nextcloud / server

apps/files_external/lib/Lib/Api.php

Indentation +50 added lines, -50 removed lines

@@ -28,61 +28,61 @@
 
 class Api {
 
-	/**
-	 * Formats the given mount config to a mount entry.
-	 *
-	 * @param string $mountPoint mount point name, relative to the data dir
-	 * @param array $mountConfig mount config to format
-	 *
-	 * @return array entry
-	 */
-	private static function formatMount($mountPoint, $mountConfig) {
-		// strip "/$user/files" from mount point
-		$mountPoint = explode('/', trim($mountPoint, '/'), 3);
-		$mountPoint = isset($mountPoint[2]) ? $mountPoint[2] : '';
+    /**
+     * Formats the given mount config to a mount entry.
+     *
+     * @param string $mountPoint mount point name, relative to the data dir
+     * @param array $mountConfig mount config to format
+     *
+     * @return array entry
+     */
+    private static function formatMount($mountPoint, $mountConfig) {
+        // strip "/$user/files" from mount point
+        $mountPoint = explode('/', trim($mountPoint, '/'), 3);
+        $mountPoint = isset($mountPoint[2]) ? $mountPoint[2] : '';
 
-		// split path from mount point
-		$path = dirname($mountPoint);
-		if ($path === '.') {
-			$path = '';
-		}
+        // split path from mount point
+        $path = dirname($mountPoint);
+        if ($path === '.') {
+            $path = '';
+        }
 
-		$isSystemMount = !$mountConfig['personal'];
+        $isSystemMount = !$mountConfig['personal'];
 
-		$permissions = \OCP\Constants::PERMISSION_READ;
-		// personal mounts can be deleted
-		if (!$isSystemMount) {
-			$permissions |= \OCP\Constants::PERMISSION_DELETE;
-		}
+        $permissions = \OCP\Constants::PERMISSION_READ;
+        // personal mounts can be deleted
+        if (!$isSystemMount) {
+            $permissions |= \OCP\Constants::PERMISSION_DELETE;
+        }
 
-		$entry = array(
-			'name' => basename($mountPoint),
-			'path' => $path,
-			'type' => 'dir',
-			'backend' => $mountConfig['backend'],
-			'scope' => ( $isSystemMount ? 'system' : 'personal' ),
-			'permissions' => $permissions,
-			'id' => $mountConfig['id'],
-			'class' => $mountConfig['class']
-		);
-		return $entry;
-	}
+        $entry = array(
+            'name' => basename($mountPoint),
+            'path' => $path,
+            'type' => 'dir',
+            'backend' => $mountConfig['backend'],
+            'scope' => ( $isSystemMount ? 'system' : 'personal' ),
+            'permissions' => $permissions,
+            'id' => $mountConfig['id'],
+            'class' => $mountConfig['class']
+        );
+        return $entry;
+    }
 
-	/**
-	 * Returns the mount points visible for this user.
-	 *
-	 * @param array $params
-	 * @return \OC\OCS\Result share information
-	 */
-	public static function getUserMounts($params) {
-		$entries = array();
-		$user = \OC::$server->getUserSession()->getUser()->getUID();
+    /**
+     * Returns the mount points visible for this user.
+     *
+     * @param array $params
+     * @return \OC\OCS\Result share information
+     */
+    public static function getUserMounts($params) {
+        $entries = array();
+        $user = \OC::$server->getUserSession()->getUser()->getUID();
 
-		$mounts = \OC_Mount_Config::getAbsoluteMountPoints($user);
-		foreach($mounts as $mountPoint => $mount) {
-			$entries[] = self::formatMount($mountPoint, $mount);
-		}
+        $mounts = \OC_Mount_Config::getAbsoluteMountPoints($user);
+        foreach($mounts as $mountPoint => $mount) {
+            $entries[] = self::formatMount($mountPoint, $mount);
+        }
 
-		return new \OC\OCS\Result($entries);
-	}
+        return new \OC\OCS\Result($entries);
+    }
 }

ocs/v1.php

Indentation +38 added lines, -38 removed lines

@@ -32,13 +32,13 @@ 
 require_once __DIR__ . '/../lib/base.php';
 
 if (\OCP\Util::needUpgrade()
-	|| \OC::$server->getSystemConfig()->getValue('maintenance', false)) {
-	// since the behavior of apps or remotes are unpredictable during
-	// an upgrade, return a 503 directly
-	OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
-	$response = new \OC\OCS\Result(null, OC_Response::STATUS_SERVICE_UNAVAILABLE, 'Service unavailable');
-	OC_API::respond($response, OC_API::requestedFormat());
-	exit;
+    || \OC::$server->getSystemConfig()->getValue('maintenance', false)) {
+    // since the behavior of apps or remotes are unpredictable during
+    // an upgrade, return a 503 directly
+    OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
+    $response = new \OC\OCS\Result(null, OC_Response::STATUS_SERVICE_UNAVAILABLE, 'Service unavailable');
+    OC_API::respond($response, OC_API::requestedFormat());
+    exit;
 }
 
 use Symfony\Component\Routing\Exception\ResourceNotFoundException;
@@ -49,53 +49,53 @@ 
  * We first try the old routes since the appframework triggers more login stuff.
  */
 try {
-	OC_App::loadApps(['session']);
-	OC_App::loadApps(['authentication']);
-	// load all apps to get all api routes properly setup
-	OC_App::loadApps();
+    OC_App::loadApps(['session']);
+    OC_App::loadApps(['authentication']);
+    // load all apps to get all api routes properly setup
+    OC_App::loadApps();
 
-	OC::$server->getRouter()->match('/ocs'.\OC::$server->getRequest()->getRawPathInfo());
-	return;
+    OC::$server->getRouter()->match('/ocs'.\OC::$server->getRequest()->getRawPathInfo());
+    return;
 } catch (ResourceNotFoundException $e) {
-	// Fall through the not found
+    // Fall through the not found
 } catch (MethodNotAllowedException $e) {
-	OC_API::setContentType();
-	OC_Response::setStatus(405);
-	exit();
+    OC_API::setContentType();
+    OC_Response::setStatus(405);
+    exit();
 } catch (Exception $ex) {
-	OC_API::respond($ex->getResult(), OC_API::requestedFormat());
-	exit();
+    OC_API::respond($ex->getResult(), OC_API::requestedFormat());
+    exit();
 }
 
 /*
  * Try the appframework routes
  */
 try {
-	if(!\OC::$server->getUserSession()->isLoggedIn()) {
-		OC::handleLogin(\OC::$server->getRequest());
-	}
-	OC::$server->getRouter()->match('/ocsapp'.\OC::$server->getRequest()->getRawPathInfo());
+    if(!\OC::$server->getUserSession()->isLoggedIn()) {
+        OC::handleLogin(\OC::$server->getRequest());
+    }
+    OC::$server->getRouter()->match('/ocsapp'.\OC::$server->getRequest()->getRawPathInfo());
 } catch (ResourceNotFoundException $e) {
-	OC_API::setContentType();
+    OC_API::setContentType();
 
-	$format = \OC::$server->getRequest()->getParam('format', 'xml');
-	$txt='Invalid query, please check the syntax. API specifications are here:'
-		.' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";
-	OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, $txt), $format);
+    $format = \OC::$server->getRequest()->getParam('format', 'xml');
+    $txt='Invalid query, please check the syntax. API specifications are here:'
+        .' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";
+    OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, $txt), $format);
 } catch (MethodNotAllowedException $e) {
-	OC_API::setContentType();
-	OC_Response::setStatus(405);
+    OC_API::setContentType();
+    OC_Response::setStatus(405);
 } catch (\OC\OCS\Exception $ex) {
-	OC_API::respond($ex->getResult(), OC_API::requestedFormat());
+    OC_API::respond($ex->getResult(), OC_API::requestedFormat());
 } catch (\OC\User\LoginException $e) {
-	OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED, 'Unauthorised'));
+    OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_UNAUTHORISED, 'Unauthorised'));
 } catch (\Exception $e) {
-	\OC::$server->getLogger()->logException($e);
-	OC_API::setContentType();
+    \OC::$server->getLogger()->logException($e);
+    OC_API::setContentType();
 
-	$format = \OC::$server->getRequest()->getParam('format', 'xml');
-	$txt='Invalid query, please check the syntax. API specifications are here:'
-		.' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";
-	OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, $txt), $format);
+    $format = \OC::$server->getRequest()->getParam('format', 'xml');
+    $txt='Invalid query, please check the syntax. API specifications are here:'
+        .' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";
+    OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, $txt), $format);
 }
 

Spacing +4 added lines, -4 removed lines

@@ -29,7 +29,7 @@ 
  *
  */
 
-require_once __DIR__ . '/../lib/base.php';
+require_once __DIR__.'/../lib/base.php';
 
 if (\OCP\Util::needUpgrade()
 	|| \OC::$server->getSystemConfig()->getValue('maintenance', false)) {
@@ -71,7 +71,7 @@ 
  * Try the appframework routes
  */
 try {
-	if(!\OC::$server->getUserSession()->isLoggedIn()) {
+	if (!\OC::$server->getUserSession()->isLoggedIn()) {
 		OC::handleLogin(\OC::$server->getRequest());
 	}
 	OC::$server->getRouter()->match('/ocsapp'.\OC::$server->getRequest()->getRawPathInfo());
@@ -79,7 +79,7 @@ 
 	OC_API::setContentType();
 
 	$format = \OC::$server->getRequest()->getParam('format', 'xml');
-	$txt='Invalid query, please check the syntax. API specifications are here:'
+	$txt = 'Invalid query, please check the syntax. API specifications are here:'
 		.' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";
 	OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, $txt), $format);
 } catch (MethodNotAllowedException $e) {
@@ -94,7 +94,7 @@ 
 	OC_API::setContentType();
 
 	$format = \OC::$server->getRequest()->getParam('format', 'xml');
-	$txt='Invalid query, please check the syntax. API specifications are here:'
+	$txt = 'Invalid query, please check the syntax. API specifications are here:'
 		.' http://www.freedesktop.org/wiki/Specifications/open-collaboration-services. DEBUG OUTPUT:'."\n";
 	OC_API::respond(new \OC\OCS\Result(null, \OCP\API::RESPOND_NOT_FOUND, $txt), $format);
 }

lib/private/legacy/api.php

Indentation +459 added lines, -459 removed lines

@@ -37,463 +37,463 @@
 
 class OC_API {
 
-	/**
-	 * API authentication levels
-	 */
-
-	/** @deprecated Use \OCP\API::GUEST_AUTH instead */
-	const GUEST_AUTH = 0;
-
-	/** @deprecated Use \OCP\API::USER_AUTH instead */
-	const USER_AUTH = 1;
-
-	/** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
-	const SUBADMIN_AUTH = 2;
-
-	/** @deprecated Use \OCP\API::ADMIN_AUTH instead */
-	const ADMIN_AUTH = 3;
-
-	/**
-	 * API Response Codes
-	 */
-
-	/** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
-	const RESPOND_UNAUTHORISED = 997;
-
-	/** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
-	const RESPOND_SERVER_ERROR = 996;
-
-	/** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
-	const RESPOND_NOT_FOUND = 998;
-
-	/** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
-	const RESPOND_UNKNOWN_ERROR = 999;
-
-	/**
-	 * api actions
-	 */
-	protected static $actions = array();
-	private static $logoutRequired = false;
-	private static $isLoggedIn = false;
-
-	/**
-	 * registers an api call
-	 * @param string $method the http method
-	 * @param string $url the url to match
-	 * @param callable $action the function to run
-	 * @param string $app the id of the app registering the call
-	 * @param int $authLevel the level of authentication required for the call
-	 * @param array $defaults
-	 * @param array $requirements
-	 */
-	public static function register($method, $url, $action, $app,
-				$authLevel = API::USER_AUTH,
-				$defaults = array(),
-				$requirements = array()) {
-		$name = strtolower($method).$url;
-		$name = str_replace(array('/', '{', '}'), '_', $name);
-		if(!isset(self::$actions[$name])) {
-			$oldCollection = OC::$server->getRouter()->getCurrentCollection();
-			OC::$server->getRouter()->useCollection('ocs');
-			OC::$server->getRouter()->create($name, $url)
-				->method($method)
-				->defaults($defaults)
-				->requirements($requirements)
-				->action('OC_API', 'call');
-			self::$actions[$name] = array();
-			OC::$server->getRouter()->useCollection($oldCollection);
-		}
-		self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
-	}
-
-	/**
-	 * handles an api call
-	 * @param array $parameters
-	 */
-	public static function call($parameters) {
-		$request = \OC::$server->getRequest();
-		$method = $request->getMethod();
-
-		// Prepare the request variables
-		if($method === 'PUT') {
-			$parameters['_put'] = $request->getParams();
-		} else if($method === 'DELETE') {
-			$parameters['_delete'] = $request->getParams();
-		}
-		$name = $parameters['_route'];
-		// Foreach registered action
-		$responses = array();
-		$appManager = \OC::$server->getAppManager();
-		foreach(self::$actions[$name] as $action) {
-			// Check authentication and availability
-			if(!self::isAuthorised($action)) {
-				$responses[] = array(
-					'app' => $action['app'],
-					'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
-					'shipped' => $appManager->isShipped($action['app']),
-					);
-				continue;
-			}
-			if(!is_callable($action['action'])) {
-				$responses[] = array(
-					'app' => $action['app'],
-					'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
-					'shipped' => $appManager->isShipped($action['app']),
-					);
-				continue;
-			}
-			// Run the action
-			$responses[] = array(
-				'app' => $action['app'],
-				'response' => call_user_func($action['action'], $parameters),
-				'shipped' => $appManager->isShipped($action['app']),
-				);
-		}
-		$response = self::mergeResponses($responses);
-		$format = self::requestedFormat();
-		if (self::$logoutRequired) {
-			\OC::$server->getUserSession()->logout();
-		}
-
-		self::respond($response, $format);
-	}
-
-	/**
-	 * merge the returned result objects into one response
-	 * @param array $responses
-	 * @return \OC\OCS\Result
-	 */
-	public static function mergeResponses($responses) {
-		// Sort into shipped and third-party
-		$shipped = array(
-			'succeeded' => array(),
-			'failed' => array(),
-			);
-		$thirdparty = array(
-			'succeeded' => array(),
-			'failed' => array(),
-			);
-
-		foreach($responses as $response) {
-			if($response['shipped'] || ($response['app'] === 'core')) {
-				if($response['response']->succeeded()) {
-					$shipped['succeeded'][$response['app']] = $response;
-				} else {
-					$shipped['failed'][$response['app']] = $response;
-				}
-			} else {
-				if($response['response']->succeeded()) {
-					$thirdparty['succeeded'][$response['app']] = $response;
-				} else {
-					$thirdparty['failed'][$response['app']] = $response;
-				}
-			}
-		}
-
-		// Remove any error responses if there is one shipped response that succeeded
-		if(!empty($shipped['failed'])) {
-			// Which shipped response do we use if they all failed?
-			// They may have failed for different reasons (different status codes)
-			// Which response code should we return?
-			// Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
-			// Merge failed responses if more than one
-			$data = array();
-			foreach($shipped['failed'] as $failure) {
-				$data = array_merge_recursive($data, $failure['response']->getData());
-			}
-			$picked = reset($shipped['failed']);
-			$code = $picked['response']->getStatusCode();
-			$meta = $picked['response']->getMeta();
-			$headers = $picked['response']->getHeaders();
-			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
-			return $response;
-		} elseif(!empty($shipped['succeeded'])) {
-			$responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
-		} elseif(!empty($thirdparty['failed'])) {
-			// Merge failed responses if more than one
-			$data = array();
-			foreach($thirdparty['failed'] as $failure) {
-				$data = array_merge_recursive($data, $failure['response']->getData());
-			}
-			$picked = reset($thirdparty['failed']);
-			$code = $picked['response']->getStatusCode();
-			$meta = $picked['response']->getMeta();
-			$headers = $picked['response']->getHeaders();
-			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
-			return $response;
-		} else {
-			$responses = $thirdparty['succeeded'];
-		}
-		// Merge the successful responses
-		$data = [];
-		$codes = [];
-		$header = [];
-
-		foreach($responses as $response) {
-			if($response['shipped']) {
-				$data = array_merge_recursive($response['response']->getData(), $data);
-			} else {
-				$data = array_merge_recursive($data, $response['response']->getData());
-			}
-			$header = array_merge_recursive($header, $response['response']->getHeaders());
-			$codes[] = ['code' => $response['response']->getStatusCode(),
-				'meta' => $response['response']->getMeta()];
-		}
-
-		// Use any non 100 status codes
-		$statusCode = 100;
-		$statusMessage = null;
-		foreach($codes as $code) {
-			if($code['code'] != 100) {
-				$statusCode = $code['code'];
-				$statusMessage = $code['meta']['message'];
-				break;
-			}
-		}
-
-		return new \OC\OCS\Result($data, $statusCode, $statusMessage, $header);
-	}
-
-	/**
-	 * authenticate the api call
-	 * @param array $action the action details as supplied to OC_API::register()
-	 * @return bool
-	 */
-	private static function isAuthorised($action) {
-		$level = $action['authlevel'];
-		switch($level) {
-			case API::GUEST_AUTH:
-				// Anyone can access
-				return true;
-			case API::USER_AUTH:
-				// User required
-				return self::loginUser();
-			case API::SUBADMIN_AUTH:
-				// Check for subadmin
-				$user = self::loginUser();
-				if(!$user) {
-					return false;
-				} else {
-					$userObject = \OC::$server->getUserSession()->getUser();
-					if($userObject === null) {
-						return false;
-					}
-					$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
-					$admin = OC_User::isAdminUser($user);
-					if($isSubAdmin || $admin) {
-						return true;
-					} else {
-						return false;
-					}
-				}
-			case API::ADMIN_AUTH:
-				// Check for admin
-				$user = self::loginUser();
-				if(!$user) {
-					return false;
-				} else {
-					return OC_User::isAdminUser($user);
-				}
-			default:
-				// oops looks like invalid level supplied
-				return false;
-		}
-	}
-
-	/**
-	 * http basic auth
-	 * @return string|false (username, or false on failure)
-	 */
-	private static function loginUser() {
-		if(self::$isLoggedIn === true) {
-			return \OC_User::getUser();
-		}
-
-		// reuse existing login
-		$loggedIn = \OC::$server->getUserSession()->isLoggedIn();
-		if ($loggedIn === true) {
-			if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
-				// Do not allow access to OCS until the 2FA challenge was solved successfully
-				return false;
-			}
-			$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
-			if ($ocsApiRequest) {
-
-				// initialize the user's filesystem
-				\OC_Util::setupFS(\OC_User::getUser());
-				self::$isLoggedIn = true;
-
-				return OC_User::getUser();
-			}
-			return false;
-		}
-
-		// basic auth - because OC_User::login will create a new session we shall only try to login
-		// if user and pass are set
-		$userSession = \OC::$server->getUserSession();
-		$request = \OC::$server->getRequest();
-		try {
-			if ($userSession->tryTokenLogin($request)
-				|| $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
-				self::$logoutRequired = true;
-			} else {
-				return false;
-			}
-			// initialize the user's filesystem
-			\OC_Util::setupFS(\OC_User::getUser());
-			self::$isLoggedIn = true;
-
-			return \OC_User::getUser();
-		} catch (\OC\User\LoginException $e) {
-			return false;
-		}
-	}
-
-	/**
-	 * respond to a call
-	 * @param \OC\OCS\Result $result
-	 * @param string $format the format xml|json
-	 */
-	public static function respond($result, $format='xml') {
-		$request = \OC::$server->getRequest();
-
-		// Send 401 headers if unauthorised
-		if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
-			// If request comes from JS return dummy auth request
-			if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
-				header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
-			} else {
-				header('WWW-Authenticate: Basic realm="Authorisation Required"');
-			}
-			header('HTTP/1.0 401 Unauthorized');
-		}
-
-		foreach($result->getHeaders() as $name => $value) {
-			header($name . ': ' . $value);
-		}
-
-		$meta = $result->getMeta();
-		$data = $result->getData();
-		if (self::isV2($request)) {
-			$statusCode = self::mapStatusCodes($result->getStatusCode());
-			if (!is_null($statusCode)) {
-				$meta['statuscode'] = $statusCode;
-				OC_Response::setStatus($statusCode);
-			}
-		}
-
-		self::setContentType($format);
-		$body = self::renderResult($format, $meta, $data);
-		echo $body;
-	}
-
-	/**
-	 * @param XMLWriter $writer
-	 */
-	private static function toXML($array, $writer) {
-		foreach($array as $k => $v) {
-			if ($k[0] === '@') {
-				$writer->writeAttribute(substr($k, 1), $v);
-				continue;
-			} else if (is_numeric($k)) {
-				$k = 'element';
-			}
-			if(is_array($v)) {
-				$writer->startElement($k);
-				self::toXML($v, $writer);
-				$writer->endElement();
-			} else {
-				$writer->writeElement($k, $v);
-			}
-		}
-	}
-
-	/**
-	 * @return string
-	 */
-	public static function requestedFormat() {
-		$formats = array('json', 'xml');
-
-		$format = !empty($_GET['format']) && in_array($_GET['format'], $formats) ? $_GET['format'] : 'xml';
-		return $format;
-	}
-
-	/**
-	 * Based on the requested format the response content type is set
-	 * @param string $format
-	 */
-	public static function setContentType($format = null) {
-		$format = is_null($format) ? self::requestedFormat() : $format;
-		if ($format === 'xml') {
-			header('Content-type: text/xml; charset=UTF-8');
-			return;
-		}
-
-		if ($format === 'json') {
-			header('Content-Type: application/json; charset=utf-8');
-			return;
-		}
-
-		header('Content-Type: application/octet-stream; charset=utf-8');
-	}
-
-	/**
-	 * @param \OCP\IRequest $request
-	 * @return bool
-	 */
-	protected static function isV2(\OCP\IRequest $request) {
-		$script = $request->getScriptName();
-
-		return substr($script, -11) === '/ocs/v2.php';
-	}
-
-	/**
-	 * @param integer $sc
-	 * @return int
-	 */
-	public static function mapStatusCodes($sc) {
-		switch ($sc) {
-			case API::RESPOND_NOT_FOUND:
-				return Http::STATUS_NOT_FOUND;
-			case API::RESPOND_SERVER_ERROR:
-				return Http::STATUS_INTERNAL_SERVER_ERROR;
-			case API::RESPOND_UNKNOWN_ERROR:
-				return Http::STATUS_INTERNAL_SERVER_ERROR;
-			case API::RESPOND_UNAUTHORISED:
-				// already handled for v1
-				return null;
-			case 100:
-				return Http::STATUS_OK;
-		}
-		// any 2xx, 4xx and 5xx will be used as is
-		if ($sc >= 200 && $sc < 600) {
-			return $sc;
-		}
-
-		return Http::STATUS_BAD_REQUEST;
-	}
-
-	/**
-	 * @param string $format
-	 * @return string
-	 */
-	public static function renderResult($format, $meta, $data) {
-		$response = array(
-			'ocs' => array(
-				'meta' => $meta,
-				'data' => $data,
-			),
-		);
-		if ($format == 'json') {
-			return OC_JSON::encode($response);
-		}
-
-		$writer = new XMLWriter();
-		$writer->openMemory();
-		$writer->setIndent(true);
-		$writer->startDocument();
-		self::toXML($response, $writer);
-		$writer->endDocument();
-		return $writer->outputMemory(true);
-	}
+    /**
+     * API authentication levels
+     */
+
+    /** @deprecated Use \OCP\API::GUEST_AUTH instead */
+    const GUEST_AUTH = 0;
+
+    /** @deprecated Use \OCP\API::USER_AUTH instead */
+    const USER_AUTH = 1;
+
+    /** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
+    const SUBADMIN_AUTH = 2;
+
+    /** @deprecated Use \OCP\API::ADMIN_AUTH instead */
+    const ADMIN_AUTH = 3;
+
+    /**
+     * API Response Codes
+     */
+
+    /** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
+    const RESPOND_UNAUTHORISED = 997;
+
+    /** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
+    const RESPOND_SERVER_ERROR = 996;
+
+    /** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
+    const RESPOND_NOT_FOUND = 998;
+
+    /** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
+    const RESPOND_UNKNOWN_ERROR = 999;
+
+    /**
+     * api actions
+     */
+    protected static $actions = array();
+    private static $logoutRequired = false;
+    private static $isLoggedIn = false;
+
+    /**
+     * registers an api call
+     * @param string $method the http method
+     * @param string $url the url to match
+     * @param callable $action the function to run
+     * @param string $app the id of the app registering the call
+     * @param int $authLevel the level of authentication required for the call
+     * @param array $defaults
+     * @param array $requirements
+     */
+    public static function register($method, $url, $action, $app,
+                $authLevel = API::USER_AUTH,
+                $defaults = array(),
+                $requirements = array()) {
+        $name = strtolower($method).$url;
+        $name = str_replace(array('/', '{', '}'), '_', $name);
+        if(!isset(self::$actions[$name])) {
+            $oldCollection = OC::$server->getRouter()->getCurrentCollection();
+            OC::$server->getRouter()->useCollection('ocs');
+            OC::$server->getRouter()->create($name, $url)
+                ->method($method)
+                ->defaults($defaults)
+                ->requirements($requirements)
+                ->action('OC_API', 'call');
+            self::$actions[$name] = array();
+            OC::$server->getRouter()->useCollection($oldCollection);
+        }
+        self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
+    }
+
+    /**
+     * handles an api call
+     * @param array $parameters
+     */
+    public static function call($parameters) {
+        $request = \OC::$server->getRequest();
+        $method = $request->getMethod();
+
+        // Prepare the request variables
+        if($method === 'PUT') {
+            $parameters['_put'] = $request->getParams();
+        } else if($method === 'DELETE') {
+            $parameters['_delete'] = $request->getParams();
+        }
+        $name = $parameters['_route'];
+        // Foreach registered action
+        $responses = array();
+        $appManager = \OC::$server->getAppManager();
+        foreach(self::$actions[$name] as $action) {
+            // Check authentication and availability
+            if(!self::isAuthorised($action)) {
+                $responses[] = array(
+                    'app' => $action['app'],
+                    'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
+                    'shipped' => $appManager->isShipped($action['app']),
+                    );
+                continue;
+            }
+            if(!is_callable($action['action'])) {
+                $responses[] = array(
+                    'app' => $action['app'],
+                    'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
+                    'shipped' => $appManager->isShipped($action['app']),
+                    );
+                continue;
+            }
+            // Run the action
+            $responses[] = array(
+                'app' => $action['app'],
+                'response' => call_user_func($action['action'], $parameters),
+                'shipped' => $appManager->isShipped($action['app']),
+                );
+        }
+        $response = self::mergeResponses($responses);
+        $format = self::requestedFormat();
+        if (self::$logoutRequired) {
+            \OC::$server->getUserSession()->logout();
+        }
+
+        self::respond($response, $format);
+    }
+
+    /**
+     * merge the returned result objects into one response
+     * @param array $responses
+     * @return \OC\OCS\Result
+     */
+    public static function mergeResponses($responses) {
+        // Sort into shipped and third-party
+        $shipped = array(
+            'succeeded' => array(),
+            'failed' => array(),
+            );
+        $thirdparty = array(
+            'succeeded' => array(),
+            'failed' => array(),
+            );
+
+        foreach($responses as $response) {
+            if($response['shipped'] || ($response['app'] === 'core')) {
+                if($response['response']->succeeded()) {
+                    $shipped['succeeded'][$response['app']] = $response;
+                } else {
+                    $shipped['failed'][$response['app']] = $response;
+                }
+            } else {
+                if($response['response']->succeeded()) {
+                    $thirdparty['succeeded'][$response['app']] = $response;
+                } else {
+                    $thirdparty['failed'][$response['app']] = $response;
+                }
+            }
+        }
+
+        // Remove any error responses if there is one shipped response that succeeded
+        if(!empty($shipped['failed'])) {
+            // Which shipped response do we use if they all failed?
+            // They may have failed for different reasons (different status codes)
+            // Which response code should we return?
+            // Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
+            // Merge failed responses if more than one
+            $data = array();
+            foreach($shipped['failed'] as $failure) {
+                $data = array_merge_recursive($data, $failure['response']->getData());
+            }
+            $picked = reset($shipped['failed']);
+            $code = $picked['response']->getStatusCode();
+            $meta = $picked['response']->getMeta();
+            $headers = $picked['response']->getHeaders();
+            $response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
+            return $response;
+        } elseif(!empty($shipped['succeeded'])) {
+            $responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
+        } elseif(!empty($thirdparty['failed'])) {
+            // Merge failed responses if more than one
+            $data = array();
+            foreach($thirdparty['failed'] as $failure) {
+                $data = array_merge_recursive($data, $failure['response']->getData());
+            }
+            $picked = reset($thirdparty['failed']);
+            $code = $picked['response']->getStatusCode();
+            $meta = $picked['response']->getMeta();
+            $headers = $picked['response']->getHeaders();
+            $response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
+            return $response;
+        } else {
+            $responses = $thirdparty['succeeded'];
+        }
+        // Merge the successful responses
+        $data = [];
+        $codes = [];
+        $header = [];
+
+        foreach($responses as $response) {
+            if($response['shipped']) {
+                $data = array_merge_recursive($response['response']->getData(), $data);
+            } else {
+                $data = array_merge_recursive($data, $response['response']->getData());
+            }
+            $header = array_merge_recursive($header, $response['response']->getHeaders());
+            $codes[] = ['code' => $response['response']->getStatusCode(),
+                'meta' => $response['response']->getMeta()];
+        }
+
+        // Use any non 100 status codes
+        $statusCode = 100;
+        $statusMessage = null;
+        foreach($codes as $code) {
+            if($code['code'] != 100) {
+                $statusCode = $code['code'];
+                $statusMessage = $code['meta']['message'];
+                break;
+            }
+        }
+
+        return new \OC\OCS\Result($data, $statusCode, $statusMessage, $header);
+    }
+
+    /**
+     * authenticate the api call
+     * @param array $action the action details as supplied to OC_API::register()
+     * @return bool
+     */
+    private static function isAuthorised($action) {
+        $level = $action['authlevel'];
+        switch($level) {
+            case API::GUEST_AUTH:
+                // Anyone can access
+                return true;
+            case API::USER_AUTH:
+                // User required
+                return self::loginUser();
+            case API::SUBADMIN_AUTH:
+                // Check for subadmin
+                $user = self::loginUser();
+                if(!$user) {
+                    return false;
+                } else {
+                    $userObject = \OC::$server->getUserSession()->getUser();
+                    if($userObject === null) {
+                        return false;
+                    }
+                    $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
+                    $admin = OC_User::isAdminUser($user);
+                    if($isSubAdmin || $admin) {
+                        return true;
+                    } else {
+                        return false;
+                    }
+                }
+            case API::ADMIN_AUTH:
+                // Check for admin
+                $user = self::loginUser();
+                if(!$user) {
+                    return false;
+                } else {
+                    return OC_User::isAdminUser($user);
+                }
+            default:
+                // oops looks like invalid level supplied
+                return false;
+        }
+    }
+
+    /**
+     * http basic auth
+     * @return string|false (username, or false on failure)
+     */
+    private static function loginUser() {
+        if(self::$isLoggedIn === true) {
+            return \OC_User::getUser();
+        }
+
+        // reuse existing login
+        $loggedIn = \OC::$server->getUserSession()->isLoggedIn();
+        if ($loggedIn === true) {
+            if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
+                // Do not allow access to OCS until the 2FA challenge was solved successfully
+                return false;
+            }
+            $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
+            if ($ocsApiRequest) {
+
+                // initialize the user's filesystem
+                \OC_Util::setupFS(\OC_User::getUser());
+                self::$isLoggedIn = true;
+
+                return OC_User::getUser();
+            }
+            return false;
+        }
+
+        // basic auth - because OC_User::login will create a new session we shall only try to login
+        // if user and pass are set
+        $userSession = \OC::$server->getUserSession();
+        $request = \OC::$server->getRequest();
+        try {
+            if ($userSession->tryTokenLogin($request)
+                || $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
+                self::$logoutRequired = true;
+            } else {
+                return false;
+            }
+            // initialize the user's filesystem
+            \OC_Util::setupFS(\OC_User::getUser());
+            self::$isLoggedIn = true;
+
+            return \OC_User::getUser();
+        } catch (\OC\User\LoginException $e) {
+            return false;
+        }
+    }
+
+    /**
+     * respond to a call
+     * @param \OC\OCS\Result $result
+     * @param string $format the format xml|json
+     */
+    public static function respond($result, $format='xml') {
+        $request = \OC::$server->getRequest();
+
+        // Send 401 headers if unauthorised
+        if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
+            // If request comes from JS return dummy auth request
+            if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
+                header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
+            } else {
+                header('WWW-Authenticate: Basic realm="Authorisation Required"');
+            }
+            header('HTTP/1.0 401 Unauthorized');
+        }
+
+        foreach($result->getHeaders() as $name => $value) {
+            header($name . ': ' . $value);
+        }
+
+        $meta = $result->getMeta();
+        $data = $result->getData();
+        if (self::isV2($request)) {
+            $statusCode = self::mapStatusCodes($result->getStatusCode());
+            if (!is_null($statusCode)) {
+                $meta['statuscode'] = $statusCode;
+                OC_Response::setStatus($statusCode);
+            }
+        }
+
+        self::setContentType($format);
+        $body = self::renderResult($format, $meta, $data);
+        echo $body;
+    }
+
+    /**
+     * @param XMLWriter $writer
+     */
+    private static function toXML($array, $writer) {
+        foreach($array as $k => $v) {
+            if ($k[0] === '@') {
+                $writer->writeAttribute(substr($k, 1), $v);
+                continue;
+            } else if (is_numeric($k)) {
+                $k = 'element';
+            }
+            if(is_array($v)) {
+                $writer->startElement($k);
+                self::toXML($v, $writer);
+                $writer->endElement();
+            } else {
+                $writer->writeElement($k, $v);
+            }
+        }
+    }
+
+    /**
+     * @return string
+     */
+    public static function requestedFormat() {
+        $formats = array('json', 'xml');
+
+        $format = !empty($_GET['format']) && in_array($_GET['format'], $formats) ? $_GET['format'] : 'xml';
+        return $format;
+    }
+
+    /**
+     * Based on the requested format the response content type is set
+     * @param string $format
+     */
+    public static function setContentType($format = null) {
+        $format = is_null($format) ? self::requestedFormat() : $format;
+        if ($format === 'xml') {
+            header('Content-type: text/xml; charset=UTF-8');
+            return;
+        }
+
+        if ($format === 'json') {
+            header('Content-Type: application/json; charset=utf-8');
+            return;
+        }
+
+        header('Content-Type: application/octet-stream; charset=utf-8');
+    }
+
+    /**
+     * @param \OCP\IRequest $request
+     * @return bool
+     */
+    protected static function isV2(\OCP\IRequest $request) {
+        $script = $request->getScriptName();
+
+        return substr($script, -11) === '/ocs/v2.php';
+    }
+
+    /**
+     * @param integer $sc
+     * @return int
+     */
+    public static function mapStatusCodes($sc) {
+        switch ($sc) {
+            case API::RESPOND_NOT_FOUND:
+                return Http::STATUS_NOT_FOUND;
+            case API::RESPOND_SERVER_ERROR:
+                return Http::STATUS_INTERNAL_SERVER_ERROR;
+            case API::RESPOND_UNKNOWN_ERROR:
+                return Http::STATUS_INTERNAL_SERVER_ERROR;
+            case API::RESPOND_UNAUTHORISED:
+                // already handled for v1
+                return null;
+            case 100:
+                return Http::STATUS_OK;
+        }
+        // any 2xx, 4xx and 5xx will be used as is
+        if ($sc >= 200 && $sc < 600) {
+            return $sc;
+        }
+
+        return Http::STATUS_BAD_REQUEST;
+    }
+
+    /**
+     * @param string $format
+     * @return string
+     */
+    public static function renderResult($format, $meta, $data) {
+        $response = array(
+            'ocs' => array(
+                'meta' => $meta,
+                'data' => $data,
+            ),
+        );
+        if ($format == 'json') {
+            return OC_JSON::encode($response);
+        }
+
+        $writer = new XMLWriter();
+        $writer->openMemory();
+        $writer->setIndent(true);
+        $writer->startDocument();
+        self::toXML($response, $writer);
+        $writer->endDocument();
+        return $writer->outputMemory(true);
+    }
 }

Spacing +32 added lines, -32 removed lines

@@ -92,7 +92,7 @@ 
 				$requirements = array()) {
 		$name = strtolower($method).$url;
 		$name = str_replace(array('/', '{', '}'), '_', $name);
-		if(!isset(self::$actions[$name])) {
+		if (!isset(self::$actions[$name])) {
 			$oldCollection = OC::$server->getRouter()->getCurrentCollection();
 			OC::$server->getRouter()->useCollection('ocs');
 			OC::$server->getRouter()->create($name, $url)
@@ -115,18 +115,18 @@ 
 		$method = $request->getMethod();
 
 		// Prepare the request variables
-		if($method === 'PUT') {
+		if ($method === 'PUT') {
 			$parameters['_put'] = $request->getParams();
-		} else if($method === 'DELETE') {
+		} else if ($method === 'DELETE') {
 			$parameters['_delete'] = $request->getParams();
 		}
 		$name = $parameters['_route'];
 		// Foreach registered action
 		$responses = array();
 		$appManager = \OC::$server->getAppManager();
-		foreach(self::$actions[$name] as $action) {
+		foreach (self::$actions[$name] as $action) {
 			// Check authentication and availability
-			if(!self::isAuthorised($action)) {
+			if (!self::isAuthorised($action)) {
 				$responses[] = array(
 					'app' => $action['app'],
 					'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
@@ -134,7 +134,7 @@ 
 					);
 				continue;
 			}
-			if(!is_callable($action['action'])) {
+			if (!is_callable($action['action'])) {
 				$responses[] = array(
 					'app' => $action['app'],
 					'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
@@ -174,15 +174,15 @@ 
 			'failed' => array(),
 			);
 
-		foreach($responses as $response) {
-			if($response['shipped'] || ($response['app'] === 'core')) {
-				if($response['response']->succeeded()) {
+		foreach ($responses as $response) {
+			if ($response['shipped'] || ($response['app'] === 'core')) {
+				if ($response['response']->succeeded()) {
 					$shipped['succeeded'][$response['app']] = $response;
 				} else {
 					$shipped['failed'][$response['app']] = $response;
 				}
 			} else {
-				if($response['response']->succeeded()) {
+				if ($response['response']->succeeded()) {
 					$thirdparty['succeeded'][$response['app']] = $response;
 				} else {
 					$thirdparty['failed'][$response['app']] = $response;
@@ -191,14 +191,14 @@ 
 		}
 
 		// Remove any error responses if there is one shipped response that succeeded
-		if(!empty($shipped['failed'])) {
+		if (!empty($shipped['failed'])) {
 			// Which shipped response do we use if they all failed?
 			// They may have failed for different reasons (different status codes)
 			// Which response code should we return?
 			// Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
 			// Merge failed responses if more than one
 			$data = array();
-			foreach($shipped['failed'] as $failure) {
+			foreach ($shipped['failed'] as $failure) {
 				$data = array_merge_recursive($data, $failure['response']->getData());
 			}
 			$picked = reset($shipped['failed']);
@@ -207,12 +207,12 @@ 
 			$headers = $picked['response']->getHeaders();
 			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
 			return $response;
-		} elseif(!empty($shipped['succeeded'])) {
+		} elseif (!empty($shipped['succeeded'])) {
 			$responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
-		} elseif(!empty($thirdparty['failed'])) {
+		} elseif (!empty($thirdparty['failed'])) {
 			// Merge failed responses if more than one
 			$data = array();
-			foreach($thirdparty['failed'] as $failure) {
+			foreach ($thirdparty['failed'] as $failure) {
 				$data = array_merge_recursive($data, $failure['response']->getData());
 			}
 			$picked = reset($thirdparty['failed']);
@@ -229,8 +229,8 @@ 
 		$codes = [];
 		$header = [];
 
-		foreach($responses as $response) {
-			if($response['shipped']) {
+		foreach ($responses as $response) {
+			if ($response['shipped']) {
 				$data = array_merge_recursive($response['response']->getData(), $data);
 			} else {
 				$data = array_merge_recursive($data, $response['response']->getData());
@@ -243,8 +243,8 @@ 
 		// Use any non 100 status codes
 		$statusCode = 100;
 		$statusMessage = null;
-		foreach($codes as $code) {
-			if($code['code'] != 100) {
+		foreach ($codes as $code) {
+			if ($code['code'] != 100) {
 				$statusCode = $code['code'];
 				$statusMessage = $code['meta']['message'];
 				break;
@@ -261,7 +261,7 @@ 
 	 */
 	private static function isAuthorised($action) {
 		$level = $action['authlevel'];
-		switch($level) {
+		switch ($level) {
 			case API::GUEST_AUTH:
 				// Anyone can access
 				return true;
@@ -271,16 +271,16 @@ 
 			case API::SUBADMIN_AUTH:
 				// Check for subadmin
 				$user = self::loginUser();
-				if(!$user) {
+				if (!$user) {
 					return false;
 				} else {
 					$userObject = \OC::$server->getUserSession()->getUser();
-					if($userObject === null) {
+					if ($userObject === null) {
 						return false;
 					}
 					$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
 					$admin = OC_User::isAdminUser($user);
-					if($isSubAdmin || $admin) {
+					if ($isSubAdmin || $admin) {
 						return true;
 					} else {
 						return false;
@@ -289,7 +289,7 @@ 
 			case API::ADMIN_AUTH:
 				// Check for admin
 				$user = self::loginUser();
-				if(!$user) {
+				if (!$user) {
 					return false;
 				} else {
 					return OC_User::isAdminUser($user);
@@ -305,7 +305,7 @@ 
 	 * @return string|false (username, or false on failure)
 	 */
 	private static function loginUser() {
-		if(self::$isLoggedIn === true) {
+		if (self::$isLoggedIn === true) {
 			return \OC_User::getUser();
 		}
 
@@ -354,13 +354,13 @@ 
 	 * @param \OC\OCS\Result $result
 	 * @param string $format the format xml|json
 	 */
-	public static function respond($result, $format='xml') {
+	public static function respond($result, $format = 'xml') {
 		$request = \OC::$server->getRequest();
 
 		// Send 401 headers if unauthorised
-		if($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
+		if ($result->getStatusCode() === API::RESPOND_UNAUTHORISED) {
 			// If request comes from JS return dummy auth request
-			if($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
+			if ($request->getHeader('X-Requested-With') === 'XMLHttpRequest') {
 				header('WWW-Authenticate: DummyBasic realm="Authorisation Required"');
 			} else {
 				header('WWW-Authenticate: Basic realm="Authorisation Required"');
@@ -368,8 +368,8 @@ 
 			header('HTTP/1.0 401 Unauthorized');
 		}
 
-		foreach($result->getHeaders() as $name => $value) {
-			header($name . ': ' . $value);
+		foreach ($result->getHeaders() as $name => $value) {
+			header($name.': '.$value);
 		}
 
 		$meta = $result->getMeta();
@@ -391,14 +391,14 @@ 
 	 * @param XMLWriter $writer
 	 */
 	private static function toXML($array, $writer) {
-		foreach($array as $k => $v) {
+		foreach ($array as $k => $v) {
 			if ($k[0] === '@') {
 				$writer->writeAttribute(substr($k, 1), $v);
 				continue;
 			} else if (is_numeric($k)) {
 				$k = 'element';
 			}
-			if(is_array($v)) {
+			if (is_array($v)) {
 				$writer->startElement($k);
 				self::toXML($v, $writer);
 				$writer->endElement();

lib/public/AppFramework/Http/OCSResponse.php

Indentation +49 added lines, -49 removed lines

@@ -36,59 +36,59 @@
  */
 class OCSResponse extends Response {
 
-	private $data;
-	private $format;
-	private $statuscode;
-	private $message;
-	private $itemscount;
-	private $itemsperpage;
+    private $data;
+    private $format;
+    private $statuscode;
+    private $message;
+    private $itemscount;
+    private $itemsperpage;
 
-	/**
-	 * generates the xml or json response for the API call from an multidimenional data array.
-	 * @param string $format
-	 * @param int $statuscode
-	 * @param string $message
-	 * @param array $data
-	 * @param int|string $itemscount
-	 * @param int|string $itemsperpage
-	 * @since 8.1.0
-	 * @deprecated 9.2.0 To implement an OCS endpoint extend the OCSController
-	 */
-	public function __construct($format, $statuscode, $message,
-								$data=[], $itemscount='',
-								$itemsperpage='') {
-		$this->format = $format;
-		$this->statuscode = $statuscode;
-		$this->message = $message;
-		$this->data = $data;
-		$this->itemscount = $itemscount;
-		$this->itemsperpage = $itemsperpage;
+    /**
+     * generates the xml or json response for the API call from an multidimenional data array.
+     * @param string $format
+     * @param int $statuscode
+     * @param string $message
+     * @param array $data
+     * @param int|string $itemscount
+     * @param int|string $itemsperpage
+     * @since 8.1.0
+     * @deprecated 9.2.0 To implement an OCS endpoint extend the OCSController
+     */
+    public function __construct($format, $statuscode, $message,
+                                $data=[], $itemscount='',
+                                $itemsperpage='') {
+        $this->format = $format;
+        $this->statuscode = $statuscode;
+        $this->message = $message;
+        $this->data = $data;
+        $this->itemscount = $itemscount;
+        $this->itemsperpage = $itemsperpage;
 
-		// set the correct header based on the format parameter
-		if ($format === 'json') {
-			$this->addHeader(
-				'Content-Type', 'application/json; charset=utf-8'
-			);
-		} else {
-			$this->addHeader(
-				'Content-Type', 'application/xml; charset=utf-8'
-			);
-		}
-	}
+        // set the correct header based on the format parameter
+        if ($format === 'json') {
+            $this->addHeader(
+                'Content-Type', 'application/json; charset=utf-8'
+            );
+        } else {
+            $this->addHeader(
+                'Content-Type', 'application/xml; charset=utf-8'
+            );
+        }
+    }
 
-	/**
-	 * @return string
-	 * @since 8.1.0
-	 * @deprecated 9.2.0 To implement an OCS endpoint extend the OCSController
-	 * @suppress PhanDeprecatedClass
-	 */
-	public function render() {
-		$r = new \OC\OCS\Result($this->data, $this->statuscode, $this->message);
-		$r->setTotalItems($this->itemscount);
-		$r->setItemsPerPage($this->itemsperpage);
+    /**
+     * @return string
+     * @since 8.1.0
+     * @deprecated 9.2.0 To implement an OCS endpoint extend the OCSController
+     * @suppress PhanDeprecatedClass
+     */
+    public function render() {
+        $r = new \OC\OCS\Result($this->data, $this->statuscode, $this->message);
+        $r->setTotalItems($this->itemscount);
+        $r->setItemsPerPage($this->itemsperpage);
 
-		return \OC_API::renderResult($this->format, $r->getMeta(), $r->getData());
-	}
+        return \OC_API::renderResult($this->format, $r->getMeta(), $r->getData());
+    }
 
 
 }