aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorprovokateurin <kate@provokateurin.de>2024-07-25 13:14:45 +0200
committerprovokateurin <kate@provokateurin.de>2024-07-28 10:53:14 +0200
commit9d6221e0988e3800e2432cb766c407848d68e70a (patch)
tree945420b9a985226df08fd03a439c05b4f6a1d166
parent69a203d26269687ad667269b85097a0445e90d22 (diff)
downloadnextcloud-server-9d6221e0988e3800e2432cb766c407848d68e70a.tar.gz
nextcloud-server-9d6221e0988e3800e2432cb766c407848d68e70a.zip
refactor(dav): Replace security annotations with respective attributes
Signed-off-by: provokateurin <kate@provokateurin.de>
-rw-r--r--apps/dav/lib/Controller/BirthdayCalendarController.php6
-rw-r--r--apps/dav/lib/Controller/DirectController.php4
-rw-r--r--apps/dav/lib/Controller/InvitationResponseController.php22
3 files changed, 16 insertions, 16 deletions
diff --git a/apps/dav/lib/Controller/BirthdayCalendarController.php b/apps/dav/lib/Controller/BirthdayCalendarController.php
index 86620308758..e82c4ad534c 100644
--- a/apps/dav/lib/Controller/BirthdayCalendarController.php
+++ b/apps/dav/lib/Controller/BirthdayCalendarController.php
@@ -7,7 +7,9 @@ namespace OCA\DAV\Controller;
use OCA\DAV\BackgroundJob\GenerateBirthdayCalendarBackgroundJob;
use OCA\DAV\CalDAV\CalDavBackend;
+use OCA\DAV\Settings\CalDAVSettings;
use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Response;
use OCP\BackgroundJob\IJobList;
@@ -70,8 +72,8 @@ class BirthdayCalendarController extends Controller {
/**
* @return Response
- * @AuthorizedAdminSetting(settings=OCA\DAV\Settings\CalDAVSettings)
*/
+ #[AuthorizedAdminSetting(settings: CalDAVSettings::class)]
public function enable() {
$this->config->setAppValue($this->appName, 'generateBirthdayCalendar', 'yes');
@@ -87,8 +89,8 @@ class BirthdayCalendarController extends Controller {
/**
* @return Response
- * @AuthorizedAdminSetting(settings=OCA\DAV\Settings\CalDAVSettings)
*/
+ #[AuthorizedAdminSetting(settings: CalDAVSettings::class)]
public function disable() {
$this->config->setAppValue($this->appName, 'generateBirthdayCalendar', 'no');
diff --git a/apps/dav/lib/Controller/DirectController.php b/apps/dav/lib/Controller/DirectController.php
index 4e3e29d0e6b..77f5b8f5419 100644
--- a/apps/dav/lib/Controller/DirectController.php
+++ b/apps/dav/lib/Controller/DirectController.php
@@ -11,6 +11,7 @@ namespace OCA\DAV\Controller;
use OCA\DAV\Db\Direct;
use OCA\DAV\Db\DirectMapper;
use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSBadRequestException;
use OCP\AppFramework\OCS\OCSForbiddenException;
@@ -69,8 +70,6 @@ class DirectController extends OCSController {
}
/**
- * @NoAdminRequired
- *
* Get a direct link to a file
*
* @param int $fileId ID of the file
@@ -82,6 +81,7 @@ class DirectController extends OCSController {
*
* 200: Direct link returned
*/
+ #[NoAdminRequired]
public function getUrl(int $fileId, int $expirationTime = 60 * 60 * 8): DataResponse {
$userFolder = $this->rootFolder->getUserFolder($this->userId);
diff --git a/apps/dav/lib/Controller/InvitationResponseController.php b/apps/dav/lib/Controller/InvitationResponseController.php
index 4144e58d2cc..678d0d47b28 100644
--- a/apps/dav/lib/Controller/InvitationResponseController.php
+++ b/apps/dav/lib/Controller/InvitationResponseController.php
@@ -10,7 +10,9 @@ namespace OCA\DAV\Controller;
use OCA\DAV\CalDAV\InvitationResponse\InvitationResponseServer;
use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IDBConnection;
@@ -52,12 +54,11 @@ class InvitationResponseController extends Controller {
}
/**
- * @PublicPage
- * @NoCSRFRequired
- *
* @param string $token
* @return TemplateResponse
*/
+ #[PublicPage]
+ #[NoCSRFRequired]
public function accept(string $token):TemplateResponse {
$row = $this->getTokenInformation($token);
if (!$row) {
@@ -76,12 +77,11 @@ class InvitationResponseController extends Controller {
}
/**
- * @PublicPage
- * @NoCSRFRequired
- *
* @param string $token
* @return TemplateResponse
*/
+ #[PublicPage]
+ #[NoCSRFRequired]
public function decline(string $token):TemplateResponse {
$row = $this->getTokenInformation($token);
if (!$row) {
@@ -101,12 +101,11 @@ class InvitationResponseController extends Controller {
}
/**
- * @PublicPage
- * @NoCSRFRequired
- *
* @param string $token
* @return TemplateResponse
*/
+ #[PublicPage]
+ #[NoCSRFRequired]
public function options(string $token):TemplateResponse {
return new TemplateResponse($this->appName, 'schedule-response-options', [
'token' => $token
@@ -114,13 +113,12 @@ class InvitationResponseController extends Controller {
}
/**
- * @PublicPage
- * @NoCSRFRequired
- *
* @param string $token
*
* @return TemplateResponse
*/
+ #[PublicPage]
+ #[NoCSRFRequired]
public function processMoreOptionsResult(string $token):TemplateResponse {
$partstat = $this->request->getParam('partStat');