From c102b89cd5037b21504292ed0c9ed826b631bd55 Mon Sep 17 00:00:00 2001
From: provokateurin <kate@provokateurin.de>
Date: Thu, 25 Jul 2024 13:14:46 +0200
Subject: [PATCH] refactor(files_external): Replace security annotations with
 respective attributes

Signed-off-by: provokateurin <kate@provokateurin.de>
---
 .../lib/Controller/AjaxController.php            |  6 +++---
 .../lib/Controller/ApiController.php             |  8 +++-----
 .../Controller/UserGlobalStoragesController.php  | 10 ++++------
 .../lib/Controller/UserStoragesController.php    | 16 ++++++----------
 4 files changed, 16 insertions(+), 24 deletions(-)

diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php
index dcc1c1b57de..9faba64416f 100644
--- a/apps/files_external/lib/Controller/AjaxController.php
+++ b/apps/files_external/lib/Controller/AjaxController.php
@@ -9,6 +9,7 @@ namespace OCA\Files_External\Controller;
 use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
 use OCA\Files_External\Lib\Auth\PublicKey\RSA;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\IGroupManager;
 use OCP\IRequest;
@@ -60,9 +61,9 @@ class AjaxController extends Controller {
 	/**
 	 * Generates an SSH public/private key pair.
 	 *
-	 * @NoAdminRequired
 	 * @param int $keyLength
 	 */
+	#[NoAdminRequired]
 	public function getSshKeys($keyLength = 1024) {
 		$key = $this->generateSshKeys($keyLength);
 		return new JSONResponse(
@@ -75,13 +76,12 @@ class AjaxController extends Controller {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * @param string $uid
 	 * @param string $user
 	 * @param string $password
 	 * @return bool
 	 */
+	#[NoAdminRequired]
 	public function saveGlobalCredentials($uid, $user, $password) {
 		$currentUser = $this->userSession->getUser();
 		if ($currentUser === null) {
diff --git a/apps/files_external/lib/Controller/ApiController.php b/apps/files_external/lib/Controller/ApiController.php
index a763f7874c3..56242938593 100644
--- a/apps/files_external/lib/Controller/ApiController.php
+++ b/apps/files_external/lib/Controller/ApiController.php
@@ -14,6 +14,7 @@ use OCA\Files_External\ResponseDefinitions;
 use OCA\Files_External\Service\UserGlobalStoragesService;
 use OCA\Files_External\Service\UserStoragesService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCSController;
@@ -76,14 +77,13 @@ class ApiController extends OCSController {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Get the mount points visible for this user
 	 *
 	 * @return DataResponse<Http::STATUS_OK, Files_ExternalMount[], array{}>
 	 *
 	 * 200: User mounts returned
 	 */
+	#[NoAdminRequired]
 	public function getUserMounts(): DataResponse {
 		$entries = [];
 		$mountPoints = [];
@@ -105,12 +105,10 @@ class ApiController extends OCSController {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 *
 	 * Ask for credentials using a browser's native basic auth prompt
 	 * Then returns it if provided
 	 */
+	#[NoAdminRequired]
 	#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
 	public function askNativeAuth(): DataResponse {
 		if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
diff --git a/apps/files_external/lib/Controller/UserGlobalStoragesController.php b/apps/files_external/lib/Controller/UserGlobalStoragesController.php
index cd6ffae660d..3d364fff57d 100644
--- a/apps/files_external/lib/Controller/UserGlobalStoragesController.php
+++ b/apps/files_external/lib/Controller/UserGlobalStoragesController.php
@@ -15,6 +15,7 @@ use OCA\Files_External\Lib\StorageConfig;
 use OCA\Files_External\NotFoundException;
 use OCA\Files_External\Service\UserGlobalStoragesService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
@@ -64,9 +65,8 @@ class UserGlobalStoragesController extends StoragesController {
 	 * Get all storage entries
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function index() {
 		/** @var UserGlobalStoragesService */
 		$service = $this->service;
@@ -97,9 +97,8 @@ class UserGlobalStoragesController extends StoragesController {
 	 * @param int $id storage id
 	 * @param bool $testOnly whether to storage should only test the connection or do more things
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function show($id, $testOnly = true) {
 		try {
 			$storage = $this->service->getStorage($id);
@@ -135,9 +134,8 @@ class UserGlobalStoragesController extends StoragesController {
 	 * @param bool $testOnly whether to storage should only test the connection or do more things
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function update(
 		$id,
 		$backendOptions,
diff --git a/apps/files_external/lib/Controller/UserStoragesController.php b/apps/files_external/lib/Controller/UserStoragesController.php
index dc59d43d692..a85aa3faa96 100644
--- a/apps/files_external/lib/Controller/UserStoragesController.php
+++ b/apps/files_external/lib/Controller/UserStoragesController.php
@@ -12,6 +12,7 @@ use OCA\Files_External\Lib\StorageConfig;
 use OCA\Files_External\NotFoundException;
 use OCA\Files_External\Service\UserStoragesService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
@@ -69,10 +70,9 @@ class UserStoragesController extends StoragesController {
 	/**
 	 * Get all storage entries
 	 *
-	 * @NoAdminRequired
-	 *
 	 * @return DataResponse
 	 */
+	#[NoAdminRequired]
 	public function index() {
 		return parent::index();
 	}
@@ -80,10 +80,9 @@ class UserStoragesController extends StoragesController {
 	/**
 	 * Return storage
 	 *
-	 * @NoAdminRequired
-	 *
 	 * {@inheritdoc}
 	 */
+	#[NoAdminRequired]
 	public function show($id, $testOnly = true) {
 		return parent::show($id, $testOnly);
 	}
@@ -98,9 +97,8 @@ class UserStoragesController extends StoragesController {
 	 * @param array $mountOptions backend-specific mount options
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function create(
 		$mountPoint,
 		$backend,
@@ -154,9 +152,8 @@ class UserStoragesController extends StoragesController {
 	 * @param bool $testOnly whether to storage should only test the connection or do more things
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function update(
 		$id,
 		$mountPoint,
@@ -205,10 +202,9 @@ class UserStoragesController extends StoragesController {
 	/**
 	 * Delete storage
 	 *
-	 * @NoAdminRequired
-	 *
 	 * {@inheritdoc}
 	 */
+	#[NoAdminRequired]
 	public function destroy($id) {
 		return parent::destroy($id);
 	}
-- 
2.39.5