nextcloud /
server
@@ -27,27 +27,27 @@ |
||
| 27 | 27 | |
| 28 | 28 | class Settings { |
| 29 | 29 | |
| 30 | - /** @var SettingsManager */ |
|
| 31 | - private $settingsManager; |
|
| 32 | - |
|
| 33 | - public function __construct(SettingsManager $settingsManager) { |
|
| 34 | - $this->settingsManager = $settingsManager; |
|
| 35 | - } |
|
| 36 | - |
|
| 37 | - /** |
|
| 38 | - * announce that the share-by-mail share provider is enabled |
|
| 39 | - * |
|
| 40 | - * @param array $settings |
|
| 41 | - */ |
|
| 42 | - public function announceShareProvider(array $settings) { |
|
| 43 | - $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 44 | - $array['shareByMailEnabled'] = true; |
|
| 45 | - $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 46 | - } |
|
| 47 | - |
|
| 48 | - public function announceShareByMailSettings(array $settings) { |
|
| 49 | - $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 50 | - $array['shareByMail']['enforcePasswordProtection'] = $this->settingsManager->enforcePasswordProtection(); |
|
| 51 | - $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 52 | - } |
|
| 30 | + /** @var SettingsManager */ |
|
| 31 | + private $settingsManager; |
|
| 32 | + |
|
| 33 | + public function __construct(SettingsManager $settingsManager) { |
|
| 34 | + $this->settingsManager = $settingsManager; |
|
| 35 | + } |
|
| 36 | + |
|
| 37 | + /** |
|
| 38 | + * announce that the share-by-mail share provider is enabled |
|
| 39 | + * |
|
| 40 | + * @param array $settings |
|
| 41 | + */ |
|
| 42 | + public function announceShareProvider(array $settings) { |
|
| 43 | + $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 44 | + $array['shareByMailEnabled'] = true; |
|
| 45 | + $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 46 | + } |
|
| 47 | + |
|
| 48 | + public function announceShareByMailSettings(array $settings) { |
|
| 49 | + $array = json_decode($settings['array']['oc_appconfig'], true); |
|
| 50 | + $array['shareByMail']['enforcePasswordProtection'] = $this->settingsManager->enforcePasswordProtection(); |
|
| 51 | + $settings['array']['oc_appconfig'] = json_encode($array); |
|
| 52 | + } |
|
| 53 | 53 | } |
@@ -28,13 +28,13 @@ |
||
| 28 | 28 | * @brief wraps around static Nextcloud core methods |
| 29 | 29 | */ |
| 30 | 30 | class LogWrapper { |
| 31 | - protected $app = 'user_ldap'; |
|
| 31 | + protected $app = 'user_ldap'; |
|
| 32 | 32 | |
| 33 | - /** |
|
| 34 | - * @brief states whether the filesystem was loaded |
|
| 35 | - * @return bool |
|
| 36 | - */ |
|
| 37 | - public function log($msg, $level) { |
|
| 38 | - \OCP\Util::writeLog($this->app, $msg, $level); |
|
| 39 | - } |
|
| 33 | + /** |
|
| 34 | + * @brief states whether the filesystem was loaded |
|
| 35 | + * @return bool |
|
| 36 | + */ |
|
| 37 | + public function log($msg, $level) { |
|
| 38 | + \OCP\Util::writeLog($this->app, $msg, $level); |
|
| 39 | + } |
|
| 40 | 40 | } |
@@ -29,19 +29,19 @@ |
||
| 29 | 29 | */ |
| 30 | 30 | class FilesystemHelper { |
| 31 | 31 | |
| 32 | - /** |
|
| 33 | - * @brief states whether the filesystem was loaded |
|
| 34 | - * @return bool |
|
| 35 | - */ |
|
| 36 | - public function isLoaded() { |
|
| 37 | - return \OC\Files\Filesystem::$loaded; |
|
| 38 | - } |
|
| 32 | + /** |
|
| 33 | + * @brief states whether the filesystem was loaded |
|
| 34 | + * @return bool |
|
| 35 | + */ |
|
| 36 | + public function isLoaded() { |
|
| 37 | + return \OC\Files\Filesystem::$loaded; |
|
| 38 | + } |
|
| 39 | 39 | |
| 40 | - /** |
|
| 41 | - * @brief initializes the filesystem for the given user |
|
| 42 | - * @param string $uid the Nextcloud username of the user |
|
| 43 | - */ |
|
| 44 | - public function setup($uid) { |
|
| 45 | - \OC_Util::setupFS($uid); |
|
| 46 | - } |
|
| 40 | + /** |
|
| 41 | + * @brief initializes the filesystem for the given user |
|
| 42 | + * @param string $uid the Nextcloud username of the user |
|
| 43 | + */ |
|
| 44 | + public function setup($uid) { |
|
| 45 | + \OC_Util::setupFS($uid); |
|
| 46 | + } |
|
| 47 | 47 | } |
@@ -42,97 +42,97 @@ |
||
| 42 | 42 | * Migrate mount config from mount.json to the database |
| 43 | 43 | */ |
| 44 | 44 | class StorageMigrator { |
| 45 | - /** |
|
| 46 | - * @var BackendService |
|
| 47 | - */ |
|
| 48 | - private $backendService; |
|
| 45 | + /** |
|
| 46 | + * @var BackendService |
|
| 47 | + */ |
|
| 48 | + private $backendService; |
|
| 49 | 49 | |
| 50 | - /** |
|
| 51 | - * @var DBConfigService |
|
| 52 | - */ |
|
| 53 | - private $dbConfig; |
|
| 50 | + /** |
|
| 51 | + * @var DBConfigService |
|
| 52 | + */ |
|
| 53 | + private $dbConfig; |
|
| 54 | 54 | |
| 55 | - /** |
|
| 56 | - * @var IConfig |
|
| 57 | - */ |
|
| 58 | - private $config; |
|
| 55 | + /** |
|
| 56 | + * @var IConfig |
|
| 57 | + */ |
|
| 58 | + private $config; |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * @var IDBConnection |
|
| 62 | - */ |
|
| 63 | - private $connection; |
|
| 60 | + /** |
|
| 61 | + * @var IDBConnection |
|
| 62 | + */ |
|
| 63 | + private $connection; |
|
| 64 | 64 | |
| 65 | - /** |
|
| 66 | - * @var ILogger |
|
| 67 | - */ |
|
| 68 | - private $logger; |
|
| 65 | + /** |
|
| 66 | + * @var ILogger |
|
| 67 | + */ |
|
| 68 | + private $logger; |
|
| 69 | 69 | |
| 70 | - /** @var IUserMountCache */ |
|
| 71 | - private $userMountCache; |
|
| 70 | + /** @var IUserMountCache */ |
|
| 71 | + private $userMountCache; |
|
| 72 | 72 | |
| 73 | - /** |
|
| 74 | - * StorageMigrator constructor. |
|
| 75 | - * |
|
| 76 | - * @param BackendService $backendService |
|
| 77 | - * @param DBConfigService $dbConfig |
|
| 78 | - * @param IConfig $config |
|
| 79 | - * @param IDBConnection $connection |
|
| 80 | - * @param ILogger $logger |
|
| 81 | - * @param IUserMountCache $userMountCache |
|
| 82 | - */ |
|
| 83 | - public function __construct( |
|
| 84 | - BackendService $backendService, |
|
| 85 | - DBConfigService $dbConfig, |
|
| 86 | - IConfig $config, |
|
| 87 | - IDBConnection $connection, |
|
| 88 | - ILogger $logger, |
|
| 89 | - IUserMountCache $userMountCache |
|
| 90 | - ) { |
|
| 91 | - $this->backendService = $backendService; |
|
| 92 | - $this->dbConfig = $dbConfig; |
|
| 93 | - $this->config = $config; |
|
| 94 | - $this->connection = $connection; |
|
| 95 | - $this->logger = $logger; |
|
| 96 | - $this->userMountCache = $userMountCache; |
|
| 97 | - } |
|
| 73 | + /** |
|
| 74 | + * StorageMigrator constructor. |
|
| 75 | + * |
|
| 76 | + * @param BackendService $backendService |
|
| 77 | + * @param DBConfigService $dbConfig |
|
| 78 | + * @param IConfig $config |
|
| 79 | + * @param IDBConnection $connection |
|
| 80 | + * @param ILogger $logger |
|
| 81 | + * @param IUserMountCache $userMountCache |
|
| 82 | + */ |
|
| 83 | + public function __construct( |
|
| 84 | + BackendService $backendService, |
|
| 85 | + DBConfigService $dbConfig, |
|
| 86 | + IConfig $config, |
|
| 87 | + IDBConnection $connection, |
|
| 88 | + ILogger $logger, |
|
| 89 | + IUserMountCache $userMountCache |
|
| 90 | + ) { |
|
| 91 | + $this->backendService = $backendService; |
|
| 92 | + $this->dbConfig = $dbConfig; |
|
| 93 | + $this->config = $config; |
|
| 94 | + $this->connection = $connection; |
|
| 95 | + $this->logger = $logger; |
|
| 96 | + $this->userMountCache = $userMountCache; |
|
| 97 | + } |
|
| 98 | 98 | |
| 99 | - private function migrate(LegacyStoragesService $legacyService, StoragesService $storageService) { |
|
| 100 | - $existingStorage = $legacyService->getAllStorages(); |
|
| 99 | + private function migrate(LegacyStoragesService $legacyService, StoragesService $storageService) { |
|
| 100 | + $existingStorage = $legacyService->getAllStorages(); |
|
| 101 | 101 | |
| 102 | - $this->connection->beginTransaction(); |
|
| 103 | - try { |
|
| 104 | - foreach ($existingStorage as $storage) { |
|
| 105 | - $mountOptions = $storage->getMountOptions(); |
|
| 106 | - if (!empty($mountOptions) && !isset($mountOptions['enable_sharing'])) { |
|
| 107 | - // existing mounts must have sharing enabled by default to avoid surprises |
|
| 108 | - $mountOptions['enable_sharing'] = true; |
|
| 109 | - $storage->setMountOptions($mountOptions); |
|
| 110 | - } |
|
| 111 | - $storageService->addStorage($storage); |
|
| 112 | - } |
|
| 113 | - $this->connection->commit(); |
|
| 114 | - } catch (\Exception $e) { |
|
| 115 | - $this->logger->logException($e); |
|
| 116 | - $this->connection->rollBack(); |
|
| 117 | - } |
|
| 118 | - } |
|
| 102 | + $this->connection->beginTransaction(); |
|
| 103 | + try { |
|
| 104 | + foreach ($existingStorage as $storage) { |
|
| 105 | + $mountOptions = $storage->getMountOptions(); |
|
| 106 | + if (!empty($mountOptions) && !isset($mountOptions['enable_sharing'])) { |
|
| 107 | + // existing mounts must have sharing enabled by default to avoid surprises |
|
| 108 | + $mountOptions['enable_sharing'] = true; |
|
| 109 | + $storage->setMountOptions($mountOptions); |
|
| 110 | + } |
|
| 111 | + $storageService->addStorage($storage); |
|
| 112 | + } |
|
| 113 | + $this->connection->commit(); |
|
| 114 | + } catch (\Exception $e) { |
|
| 115 | + $this->logger->logException($e); |
|
| 116 | + $this->connection->rollBack(); |
|
| 117 | + } |
|
| 118 | + } |
|
| 119 | 119 | |
| 120 | - /** |
|
| 121 | - * Migrate personal storages configured by the current user |
|
| 122 | - * |
|
| 123 | - * @param IUser $user |
|
| 124 | - */ |
|
| 125 | - public function migrateUser(IUser $user) { |
|
| 126 | - $dummySession = new DummyUserSession(); |
|
| 127 | - $dummySession->setUser($user); |
|
| 128 | - $userId = $user->getUID(); |
|
| 129 | - $userVersion = $this->config->getUserValue($userId, 'files_external', 'config_version', '0.0.0'); |
|
| 130 | - if (version_compare($userVersion, '0.5.0', '<')) { |
|
| 131 | - $this->config->setUserValue($userId, 'files_external', 'config_version', '0.5.0'); |
|
| 132 | - $legacyService = new UserLegacyStoragesService($this->backendService, $dummySession); |
|
| 133 | - $storageService = new UserStoragesService($this->backendService, $this->dbConfig, $dummySession, $this->userMountCache); |
|
| 120 | + /** |
|
| 121 | + * Migrate personal storages configured by the current user |
|
| 122 | + * |
|
| 123 | + * @param IUser $user |
|
| 124 | + */ |
|
| 125 | + public function migrateUser(IUser $user) { |
|
| 126 | + $dummySession = new DummyUserSession(); |
|
| 127 | + $dummySession->setUser($user); |
|
| 128 | + $userId = $user->getUID(); |
|
| 129 | + $userVersion = $this->config->getUserValue($userId, 'files_external', 'config_version', '0.0.0'); |
|
| 130 | + if (version_compare($userVersion, '0.5.0', '<')) { |
|
| 131 | + $this->config->setUserValue($userId, 'files_external', 'config_version', '0.5.0'); |
|
| 132 | + $legacyService = new UserLegacyStoragesService($this->backendService, $dummySession); |
|
| 133 | + $storageService = new UserStoragesService($this->backendService, $this->dbConfig, $dummySession, $this->userMountCache); |
|
| 134 | 134 | |
| 135 | - $this->migrate($legacyService, $storageService); |
|
| 136 | - } |
|
| 137 | - } |
|
| 135 | + $this->migrate($legacyService, $storageService); |
|
| 136 | + } |
|
| 137 | + } |
|
| 138 | 138 | } |
@@ -31,52 +31,52 @@ |
||
| 31 | 31 | * Scanner for SharedStorage |
| 32 | 32 | */ |
| 33 | 33 | class Scanner extends \OC\Files\Cache\Scanner { |
| 34 | - /** |
|
| 35 | - * @var \OCA\Files_Sharing\SharedStorage $storage |
|
| 36 | - */ |
|
| 37 | - protected $storage; |
|
| 34 | + /** |
|
| 35 | + * @var \OCA\Files_Sharing\SharedStorage $storage |
|
| 36 | + */ |
|
| 37 | + protected $storage; |
|
| 38 | 38 | |
| 39 | - private $sourceScanner; |
|
| 39 | + private $sourceScanner; |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * Returns metadata from the shared storage, but |
|
| 43 | - * with permissions from the source storage. |
|
| 44 | - * |
|
| 45 | - * @param string $path path of the file for which to retrieve metadata |
|
| 46 | - * |
|
| 47 | - * @return array an array of metadata of the file |
|
| 48 | - */ |
|
| 49 | - public function getData($path) { |
|
| 50 | - $data = parent::getData($path); |
|
| 51 | - if ($data === null) { |
|
| 52 | - return null; |
|
| 53 | - } |
|
| 54 | - $internalPath = $this->storage->getUnjailedPath($path); |
|
| 55 | - $data['permissions'] = $this->storage->getSourceStorage()->getPermissions($internalPath); |
|
| 56 | - return $data; |
|
| 57 | - } |
|
| 41 | + /** |
|
| 42 | + * Returns metadata from the shared storage, but |
|
| 43 | + * with permissions from the source storage. |
|
| 44 | + * |
|
| 45 | + * @param string $path path of the file for which to retrieve metadata |
|
| 46 | + * |
|
| 47 | + * @return array an array of metadata of the file |
|
| 48 | + */ |
|
| 49 | + public function getData($path) { |
|
| 50 | + $data = parent::getData($path); |
|
| 51 | + if ($data === null) { |
|
| 52 | + return null; |
|
| 53 | + } |
|
| 54 | + $internalPath = $this->storage->getUnjailedPath($path); |
|
| 55 | + $data['permissions'] = $this->storage->getSourceStorage()->getPermissions($internalPath); |
|
| 56 | + return $data; |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - private function getSourceScanner() { |
|
| 60 | - if ($this->sourceScanner) { |
|
| 61 | - return $this->sourceScanner; |
|
| 62 | - } |
|
| 63 | - if ($this->storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage')) { |
|
| 64 | - /** @var \OC\Files\Storage\Storage $storage */ |
|
| 65 | - list($storage) = $this->storage->resolvePath(''); |
|
| 66 | - $this->sourceScanner = $storage->getScanner(); |
|
| 67 | - return $this->sourceScanner; |
|
| 68 | - } else { |
|
| 69 | - return null; |
|
| 70 | - } |
|
| 71 | - } |
|
| 59 | + private function getSourceScanner() { |
|
| 60 | + if ($this->sourceScanner) { |
|
| 61 | + return $this->sourceScanner; |
|
| 62 | + } |
|
| 63 | + if ($this->storage->instanceOfStorage('\OCA\Files_Sharing\SharedStorage')) { |
|
| 64 | + /** @var \OC\Files\Storage\Storage $storage */ |
|
| 65 | + list($storage) = $this->storage->resolvePath(''); |
|
| 66 | + $this->sourceScanner = $storage->getScanner(); |
|
| 67 | + return $this->sourceScanner; |
|
| 68 | + } else { |
|
| 69 | + return null; |
|
| 70 | + } |
|
| 71 | + } |
|
| 72 | 72 | |
| 73 | - public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true) { |
|
| 74 | - $sourceScanner = $this->getSourceScanner(); |
|
| 75 | - if ($sourceScanner instanceof NoopScanner) { |
|
| 76 | - return []; |
|
| 77 | - } else { |
|
| 78 | - return parent::scanFile($file, $reuseExisting, $parentId, $cacheData, $lock); |
|
| 79 | - } |
|
| 80 | - } |
|
| 73 | + public function scanFile($file, $reuseExisting = 0, $parentId = -1, $cacheData = null, $lock = true) { |
|
| 74 | + $sourceScanner = $this->getSourceScanner(); |
|
| 75 | + if ($sourceScanner instanceof NoopScanner) { |
|
| 76 | + return []; |
|
| 77 | + } else { |
|
| 78 | + return parent::scanFile($file, $reuseExisting, $parentId, $cacheData, $lock); |
|
| 79 | + } |
|
| 80 | + } |
|
| 81 | 81 | } |
| 82 | 82 | |
@@ -25,28 +25,28 @@ |
||
| 25 | 25 | use OCP\AppFramework\Http\JSONResponse; |
| 26 | 26 | |
| 27 | 27 | class RateLimitTestController extends Controller { |
| 28 | - /** |
|
| 29 | - * @PublicPage |
|
| 30 | - * @NoCSRFRequired |
|
| 31 | - * |
|
| 32 | - * @UserRateThrottle(limit=5, period=100) |
|
| 33 | - * @AnonRateThrottle(limit=1, period=100) |
|
| 34 | - * |
|
| 35 | - * @return JSONResponse |
|
| 36 | - */ |
|
| 37 | - public function userAndAnonProtected() { |
|
| 38 | - return new JSONResponse(); |
|
| 39 | - } |
|
| 28 | + /** |
|
| 29 | + * @PublicPage |
|
| 30 | + * @NoCSRFRequired |
|
| 31 | + * |
|
| 32 | + * @UserRateThrottle(limit=5, period=100) |
|
| 33 | + * @AnonRateThrottle(limit=1, period=100) |
|
| 34 | + * |
|
| 35 | + * @return JSONResponse |
|
| 36 | + */ |
|
| 37 | + public function userAndAnonProtected() { |
|
| 38 | + return new JSONResponse(); |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - /** |
|
| 42 | - * @PublicPage |
|
| 43 | - * @NoCSRFRequired |
|
| 44 | - * |
|
| 45 | - * @AnonRateThrottle(limit=1, period=10) |
|
| 46 | - * |
|
| 47 | - * @return JSONResponse |
|
| 48 | - */ |
|
| 49 | - public function onlyAnonProtected() { |
|
| 50 | - return new JSONResponse(); |
|
| 51 | - } |
|
| 41 | + /** |
|
| 42 | + * @PublicPage |
|
| 43 | + * @NoCSRFRequired |
|
| 44 | + * |
|
| 45 | + * @AnonRateThrottle(limit=1, period=10) |
|
| 46 | + * |
|
| 47 | + * @return JSONResponse |
|
| 48 | + */ |
|
| 49 | + public function onlyAnonProtected() { |
|
| 50 | + return new JSONResponse(); |
|
| 51 | + } |
|
| 52 | 52 | } |
@@ -25,7 +25,7 @@ |
||
| 25 | 25 | use OCP\AppFramework\Http; |
| 26 | 26 | |
| 27 | 27 | class RateLimitExceededException extends SecurityException { |
| 28 | - public function __construct() { |
|
| 29 | - parent::__construct('Rate limit exceeded', Http::STATUS_TOO_MANY_REQUESTS); |
|
| 30 | - } |
|
| 28 | + public function __construct() { |
|
| 29 | + parent::__construct('Rate limit exceeded', Http::STATUS_TOO_MANY_REQUESTS); |
|
| 30 | + } |
|
| 31 | 31 | } |
@@ -48,87 +48,87 @@ |
||
| 48 | 48 | * @package OC\AppFramework\Middleware\Security |
| 49 | 49 | */ |
| 50 | 50 | class RateLimitingMiddleware extends Middleware { |
| 51 | - /** @var IRequest $request */ |
|
| 52 | - private $request; |
|
| 53 | - /** @var IUserSession */ |
|
| 54 | - private $userSession; |
|
| 55 | - /** @var ControllerMethodReflector */ |
|
| 56 | - private $reflector; |
|
| 57 | - /** @var Limiter */ |
|
| 58 | - private $limiter; |
|
| 51 | + /** @var IRequest $request */ |
|
| 52 | + private $request; |
|
| 53 | + /** @var IUserSession */ |
|
| 54 | + private $userSession; |
|
| 55 | + /** @var ControllerMethodReflector */ |
|
| 56 | + private $reflector; |
|
| 57 | + /** @var Limiter */ |
|
| 58 | + private $limiter; |
|
| 59 | 59 | |
| 60 | - /** |
|
| 61 | - * @param IRequest $request |
|
| 62 | - * @param IUserSession $userSession |
|
| 63 | - * @param ControllerMethodReflector $reflector |
|
| 64 | - * @param Limiter $limiter |
|
| 65 | - */ |
|
| 66 | - public function __construct(IRequest $request, |
|
| 67 | - IUserSession $userSession, |
|
| 68 | - ControllerMethodReflector $reflector, |
|
| 69 | - Limiter $limiter) { |
|
| 70 | - $this->request = $request; |
|
| 71 | - $this->userSession = $userSession; |
|
| 72 | - $this->reflector = $reflector; |
|
| 73 | - $this->limiter = $limiter; |
|
| 74 | - } |
|
| 60 | + /** |
|
| 61 | + * @param IRequest $request |
|
| 62 | + * @param IUserSession $userSession |
|
| 63 | + * @param ControllerMethodReflector $reflector |
|
| 64 | + * @param Limiter $limiter |
|
| 65 | + */ |
|
| 66 | + public function __construct(IRequest $request, |
|
| 67 | + IUserSession $userSession, |
|
| 68 | + ControllerMethodReflector $reflector, |
|
| 69 | + Limiter $limiter) { |
|
| 70 | + $this->request = $request; |
|
| 71 | + $this->userSession = $userSession; |
|
| 72 | + $this->reflector = $reflector; |
|
| 73 | + $this->limiter = $limiter; |
|
| 74 | + } |
|
| 75 | 75 | |
| 76 | - /** |
|
| 77 | - * {@inheritDoc} |
|
| 78 | - * @throws RateLimitExceededException |
|
| 79 | - */ |
|
| 80 | - public function beforeController($controller, $methodName) { |
|
| 81 | - parent::beforeController($controller, $methodName); |
|
| 76 | + /** |
|
| 77 | + * {@inheritDoc} |
|
| 78 | + * @throws RateLimitExceededException |
|
| 79 | + */ |
|
| 80 | + public function beforeController($controller, $methodName) { |
|
| 81 | + parent::beforeController($controller, $methodName); |
|
| 82 | 82 | |
| 83 | - $anonLimit = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'limit'); |
|
| 84 | - $anonPeriod = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'period'); |
|
| 85 | - $userLimit = $this->reflector->getAnnotationParameter('UserRateThrottle', 'limit'); |
|
| 86 | - $userPeriod = $this->reflector->getAnnotationParameter('UserRateThrottle', 'period'); |
|
| 87 | - $rateLimitIdentifier = get_class($controller) . '::' . $methodName; |
|
| 88 | - if($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { |
|
| 89 | - $this->limiter->registerUserRequest( |
|
| 90 | - $rateLimitIdentifier, |
|
| 91 | - $userLimit, |
|
| 92 | - $userPeriod, |
|
| 93 | - $this->userSession->getUser() |
|
| 94 | - ); |
|
| 95 | - } elseif ($anonLimit !== '' && $anonPeriod !== '') { |
|
| 96 | - $this->limiter->registerAnonRequest( |
|
| 97 | - $rateLimitIdentifier, |
|
| 98 | - $anonLimit, |
|
| 99 | - $anonPeriod, |
|
| 100 | - $this->request->getRemoteAddress() |
|
| 101 | - ); |
|
| 102 | - } |
|
| 103 | - } |
|
| 83 | + $anonLimit = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'limit'); |
|
| 84 | + $anonPeriod = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'period'); |
|
| 85 | + $userLimit = $this->reflector->getAnnotationParameter('UserRateThrottle', 'limit'); |
|
| 86 | + $userPeriod = $this->reflector->getAnnotationParameter('UserRateThrottle', 'period'); |
|
| 87 | + $rateLimitIdentifier = get_class($controller) . '::' . $methodName; |
|
| 88 | + if($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { |
|
| 89 | + $this->limiter->registerUserRequest( |
|
| 90 | + $rateLimitIdentifier, |
|
| 91 | + $userLimit, |
|
| 92 | + $userPeriod, |
|
| 93 | + $this->userSession->getUser() |
|
| 94 | + ); |
|
| 95 | + } elseif ($anonLimit !== '' && $anonPeriod !== '') { |
|
| 96 | + $this->limiter->registerAnonRequest( |
|
| 97 | + $rateLimitIdentifier, |
|
| 98 | + $anonLimit, |
|
| 99 | + $anonPeriod, |
|
| 100 | + $this->request->getRemoteAddress() |
|
| 101 | + ); |
|
| 102 | + } |
|
| 103 | + } |
|
| 104 | 104 | |
| 105 | - /** |
|
| 106 | - * {@inheritDoc} |
|
| 107 | - */ |
|
| 108 | - public function afterException($controller, $methodName, \Exception $exception) { |
|
| 109 | - if($exception instanceof RateLimitExceededException) { |
|
| 110 | - if (stripos($this->request->getHeader('Accept'),'html') === false) { |
|
| 111 | - $response = new JSONResponse( |
|
| 112 | - [ |
|
| 113 | - 'message' => $exception->getMessage(), |
|
| 114 | - ], |
|
| 115 | - $exception->getCode() |
|
| 116 | - ); |
|
| 117 | - } else { |
|
| 118 | - $response = new TemplateResponse( |
|
| 119 | - 'core', |
|
| 120 | - '403', |
|
| 121 | - [ |
|
| 122 | - 'file' => $exception->getMessage() |
|
| 123 | - ], |
|
| 124 | - 'guest' |
|
| 125 | - ); |
|
| 126 | - $response->setStatus($exception->getCode()); |
|
| 127 | - } |
|
| 105 | + /** |
|
| 106 | + * {@inheritDoc} |
|
| 107 | + */ |
|
| 108 | + public function afterException($controller, $methodName, \Exception $exception) { |
|
| 109 | + if($exception instanceof RateLimitExceededException) { |
|
| 110 | + if (stripos($this->request->getHeader('Accept'),'html') === false) { |
|
| 111 | + $response = new JSONResponse( |
|
| 112 | + [ |
|
| 113 | + 'message' => $exception->getMessage(), |
|
| 114 | + ], |
|
| 115 | + $exception->getCode() |
|
| 116 | + ); |
|
| 117 | + } else { |
|
| 118 | + $response = new TemplateResponse( |
|
| 119 | + 'core', |
|
| 120 | + '403', |
|
| 121 | + [ |
|
| 122 | + 'file' => $exception->getMessage() |
|
| 123 | + ], |
|
| 124 | + 'guest' |
|
| 125 | + ); |
|
| 126 | + $response->setStatus($exception->getCode()); |
|
| 127 | + } |
|
| 128 | 128 | |
| 129 | - return $response; |
|
| 130 | - } |
|
| 129 | + return $response; |
|
| 130 | + } |
|
| 131 | 131 | |
| 132 | - throw $exception; |
|
| 133 | - } |
|
| 132 | + throw $exception; |
|
| 133 | + } |
|
| 134 | 134 | } |
@@ -84,8 +84,8 @@ discard block |
||
| 84 | 84 | $anonPeriod = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'period'); |
| 85 | 85 | $userLimit = $this->reflector->getAnnotationParameter('UserRateThrottle', 'limit'); |
| 86 | 86 | $userPeriod = $this->reflector->getAnnotationParameter('UserRateThrottle', 'period'); |
| 87 | - $rateLimitIdentifier = get_class($controller) . '::' . $methodName; |
|
| 88 | - if($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { |
|
| 87 | + $rateLimitIdentifier = get_class($controller).'::'.$methodName; |
|
| 88 | + if ($userLimit !== '' && $userPeriod !== '' && $this->userSession->isLoggedIn()) { |
|
| 89 | 89 | $this->limiter->registerUserRequest( |
| 90 | 90 | $rateLimitIdentifier, |
| 91 | 91 | $userLimit, |
@@ -106,8 +106,8 @@ discard block |
||
| 106 | 106 | * {@inheritDoc} |
| 107 | 107 | */ |
| 108 | 108 | public function afterException($controller, $methodName, \Exception $exception) { |
| 109 | - if($exception instanceof RateLimitExceededException) { |
|
| 110 | - if (stripos($this->request->getHeader('Accept'),'html') === false) { |
|
| 109 | + if ($exception instanceof RateLimitExceededException) { |
|
| 110 | + if (stripos($this->request->getHeader('Accept'), 'html') === false) { |
|
| 111 | 111 | $response = new JSONResponse( |
| 112 | 112 | [ |
| 113 | 113 | 'message' => $exception->getMessage(), |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | public function beforeController($controller, $methodName) { |
| 62 | 62 | parent::beforeController($controller, $methodName); |
| 63 | 63 | |
| 64 | - if($this->reflector->hasAnnotation('BruteForceProtection')) { |
|
| 64 | + if ($this->reflector->hasAnnotation('BruteForceProtection')) { |
|
| 65 | 65 | $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); |
| 66 | 66 | $this->throttler->sleepDelay($this->request->getRemoteAddress(), $action); |
| 67 | 67 | } |
@@ -71,7 +71,7 @@ discard block |
||
| 71 | 71 | * {@inheritDoc} |
| 72 | 72 | */ |
| 73 | 73 | public function afterController($controller, $methodName, Response $response) { |
| 74 | - if($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { |
|
| 74 | + if ($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { |
|
| 75 | 75 | $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); |
| 76 | 76 | $ip = $this->request->getRemoteAddress(); |
| 77 | 77 | $this->throttler->sleepDelay($ip, $action); |
@@ -35,49 +35,49 @@ |
||
| 35 | 35 | * @package OC\AppFramework\Middleware\Security |
| 36 | 36 | */ |
| 37 | 37 | class BruteForceMiddleware extends Middleware { |
| 38 | - /** @var ControllerMethodReflector */ |
|
| 39 | - private $reflector; |
|
| 40 | - /** @var Throttler */ |
|
| 41 | - private $throttler; |
|
| 42 | - /** @var IRequest */ |
|
| 43 | - private $request; |
|
| 38 | + /** @var ControllerMethodReflector */ |
|
| 39 | + private $reflector; |
|
| 40 | + /** @var Throttler */ |
|
| 41 | + private $throttler; |
|
| 42 | + /** @var IRequest */ |
|
| 43 | + private $request; |
|
| 44 | 44 | |
| 45 | - /** |
|
| 46 | - * @param ControllerMethodReflector $controllerMethodReflector |
|
| 47 | - * @param Throttler $throttler |
|
| 48 | - * @param IRequest $request |
|
| 49 | - */ |
|
| 50 | - public function __construct(ControllerMethodReflector $controllerMethodReflector, |
|
| 51 | - Throttler $throttler, |
|
| 52 | - IRequest $request) { |
|
| 53 | - $this->reflector = $controllerMethodReflector; |
|
| 54 | - $this->throttler = $throttler; |
|
| 55 | - $this->request = $request; |
|
| 56 | - } |
|
| 45 | + /** |
|
| 46 | + * @param ControllerMethodReflector $controllerMethodReflector |
|
| 47 | + * @param Throttler $throttler |
|
| 48 | + * @param IRequest $request |
|
| 49 | + */ |
|
| 50 | + public function __construct(ControllerMethodReflector $controllerMethodReflector, |
|
| 51 | + Throttler $throttler, |
|
| 52 | + IRequest $request) { |
|
| 53 | + $this->reflector = $controllerMethodReflector; |
|
| 54 | + $this->throttler = $throttler; |
|
| 55 | + $this->request = $request; |
|
| 56 | + } |
|
| 57 | 57 | |
| 58 | - /** |
|
| 59 | - * {@inheritDoc} |
|
| 60 | - */ |
|
| 61 | - public function beforeController($controller, $methodName) { |
|
| 62 | - parent::beforeController($controller, $methodName); |
|
| 58 | + /** |
|
| 59 | + * {@inheritDoc} |
|
| 60 | + */ |
|
| 61 | + public function beforeController($controller, $methodName) { |
|
| 62 | + parent::beforeController($controller, $methodName); |
|
| 63 | 63 | |
| 64 | - if($this->reflector->hasAnnotation('BruteForceProtection')) { |
|
| 65 | - $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); |
|
| 66 | - $this->throttler->sleepDelay($this->request->getRemoteAddress(), $action); |
|
| 67 | - } |
|
| 68 | - } |
|
| 64 | + if($this->reflector->hasAnnotation('BruteForceProtection')) { |
|
| 65 | + $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); |
|
| 66 | + $this->throttler->sleepDelay($this->request->getRemoteAddress(), $action); |
|
| 67 | + } |
|
| 68 | + } |
|
| 69 | 69 | |
| 70 | - /** |
|
| 71 | - * {@inheritDoc} |
|
| 72 | - */ |
|
| 73 | - public function afterController($controller, $methodName, Response $response) { |
|
| 74 | - if($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { |
|
| 75 | - $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); |
|
| 76 | - $ip = $this->request->getRemoteAddress(); |
|
| 77 | - $this->throttler->sleepDelay($ip, $action); |
|
| 78 | - $this->throttler->registerAttempt($action, $ip, $response->getThrottleMetadata()); |
|
| 79 | - } |
|
| 70 | + /** |
|
| 71 | + * {@inheritDoc} |
|
| 72 | + */ |
|
| 73 | + public function afterController($controller, $methodName, Response $response) { |
|
| 74 | + if($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { |
|
| 75 | + $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); |
|
| 76 | + $ip = $this->request->getRemoteAddress(); |
|
| 77 | + $this->throttler->sleepDelay($ip, $action); |
|
| 78 | + $this->throttler->registerAttempt($action, $ip, $response->getThrottleMetadata()); |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | - return parent::afterController($controller, $methodName, $response); |
|
| 82 | - } |
|
| 81 | + return parent::afterController($controller, $methodName, $response); |
|
| 82 | + } |
|
| 83 | 83 | } |
