feat!: Adjust default php timeout for controller requests and add attribute to adjust

Signed-off-by: Julius Härtl <jus@bitgrid.net>

diff --git a/core/Controller/PreviewController.php b/core/Controller/PreviewController.php
index a3b826c19e64d769cd555d224ef146858a8d3de9..7ac70181fd9b13895b55bb045f35a25f8edfe278 100644 (file)
--- a/core/Controller/PreviewController.php
+++ b/core/Controller/PreviewController.php
@@ -14,6 +14,7 @@ use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\FrontpageRoute;
 use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
+use OCP\AppFramework\Http\Attribute\RequestTimeout;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\Http\FileDisplayResponse;
 use OCP\AppFramework\Http\RedirectResponse;
@@ -58,6 +59,7 @@ class PreviewController extends Controller {
        #[NoAdminRequired]
        #[NoCSRFRequired]
        #[FrontpageRoute(verb: 'GET', url: '/core/preview.png')]
+       #[RequestTimeout(timeout: 25)]
        public function getPreview(
                string $file = '',
                int $x = 32,
@@ -101,6 +103,7 @@ class PreviewController extends Controller {
        #[NoAdminRequired]
        #[NoCSRFRequired]
        #[FrontpageRoute(verb: 'GET', url: '/core/preview')]
+       #[RequestTimeout(timeout: 25)]
        public function getPreviewByFileId(
                int $fileId = -1,
                int $x = 32,

diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
index 4bd8f96454e25b3f225c10267be1c9b139bcbca4..a5551540b1927072a6abbe2e6a604267a8912279 100644 (file)
--- a/lib/composer/composer/autoload_classmap.php
+++ b/lib/composer/composer/autoload_classmap.php
@@ -56,6 +56,7 @@ return array(
     'OCP\\AppFramework\\Http\\Attribute\\OpenAPI' => $baseDir . '/lib/public/AppFramework/Http/Attribute/OpenAPI.php',
     'OCP\\AppFramework\\Http\\Attribute\\PasswordConfirmationRequired' => $baseDir . '/lib/public/AppFramework/Http/Attribute/PasswordConfirmationRequired.php',
     'OCP\\AppFramework\\Http\\Attribute\\PublicPage' => $baseDir . '/lib/public/AppFramework/Http/Attribute/PublicPage.php',
+    'OCP\\AppFramework\\Http\\Attribute\\RequestTimeout' => $baseDir . '/lib/public/AppFramework/Http/Attribute/RequestTimeout.php',
     'OCP\\AppFramework\\Http\\Attribute\\Route' => $baseDir . '/lib/public/AppFramework/Http/Attribute/Route.php',
     'OCP\\AppFramework\\Http\\Attribute\\StrictCookiesRequired' => $baseDir . '/lib/public/AppFramework/Http/Attribute/StrictCookiesRequired.php',
     'OCP\\AppFramework\\Http\\Attribute\\SubAdminRequired' => $baseDir . '/lib/public/AppFramework/Http/Attribute/SubAdminRequired.php',
@@ -935,6 +936,7 @@ return array(
     'OC\\AppFramework\\Middleware\\OCSMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/OCSMiddleware.php',
     'OC\\AppFramework\\Middleware\\PublicShare\\Exceptions\\NeedAuthenticationException' => $baseDir . '/lib/private/AppFramework/Middleware/PublicShare/Exceptions/NeedAuthenticationException.php',
     'OC\\AppFramework\\Middleware\\PublicShare\\PublicShareMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php',
+    'OC\\AppFramework\\Middleware\\RequestTimeMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/RequestTimeMiddleware.php',
     'OC\\AppFramework\\Middleware\\Security\\BruteForceMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php',
     'OC\\AppFramework\\Middleware\\Security\\CORSMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php',
     'OC\\AppFramework\\Middleware\\Security\\CSPMiddleware' => $baseDir . '/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php',

diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
index a9737d27c83732b94e4aa338c93d402c1015b0d3..eaf345da0d26cdbae316752af7e7474a60a0adf7 100644 (file)
--- a/lib/composer/composer/autoload_static.php
+++ b/lib/composer/composer/autoload_static.php
@@ -89,6 +89,7 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OCP\\AppFramework\\Http\\Attribute\\OpenAPI' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/OpenAPI.php',
         'OCP\\AppFramework\\Http\\Attribute\\PasswordConfirmationRequired' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/PasswordConfirmationRequired.php',
         'OCP\\AppFramework\\Http\\Attribute\\PublicPage' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/PublicPage.php',
+        'OCP\\AppFramework\\Http\\Attribute\\RequestTimeout' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/RequestTimeout.php',
         'OCP\\AppFramework\\Http\\Attribute\\Route' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/Route.php',
         'OCP\\AppFramework\\Http\\Attribute\\StrictCookiesRequired' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/StrictCookiesRequired.php',
         'OCP\\AppFramework\\Http\\Attribute\\SubAdminRequired' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Attribute/SubAdminRequired.php',
@@ -968,6 +969,7 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
         'OC\\AppFramework\\Middleware\\OCSMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/OCSMiddleware.php',
         'OC\\AppFramework\\Middleware\\PublicShare\\Exceptions\\NeedAuthenticationException' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/PublicShare/Exceptions/NeedAuthenticationException.php',
         'OC\\AppFramework\\Middleware\\PublicShare\\PublicShareMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php',
+        'OC\\AppFramework\\Middleware\\RequestTimeMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/RequestTimeMiddleware.php',
         'OC\\AppFramework\\Middleware\\Security\\BruteForceMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php',
         'OC\\AppFramework\\Middleware\\Security\\CORSMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php',
         'OC\\AppFramework\\Middleware\\Security\\CSPMiddleware' => __DIR__ . '/../../..' . '/lib/private/AppFramework/Middleware/Security/CSPMiddleware.php',

diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php
index a96e050c0e64372ac450a4e094ae6c175e165194..cdfcc31b62663ed565b895645fbc90f54304ab8e 100644 (file)
--- a/lib/private/AppFramework/DependencyInjection/DIContainer.php
+++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php
@@ -292,6 +292,9 @@ class DIContainer extends SimpleContainer implements IAppContainer {
                                        $c->get(IThrottler::class)
                                )
                        );
+                       $dispatcher->registerMiddleware(
+                               new OC\AppFramework\Middleware\RequestTimeMiddleware()
+                       );
                        $dispatcher->registerMiddleware(
                                $c->get(\OC\AppFramework\Middleware\AdditionalScriptsMiddleware::class)
                        );

diff --git a/lib/private/AppFramework/Middleware/RequestTimeMiddleware.php b/lib/private/AppFramework/Middleware/RequestTimeMiddleware.php
new file mode 100644 (file)
index 0000000..7961fd1
--- /dev/null
+++ b/lib/private/AppFramework/Middleware/RequestTimeMiddleware.php
@@ -0,0 +1,29 @@
+<?php
+
+declare(strict_types=1);
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+namespace OC\AppFramework\Middleware;
+
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\RequestTimeout;
+use OCP\AppFramework\Middleware;
+use ReflectionMethod;
+
+class RequestTimeMiddleware extends Middleware {
+       public function beforeController(Controller $controller, string $methodName) {
+               // Default timeout
+               $timeout = 30;
+               $reflectionMethod = new ReflectionMethod($controller, $methodName);
+               $attributes = $reflectionMethod->getAttributes(RequestTimeout::class);
+               foreach ($attributes as $attribute) {
+                       /** @var RequestTimeout $timeout */
+                       $timeoutAttribute = $attribute->newInstance();
+                       $timeout = $timeoutAttribute->getTimeout();
+               }
+
+               @ini_set('max_execution_time', strval($timeout));
+       }
+}

diff --git a/lib/public/AppFramework/Http/Attribute/RequestTimeout.php b/lib/public/AppFramework/Http/Attribute/RequestTimeout.php
new file mode 100644 (file)
index 0000000..47aff28
--- /dev/null
+++ b/lib/public/AppFramework/Http/Attribute/RequestTimeout.php
@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCP\AppFramework\Http\Attribute;
+
+use Attribute;
+
+/**
+ * Attribute for controller methods that want to limit the times a not logged-in
+ * guest can call the endpoint in a given time period.
+ *
+ * @since 31.0.0
+ */
+#[Attribute(Attribute::TARGET_METHOD)]
+class RequestTimeout {
+       /**
+        * @param int $timeout The maximum time the php process should run
+        * @since 31.0.0
+        */
+       public function __construct(
+               protected int $timeout,
+       ) {
+       }
+
+       /**
+        * @return int The maximum time the php process should run
+        * @since 31.0.0
+        */
+       public function getTimeout(): int {
+               return $this->timeout;
+       }
+}