'url' => '/ajax/public_key.php',
'verb' => 'POST',
'requirements' => array()
- ),
- [
- 'name' => 'UserCredentials#store',
- 'url' => '/usercredentials/{storageId}',
- 'verb' => 'PUT'
- ]
+ )
)
)
);
+++ /dev/null
-<?php
-/**
- * @author Robin Appelman <icewind@owncloud.com>
- *
- * @copyright Copyright (c) 2015, ownCloud, Inc.
- * @license AGPL-3.0
- *
- * This code is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License, version 3,
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License, version 3,
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-namespace OCA\Files_External\Controller;
-
-use OCA\Calendar\Sabre\Backend;
-use OCA\Files_External\Lib\Auth\AuthMechanism;
-use OCA\Files_External\Lib\Auth\Password\UserProvided;
-use OCA\Files_external\Lib\StorageConfig;
-use OCA\Files_External\Service\UserGlobalStoragesService;
-use OCP\AppFramework\Controller;
-use OCP\AppFramework\Http;
-use OCP\AppFramework\Http\DataResponse;
-use OCP\IL10N;
-use OCP\IRequest;
-use OCP\IUserSession;
-
-class UserCredentialsController extends StoragesController {
- /**
- * @var UserProvided
- */
- private $authMechanism;
-
- /**
- * @var IUserSession
- */
- private $userSession;
-
- /**
- * @var UserGlobalStoragesService
- */
- private $globalStoragesService;
-
- public function __construct(
- $appName, IRequest $request,
- UserProvided $authMechanism,
- IUserSession $userSession,
- IL10N $l10n,
- UserGlobalStoragesService $globalStoragesService
- ) {
- parent::__construct($appName, $request, $l10n, $globalStoragesService);
- $this->authMechanism = $authMechanism;
- $this->userSession = $userSession;
- $this->globalStoragesService = $globalStoragesService;
- }
-
- /**
- * @param int $storageId
- * @param string $username
- * @param string $password
- *
- * @NoAdminRequired
- * @return DataResponse
- */
- public function store($storageId, $username, $password) {
- $this->authMechanism->saveCredentials($this->userSession->getUser(), $storageId, $username, $password);
-
- $storage = $this->globalStoragesService->getStorage($storageId);
-
- $this->updateStorageStatus($storage);
-
- $storage->setBackendOptions([]);
- $storage->setMountOptions([]);
- $this->manipulateStorageConfig($storage);
-
-
- return new DataResponse(
- $storage,
- Http::STATUS_OK
- );
- }
-
- protected function manipulateStorageConfig(StorageConfig $storage) {
- /** @var AuthMechanism */
- $authMechanism = $storage->getAuthMechanism();
- $authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
- /** @var Backend */
- $backend = $storage->getBackend();
- $backend->manipulateStorageConfig($storage, $this->userSession->getUser());
- }
-}
namespace OCA\Files_External\Controller;
use OCA\Files_External\Lib\Auth\AuthMechanism;
+use OCA\Files_External\Lib\Auth\IUserProvided;
use OCA\Files_External\Lib\Auth\Password\UserProvided;
use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException;
use \OCP\IRequest;
use \OCP\IL10N;
use \OCP\AppFramework\Http\DataResponse;
-use \OCP\AppFramework\Controller;
use \OCP\AppFramework\Http;
use \OCA\Files_external\Service\UserGlobalStoragesService;
use \OCA\Files_external\NotFoundException;
);
}
+ /**
+ * Update an external storage entry.
+ * Only allows setting user provided backend fields
+ *
+ * @param int $id storage id
+ * @param array $backendOptions backend-specific options
+ *
+ * @return DataResponse
+ *
+ * @NoAdminRequired
+ */
+ public function update(
+ $id,
+ $backendOptions
+ ) {
+ try {
+ $storage = $this->service->getStorage($id);
+ $authMechanism = $storage->getAuthMechanism();
+ if ($authMechanism instanceof IUserProvided) {
+ $authMechanism->saveBackendOptions($this->userSession->getUser(), $id, $backendOptions);
+ $authMechanism->manipulateStorageConfig($storage, $this->userSession->getUser());
+ } else {
+ return new DataResponse(
+ [
+ 'message' => (string)$this->l10n->t('Storage with id "%i" is not user editable', array($id))
+ ],
+ Http::STATUS_FORBIDDEN
+ );
+ }
+ } catch (NotFoundException $e) {
+ return new DataResponse(
+ [
+ 'message' => (string)$this->l10n->t('Storage with id "%i" not found', array($id))
+ ],
+ Http::STATUS_NOT_FOUND
+ );
+ }
+
+ $this->updateStorageStatus($storage);
+ $this->sanitizeStorage($storage);
+
+ return new DataResponse(
+ $storage,
+ Http::STATUS_OK
+ );
+
+ }
+
/**
* Remove sensitive data from a StorageConfig before returning it to the user
*
UserGlobalStorageConfig.prototype = _.extend({}, StorageConfig.prototype,
/** @lends OCA.External.Settings.UserStorageConfig.prototype */ {
- _url: 'apps/files_external/userglobalstorages',
-
- /**
- * Creates or saves the storage.
- *
- * @param {Function} [options.success] success callback, receives result as argument
- * @param {Function} [options.error] error callback
- */
- save: function (options) {
- var self = this;
- var url = OC.generateUrl('apps/files_external/usercredentials/{id}', {id: this.id});
-
- $.ajax({
- type: 'PUT',
- url: url,
- contentType: 'application/json',
- data: JSON.stringify({
- username: this.backendOptions.user,
- password: this.backendOptions.password
- }),
- success: function (result) {
- if (_.isFunction(options.success)) {
- options.success(result);
- }
- },
- error: options.error
- });
- }
+ _url: 'apps/files_external/userglobalstorages'
});
/**
var onCompletion = jQuery.Deferred();
$.each(result, function(i, storageParams) {
var storageConfig;
- var isUserProvidedAuth = storageParams.authMechanism === 'password::userprovided';
+ console.log(storageParams);
+ var isUserGlobal = storageParams.type === 'system' && self._isPersonal;
storageParams.mountPoint = storageParams.mountPoint.substr(1); // trim leading slash
- if (isUserProvidedAuth) {
+ if (isUserGlobal) {
storageConfig = new UserGlobalStorageConfig();
} else {
storageConfig = new self._storageConfigClass();
$tr.find('.mountOptionsToggle, .remove').empty();
$tr.find('input:not(.user_provided), select:not(.user_provided)').attr('disabled', 'disabled');
- if (isUserProvidedAuth) {
+ if (isUserGlobal) {
$tr.find('.configuration').find(':not(.user_provided)').remove();
} else {
// userglobal storages do not expose configuration data
--- /dev/null
+<?php
+/**
+ * @author Robin Appelman <icewind@owncloud.com>
+ *
+ * @copyright Copyright (c) 2015, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Files_External\Lib\Auth;
+
+use OCP\IUser;
+
+/**
+ * For auth mechanisms where the user needs to provide credentials
+ */
+interface IUserProvided {
+ /**
+ * @param IUser $user the user for which to save the user provided options
+ * @param int $mountId the mount id to save the options for
+ * @param array $options the user provided options
+ */
+ public function saveBackendOptions(IUser $user, $mountId, array $options);
+}
namespace OCA\Files_External\Lib\Auth\Password;
+use OCA\Files_External\Lib\Auth\IUserProvided;
use OCA\Files_External\Lib\DefinitionParameter;
use OCA\Files_External\Service\BackendService;
use OCP\IL10N;
/**
* User provided Username and Password
*/
-class UserProvided extends AuthMechanism {
+class UserProvided extends AuthMechanism implements IUserProvided {
const CREDENTIALS_IDENTIFIER_PREFIX = 'password::userprovided/';
return self::CREDENTIALS_IDENTIFIER_PREFIX . $storageId;
}
- public function saveCredentials(IUser $user, $id, $username, $password) {
+ public function saveBackendOptions(IUser $user, $id, array $options) {
$this->credentialsManager->store($user->getUID(), $this->getCredentialsIdentifier($id), [
- 'user' => $username,
- 'password' => $password
+ 'user' => $options['user'], // explicitly copy the fields we want instead of just passing the entire $options array
+ 'password' => $options['password'] // this way we prevent users from being able to modify any other field
]);
}
if (!is_null($this->statusMessage)) {
$result['statusMessage'] = $this->statusMessage;
}
+ $result['type'] = ($this->getType() === self::MOUNT_TYPE_PERSONAl) ? 'personal': 'system';
return $result;
}
}
projects / nextcloud-server.git / commitdiff