diff options
| author | yemkareems <yemkareems@gmail.com> | 2024-10-17 11:10:19 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-10-17 11:10:19 +0530 |
| commit | de9f5c4ec6b441100cd3f79f246daf452049fe95 (patch) | |
| tree | f64836d7dee802cc7fe3e5459f22769357e0225a | |
| parent | d4dffc156606e4f721042ff0ce8f9377c23d63a5 (diff) | |
| parent | 1e13776a879989c1edbade539fea1a20f3abed90 (diff) | |
| download | nextcloud-server-de9f5c4ec6b441100cd3f79f246daf452049fe95.tar.gz nextcloud-server-de9f5c4ec6b441100cd3f79f246daf452049fe95.zip | |
Merge pull request #48373 from nextcloud/fix/788/add-password-confirmation-required-to-user-storage-create
fix: add PasswordConfirmationRequired to create user storages endpoint
| -rw-r--r-- | apps/files_external/js/settings.js | 22 | ||||
| -rw-r--r-- | apps/files_external/lib/Controller/UserStoragesController.php | 4 |
2 files changed, 25 insertions, 1 deletions
diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js index 582276cad09..5cbd011bcc1 100644 --- a/apps/files_external/js/settings.js +++ b/apps/files_external/js/settings.js @@ -267,7 +267,6 @@ StorageConfig.prototype = { * @param {Function} [options.error] error callback */ save: function(options) { - var self = this; var url = OC.generateUrl(this._url); var method = 'POST'; if (_.isNumber(this.id)) { @@ -275,6 +274,18 @@ StorageConfig.prototype = { url = OC.generateUrl(this._url + '/{id}', {id: this.id}); } + window.OC.PasswordConfirmation.requirePasswordConfirmation(() => this._save(method, url, options), options.error); + }, + + /** + * Private implementation of the save function (called after potential password confirmation) + * @param {string} method + * @param {string} url + * @param {{success: Function, error: Function}} options + */ + _save: function(method, url, options) { + self = this; + $.ajax({ type: method, url: url, @@ -348,6 +359,15 @@ StorageConfig.prototype = { } return; } + + window.OC.PasswordConfirmation.requirePasswordConfirmation(() => this._destroy(options), options.error) + }, + + /** + * Private implementation of the DELETE method called after password confirmation + * @param {{ success: Function, error: Function }} options + */ + _destroy: function(options) { $.ajax({ type: 'DELETE', url: OC.generateUrl(this._url + '/{id}', {id: this.id}), diff --git a/apps/files_external/lib/Controller/UserStoragesController.php b/apps/files_external/lib/Controller/UserStoragesController.php index ac806fe219c..0cd060b5294 100644 --- a/apps/files_external/lib/Controller/UserStoragesController.php +++ b/apps/files_external/lib/Controller/UserStoragesController.php @@ -13,6 +13,7 @@ use OCA\Files_External\NotFoundException; use OCA\Files_External\Service\UserStoragesService; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\NoAdminRequired; +use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired; use OCP\AppFramework\Http\DataResponse; use OCP\IConfig; use OCP\IGroupManager; @@ -99,6 +100,7 @@ class UserStoragesController extends StoragesController { * @return DataResponse */ #[NoAdminRequired] + #[PasswordConfirmationRequired] public function create( $mountPoint, $backend, @@ -154,6 +156,7 @@ class UserStoragesController extends StoragesController { * @return DataResponse */ #[NoAdminRequired] + #[PasswordConfirmationRequired] public function update( $id, $mountPoint, @@ -205,6 +208,7 @@ class UserStoragesController extends StoragesController { * {@inheritdoc} */ #[NoAdminRequired] + #[PasswordConfirmationRequired] public function destroy($id) { return parent::destroy($id); } |