory |
|
| 90 | + ) { |
|
| 91 | + parent::__construct($appName, $request); |
|
| 92 | + |
|
| 93 | + $this->secureRandom = $secureRandom; |
|
| 94 | + $this->jobList = $jobList; |
|
| 95 | + $this->trustedServers = $trustedServers; |
|
| 96 | + $this->dbHandler = $dbHandler; |
|
| 97 | + $this->logger = $logger; |
|
| 98 | + $this->timeFactory = $timeFactory; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + /** |
|
| 102 | + * @NoCSRFRequired |
|
| 103 | + * @PublicPage |
|
| 104 | + * |
|
| 105 | + * request received to ask remote server for a shared secret, for legacy end-points |
|
| 106 | + * |
|
| 107 | + * @param string $url |
|
| 108 | + * @param string $token |
|
| 109 | + * @return Http\DataResponse |
|
| 110 | + * @throws OCSForbiddenException |
|
| 111 | + */ |
|
| 112 | + public function requestSharedSecretLegacy($url, $token) { |
|
| 113 | + return $this->requestSharedSecret($url, $token); |
|
| 114 | + } |
|
| 115 | + |
|
| 116 | + |
|
| 117 | + /** |
|
| 118 | + * @NoCSRFRequired |
|
| 119 | + * @PublicPage |
|
| 120 | + * |
|
| 121 | + * create shared secret and return it, for legacy end-points |
|
| 122 | + * |
|
| 123 | + * @param string $url |
|
| 124 | + * @param string $token |
|
| 125 | + * @return Http\DataResponse |
|
| 126 | + * @throws OCSForbiddenException |
|
| 127 | + */ |
|
| 128 | + public function getSharedSecretLegacy($url, $token) { |
|
| 129 | + return $this->getSharedSecret($url, $token); |
|
| 130 | + } |
|
| 131 | + |
|
| 132 | + /** |
|
| 133 | + * @NoCSRFRequired |
|
| 134 | + * @PublicPage |
|
| 135 | + * |
|
| 136 | + * request received to ask remote server for a shared secret |
|
| 137 | + * |
|
| 138 | + * @param string $url |
|
| 139 | + * @param string $token |
|
| 140 | + * @return Http\DataResponse |
|
| 141 | + * @throws OCSForbiddenException |
|
| 142 | + */ |
|
| 143 | + public function requestSharedSecret($url, $token) { |
|
| 144 | + if ($this->trustedServers->isTrustedServer($url) === false) { |
|
| 145 | + $this->logger->error('remote server not trusted (' . $url . ') while requesting shared secret', ['app' => 'federation']); |
|
| 146 | + throw new OCSForbiddenException(); |
|
| 147 | + } |
|
| 148 | + |
|
| 149 | + // if both server initiated the exchange of the shared secret the greater |
|
| 150 | + // token wins |
|
| 151 | + $localToken = $this->dbHandler->getToken($url); |
|
| 152 | + if (strcmp($localToken, $token) > 0) { |
|
| 153 | + $this->logger->info( |
|
| 154 | + 'remote server (' . $url . ') presented lower token. We will initiate the exchange of the shared secret.', |
|
| 155 | + ['app' => 'federation'] |
|
| 156 | + ); |
|
| 157 | + throw new OCSForbiddenException(); |
|
| 158 | + } |
|
| 159 | + |
|
| 160 | + $this->jobList->add( |
|
| 161 | + 'OCA\Federation\BackgroundJob\GetSharedSecret', |
|
| 162 | + [ |
|
| 163 | + 'url' => $url, |
|
| 164 | + 'token' => $token, |
|
| 165 | + 'created' => $this->timeFactory->getTime() |
|
| 166 | + ] |
|
| 167 | + ); |
|
| 168 | + |
|
| 169 | + return new Http\DataResponse(); |
|
| 170 | + } |
|
| 171 | + |
|
| 172 | + /** |
|
| 173 | + * @NoCSRFRequired |
|
| 174 | + * @PublicPage |
|
| 175 | + * |
|
| 176 | + * create shared secret and return it |
|
| 177 | + * |
|
| 178 | + * @param string $url |
|
| 179 | + * @param string $token |
|
| 180 | + * @return Http\DataResponse |
|
| 181 | + * @throws OCSForbiddenException |
|
| 182 | + */ |
|
| 183 | + public function getSharedSecret($url, $token) { |
|
| 184 | + if ($this->trustedServers->isTrustedServer($url) === false) { |
|
| 185 | + $this->logger->error('remote server not trusted (' . $url . ') while getting shared secret', ['app' => 'federation']); |
|
| 186 | + throw new OCSForbiddenException(); |
|
| 187 | + } |
|
| 188 | + |
|
| 189 | + if ($this->isValidToken($url, $token) === false) { |
|
| 190 | + $expectedToken = $this->dbHandler->getToken($url); |
|
| 191 | + $this->logger->error( |
|
| 192 | + 'remote server (' . $url . ') didn\'t send a valid token (got "' . $token . '" but expected "'. $expectedToken . '") while getting shared secret', |
|
| 193 | + ['app' => 'federation'] |
|
| 194 | + ); |
|
| 195 | + throw new OCSForbiddenException(); |
|
| 196 | + } |
|
| 197 | + |
|
| 198 | + $sharedSecret = $this->secureRandom->generate(32); |
|
| 199 | + |
|
| 200 | + $this->trustedServers->addSharedSecret($url, $sharedSecret); |
|
| 201 | + |
|
| 202 | + return new Http\DataResponse([ |
|
| 203 | + 'sharedSecret' => $sharedSecret |
|
| 204 | + ]); |
|
| 205 | + } |
|
| 206 | + |
|
| 207 | + protected function isValidToken($url, $token) { |
|
| 208 | + $storedToken = $this->dbHandler->getToken($url); |
|
| 209 | + return hash_equals($storedToken, $token); |
|
| 210 | + } |
|
| 211 | 211 | } |
@@ -29,32 +29,32 @@ |
||
| 29 | 29 | |
| 30 | 30 | class LastUsedController extends Controller { |
| 31 | 31 | |
| 32 | - /** @var IConfig */ |
|
| 33 | - protected $config; |
|
| 32 | + /** @var IConfig */ |
|
| 33 | + protected $config; |
|
| 34 | 34 | |
| 35 | - /** @var IUserSession */ |
|
| 36 | - protected $userSession; |
|
| 35 | + /** @var IUserSession */ |
|
| 36 | + protected $userSession; |
|
| 37 | 37 | |
| 38 | - /** |
|
| 39 | - * @param string $appName |
|
| 40 | - * @param IRequest $request |
|
| 41 | - * @param IConfig $config |
|
| 42 | - * @param IUserSession $userSession |
|
| 43 | - */ |
|
| 44 | - public function __construct($appName, IRequest $request, IConfig $config, IUserSession $userSession) { |
|
| 45 | - parent::__construct($appName, $request); |
|
| 46 | - $this->config = $config; |
|
| 47 | - $this->userSession = $userSession; |
|
| 48 | - } |
|
| 38 | + /** |
|
| 39 | + * @param string $appName |
|
| 40 | + * @param IRequest $request |
|
| 41 | + * @param IConfig $config |
|
| 42 | + * @param IUserSession $userSession |
|
| 43 | + */ |
|
| 44 | + public function __construct($appName, IRequest $request, IConfig $config, IUserSession $userSession) { |
|
| 45 | + parent::__construct($appName, $request); |
|
| 46 | + $this->config = $config; |
|
| 47 | + $this->userSession = $userSession; |
|
| 48 | + } |
|
| 49 | 49 | |
| 50 | - /** |
|
| 51 | - * @NoAdminRequired |
|
| 52 | - */ |
|
| 53 | - public function getLastUsedTagIds() { |
|
| 54 | - $lastUsed = $this->config->getUserValue($this->userSession->getUser()->getUID(), 'systemtags', 'last_used', '[]'); |
|
| 55 | - $tagIds = json_decode($lastUsed, true); |
|
| 56 | - return new DataResponse(array_map(function ($id) { |
|
| 57 | - return (string) $id; |
|
| 58 | - }, $tagIds)); |
|
| 59 | - } |
|
| 50 | + /** |
|
| 51 | + * @NoAdminRequired |
|
| 52 | + */ |
|
| 53 | + public function getLastUsedTagIds() { |
|
| 54 | + $lastUsed = $this->config->getUserValue($this->userSession->getUser()->getUID(), 'systemtags', 'last_used', '[]'); |
|
| 55 | + $tagIds = json_decode($lastUsed, true); |
|
| 56 | + return new DataResponse(array_map(function ($id) { |
|
| 57 | + return (string) $id; |
|
| 58 | + }, $tagIds)); |
|
| 59 | + } |
|
| 60 | 60 | } |
@@ -53,7 +53,7 @@ |
||
| 53 | 53 | public function getLastUsedTagIds() { |
| 54 | 54 | $lastUsed = $this->config->getUserValue($this->userSession->getUser()->getUID(), 'systemtags', 'last_used', '[]'); |
| 55 | 55 | $tagIds = json_decode($lastUsed, true); |
| 56 | - return new DataResponse(array_map(function ($id) { |
|
| 56 | + return new DataResponse(array_map(function($id) { |
|
| 57 | 57 | return (string) $id; |
| 58 | 58 | }, $tagIds)); |
| 59 | 59 | } |
@@ -31,30 +31,30 @@ |
||
| 31 | 31 | use OCP\Command\ICommand; |
| 32 | 32 | |
| 33 | 33 | class Expire implements ICommand { |
| 34 | - use FileAccess; |
|
| 34 | + use FileAccess; |
|
| 35 | 35 | |
| 36 | - /** |
|
| 37 | - * @var string |
|
| 38 | - */ |
|
| 39 | - private $user; |
|
| 36 | + /** |
|
| 37 | + * @var string |
|
| 38 | + */ |
|
| 39 | + private $user; |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * @param string $user |
|
| 43 | - */ |
|
| 44 | - public function __construct($user) { |
|
| 45 | - $this->user = $user; |
|
| 46 | - } |
|
| 41 | + /** |
|
| 42 | + * @param string $user |
|
| 43 | + */ |
|
| 44 | + public function __construct($user) { |
|
| 45 | + $this->user = $user; |
|
| 46 | + } |
|
| 47 | 47 | |
| 48 | - public function handle() { |
|
| 49 | - $userManager = \OC::$server->getUserManager(); |
|
| 50 | - if (!$userManager->userExists($this->user)) { |
|
| 51 | - // User has been deleted already |
|
| 52 | - return; |
|
| 53 | - } |
|
| 48 | + public function handle() { |
|
| 49 | + $userManager = \OC::$server->getUserManager(); |
|
| 50 | + if (!$userManager->userExists($this->user)) { |
|
| 51 | + // User has been deleted already |
|
| 52 | + return; |
|
| 53 | + } |
|
| 54 | 54 | |
| 55 | - \OC_Util::tearDownFS(); |
|
| 56 | - \OC_Util::setupFS($this->user); |
|
| 57 | - Trashbin::expire($this->user); |
|
| 58 | - \OC_Util::tearDownFS(); |
|
| 59 | - } |
|
| 55 | + \OC_Util::tearDownFS(); |
|
| 56 | + \OC_Util::setupFS($this->user); |
|
| 57 | + Trashbin::expire($this->user); |
|
| 58 | + \OC_Util::tearDownFS(); |
|
| 59 | + } |
|
| 60 | 60 | } |
