nextcloud / server

apps/encryption/lib/Controller/RecoveryController.php

Indentation +126 added lines, -126 removed lines

@@ -17,142 +17,142 @@
 use OCP\IRequest;
 
 class RecoveryController extends Controller {
-	/**
-	 * @param string $AppName
-	 * @param IRequest $request
-	 * @param IConfig $config
-	 * @param IL10N $l
-	 * @param Recovery $recovery
-	 */
-	public function __construct(
-		$appName,
-		IRequest $request,
-		private IConfig $config,
-		private IL10N $l,
-		private Recovery $recovery,
-	) {
-		parent::__construct($appName, $request);
-	}
+    /**
+     * @param string $AppName
+     * @param IRequest $request
+     * @param IConfig $config
+     * @param IL10N $l
+     * @param Recovery $recovery
+     */
+    public function __construct(
+        $appName,
+        IRequest $request,
+        private IConfig $config,
+        private IL10N $l,
+        private Recovery $recovery,
+    ) {
+        parent::__construct($appName, $request);
+    }
 
-	/**
-	 * @param string $recoveryPassword
-	 * @param string $confirmPassword
-	 * @param string $adminEnableRecovery
-	 * @return DataResponse
-	 */
-	public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) {
-		// Check if both passwords are the same
-		if (empty($recoveryPassword)) {
-			$errorMessage = $this->l->t('Missing recovery key password');
-			return new DataResponse(['data' => ['message' => $errorMessage]],
-				Http::STATUS_BAD_REQUEST);
-		}
+    /**
+     * @param string $recoveryPassword
+     * @param string $confirmPassword
+     * @param string $adminEnableRecovery
+     * @return DataResponse
+     */
+    public function adminRecovery($recoveryPassword, $confirmPassword, $adminEnableRecovery) {
+        // Check if both passwords are the same
+        if (empty($recoveryPassword)) {
+            $errorMessage = $this->l->t('Missing recovery key password');
+            return new DataResponse(['data' => ['message' => $errorMessage]],
+                Http::STATUS_BAD_REQUEST);
+        }
 
-		if (empty($confirmPassword)) {
-			$errorMessage = $this->l->t('Please repeat the recovery key password');
-			return new DataResponse(['data' => ['message' => $errorMessage]],
-				Http::STATUS_BAD_REQUEST);
-		}
+        if (empty($confirmPassword)) {
+            $errorMessage = $this->l->t('Please repeat the recovery key password');
+            return new DataResponse(['data' => ['message' => $errorMessage]],
+                Http::STATUS_BAD_REQUEST);
+        }
 
-		if ($recoveryPassword !== $confirmPassword) {
-			$errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password');
-			return new DataResponse(['data' => ['message' => $errorMessage]],
-				Http::STATUS_BAD_REQUEST);
-		}
+        if ($recoveryPassword !== $confirmPassword) {
+            $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password');
+            return new DataResponse(['data' => ['message' => $errorMessage]],
+                Http::STATUS_BAD_REQUEST);
+        }
 
-		if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') {
-			if ($this->recovery->enableAdminRecovery($recoveryPassword)) {
-				return new DataResponse(['data' => ['message' => $this->l->t('Recovery key successfully enabled')]]);
-			}
-			return new DataResponse(['data' => ['message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST);
-		} elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') {
-			if ($this->recovery->disableAdminRecovery($recoveryPassword)) {
-				return new DataResponse(['data' => ['message' => $this->l->t('Recovery key successfully disabled')]]);
-			}
-			return new DataResponse(['data' => ['message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST);
-		}
-		// this response should never be sent but just in case.
-		return new DataResponse(['data' => ['message' => $this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST);
-	}
+        if (isset($adminEnableRecovery) && $adminEnableRecovery === '1') {
+            if ($this->recovery->enableAdminRecovery($recoveryPassword)) {
+                return new DataResponse(['data' => ['message' => $this->l->t('Recovery key successfully enabled')]]);
+            }
+            return new DataResponse(['data' => ['message' => $this->l->t('Could not enable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST);
+        } elseif (isset($adminEnableRecovery) && $adminEnableRecovery === '0') {
+            if ($this->recovery->disableAdminRecovery($recoveryPassword)) {
+                return new DataResponse(['data' => ['message' => $this->l->t('Recovery key successfully disabled')]]);
+            }
+            return new DataResponse(['data' => ['message' => $this->l->t('Could not disable recovery key. Please check your recovery key password!')]], Http::STATUS_BAD_REQUEST);
+        }
+        // this response should never be sent but just in case.
+        return new DataResponse(['data' => ['message' => $this->l->t('Missing parameters')]], Http::STATUS_BAD_REQUEST);
+    }
 
-	/**
-	 * @param string $newPassword
-	 * @param string $oldPassword
-	 * @param string $confirmPassword
-	 * @return DataResponse
-	 */
-	public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) {
-		//check if both passwords are the same
-		if (empty($oldPassword)) {
-			$errorMessage = $this->l->t('Please provide the old recovery password');
-			return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
-		}
+    /**
+     * @param string $newPassword
+     * @param string $oldPassword
+     * @param string $confirmPassword
+     * @return DataResponse
+     */
+    public function changeRecoveryPassword($newPassword, $oldPassword, $confirmPassword) {
+        //check if both passwords are the same
+        if (empty($oldPassword)) {
+            $errorMessage = $this->l->t('Please provide the old recovery password');
+            return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
+        }
 
-		if (empty($newPassword)) {
-			$errorMessage = $this->l->t('Please provide a new recovery password');
-			return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
-		}
+        if (empty($newPassword)) {
+            $errorMessage = $this->l->t('Please provide a new recovery password');
+            return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
+        }
 
-		if (empty($confirmPassword)) {
-			$errorMessage = $this->l->t('Please repeat the new recovery password');
-			return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
-		}
+        if (empty($confirmPassword)) {
+            $errorMessage = $this->l->t('Please repeat the new recovery password');
+            return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
+        }
 
-		if ($newPassword !== $confirmPassword) {
-			$errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password');
-			return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
-		}
+        if ($newPassword !== $confirmPassword) {
+            $errorMessage = $this->l->t('Repeated recovery key password does not match the provided recovery key password');
+            return new DataResponse(['data' => ['message' => $errorMessage]], Http::STATUS_BAD_REQUEST);
+        }
 
-		$result = $this->recovery->changeRecoveryKeyPassword($newPassword,
-			$oldPassword);
+        $result = $this->recovery->changeRecoveryKeyPassword($newPassword,
+            $oldPassword);
 
-		if ($result) {
-			return new DataResponse(
-				[
-					'data' => [
-						'message' => $this->l->t('Password successfully changed.')]
-				]
-			);
-		}
-		return new DataResponse(
-			[
-				'data' => [
-					'message' => $this->l->t('Could not change the password. Maybe the old password was not correct.')
-				]
-			], Http::STATUS_BAD_REQUEST);
-	}
+        if ($result) {
+            return new DataResponse(
+                [
+                    'data' => [
+                        'message' => $this->l->t('Password successfully changed.')]
+                ]
+            );
+        }
+        return new DataResponse(
+            [
+                'data' => [
+                    'message' => $this->l->t('Could not change the password. Maybe the old password was not correct.')
+                ]
+            ], Http::STATUS_BAD_REQUEST);
+    }
 
-	/**
-	 * @param string $userEnableRecovery
-	 * @return DataResponse
-	 */
-	#[NoAdminRequired]
-	public function userSetRecovery($userEnableRecovery) {
-		if ($userEnableRecovery === '0' || $userEnableRecovery === '1') {
-			$result = $this->recovery->setRecoveryForUser($userEnableRecovery);
+    /**
+     * @param string $userEnableRecovery
+     * @return DataResponse
+     */
+    #[NoAdminRequired]
+    public function userSetRecovery($userEnableRecovery) {
+        if ($userEnableRecovery === '0' || $userEnableRecovery === '1') {
+            $result = $this->recovery->setRecoveryForUser($userEnableRecovery);
 
-			if ($result) {
-				if ($userEnableRecovery === '0') {
-					return new DataResponse(
-						[
-							'data' => [
-								'message' => $this->l->t('Recovery Key disabled')]
-						]
-					);
-				}
-				return new DataResponse(
-					[
-						'data' => [
-							'message' => $this->l->t('Recovery Key enabled')]
-					]
-				);
-			}
-		}
-		return new DataResponse(
-			[
-				'data' => [
-					'message' => $this->l->t('Could not enable the recovery key, please try again or contact your administrator')
-				]
-			], Http::STATUS_BAD_REQUEST);
-	}
+            if ($result) {
+                if ($userEnableRecovery === '0') {
+                    return new DataResponse(
+                        [
+                            'data' => [
+                                'message' => $this->l->t('Recovery Key disabled')]
+                        ]
+                    );
+                }
+                return new DataResponse(
+                    [
+                        'data' => [
+                            'message' => $this->l->t('Recovery Key enabled')]
+                    ]
+                );
+            }
+        }
+        return new DataResponse(
+            [
+                'data' => [
+                    'message' => $this->l->t('Could not enable the recovery key, please try again or contact your administrator')
+                ]
+            ], Http::STATUS_BAD_REQUEST);
+    }
 }

apps/encryption/lib/Controller/StatusController.php

Indentation +54 added lines, -54 removed lines

@@ -17,60 +17,60 @@
 
 class StatusController extends Controller {
 
-	/**
-	 * @param string $AppName
-	 * @param IRequest $request
-	 * @param IL10N $l
-	 * @param Session $session
-	 * @param IManager $encryptionManager
-	 */
-	public function __construct(
-		$appName,
-		IRequest $request,
-		private IL10N $l,
-		private Session $session,
-		private IManager $encryptionManager,
-	) {
-		parent::__construct($appName, $request);
-	}
+    /**
+     * @param string $AppName
+     * @param IRequest $request
+     * @param IL10N $l
+     * @param Session $session
+     * @param IManager $encryptionManager
+     */
+    public function __construct(
+        $appName,
+        IRequest $request,
+        private IL10N $l,
+        private Session $session,
+        private IManager $encryptionManager,
+    ) {
+        parent::__construct($appName, $request);
+    }
 
-	/**
-	 * @return DataResponse
-	 */
-	#[NoAdminRequired]
-	public function getStatus() {
-		$status = 'error';
-		$message = 'no valid init status';
-		switch ($this->session->getStatus()) {
-			case Session::INIT_EXECUTED:
-				$status = 'interactionNeeded';
-				$message = $this->l->t(
-					'Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files.'
-				);
-				break;
-			case Session::NOT_INITIALIZED:
-				$status = 'interactionNeeded';
-				if ($this->encryptionManager->isEnabled()) {
-					$message = $this->l->t(
-						'Encryption App is enabled, but your keys are not initialized. Please log-out and log-in again.'
-					);
-				} else {
-					$message = $this->l->t(
-						'Please enable server side encryption in the admin settings in order to use the encryption module.'
-					);
-				}
-				break;
-			case Session::INIT_SUCCESSFUL:
-				$status = 'success';
-				$message = $this->l->t('Encryption app is enabled and ready');
-		}
+    /**
+     * @return DataResponse
+     */
+    #[NoAdminRequired]
+    public function getStatus() {
+        $status = 'error';
+        $message = 'no valid init status';
+        switch ($this->session->getStatus()) {
+            case Session::INIT_EXECUTED:
+                $status = 'interactionNeeded';
+                $message = $this->l->t(
+                    'Invalid private key for encryption app. Please update your private key password in your personal settings to recover access to your encrypted files.'
+                );
+                break;
+            case Session::NOT_INITIALIZED:
+                $status = 'interactionNeeded';
+                if ($this->encryptionManager->isEnabled()) {
+                    $message = $this->l->t(
+                        'Encryption App is enabled, but your keys are not initialized. Please log-out and log-in again.'
+                    );
+                } else {
+                    $message = $this->l->t(
+                        'Please enable server side encryption in the admin settings in order to use the encryption module.'
+                    );
+                }
+                break;
+            case Session::INIT_SUCCESSFUL:
+                $status = 'success';
+                $message = $this->l->t('Encryption app is enabled and ready');
+        }
 
-		return new DataResponse(
-			[
-				'status' => $status,
-				'data' => [
-					'message' => $message]
-			]
-		);
-	}
+        return new DataResponse(
+            [
+                'status' => $status,
+                'data' => [
+                    'message' => $message]
+            ]
+        );
+    }
 }

apps/dav/lib/DAV/RemoteUserPrincipalBackend.php

Indentation +112 added lines, -112 removed lines

@@ -15,116 +15,116 @@
 use Sabre\DAVACL\PrincipalBackend\BackendInterface;
 
 class RemoteUserPrincipalBackend implements BackendInterface {
-	public const PRINCIPAL_PREFIX = 'principals/remote-users';
-
-	private bool $hasCachedAllChildren = false;
-
-	/** @var array<string, mixed>[] */
-	private array $principals = [];
-
-	/** @var array<string, array<string, mixed>|null> */
-	private array $principalsByPath = [];
-
-	public function __construct(
-		private readonly ICloudIdManager $cloudIdManager,
-		private readonly SharingMapper $sharingMapper,
-	) {
-	}
-
-	public function getPrincipalsByPrefix($prefixPath) {
-		if ($prefixPath !== self::PRINCIPAL_PREFIX) {
-			return [];
-		}
-
-		if (!$this->hasCachedAllChildren) {
-			$this->loadChildren();
-			$this->hasCachedAllChildren = true;
-		}
-
-		return $this->principals;
-	}
-
-	public function getPrincipalByPath($path) {
-		[$prefix] = \Sabre\Uri\split($path);
-		if ($prefix !== self::PRINCIPAL_PREFIX) {
-			return null;
-		}
-
-		if (isset($this->principalsByPath[$path])) {
-			return $this->principalsByPath[$path];
-		}
-
-		try {
-			$principal = $this->principalUriToPrincipal($path);
-		} catch (\Exception $e) {
-			$principal = null;
-		}
-		$this->principalsByPath[$path] = $principal;
-		return $principal;
-	}
-
-	public function updatePrincipal($path, \Sabre\DAV\PropPatch $propPatch) {
-		throw new \Sabre\DAV\Exception('Updating remote user principal is not supported');
-	}
-
-	public function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
-		// Searching is not supported
-		return [];
-	}
-
-	public function findByUri($uri, $principalPrefix) {
-		if (str_starts_with($uri, 'principal:')) {
-			$principal = substr($uri, strlen('principal:'));
-			$principal = $this->getPrincipalByPath($principal);
-			if ($principal !== null) {
-				return $principal['uri'];
-			}
-		}
-
-		return null;
-	}
-
-	public function getGroupMemberSet($principal) {
-		return [];
-	}
-
-	public function getGroupMembership($principal) {
-		// TODO: for now the group principal has only one member, the user itself
-		$principal = $this->getPrincipalByPath($principal);
-		if (!$principal) {
-			throw new \Sabre\DAV\Exception('Principal not found');
-		}
-
-		return [$principal['uri']];
-	}
-
-	public function setGroupMemberSet($principal, array $members) {
-		throw new \Sabre\DAV\Exception('Adding members to remote user is not supported');
-	}
-
-	/**
-	 * @return array{'{DAV:}displayname': string, '{http://nextcloud.com/ns}cloud-id': ICloudId, uri: string}
-	 */
-	private function principalUriToPrincipal(string $principalUri): array {
-		[, $name] = \Sabre\Uri\split($principalUri);
-		$cloudId = $this->cloudIdManager->resolveCloudId(base64_decode($name));
-		return [
-			'uri' => $principalUri,
-			'{DAV:}displayname' => $cloudId->getDisplayId(),
-			'{http://nextcloud.com/ns}cloud-id' => $cloudId,
-		];
-	}
-
-	private function loadChildren(): void {
-		$rows = $this->sharingMapper->getPrincipalUrisByPrefix('calendar', self::PRINCIPAL_PREFIX);
-		$this->principals = array_map(
-			fn (array $row) => $this->principalUriToPrincipal($row['principaluri']),
-			$rows,
-		);
-
-		$this->principalsByPath = [];
-		foreach ($this->principals as $child) {
-			$this->principalsByPath[$child['uri']] = $child;
-		}
-	}
+    public const PRINCIPAL_PREFIX = 'principals/remote-users';
+
+    private bool $hasCachedAllChildren = false;
+
+    /** @var array<string, mixed>[] */
+    private array $principals = [];
+
+    /** @var array<string, array<string, mixed>|null> */
+    private array $principalsByPath = [];
+
+    public function __construct(
+        private readonly ICloudIdManager $cloudIdManager,
+        private readonly SharingMapper $sharingMapper,
+    ) {
+    }
+
+    public function getPrincipalsByPrefix($prefixPath) {
+        if ($prefixPath !== self::PRINCIPAL_PREFIX) {
+            return [];
+        }
+
+        if (!$this->hasCachedAllChildren) {
+            $this->loadChildren();
+            $this->hasCachedAllChildren = true;
+        }
+
+        return $this->principals;
+    }
+
+    public function getPrincipalByPath($path) {
+        [$prefix] = \Sabre\Uri\split($path);
+        if ($prefix !== self::PRINCIPAL_PREFIX) {
+            return null;
+        }
+
+        if (isset($this->principalsByPath[$path])) {
+            return $this->principalsByPath[$path];
+        }
+
+        try {
+            $principal = $this->principalUriToPrincipal($path);
+        } catch (\Exception $e) {
+            $principal = null;
+        }
+        $this->principalsByPath[$path] = $principal;
+        return $principal;
+    }
+
+    public function updatePrincipal($path, \Sabre\DAV\PropPatch $propPatch) {
+        throw new \Sabre\DAV\Exception('Updating remote user principal is not supported');
+    }
+
+    public function searchPrincipals($prefixPath, array $searchProperties, $test = 'allof') {
+        // Searching is not supported
+        return [];
+    }
+
+    public function findByUri($uri, $principalPrefix) {
+        if (str_starts_with($uri, 'principal:')) {
+            $principal = substr($uri, strlen('principal:'));
+            $principal = $this->getPrincipalByPath($principal);
+            if ($principal !== null) {
+                return $principal['uri'];
+            }
+        }
+
+        return null;
+    }
+
+    public function getGroupMemberSet($principal) {
+        return [];
+    }
+
+    public function getGroupMembership($principal) {
+        // TODO: for now the group principal has only one member, the user itself
+        $principal = $this->getPrincipalByPath($principal);
+        if (!$principal) {
+            throw new \Sabre\DAV\Exception('Principal not found');
+        }
+
+        return [$principal['uri']];
+    }
+
+    public function setGroupMemberSet($principal, array $members) {
+        throw new \Sabre\DAV\Exception('Adding members to remote user is not supported');
+    }
+
+    /**
+     * @return array{'{DAV:}displayname': string, '{http://nextcloud.com/ns}cloud-id': ICloudId, uri: string}
+     */
+    private function principalUriToPrincipal(string $principalUri): array {
+        [, $name] = \Sabre\Uri\split($principalUri);
+        $cloudId = $this->cloudIdManager->resolveCloudId(base64_decode($name));
+        return [
+            'uri' => $principalUri,
+            '{DAV:}displayname' => $cloudId->getDisplayId(),
+            '{http://nextcloud.com/ns}cloud-id' => $cloudId,
+        ];
+    }
+
+    private function loadChildren(): void {
+        $rows = $this->sharingMapper->getPrincipalUrisByPrefix('calendar', self::PRINCIPAL_PREFIX);
+        $this->principals = array_map(
+            fn (array $row) => $this->principalUriToPrincipal($row['principaluri']),
+            $rows,
+        );
+
+        $this->principalsByPath = [];
+        foreach ($this->principals as $child) {
+            $this->principalsByPath[$child['uri']] = $child;
+        }
+    }
 }

apps/dav/lib/CalDAV/Federation/CalendarFederationProvider.php

Indentation +182 added lines, -182 removed lines

@@ -26,186 +26,186 @@
 use Psr\Log\LoggerInterface;
 
 class CalendarFederationProvider implements ICloudFederationProvider {
-	public const PROVIDER_ID = 'calendar';
-	public const CALENDAR_RESOURCE = 'calendar';
-	public const USER_SHARE_TYPE = 'user';
-
-	public function __construct(
-		private readonly LoggerInterface $logger,
-		private readonly FederatedCalendarMapper $federatedCalendarMapper,
-		private readonly CalendarFederationConfig $calendarFederationConfig,
-		private readonly IJobList $jobList,
-		private readonly ICloudIdManager $cloudIdManager,
-	) {
-	}
-
-	public function getShareType(): string {
-		return self::PROVIDER_ID;
-	}
-
-	public function shareReceived(ICloudFederationShare $share): string {
-		if (!$this->calendarFederationConfig->isFederationEnabled()) {
-			$this->logger->debug('Received a federation invite but federation is disabled');
-			throw new ProviderCouldNotAddShareException(
-				'Server does not support calendar federation',
-				'',
-				Http::STATUS_SERVICE_UNAVAILABLE,
-			);
-		}
-
-		if (!in_array($share->getShareType(), $this->getSupportedShareTypes(), true)) {
-			$this->logger->debug('Received a federation invite for invalid share type');
-			throw new ProviderCouldNotAddShareException(
-				'Support for sharing with non-users not implemented yet',
-				'',
-				Http::STATUS_NOT_IMPLEMENTED,
-			);
-			// TODO: Implement group shares
-		}
-
-		$rawProtocol = $share->getProtocol();
-		if (!isset($rawProtocol[ICalendarFederationProtocol::PROP_VERSION])) {
-			throw new ProviderCouldNotAddShareException(
-				'No protocol version',
-				'',
-				Http::STATUS_BAD_REQUEST,
-			);
-		}
-		switch ($rawProtocol[ICalendarFederationProtocol::PROP_VERSION]) {
-			case CalendarFederationProtocolV1::VERSION:
-				try {
-					$protocol = CalendarFederationProtocolV1::parse($rawProtocol);
-				} catch (CalendarProtocolParseException $e) {
-					throw new ProviderCouldNotAddShareException(
-						'Invalid protocol data (v1)',
-						'',
-						Http::STATUS_BAD_REQUEST,
-					);
-				}
-				$calendarUrl = $protocol->getUrl();
-				$displayName = $protocol->getDisplayName();
-				$color = $protocol->getColor();
-				$access = $protocol->getAccess();
-				$components = $protocol->getComponents();
-				break;
-			default:
-				throw new ProviderCouldNotAddShareException(
-					'Unknown protocol version',
-					'',
-					Http::STATUS_BAD_REQUEST,
-				);
-		}
-
-		if (!$calendarUrl || !$displayName) {
-			throw new ProviderCouldNotAddShareException(
-				'Incomplete protocol data',
-				'',
-				Http::STATUS_BAD_REQUEST,
-			);
-		}
-
-		// TODO: implement read-write sharing
-		$permissions = match ($access) {
-			DavSharingBackend::ACCESS_READ => Constants::PERMISSION_READ,
-			default => throw new ProviderCouldNotAddShareException(
-				"Unsupported access value: $access",
-				'',
-				Http::STATUS_BAD_REQUEST,
-			),
-		};
-
-		// The calendar uri is the local name of the calendar. As such it must not contain slashes.
-		// Just use the hashed url for simplicity here.
-		// Example: calendars/foo-bar-user/<calendar-uri>
-		$calendarUri = hash('md5', $calendarUrl);
-
-		$sharedWithPrincipal = 'principals/users/' . $share->getShareWith();
-
-		// Delete existing incoming federated share first
-		$this->federatedCalendarMapper->deleteByUri($sharedWithPrincipal, $calendarUri);
-
-		$calendar = new FederatedCalendarEntity();
-		$calendar->setPrincipaluri($sharedWithPrincipal);
-		$calendar->setUri($calendarUri);
-		$calendar->setRemoteUrl($calendarUrl);
-		$calendar->setDisplayName($displayName);
-		$calendar->setColor($color);
-		$calendar->setToken($share->getShareSecret());
-		$calendar->setSharedBy($share->getSharedBy());
-		$calendar->setSharedByDisplayName($share->getSharedByDisplayName());
-		$calendar->setPermissions($permissions);
-		$calendar->setComponents($components);
-		$calendar = $this->federatedCalendarMapper->insert($calendar);
-
-		$this->jobList->add(FederatedCalendarSyncJob::class, [
-			FederatedCalendarSyncJob::ARGUMENT_ID => $calendar->getId(),
-		]);
-
-		return (string)$calendar->getId();
-	}
-
-	public function notificationReceived(
-		$notificationType,
-		$providerId,
-		array $notification,
-	): array {
-		if ($providerId !== self::PROVIDER_ID) {
-			throw new BadRequestException(['providerId']);
-		}
-
-		switch ($notificationType) {
-			case CalendarFederationNotifier::NOTIFICATION_SYNC_CALENDAR:
-				return $this->handleSyncCalendarNotification($notification);
-			default:
-				return [];
-		}
-	}
-
-	/**
-	 * @return string[]
-	 */
-	public function getSupportedShareTypes(): array {
-		return [self::USER_SHARE_TYPE];
-	}
-
-	/**
-	 * @throws BadRequestException If notification props are missing.
-	 * @throws ShareNotFound If the notification is not related to a known share.
-	 */
-	private function handleSyncCalendarNotification(array $notification): array {
-		$sharedSecret = $notification['sharedSecret'];
-		$shareWithRaw = $notification[CalendarFederationNotifier::PROP_SYNC_CALENDAR_SHARE_WITH] ?? null;
-		$calendarUrl = $notification[CalendarFederationNotifier::PROP_SYNC_CALENDAR_CALENDAR_URL] ?? null;
-
-		if ($shareWithRaw === null || $shareWithRaw === '') {
-			throw new BadRequestException([CalendarFederationNotifier::PROP_SYNC_CALENDAR_SHARE_WITH]);
-		}
-
-		if ($calendarUrl === null || $calendarUrl === '') {
-			throw new BadRequestException([CalendarFederationNotifier::PROP_SYNC_CALENDAR_CALENDAR_URL]);
-		}
-
-		try {
-			$shareWith = $this->cloudIdManager->resolveCloudId($shareWithRaw);
-		} catch (\InvalidArgumentException $e) {
-			throw new ShareNotFound('Invalid sharee cloud id');
-		}
-
-		$calendars = $this->federatedCalendarMapper->findByRemoteUrl(
-			$calendarUrl,
-			'principals/users/' . $shareWith->getUser(),
-			$sharedSecret,
-		);
-		if (empty($calendars)) {
-			throw new ShareNotFound('Calendar is not shared with the sharee');
-		}
-
-		foreach ($calendars as $calendar) {
-			$this->jobList->add(FederatedCalendarSyncJob::class, [
-				FederatedCalendarSyncJob::ARGUMENT_ID => $calendar->getId(),
-			]);
-		}
-
-		return [];
-	}
+    public const PROVIDER_ID = 'calendar';
+    public const CALENDAR_RESOURCE = 'calendar';
+    public const USER_SHARE_TYPE = 'user';
+
+    public function __construct(
+        private readonly LoggerInterface $logger,
+        private readonly FederatedCalendarMapper $federatedCalendarMapper,
+        private readonly CalendarFederationConfig $calendarFederationConfig,
+        private readonly IJobList $jobList,
+        private readonly ICloudIdManager $cloudIdManager,
+    ) {
+    }
+
+    public function getShareType(): string {
+        return self::PROVIDER_ID;
+    }
+
+    public function shareReceived(ICloudFederationShare $share): string {
+        if (!$this->calendarFederationConfig->isFederationEnabled()) {
+            $this->logger->debug('Received a federation invite but federation is disabled');
+            throw new ProviderCouldNotAddShareException(
+                'Server does not support calendar federation',
+                '',
+                Http::STATUS_SERVICE_UNAVAILABLE,
+            );
+        }
+
+        if (!in_array($share->getShareType(), $this->getSupportedShareTypes(), true)) {
+            $this->logger->debug('Received a federation invite for invalid share type');
+            throw new ProviderCouldNotAddShareException(
+                'Support for sharing with non-users not implemented yet',
+                '',
+                Http::STATUS_NOT_IMPLEMENTED,
+            );
+            // TODO: Implement group shares
+        }
+
+        $rawProtocol = $share->getProtocol();
+        if (!isset($rawProtocol[ICalendarFederationProtocol::PROP_VERSION])) {
+            throw new ProviderCouldNotAddShareException(
+                'No protocol version',
+                '',
+                Http::STATUS_BAD_REQUEST,
+            );
+        }
+        switch ($rawProtocol[ICalendarFederationProtocol::PROP_VERSION]) {
+            case CalendarFederationProtocolV1::VERSION:
+                try {
+                    $protocol = CalendarFederationProtocolV1::parse($rawProtocol);
+                } catch (CalendarProtocolParseException $e) {
+                    throw new ProviderCouldNotAddShareException(
+                        'Invalid protocol data (v1)',
+                        '',
+                        Http::STATUS_BAD_REQUEST,
+                    );
+                }
+                $calendarUrl = $protocol->getUrl();
+                $displayName = $protocol->getDisplayName();
+                $color = $protocol->getColor();
+                $access = $protocol->getAccess();
+                $components = $protocol->getComponents();
+                break;
+            default:
+                throw new ProviderCouldNotAddShareException(
+                    'Unknown protocol version',
+                    '',
+                    Http::STATUS_BAD_REQUEST,
+                );
+        }
+
+        if (!$calendarUrl || !$displayName) {
+            throw new ProviderCouldNotAddShareException(
+                'Incomplete protocol data',
+                '',
+                Http::STATUS_BAD_REQUEST,
+            );
+        }
+
+        // TODO: implement read-write sharing
+        $permissions = match ($access) {
+            DavSharingBackend::ACCESS_READ => Constants::PERMISSION_READ,
+            default => throw new ProviderCouldNotAddShareException(
+                "Unsupported access value: $access",
+                '',
+                Http::STATUS_BAD_REQUEST,
+            ),
+        };
+
+        // The calendar uri is the local name of the calendar. As such it must not contain slashes.
+        // Just use the hashed url for simplicity here.
+        // Example: calendars/foo-bar-user/<calendar-uri>
+        $calendarUri = hash('md5', $calendarUrl);
+
+        $sharedWithPrincipal = 'principals/users/' . $share->getShareWith();
+
+        // Delete existing incoming federated share first
+        $this->federatedCalendarMapper->deleteByUri($sharedWithPrincipal, $calendarUri);
+
+        $calendar = new FederatedCalendarEntity();
+        $calendar->setPrincipaluri($sharedWithPrincipal);
+        $calendar->setUri($calendarUri);
+        $calendar->setRemoteUrl($calendarUrl);
+        $calendar->setDisplayName($displayName);
+        $calendar->setColor($color);
+        $calendar->setToken($share->getShareSecret());
+        $calendar->setSharedBy($share->getSharedBy());
+        $calendar->setSharedByDisplayName($share->getSharedByDisplayName());
+        $calendar->setPermissions($permissions);
+        $calendar->setComponents($components);
+        $calendar = $this->federatedCalendarMapper->insert($calendar);
+
+        $this->jobList->add(FederatedCalendarSyncJob::class, [
+            FederatedCalendarSyncJob::ARGUMENT_ID => $calendar->getId(),
+        ]);
+
+        return (string)$calendar->getId();
+    }
+
+    public function notificationReceived(
+        $notificationType,
+        $providerId,
+        array $notification,
+    ): array {
+        if ($providerId !== self::PROVIDER_ID) {
+            throw new BadRequestException(['providerId']);
+        }
+
+        switch ($notificationType) {
+            case CalendarFederationNotifier::NOTIFICATION_SYNC_CALENDAR:
+                return $this->handleSyncCalendarNotification($notification);
+            default:
+                return [];
+        }
+    }
+
+    /**
+     * @return string[]
+     */
+    public function getSupportedShareTypes(): array {
+        return [self::USER_SHARE_TYPE];
+    }
+
+    /**
+     * @throws BadRequestException If notification props are missing.
+     * @throws ShareNotFound If the notification is not related to a known share.
+     */
+    private function handleSyncCalendarNotification(array $notification): array {
+        $sharedSecret = $notification['sharedSecret'];
+        $shareWithRaw = $notification[CalendarFederationNotifier::PROP_SYNC_CALENDAR_SHARE_WITH] ?? null;
+        $calendarUrl = $notification[CalendarFederationNotifier::PROP_SYNC_CALENDAR_CALENDAR_URL] ?? null;
+
+        if ($shareWithRaw === null || $shareWithRaw === '') {
+            throw new BadRequestException([CalendarFederationNotifier::PROP_SYNC_CALENDAR_SHARE_WITH]);
+        }
+
+        if ($calendarUrl === null || $calendarUrl === '') {
+            throw new BadRequestException([CalendarFederationNotifier::PROP_SYNC_CALENDAR_CALENDAR_URL]);
+        }
+
+        try {
+            $shareWith = $this->cloudIdManager->resolveCloudId($shareWithRaw);
+        } catch (\InvalidArgumentException $e) {
+            throw new ShareNotFound('Invalid sharee cloud id');
+        }
+
+        $calendars = $this->federatedCalendarMapper->findByRemoteUrl(
+            $calendarUrl,
+            'principals/users/' . $shareWith->getUser(),
+            $sharedSecret,
+        );
+        if (empty($calendars)) {
+            throw new ShareNotFound('Calendar is not shared with the sharee');
+        }
+
+        foreach ($calendars as $calendar) {
+            $this->jobList->add(FederatedCalendarSyncJob::class, [
+                FederatedCalendarSyncJob::ARGUMENT_ID => $calendar->getId(),
+            ]);
+        }
+
+        return [];
+    }
 }

apps/dav/appinfo/v1/caldav.php

Indentation +32 added lines, -32 removed lines

@@ -39,25 +39,25 @@ 
 use Psr\Log\LoggerInterface;
 
 $authBackend = new Auth(
-	Server::get(ISession::class),
-	Server::get(IUserSession::class),
-	Server::get(IRequest::class),
-	Server::get(\OC\Authentication\TwoFactorAuth\Manager::class),
-	Server::get(IThrottler::class),
-	'principals/'
+    Server::get(ISession::class),
+    Server::get(IUserSession::class),
+    Server::get(IRequest::class),
+    Server::get(\OC\Authentication\TwoFactorAuth\Manager::class),
+    Server::get(IThrottler::class),
+    'principals/'
 );
 $principalBackend = new Principal(
-	Server::get(IUserManager::class),
-	Server::get(IGroupManager::class),
-	Server::get(IAccountManager::class),
-	Server::get(\OCP\Share\IManager::class),
-	Server::get(IUserSession::class),
-	Server::get(IAppManager::class),
-	Server::get(ProxyMapper::class),
-	Server::get(KnownUserService::class),
-	Server::get(IConfig::class),
-	\OC::$server->getL10NFactory(),
-	'principals/'
+    Server::get(IUserManager::class),
+    Server::get(IGroupManager::class),
+    Server::get(IAccountManager::class),
+    Server::get(\OCP\Share\IManager::class),
+    Server::get(IUserSession::class),
+    Server::get(IAppManager::class),
+    Server::get(ProxyMapper::class),
+    Server::get(KnownUserService::class),
+    Server::get(IConfig::class),
+    \OC::$server->getL10NFactory(),
+    'principals/'
 );
 $db = Server::get(IDBConnection::class);
 $userManager = Server::get(IUserManager::class);
@@ -70,17 +70,17 @@ 
 $federatedCalendarFactory = Server::get(FederatedCalendarFactory::class);
 
 $calDavBackend = new CalDavBackend(
-	$db,
-	$principalBackend,
-	$userManager,
-	$random,
-	$logger,
-	$dispatcher,
-	$config,
-	Server::get(\OCA\DAV\CalDAV\Sharing\Backend::class),
-	Server::get(FederatedCalendarMapper::class),
-	Server::get(ICacheFactory::class),
-	true
+    $db,
+    $principalBackend,
+    $userManager,
+    $random,
+    $logger,
+    $dispatcher,
+    $config,
+    Server::get(\OCA\DAV\CalDAV\Sharing\Backend::class),
+    Server::get(FederatedCalendarMapper::class),
+    Server::get(ICacheFactory::class),
+    true
 );
 
 $debugging = Server::get(IConfig::class)->getSystemValue('debug', false);
@@ -94,8 +94,8 @@ 
 $addressBookRoot->disableListing = !$debugging; // Disable listing
 
 $nodes = [
-	$principalCollection,
-	$addressBookRoot,
+    $principalCollection,
+    $addressBookRoot,
 ];
 
 // Fire up server
@@ -111,7 +111,7 @@ 
 
 $server->addPlugin(new LegacyDAVACL());
 if ($debugging) {
-	$server->addPlugin(new Sabre\DAV\Browser\Plugin());
+    $server->addPlugin(new Sabre\DAV\Browser\Plugin());
 }
 
 $server->addPlugin(new \Sabre\DAV\Sync\Plugin());
@@ -119,7 +119,7 @@ 
 $server->addPlugin(new \OCA\DAV\CalDAV\Schedule\Plugin(Server::get(IConfig::class), Server::get(LoggerInterface::class), Server::get(DefaultCalendarValidator::class)));
 
 if ($sendInvitations) {
-	$server->addPlugin(Server::get(IMipPlugin::class));
+    $server->addPlugin(Server::get(IMipPlugin::class));
 }
 $server->addPlugin(new ExceptionLoggerPlugin('caldav', $logger));
 $server->addPlugin(Server::get(RateLimitingPlugin::class));

apps/dav/tests/unit/Connector/Sabre/PropFindMonitorPluginTest.php

Indentation +106 added lines, -106 removed lines

@@ -16,116 +16,116 @@
 
 class PropFindMonitorPluginTest extends TestCase {
 
-	private PropFindMonitorPlugin $plugin;
-	private Server&MockObject $server;
-	private LoggerInterface&MockObject $logger;
-	private Request&MockObject $request;
-	private Response&MockObject $response;
+    private PropFindMonitorPlugin $plugin;
+    private Server&MockObject $server;
+    private LoggerInterface&MockObject $logger;
+    private Request&MockObject $request;
+    private Response&MockObject $response;
 
-	public static function dataTest(): array {
-		$minQueriesTrigger = PropFindMonitorPlugin::THRESHOLD_QUERY_FACTOR
-			* PropFindMonitorPlugin::THRESHOLD_NODES;
-		return [
-			'No queries logged' => [[], 0],
-			'Plugins with queries in less than threshold nodes should not be logged' => [
-				[
-					'propFind' => [
-						[
-							'PluginName' => [
-								'queries' => 100,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES - 1]
-						],
-						[],
-					]
-				],
-				0
-			],
-			'Plugins with query-to-node ratio less than threshold should not be logged' => [
-				[
-					'propFind' => [
-						[
-							'PluginName' => [
-								'queries' => $minQueriesTrigger - 1,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES ],
-						],
-						[],
-					]
-				],
-				0
-			],
-			'Plugins with more nodes scanned than queries executed should not be logged' => [
-				[
-					'propFind' => [
-						[
-							'PluginName' => [
-								'queries' => $minQueriesTrigger,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES * 2],
-						],
-						[],]
-				],
-				0
-			],
-			'Plugins with queries only in highest depth level should not be logged' => [
-				[
-					'propFind' => [
-						[
-							'PluginName' => [
-								'queries' => $minQueriesTrigger,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES - 1
-							]
-						],
-						[
-							'PluginName' => [
-								'queries' => $minQueriesTrigger * 2,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES
-							]
-						],
-					]
-				],
-				0
-			],
-			'Plugins with too many queries should be logged' => [
-				[
-					'propFind' => [
-						[
-							'FirstPlugin' => [
-								'queries' => $minQueriesTrigger,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES,
-							],
-							'SecondPlugin' => [
-								'queries' => $minQueriesTrigger,
-								'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES,
-							]
-						],
-						[],
-					]
-				],
-				2
-			]
-		];
-	}
+    public static function dataTest(): array {
+        $minQueriesTrigger = PropFindMonitorPlugin::THRESHOLD_QUERY_FACTOR
+            * PropFindMonitorPlugin::THRESHOLD_NODES;
+        return [
+            'No queries logged' => [[], 0],
+            'Plugins with queries in less than threshold nodes should not be logged' => [
+                [
+                    'propFind' => [
+                        [
+                            'PluginName' => [
+                                'queries' => 100,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES - 1]
+                        ],
+                        [],
+                    ]
+                ],
+                0
+            ],
+            'Plugins with query-to-node ratio less than threshold should not be logged' => [
+                [
+                    'propFind' => [
+                        [
+                            'PluginName' => [
+                                'queries' => $minQueriesTrigger - 1,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES ],
+                        ],
+                        [],
+                    ]
+                ],
+                0
+            ],
+            'Plugins with more nodes scanned than queries executed should not be logged' => [
+                [
+                    'propFind' => [
+                        [
+                            'PluginName' => [
+                                'queries' => $minQueriesTrigger,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES * 2],
+                        ],
+                        [],]
+                ],
+                0
+            ],
+            'Plugins with queries only in highest depth level should not be logged' => [
+                [
+                    'propFind' => [
+                        [
+                            'PluginName' => [
+                                'queries' => $minQueriesTrigger,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES - 1
+                            ]
+                        ],
+                        [
+                            'PluginName' => [
+                                'queries' => $minQueriesTrigger * 2,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES
+                            ]
+                        ],
+                    ]
+                ],
+                0
+            ],
+            'Plugins with too many queries should be logged' => [
+                [
+                    'propFind' => [
+                        [
+                            'FirstPlugin' => [
+                                'queries' => $minQueriesTrigger,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES,
+                            ],
+                            'SecondPlugin' => [
+                                'queries' => $minQueriesTrigger,
+                                'nodes' => PropFindMonitorPlugin::THRESHOLD_NODES,
+                            ]
+                        ],
+                        [],
+                    ]
+                ],
+                2
+            ]
+        ];
+    }
 
-	#[\PHPUnit\Framework\Attributes\DataProvider('dataTest')]
-	public function test(array $queries, $expectedLogCalls): void {
-		$this->plugin->initialize($this->server);
-		$this->server->expects($this->once())->method('getPluginQueries')
-			->willReturn($queries);
+    #[\PHPUnit\Framework\Attributes\DataProvider('dataTest')]
+    public function test(array $queries, $expectedLogCalls): void {
+        $this->plugin->initialize($this->server);
+        $this->server->expects($this->once())->method('getPluginQueries')
+            ->willReturn($queries);
 
-		$this->server->expects(empty($queries) ? $this->never() : $this->once())
-			->method('getLogger')
-			->willReturn($this->logger);
+        $this->server->expects(empty($queries) ? $this->never() : $this->once())
+            ->method('getLogger')
+            ->willReturn($this->logger);
 
-		$this->logger->expects($this->exactly($expectedLogCalls))->method('error');
-		$this->plugin->afterResponse($this->request, $this->response);
-	}
+        $this->logger->expects($this->exactly($expectedLogCalls))->method('error');
+        $this->plugin->afterResponse($this->request, $this->response);
+    }
 
-	protected function setUp(): void {
-		parent::setUp();
+    protected function setUp(): void {
+        parent::setUp();
 
-		$this->plugin = new PropFindMonitorPlugin();
-		$this->server = $this->createMock(Server::class);
-		$this->logger = $this->createMock(LoggerInterface::class);
-		$this->request = $this->createMock(Request::class);
-		$this->response = $this->createMock(Response::class);
-	}
+        $this->plugin = new PropFindMonitorPlugin();
+        $this->server = $this->createMock(Server::class);
+        $this->logger = $this->createMock(LoggerInterface::class);
+        $this->request = $this->createMock(Request::class);
+        $this->response = $this->createMock(Response::class);
+    }
 }

apps/files_external/lib/Controller/GlobalStoragesController.php

Indentation +152 added lines, -152 removed lines

@@ -23,167 +23,167 @@
  * Global storages controller
  */
 class GlobalStoragesController extends StoragesController {
-	/**
-	 * Creates a new global storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param GlobalStoragesService $globalStoragesService storage service
-	 * @param LoggerInterface $logger
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 * @param IConfig $config
-	 */
-	public function __construct(
-		$appName,
-		IRequest $request,
-		IL10N $l10n,
-		GlobalStoragesService $globalStoragesService,
-		LoggerInterface $logger,
-		IUserSession $userSession,
-		IGroupManager $groupManager,
-		IConfig $config,
-	) {
-		parent::__construct(
-			$appName,
-			$request,
-			$l10n,
-			$globalStoragesService,
-			$logger,
-			$userSession,
-			$groupManager,
-			$config
-		);
-	}
+    /**
+     * Creates a new global storages controller.
+     *
+     * @param string $AppName application name
+     * @param IRequest $request request object
+     * @param IL10N $l10n l10n service
+     * @param GlobalStoragesService $globalStoragesService storage service
+     * @param LoggerInterface $logger
+     * @param IUserSession $userSession
+     * @param IGroupManager $groupManager
+     * @param IConfig $config
+     */
+    public function __construct(
+        $appName,
+        IRequest $request,
+        IL10N $l10n,
+        GlobalStoragesService $globalStoragesService,
+        LoggerInterface $logger,
+        IUserSession $userSession,
+        IGroupManager $groupManager,
+        IConfig $config,
+    ) {
+        parent::__construct(
+            $appName,
+            $request,
+            $l10n,
+            $globalStoragesService,
+            $logger,
+            $userSession,
+            $groupManager,
+            $config
+        );
+    }
 
-	/**
-	 * Create an external storage entry.
-	 *
-	 * @param string $mountPoint storage mount point
-	 * @param string $backend backend identifier
-	 * @param string $authMechanism authentication mechanism identifier
-	 * @param array $backendOptions backend-specific options
-	 * @param array $mountOptions mount-specific options
-	 * @param array $applicableUsers users for which to mount the storage
-	 * @param array $applicableGroups groups for which to mount the storage
-	 * @param int $priority priority
-	 *
-	 * @return DataResponse
-	 */
-	#[PasswordConfirmationRequired(strict: true)]
-	public function create(
-		$mountPoint,
-		$backend,
-		$authMechanism,
-		$backendOptions,
-		$mountOptions,
-		$applicableUsers,
-		$applicableGroups,
-		$priority,
-	) {
-		$canCreateNewLocalStorage = $this->config->getSystemValue('files_external_allow_create_new_local', true);
-		if (!$canCreateNewLocalStorage && $backend === 'local') {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Forbidden to manage local mounts')
-				],
-				Http::STATUS_FORBIDDEN
-			);
-		}
+    /**
+     * Create an external storage entry.
+     *
+     * @param string $mountPoint storage mount point
+     * @param string $backend backend identifier
+     * @param string $authMechanism authentication mechanism identifier
+     * @param array $backendOptions backend-specific options
+     * @param array $mountOptions mount-specific options
+     * @param array $applicableUsers users for which to mount the storage
+     * @param array $applicableGroups groups for which to mount the storage
+     * @param int $priority priority
+     *
+     * @return DataResponse
+     */
+    #[PasswordConfirmationRequired(strict: true)]
+    public function create(
+        $mountPoint,
+        $backend,
+        $authMechanism,
+        $backendOptions,
+        $mountOptions,
+        $applicableUsers,
+        $applicableGroups,
+        $priority,
+    ) {
+        $canCreateNewLocalStorage = $this->config->getSystemValue('files_external_allow_create_new_local', true);
+        if (!$canCreateNewLocalStorage && $backend === 'local') {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Forbidden to manage local mounts')
+                ],
+                Http::STATUS_FORBIDDEN
+            );
+        }
 
-		$newStorage = $this->createStorage(
-			$mountPoint,
-			$backend,
-			$authMechanism,
-			$backendOptions,
-			$mountOptions,
-			$applicableUsers,
-			$applicableGroups,
-			$priority
-		);
-		if ($newStorage instanceof DataResponse) {
-			return $newStorage;
-		}
+        $newStorage = $this->createStorage(
+            $mountPoint,
+            $backend,
+            $authMechanism,
+            $backendOptions,
+            $mountOptions,
+            $applicableUsers,
+            $applicableGroups,
+            $priority
+        );
+        if ($newStorage instanceof DataResponse) {
+            return $newStorage;
+        }
 
-		$response = $this->validate($newStorage);
-		if (!empty($response)) {
-			return $response;
-		}
+        $response = $this->validate($newStorage);
+        if (!empty($response)) {
+            return $response;
+        }
 
-		$newStorage = $this->service->addStorage($newStorage);
+        $newStorage = $this->service->addStorage($newStorage);
 
-		$this->updateStorageStatus($newStorage);
+        $this->updateStorageStatus($newStorage);
 
-		return new DataResponse(
-			$newStorage->jsonSerialize(true),
-			Http::STATUS_CREATED
-		);
-	}
+        return new DataResponse(
+            $newStorage->jsonSerialize(true),
+            Http::STATUS_CREATED
+        );
+    }
 
-	/**
-	 * Update an external storage entry.
-	 *
-	 * @param int $id storage id
-	 * @param string $mountPoint storage mount point
-	 * @param string $backend backend identifier
-	 * @param string $authMechanism authentication mechanism identifier
-	 * @param array $backendOptions backend-specific options
-	 * @param array $mountOptions mount-specific options
-	 * @param array $applicableUsers users for which to mount the storage
-	 * @param array $applicableGroups groups for which to mount the storage
-	 * @param int $priority priority
-	 *
-	 * @return DataResponse
-	 */
-	#[PasswordConfirmationRequired(strict: true)]
-	public function update(
-		$id,
-		$mountPoint,
-		$backend,
-		$authMechanism,
-		$backendOptions,
-		$mountOptions,
-		$applicableUsers,
-		$applicableGroups,
-		$priority,
-	) {
-		$storage = $this->createStorage(
-			$mountPoint,
-			$backend,
-			$authMechanism,
-			$backendOptions,
-			$mountOptions,
-			$applicableUsers,
-			$applicableGroups,
-			$priority
-		);
-		if ($storage instanceof DataResponse) {
-			return $storage;
-		}
-		$storage->setId($id);
+    /**
+     * Update an external storage entry.
+     *
+     * @param int $id storage id
+     * @param string $mountPoint storage mount point
+     * @param string $backend backend identifier
+     * @param string $authMechanism authentication mechanism identifier
+     * @param array $backendOptions backend-specific options
+     * @param array $mountOptions mount-specific options
+     * @param array $applicableUsers users for which to mount the storage
+     * @param array $applicableGroups groups for which to mount the storage
+     * @param int $priority priority
+     *
+     * @return DataResponse
+     */
+    #[PasswordConfirmationRequired(strict: true)]
+    public function update(
+        $id,
+        $mountPoint,
+        $backend,
+        $authMechanism,
+        $backendOptions,
+        $mountOptions,
+        $applicableUsers,
+        $applicableGroups,
+        $priority,
+    ) {
+        $storage = $this->createStorage(
+            $mountPoint,
+            $backend,
+            $authMechanism,
+            $backendOptions,
+            $mountOptions,
+            $applicableUsers,
+            $applicableGroups,
+            $priority
+        );
+        if ($storage instanceof DataResponse) {
+            return $storage;
+        }
+        $storage->setId($id);
 
-		$response = $this->validate($storage);
-		if (!empty($response)) {
-			return $response;
-		}
+        $response = $this->validate($storage);
+        if (!empty($response)) {
+            return $response;
+        }
 
-		try {
-			$storage = $this->service->updateStorage($storage);
-		} catch (NotFoundException $e) {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Storage with ID "%d" not found', [$id])
-				],
-				Http::STATUS_NOT_FOUND
-			);
-		}
+        try {
+            $storage = $this->service->updateStorage($storage);
+        } catch (NotFoundException $e) {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Storage with ID "%d" not found', [$id])
+                ],
+                Http::STATUS_NOT_FOUND
+            );
+        }
 
-		$this->updateStorageStatus($storage);
+        $this->updateStorageStatus($storage);
 
-		return new DataResponse(
-			$storage->jsonSerialize(true),
-			Http::STATUS_OK
-		);
-	}
+        return new DataResponse(
+            $storage->jsonSerialize(true),
+            Http::STATUS_OK
+        );
+    }
 }

apps/files_external/lib/Controller/UserGlobalStoragesController.php

Indentation +160 added lines, -160 removed lines

@@ -30,164 +30,164 @@
  * User global storages controller
  */
 class UserGlobalStoragesController extends StoragesController {
-	/**
-	 * Creates a new user global storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param UserGlobalStoragesService $userGlobalStoragesService storage service
-	 * @param LoggerInterface $logger
-	 * @param IUserSession $userSession
-	 * @param IGroupManager $groupManager
-	 */
-	public function __construct(
-		$appName,
-		IRequest $request,
-		IL10N $l10n,
-		UserGlobalStoragesService $userGlobalStoragesService,
-		LoggerInterface $logger,
-		IUserSession $userSession,
-		IGroupManager $groupManager,
-		IConfig $config,
-	) {
-		parent::__construct(
-			$appName,
-			$request,
-			$l10n,
-			$userGlobalStoragesService,
-			$logger,
-			$userSession,
-			$groupManager,
-			$config
-		);
-	}
-
-	/**
-	 * Get all storage entries
-	 *
-	 * @return DataResponse
-	 */
-	#[NoAdminRequired]
-	public function index() {
-		/** @var UserGlobalStoragesService */
-		$service = $this->service;
-		$storages = array_map(function ($storage) {
-			// remove configuration data, this must be kept private
-			$this->sanitizeStorage($storage);
-			return $storage->jsonSerialize(true);
-		}, $service->getUniqueStorages());
-
-		return new DataResponse(
-			$storages,
-			Http::STATUS_OK
-		);
-	}
-
-	protected function manipulateStorageConfig(StorageConfig $storage) {
-		/** @var AuthMechanism */
-		$authMechanism = $storage->getAuthMechanism();
-		$authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
-		/** @var Backend */
-		$backend = $storage->getBackend();
-		$backend->manipulateStorageConfig($storage, $this->userSession->getUser());
-	}
-
-	/**
-	 * Get an external storage entry.
-	 *
-	 * @param int $id storage id
-	 * @return DataResponse
-	 */
-	#[NoAdminRequired]
-	public function show($id) {
-		try {
-			$storage = $this->service->getStorage($id);
-
-			$this->updateStorageStatus($storage);
-		} catch (NotFoundException $e) {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Storage with ID "%d" not found', [$id])
-				],
-				Http::STATUS_NOT_FOUND
-			);
-		}
-
-		$this->sanitizeStorage($storage);
-
-		$data = $storage->jsonSerialize(true);
-		$isAdmin = $this->groupManager->isAdmin($this->userSession->getUser()->getUID());
-		$data['can_edit'] = $storage->getType() === StorageConfig::MOUNT_TYPE_PERSONAL || $isAdmin;
-
-		return new DataResponse(
-			$data,
-			Http::STATUS_OK
-		);
-	}
-
-	/**
-	 * Update an external storage entry.
-	 * Only allows setting user provided backend fields
-	 *
-	 * @param int $id storage id
-	 * @param array $backendOptions backend-specific options
-	 *
-	 * @return DataResponse
-	 */
-	#[NoAdminRequired]
-	#[PasswordConfirmationRequired(strict: true)]
-	public function update(
-		$id,
-		$backendOptions,
-	) {
-		try {
-			$storage = $this->service->getStorage($id);
-			$authMechanism = $storage->getAuthMechanism();
-			if ($authMechanism instanceof IUserProvided || $authMechanism instanceof  UserGlobalAuth) {
-				$authMechanism->saveBackendOptions($this->userSession->getUser(), $id, $backendOptions);
-				$authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
-			} else {
-				return new DataResponse(
-					[
-						'message' => $this->l10n->t('Storage with ID "%d" is not editable by non-admins', [$id])
-					],
-					Http::STATUS_FORBIDDEN
-				);
-			}
-		} catch (NotFoundException $e) {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Storage with ID "%d" not found', [$id])
-				],
-				Http::STATUS_NOT_FOUND
-			);
-		}
-
-		$this->updateStorageStatus($storage);
-		$this->sanitizeStorage($storage);
-
-		return new DataResponse(
-			$storage->jsonSerialize(true),
-			Http::STATUS_OK
-		);
-	}
-
-	/**
-	 * Remove sensitive data from a StorageConfig before returning it to the user
-	 *
-	 * @param StorageConfig $storage
-	 */
-	protected function sanitizeStorage(StorageConfig $storage) {
-		$storage->setBackendOptions([]);
-		$storage->setMountOptions([]);
-
-		if ($storage->getAuthMechanism() instanceof IUserProvided) {
-			try {
-				$storage->getAuthMechanism()->manipulateStorageConfig($storage, $this->userSession->getUser());
-			} catch (InsufficientDataForMeaningfulAnswerException $e) {
-				// not configured yet
-			}
-		}
-	}
+    /**
+     * Creates a new user global storages controller.
+     *
+     * @param string $AppName application name
+     * @param IRequest $request request object
+     * @param IL10N $l10n l10n service
+     * @param UserGlobalStoragesService $userGlobalStoragesService storage service
+     * @param LoggerInterface $logger
+     * @param IUserSession $userSession
+     * @param IGroupManager $groupManager
+     */
+    public function __construct(
+        $appName,
+        IRequest $request,
+        IL10N $l10n,
+        UserGlobalStoragesService $userGlobalStoragesService,
+        LoggerInterface $logger,
+        IUserSession $userSession,
+        IGroupManager $groupManager,
+        IConfig $config,
+    ) {
+        parent::__construct(
+            $appName,
+            $request,
+            $l10n,
+            $userGlobalStoragesService,
+            $logger,
+            $userSession,
+            $groupManager,
+            $config
+        );
+    }
+
+    /**
+     * Get all storage entries
+     *
+     * @return DataResponse
+     */
+    #[NoAdminRequired]
+    public function index() {
+        /** @var UserGlobalStoragesService */
+        $service = $this->service;
+        $storages = array_map(function ($storage) {
+            // remove configuration data, this must be kept private
+            $this->sanitizeStorage($storage);
+            return $storage->jsonSerialize(true);
+        }, $service->getUniqueStorages());
+
+        return new DataResponse(
+            $storages,
+            Http::STATUS_OK
+        );
+    }
+
+    protected function manipulateStorageConfig(StorageConfig $storage) {
+        /** @var AuthMechanism */
+        $authMechanism = $storage->getAuthMechanism();
+        $authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
+        /** @var Backend */
+        $backend = $storage->getBackend();
+        $backend->manipulateStorageConfig($storage, $this->userSession->getUser());
+    }
+
+    /**
+     * Get an external storage entry.
+     *
+     * @param int $id storage id
+     * @return DataResponse
+     */
+    #[NoAdminRequired]
+    public function show($id) {
+        try {
+            $storage = $this->service->getStorage($id);
+
+            $this->updateStorageStatus($storage);
+        } catch (NotFoundException $e) {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Storage with ID "%d" not found', [$id])
+                ],
+                Http::STATUS_NOT_FOUND
+            );
+        }
+
+        $this->sanitizeStorage($storage);
+
+        $data = $storage->jsonSerialize(true);
+        $isAdmin = $this->groupManager->isAdmin($this->userSession->getUser()->getUID());
+        $data['can_edit'] = $storage->getType() === StorageConfig::MOUNT_TYPE_PERSONAL || $isAdmin;
+
+        return new DataResponse(
+            $data,
+            Http::STATUS_OK
+        );
+    }
+
+    /**
+     * Update an external storage entry.
+     * Only allows setting user provided backend fields
+     *
+     * @param int $id storage id
+     * @param array $backendOptions backend-specific options
+     *
+     * @return DataResponse
+     */
+    #[NoAdminRequired]
+    #[PasswordConfirmationRequired(strict: true)]
+    public function update(
+        $id,
+        $backendOptions,
+    ) {
+        try {
+            $storage = $this->service->getStorage($id);
+            $authMechanism = $storage->getAuthMechanism();
+            if ($authMechanism instanceof IUserProvided || $authMechanism instanceof  UserGlobalAuth) {
+                $authMechanism->saveBackendOptions($this->userSession->getUser(), $id, $backendOptions);
+                $authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
+            } else {
+                return new DataResponse(
+                    [
+                        'message' => $this->l10n->t('Storage with ID "%d" is not editable by non-admins', [$id])
+                    ],
+                    Http::STATUS_FORBIDDEN
+                );
+            }
+        } catch (NotFoundException $e) {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Storage with ID "%d" not found', [$id])
+                ],
+                Http::STATUS_NOT_FOUND
+            );
+        }
+
+        $this->updateStorageStatus($storage);
+        $this->sanitizeStorage($storage);
+
+        return new DataResponse(
+            $storage->jsonSerialize(true),
+            Http::STATUS_OK
+        );
+    }
+
+    /**
+     * Remove sensitive data from a StorageConfig before returning it to the user
+     *
+     * @param StorageConfig $storage
+     */
+    protected function sanitizeStorage(StorageConfig $storage) {
+        $storage->setBackendOptions([]);
+        $storage->setMountOptions([]);
+
+        if ($storage->getAuthMechanism() instanceof IUserProvided) {
+            try {
+                $storage->getAuthMechanism()->manipulateStorageConfig($storage, $this->userSession->getUser());
+            } catch (InsufficientDataForMeaningfulAnswerException $e) {
+                // not configured yet
+            }
+        }
+    }
 }

apps/files_external/lib/Controller/StoragesController.php

Indentation +265 added lines, -265 removed lines

@@ -30,288 +30,288 @@
  * Base class for storages controllers
  */
 abstract class StoragesController extends Controller {
-	/**
-	 * Creates a new storages controller.
-	 *
-	 * @param string $AppName application name
-	 * @param IRequest $request request object
-	 * @param IL10N $l10n l10n service
-	 * @param StoragesService $storagesService storage service
-	 * @param LoggerInterface $logger
-	 */
-	public function __construct(
-		$appName,
-		IRequest $request,
-		protected IL10N $l10n,
-		protected StoragesService $service,
-		protected LoggerInterface $logger,
-		protected IUserSession $userSession,
-		protected IGroupManager $groupManager,
-		protected IConfig $config,
-	) {
-		parent::__construct($appName, $request);
-	}
+    /**
+     * Creates a new storages controller.
+     *
+     * @param string $AppName application name
+     * @param IRequest $request request object
+     * @param IL10N $l10n l10n service
+     * @param StoragesService $storagesService storage service
+     * @param LoggerInterface $logger
+     */
+    public function __construct(
+        $appName,
+        IRequest $request,
+        protected IL10N $l10n,
+        protected StoragesService $service,
+        protected LoggerInterface $logger,
+        protected IUserSession $userSession,
+        protected IGroupManager $groupManager,
+        protected IConfig $config,
+    ) {
+        parent::__construct($appName, $request);
+    }
 
-	/**
-	 * Create a storage from its parameters
-	 *
-	 * @param string $mountPoint storage mount point
-	 * @param string $backend backend identifier
-	 * @param string $authMechanism authentication mechanism identifier
-	 * @param array $backendOptions backend-specific options
-	 * @param array|null $mountOptions mount-specific options
-	 * @param array|null $applicableUsers users for which to mount the storage
-	 * @param array|null $applicableGroups groups for which to mount the storage
-	 * @param int|null $priority priority
-	 *
-	 * @return StorageConfig|DataResponse
-	 */
-	protected function createStorage(
-		$mountPoint,
-		$backend,
-		$authMechanism,
-		$backendOptions,
-		$mountOptions = null,
-		$applicableUsers = null,
-		$applicableGroups = null,
-		$priority = null,
-	) {
-		$canCreateNewLocalStorage = $this->config->getSystemValue('files_external_allow_create_new_local', true);
-		if (!$canCreateNewLocalStorage && $backend === 'local') {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Forbidden to manage local mounts')
-				],
-				Http::STATUS_FORBIDDEN
-			);
-		}
+    /**
+     * Create a storage from its parameters
+     *
+     * @param string $mountPoint storage mount point
+     * @param string $backend backend identifier
+     * @param string $authMechanism authentication mechanism identifier
+     * @param array $backendOptions backend-specific options
+     * @param array|null $mountOptions mount-specific options
+     * @param array|null $applicableUsers users for which to mount the storage
+     * @param array|null $applicableGroups groups for which to mount the storage
+     * @param int|null $priority priority
+     *
+     * @return StorageConfig|DataResponse
+     */
+    protected function createStorage(
+        $mountPoint,
+        $backend,
+        $authMechanism,
+        $backendOptions,
+        $mountOptions = null,
+        $applicableUsers = null,
+        $applicableGroups = null,
+        $priority = null,
+    ) {
+        $canCreateNewLocalStorage = $this->config->getSystemValue('files_external_allow_create_new_local', true);
+        if (!$canCreateNewLocalStorage && $backend === 'local') {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Forbidden to manage local mounts')
+                ],
+                Http::STATUS_FORBIDDEN
+            );
+        }
 
-		try {
-			return $this->service->createStorage(
-				$mountPoint,
-				$backend,
-				$authMechanism,
-				$backendOptions,
-				$mountOptions,
-				$applicableUsers,
-				$applicableGroups,
-				$priority
-			);
-		} catch (\InvalidArgumentException $e) {
-			$this->logger->error($e->getMessage(), ['exception' => $e]);
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Invalid backend or authentication mechanism class')
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-	}
+        try {
+            return $this->service->createStorage(
+                $mountPoint,
+                $backend,
+                $authMechanism,
+                $backendOptions,
+                $mountOptions,
+                $applicableUsers,
+                $applicableGroups,
+                $priority
+            );
+        } catch (\InvalidArgumentException $e) {
+            $this->logger->error($e->getMessage(), ['exception' => $e]);
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Invalid backend or authentication mechanism class')
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+    }
 
-	/**
-	 * Validate storage config
-	 *
-	 * @param StorageConfig $storage storage config
-	 *1
-	 * @return DataResponse|null returns response in case of validation error
-	 */
-	protected function validate(StorageConfig $storage) {
-		$mountPoint = $storage->getMountPoint();
-		if ($mountPoint === '') {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Invalid mount point'),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
+    /**
+     * Validate storage config
+     *
+     * @param StorageConfig $storage storage config
+     *1
+     * @return DataResponse|null returns response in case of validation error
+     */
+    protected function validate(StorageConfig $storage) {
+        $mountPoint = $storage->getMountPoint();
+        if ($mountPoint === '') {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Invalid mount point'),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
 
-		if ($storage->getBackendOption('objectstore')) {
-			// objectstore must not be sent from client side
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Objectstore forbidden'),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
+        if ($storage->getBackendOption('objectstore')) {
+            // objectstore must not be sent from client side
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Objectstore forbidden'),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
 
-		/** @var Backend */
-		$backend = $storage->getBackend();
-		/** @var AuthMechanism */
-		$authMechanism = $storage->getAuthMechanism();
-		if ($backend->checkDependencies()) {
-			// invalid backend
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Invalid storage backend "%s"', [
-						$backend->getIdentifier(),
-					]),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
+        /** @var Backend */
+        $backend = $storage->getBackend();
+        /** @var AuthMechanism */
+        $authMechanism = $storage->getAuthMechanism();
+        if ($backend->checkDependencies()) {
+            // invalid backend
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Invalid storage backend "%s"', [
+                        $backend->getIdentifier(),
+                    ]),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
 
-		if (!$backend->isVisibleFor($this->service->getVisibilityType())) {
-			// not permitted to use backend
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Not permitted to use backend "%s"', [
-						$backend->getIdentifier(),
-					]),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-		if (!$authMechanism->isVisibleFor($this->service->getVisibilityType())) {
-			// not permitted to use auth mechanism
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Not permitted to use authentication mechanism "%s"', [
-						$authMechanism->getIdentifier(),
-					]),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
+        if (!$backend->isVisibleFor($this->service->getVisibilityType())) {
+            // not permitted to use backend
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Not permitted to use backend "%s"', [
+                        $backend->getIdentifier(),
+                    ]),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+        if (!$authMechanism->isVisibleFor($this->service->getVisibilityType())) {
+            // not permitted to use auth mechanism
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Not permitted to use authentication mechanism "%s"', [
+                        $authMechanism->getIdentifier(),
+                    ]),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
 
-		if (!$backend->validateStorage($storage)) {
-			// unsatisfied parameters
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Unsatisfied backend parameters'),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
-		if (!$authMechanism->validateStorage($storage)) {
-			// unsatisfied parameters
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Unsatisfied authentication mechanism parameters'),
-				],
-				Http::STATUS_UNPROCESSABLE_ENTITY
-			);
-		}
+        if (!$backend->validateStorage($storage)) {
+            // unsatisfied parameters
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Unsatisfied backend parameters'),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
+        if (!$authMechanism->validateStorage($storage)) {
+            // unsatisfied parameters
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Unsatisfied authentication mechanism parameters'),
+                ],
+                Http::STATUS_UNPROCESSABLE_ENTITY
+            );
+        }
 
-		return null;
-	}
+        return null;
+    }
 
-	protected function manipulateStorageConfig(StorageConfig $storage) {
-		/** @var AuthMechanism */
-		$authMechanism = $storage->getAuthMechanism();
-		$authMechanism->manipulateStorageConfig($storage);
-		/** @var Backend */
-		$backend = $storage->getBackend();
-		$backend->manipulateStorageConfig($storage);
-	}
+    protected function manipulateStorageConfig(StorageConfig $storage) {
+        /** @var AuthMechanism */
+        $authMechanism = $storage->getAuthMechanism();
+        $authMechanism->manipulateStorageConfig($storage);
+        /** @var Backend */
+        $backend = $storage->getBackend();
+        $backend->manipulateStorageConfig($storage);
+    }
 
-	/**
-	 * Check whether the given storage is available / valid.
-	 *
-	 * Note that this operation can be time consuming depending
-	 * on whether the remote storage is available or not.
-	 *
-	 * @param StorageConfig $storage storage configuration
-	 */
-	protected function updateStorageStatus(StorageConfig &$storage) {
-		try {
-			$this->manipulateStorageConfig($storage);
+    /**
+     * Check whether the given storage is available / valid.
+     *
+     * Note that this operation can be time consuming depending
+     * on whether the remote storage is available or not.
+     *
+     * @param StorageConfig $storage storage configuration
+     */
+    protected function updateStorageStatus(StorageConfig &$storage) {
+        try {
+            $this->manipulateStorageConfig($storage);
 
-			/** @var Backend */
-			$backend = $storage->getBackend();
-			// update status (can be time-consuming)
-			$storage->setStatus(
-				MountConfig::getBackendStatus(
-					$backend->getStorageClass(),
-					$storage->getBackendOptions(),
-				)
-			);
-		} catch (InsufficientDataForMeaningfulAnswerException $e) {
-			$status = $e->getCode() ?: StorageNotAvailableException::STATUS_INDETERMINATE;
-			$storage->setStatus(
-				(int)$status,
-				$this->l10n->t('Insufficient data: %s', [$e->getMessage()])
-			);
-		} catch (StorageNotAvailableException $e) {
-			$storage->setStatus(
-				(int)$e->getCode(),
-				$this->l10n->t('%s', [$e->getMessage()])
-			);
-		} catch (\Exception $e) {
-			// FIXME: convert storage exceptions to StorageNotAvailableException
-			$storage->setStatus(
-				StorageNotAvailableException::STATUS_ERROR,
-				get_class($e) . ': ' . $e->getMessage()
-			);
-		}
-	}
+            /** @var Backend */
+            $backend = $storage->getBackend();
+            // update status (can be time-consuming)
+            $storage->setStatus(
+                MountConfig::getBackendStatus(
+                    $backend->getStorageClass(),
+                    $storage->getBackendOptions(),
+                )
+            );
+        } catch (InsufficientDataForMeaningfulAnswerException $e) {
+            $status = $e->getCode() ?: StorageNotAvailableException::STATUS_INDETERMINATE;
+            $storage->setStatus(
+                (int)$status,
+                $this->l10n->t('Insufficient data: %s', [$e->getMessage()])
+            );
+        } catch (StorageNotAvailableException $e) {
+            $storage->setStatus(
+                (int)$e->getCode(),
+                $this->l10n->t('%s', [$e->getMessage()])
+            );
+        } catch (\Exception $e) {
+            // FIXME: convert storage exceptions to StorageNotAvailableException
+            $storage->setStatus(
+                StorageNotAvailableException::STATUS_ERROR,
+                get_class($e) . ': ' . $e->getMessage()
+            );
+        }
+    }
 
-	/**
-	 * Get all storage entries
-	 *
-	 * @return DataResponse
-	 */
-	public function index() {
-		$storages = array_map(static fn ($storage) => $storage->jsonSerialize(true), $this->service->getStorages());
+    /**
+     * Get all storage entries
+     *
+     * @return DataResponse
+     */
+    public function index() {
+        $storages = array_map(static fn ($storage) => $storage->jsonSerialize(true), $this->service->getStorages());
 
-		return new DataResponse(
-			$storages,
-			Http::STATUS_OK
-		);
-	}
+        return new DataResponse(
+            $storages,
+            Http::STATUS_OK
+        );
+    }
 
-	/**
-	 * Get an external storage entry.
-	 *
-	 * @param int $id storage id
-	 *
-	 * @return DataResponse
-	 */
-	public function show(int $id) {
-		try {
-			$storage = $this->service->getStorage($id);
+    /**
+     * Get an external storage entry.
+     *
+     * @param int $id storage id
+     *
+     * @return DataResponse
+     */
+    public function show(int $id) {
+        try {
+            $storage = $this->service->getStorage($id);
 
-			$this->updateStorageStatus($storage);
-		} catch (NotFoundException $e) {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Storage with ID "%d" not found', [$id]),
-				],
-				Http::STATUS_NOT_FOUND
-			);
-		}
+            $this->updateStorageStatus($storage);
+        } catch (NotFoundException $e) {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Storage with ID "%d" not found', [$id]),
+                ],
+                Http::STATUS_NOT_FOUND
+            );
+        }
 
-		$data = $storage->jsonSerialize(true);
-		$isAdmin = $this->groupManager->isAdmin($this->userSession->getUser()->getUID());
-		$data['can_edit'] = $storage->getType() === StorageConfig::MOUNT_TYPE_PERSONAL || $isAdmin;
+        $data = $storage->jsonSerialize(true);
+        $isAdmin = $this->groupManager->isAdmin($this->userSession->getUser()->getUID());
+        $data['can_edit'] = $storage->getType() === StorageConfig::MOUNT_TYPE_PERSONAL || $isAdmin;
 
-		return new DataResponse(
-			$data,
-			Http::STATUS_OK
-		);
-	}
+        return new DataResponse(
+            $data,
+            Http::STATUS_OK
+        );
+    }
 
-	/**
-	 * Deletes the storage with the given id.
-	 *
-	 * @param int $id storage id
-	 *
-	 * @return DataResponse
-	 */
-	#[PasswordConfirmationRequired(strict: true)]
-	public function destroy(int $id) {
-		try {
-			$this->service->removeStorage($id);
-		} catch (NotFoundException $e) {
-			return new DataResponse(
-				[
-					'message' => $this->l10n->t('Storage with ID "%d" not found', [$id]),
-				],
-				Http::STATUS_NOT_FOUND
-			);
-		}
+    /**
+     * Deletes the storage with the given id.
+     *
+     * @param int $id storage id
+     *
+     * @return DataResponse
+     */
+    #[PasswordConfirmationRequired(strict: true)]
+    public function destroy(int $id) {
+        try {
+            $this->service->removeStorage($id);
+        } catch (NotFoundException $e) {
+            return new DataResponse(
+                [
+                    'message' => $this->l10n->t('Storage with ID "%d" not found', [$id]),
+                ],
+                Http::STATUS_NOT_FOUND
+            );
+        }
 
-		return new DataResponse([], Http::STATUS_NO_CONTENT);
-	}
+        return new DataResponse([], Http::STATUS_NO_CONTENT);
+    }
 }