From 72aaf2e5fbf501eeb4cae0445cd1398edbbacf37 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Julius=20H=C3=A4rtl?= Date: Wed, 24 Jul 2019 11:53:53 +0200 Subject: [PATCH] files_external: Make sure the correct user context is used in substitution of variables MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- .../lib/Config/SimpleSubstitutionTrait.php | 2 +- .../files_external/lib/Config/UserContext.php | 66 +++++++++++++++++++ .../lib/Config/UserPlaceholderHandler.php | 19 ++---- .../lib/Handler/ExtStorageConfigHandler.php | 15 ++--- 4 files changed, 75 insertions(+), 27 deletions(-) create mode 100644 apps/files_external/lib/Config/UserContext.php diff --git a/apps/files_external/lib/Config/SimpleSubstitutionTrait.php b/apps/files_external/lib/Config/SimpleSubstitutionTrait.php index 05bd529f1c1..1dc5f16779c 100644 --- a/apps/files_external/lib/Config/SimpleSubstitutionTrait.php +++ b/apps/files_external/lib/Config/SimpleSubstitutionTrait.php @@ -34,7 +34,7 @@ trait SimpleSubstitutionTrait { * @var string the placeholder without $ prefix * @since 16.0.0 */ - private $placeholder; + protected $placeholder; /** @var string */ protected $sanitizedPlaceholder; diff --git a/apps/files_external/lib/Config/UserContext.php b/apps/files_external/lib/Config/UserContext.php new file mode 100644 index 00000000000..8fdca68f9b4 --- /dev/null +++ b/apps/files_external/lib/Config/UserContext.php @@ -0,0 +1,66 @@ + + * + * @author Julius Härtl + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCA\Files_External\Config; + +use OCP\IRequest; +use OCP\IUserSession; +use OCP\Share\Exceptions\ShareNotFound; +use OCP\Share\IManager as ShareManager; + +class UserContext { + + /** @var IUserSession */ + private $session; + + /** @var ShareManager */ + private $shareManager; + + /** @var IRequest */ + private $request; + + public function __construct(IUserSession $session, ShareManager $manager, IRequest $request) { + $this->session = $session; + $this->shareManager = $manager; + $this->request = $request; + } + + public function getSession(): IUserSession { + return $this->session; + } + + + protected function getUserId(): ?string { + if($this->session && $this->session->getUser() !== null) { + return $this->session->getUser()->getUID(); + } + try { + $shareToken = $this->request->getParam('token'); + $share = $this->shareManager->getShareByToken($shareToken); + return $share->getShareOwner(); + } catch (ShareNotFound $e) {} + + return null; + } + +} diff --git a/apps/files_external/lib/Config/UserPlaceholderHandler.php b/apps/files_external/lib/Config/UserPlaceholderHandler.php index 721d3bbe02a..e442f84a5dd 100644 --- a/apps/files_external/lib/Config/UserPlaceholderHandler.php +++ b/apps/files_external/lib/Config/UserPlaceholderHandler.php @@ -23,31 +23,20 @@ namespace OCA\Files_External\Config; -use OCP\IUserSession; - -class UserPlaceholderHandler implements IConfigHandler { +class UserPlaceholderHandler extends UserContext implements IConfigHandler { use SimpleSubstitutionTrait; - /** @var IUserSession */ - private $session; - - public function __construct(IUserSession $session) { - $this->session = $session; - $this->placeholder = 'user'; - } - /** * @param mixed $optionValue * @return mixed the same type as $optionValue * @since 16.0.0 */ public function handle($optionValue) { - $user = $this->session->getUser(); - if($user === null) { + $this->placeholder = 'user'; + $uid = $this->getUserId(); + if($uid === null) { return $optionValue; } - $uid = $user->getUID(); - return $this->processInput($optionValue, $uid); } } diff --git a/apps/user_ldap/lib/Handler/ExtStorageConfigHandler.php b/apps/user_ldap/lib/Handler/ExtStorageConfigHandler.php index 98a3cc71263..9445adbd5b6 100644 --- a/apps/user_ldap/lib/Handler/ExtStorageConfigHandler.php +++ b/apps/user_ldap/lib/Handler/ExtStorageConfigHandler.php @@ -25,20 +25,12 @@ namespace OCA\User_LDAP\Handler; use OCA\Files_External\Config\IConfigHandler; use OCA\Files_External\Config\SimpleSubstitutionTrait; +use OCA\Files_External\Config\UserContext; use OCA\User_LDAP\User_Proxy; -use OCP\IUserSession; -class ExtStorageConfigHandler implements IConfigHandler { +class ExtStorageConfigHandler extends UserContext implements IConfigHandler { use SimpleSubstitutionTrait; - /** @var IUserSession */ - private $session; - - public function __construct(IUserSession $session) { - $this->placeholder = 'home'; - $this->session = $session; - } - /** * @param mixed $optionValue * @return mixed the same type as $optionValue @@ -46,7 +38,8 @@ class ExtStorageConfigHandler implements IConfigHandler { * @throws \Exception */ public function handle($optionValue) { - $user = $this->session->getUser(); + $this->placeholder = 'home'; + $user = $this->getSession()->getUser(); if($user === null) { return $optionValue; } -- 2.39.5