nextcloud /
server
| Total Complexity | 44 |
| Total Lines | 248 |
| Duplicated Lines | 0 % |
| Changes | 0 | ||
Complex classes like SystemAddressbook often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use SystemAddressbook, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 50 | class SystemAddressbook extends AddressBook { |
||
| 51 | public const URI_SHARED = 'z-server-generated--system'; |
||
| 52 | /** @var IConfig */ |
||
| 53 | private $config; |
||
| 54 | private IUserSession $userSession; |
||
| 55 | private ?TrustedServers $trustedServers; |
||
| 56 | private ?IRequest $request; |
||
| 57 | private ?IGroupManager $groupManager; |
||
| 58 | |||
| 59 | public function __construct(BackendInterface $carddavBackend, |
||
| 60 | array $addressBookInfo, |
||
| 61 | IL10N $l10n, |
||
| 62 | IConfig $config, |
||
| 63 | IUserSession $userSession, |
||
| 64 | ?IRequest $request = null, |
||
| 65 | ?TrustedServers $trustedServers = null, |
||
| 66 | ?IGroupManager $groupManager) { |
||
| 67 | parent::__construct($carddavBackend, $addressBookInfo, $l10n); |
||
| 68 | $this->config = $config; |
||
| 69 | $this->userSession = $userSession; |
||
| 70 | $this->request = $request; |
||
| 71 | $this->trustedServers = $trustedServers; |
||
| 72 | $this->groupManager = $groupManager; |
||
| 73 | |||
| 74 | $this->addressBookInfo['{DAV:}displayname'] = $l10n->t('Accounts'); |
||
| 75 | $this->addressBookInfo['{' . Plugin::NS_CARDDAV . '}addressbook-description'] = $l10n->t('System address book which holds all accounts'); |
||
| 76 | } |
||
| 77 | |||
| 78 | /** |
||
| 79 | * No checkbox checked -> Show only the same user |
||
| 80 | * 'Allow username autocompletion in share dialog' -> show everyone |
||
| 81 | * 'Allow username autocompletion in share dialog' + 'Allow username autocompletion to users within the same groups' -> show only users in intersecting groups |
||
| 82 | * 'Allow username autocompletion in share dialog' + 'Allow username autocompletion to users based on phone number integration' -> show only the same user |
||
| 83 | * 'Allow username autocompletion in share dialog' + 'Allow username autocompletion to users within the same groups' + 'Allow username autocompletion to users based on phone number integration' -> show only users in intersecting groups |
||
| 84 | */ |
||
| 85 | public function getChildren() { |
||
| 86 | $shareEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes'; |
||
| 87 | $shareEnumerationGroup = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes'; |
||
| 88 | $shareEnumerationPhone = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes'; |
||
| 89 | $user = $this->userSession->getUser(); |
||
| 90 | if (!$user) { |
||
| 91 | // Should never happen because we don't allow anonymous access |
||
| 92 | return []; |
||
| 93 | } |
||
| 94 | if (!$shareEnumeration || !$shareEnumerationGroup && $shareEnumerationPhone) { |
||
| 95 | $name = SyncService::getCardUri($user); |
||
| 96 | try { |
||
| 97 | return [parent::getChild($name)]; |
||
| 98 | } catch (NotFound $e) { |
||
| 99 | return []; |
||
| 100 | } |
||
| 101 | } |
||
| 102 | if ($shareEnumerationGroup) { |
||
| 103 | if ($this->groupManager === null) { |
||
| 104 | // Group manager is not available, so we can't determine which data is safe |
||
| 105 | return []; |
||
| 106 | } |
||
| 107 | $groups = $this->groupManager->getUserGroups($user); |
||
| 108 | $names = []; |
||
| 109 | foreach ($groups as $group) { |
||
| 110 | $users = $group->getUsers(); |
||
| 111 | foreach ($users as $groupUser) { |
||
| 112 | if ($groupUser->getBackendClassName() === 'Guests') { |
||
| 113 | continue; |
||
| 114 | } |
||
| 115 | $names[] = SyncService::getCardUri($groupUser); |
||
| 116 | } |
||
| 117 | } |
||
| 118 | return parent::getMultipleChildren(array_unique($names)); |
||
| 119 | } |
||
| 120 | |||
| 121 | $children = parent::getChildren(); |
||
| 122 | return array_filter($children, function (Card $child) { |
||
| 123 | // check only for URIs that begin with Guests: |
||
| 124 | return strpos($child->getName(), 'Guests:') !== 0; |
||
| 125 | }); |
||
| 126 | } |
||
| 127 | |||
| 128 | /** |
||
| 129 | * @param array $paths |
||
| 130 | * @return Card[] |
||
| 131 | * @throws NotFound |
||
| 132 | */ |
||
| 133 | public function getMultipleChildren($paths): array { |
||
| 134 | if (!$this->isFederation()) { |
||
| 135 | return parent::getMultipleChildren($paths); |
||
| 136 | } |
||
| 137 | |||
| 138 | $objs = $this->carddavBackend->getMultipleCards($this->addressBookInfo['id'], $paths); |
||
| 139 | $children = []; |
||
| 140 | /** @var array $obj */ |
||
| 141 | foreach ($objs as $obj) { |
||
| 142 | if (empty($obj)) { |
||
| 143 | continue; |
||
| 144 | } |
||
| 145 | $carddata = $this->extractCarddata($obj); |
||
| 146 | if (empty($carddata)) { |
||
| 147 | continue; |
||
| 148 | } else { |
||
| 149 | $obj['carddata'] = $carddata; |
||
| 150 | } |
||
| 151 | $children[] = new Card($this->carddavBackend, $this->addressBookInfo, $obj); |
||
| 152 | } |
||
| 153 | return $children; |
||
| 154 | } |
||
| 155 | |||
| 156 | /** |
||
| 157 | * @param string $name |
||
| 158 | * @return Card |
||
| 159 | * @throws NotFound |
||
| 160 | * @throws Forbidden |
||
| 161 | */ |
||
| 162 | public function getChild($name): Card { |
||
| 163 | if (!$this->isFederation()) { |
||
| 164 | return parent::getChild($name); |
||
| 165 | } |
||
| 166 | |||
| 167 | $obj = $this->carddavBackend->getCard($this->addressBookInfo['id'], $name); |
||
| 168 | if (!$obj) { |
||
|
|
|||
| 169 | throw new NotFound('Card not found'); |
||
| 170 | } |
||
| 171 | $carddata = $this->extractCarddata($obj); |
||
| 172 | if (empty($carddata)) { |
||
| 173 | throw new Forbidden(); |
||
| 174 | } else { |
||
| 175 | $obj['carddata'] = $carddata; |
||
| 176 | } |
||
| 177 | return new Card($this->carddavBackend, $this->addressBookInfo, $obj); |
||
| 178 | } |
||
| 179 | |||
| 180 | /** |
||
| 181 | * @throws UnsupportedLimitOnInitialSyncException |
||
| 182 | */ |
||
| 183 | public function getChanges($syncToken, $syncLevel, $limit = null) { |
||
| 228 | } |
||
| 229 | |||
| 230 | private function isFederation(): bool { |
||
| 231 | if ($this->trustedServers === null || $this->request === null) { |
||
| 232 | return false; |
||
| 233 | } |
||
| 234 | |||
| 235 | /** @psalm-suppress NoInterfaceProperties */ |
||
| 236 | if ($this->request->server['PHP_AUTH_USER'] !== 'system') { |
||
| 237 | return false; |
||
| 238 | } |
||
| 239 | |||
| 240 | /** @psalm-suppress NoInterfaceProperties */ |
||
| 241 | $sharedSecret = $this->request->server['PHP_AUTH_PW']; |
||
| 242 | if ($sharedSecret === null) { |
||
| 243 | return false; |
||
| 244 | } |
||
| 245 | |||
| 246 | $servers = $this->trustedServers->getServers(); |
||
| 247 | $trusted = array_filter($servers, function ($trustedServer) use ($sharedSecret) { |
||
| 248 | return $trustedServer['shared_secret'] === $sharedSecret; |
||
| 249 | }); |
||
| 250 | // Authentication is fine, but it's not for a federated share |
||
| 251 | if (empty($trusted)) { |
||
| 252 | return false; |
||
| 253 | } |
||
| 254 | |||
| 255 | return true; |
||
| 256 | } |
||
| 257 | |||
| 258 | /** |
||
| 259 | * If the validation doesn't work the card is "not found" so we |
||
| 260 | * return empty carddata even if the carddata might exist in the local backend. |
||
| 261 | * This can happen when a user sets the required properties |
||
| 262 | * FN, N to a local scope only but the request is from |
||
| 263 | * a federated share. |
||
| 264 | * |
||
| 265 | * @see https://github.com/nextcloud/server/issues/38042 |
||
| 266 | * |
||
| 267 | * @param array $obj |
||
| 268 | * @return string|null |
||
| 269 | */ |
||
| 270 | private function extractCarddata(array $obj): ?string { |
||
| 271 | $obj['acl'] = $this->getChildACL(); |
||
| 272 | $cardData = $obj['carddata']; |
||
| 273 | /** @var VCard $vCard */ |
||
| 274 | $vCard = Reader::read($cardData); |
||
| 275 | foreach ($vCard->children() as $child) { |
||
| 276 | $scope = $child->offsetGet('X-NC-SCOPE'); |
||
| 277 | if ($scope !== null && $scope->getValue() === IAccountManager::SCOPE_LOCAL) { |
||
| 278 | $vCard->remove($child); |
||
| 279 | } |
||
| 280 | } |
||
| 281 | $messages = $vCard->validate(); |
||
| 282 | if (!empty($messages)) { |
||
| 283 | return null; |
||
| 284 | } |
||
| 285 | |||
| 286 | return $vCard->serialize(); |
||
| 287 | } |
||
| 288 | |||
| 289 | /** |
||
| 290 | * @return mixed |
||
| 291 | * @throws Forbidden |
||
| 292 | */ |
||
| 293 | public function delete() { |
||
| 298 | } |
||
| 299 | } |
||
| 300 |
Loading history...
This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.
Consider making the comparison explicit by using
empty(..)or! empty(...)instead.