diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-04-23 22:15:29 +0200 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-04-26 10:35:37 +0200 |
commit | 042340ccf6e7d6408390b91f6904de0425bb3c07 (patch) | |
tree | c1f3f2e98b233e57bf2951497d8832156f5855d6 | |
parent | 6a385dd20bad8d0e6c7d923f77eea7b5f719fddd (diff) | |
download | nextcloud-server-042340ccf6e7d6408390b91f6904de0425bb3c07.tar.gz nextcloud-server-042340ccf6e7d6408390b91f6904de0425bb3c07.zip |
Check if a direct link is expired
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
-rw-r--r-- | apps/dav/lib/Direct/DirectFile.php | 20 | ||||
-rw-r--r-- | apps/dav/lib/Direct/DirectHome.php | 32 |
2 files changed, 31 insertions, 21 deletions
diff --git a/apps/dav/lib/Direct/DirectFile.php b/apps/dav/lib/Direct/DirectFile.php index d327a1752bb..947352c5148 100644 --- a/apps/dav/lib/Direct/DirectFile.php +++ b/apps/dav/lib/Direct/DirectFile.php @@ -46,47 +46,47 @@ class DirectFile implements IFile { $this->rootFolder = $rootFolder; } - function put($data) { + public function put($data) { throw new Forbidden(); } - function get() { + public function get() { $this->getFile(); return $this->file->fopen('rb'); } - function getContentType() { + public function getContentType() { $this->getFile(); return $this->file->getMimeType(); } - function getETag() { + public function getETag() { $this->getFile(); return $this->file->getEtag(); } - function getSize() { + public function getSize() { $this->getFile(); return $this->file->getSize(); } - function delete() { + public function delete() { throw new Forbidden(); } - function getName() { + public function getName() { return $this->direct->getToken(); } - function setName($name) { + public function setName($name) { throw new Forbidden(); } - function getLastModified() { + public function getLastModified() { $this->getFile(); return $this->file->getMTime(); @@ -97,8 +97,6 @@ class DirectFile implements IFile { $userFolder = $this->rootFolder->getUserFolder($this->direct->getUserId()); $files = $userFolder->getById($this->direct->getFileId()); - //TODO check expiration - if ($files === []) { throw new NotFound(); } diff --git a/apps/dav/lib/Direct/DirectHome.php b/apps/dav/lib/Direct/DirectHome.php index 247cca7a3c9..f56815746a5 100644 --- a/apps/dav/lib/Direct/DirectHome.php +++ b/apps/dav/lib/Direct/DirectHome.php @@ -26,6 +26,7 @@ namespace OCA\DAV\Direct; use OCA\DAV\Db\DirectMapper; use OCP\AppFramework\Db\DoesNotExistException; +use OCP\AppFramework\Utility\ITimeFactory; use OCP\Files\IRootFolder; use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\MethodNotAllowed; @@ -40,23 +41,34 @@ class DirectHome implements ICollection { /** @var DirectMapper */ private $mapper; - public function __construct(IRootFolder $rootFolder, DirectMapper $mapper) { + /** @var ITimeFactory */ + private $timeFactory; + + public function __construct(IRootFolder $rootFolder, + DirectMapper $mapper, + ITimeFactory $timeFactory) { $this->rootFolder = $rootFolder; $this->mapper = $mapper; + $this->timeFactory = $timeFactory; } - function createFile($name, $data = null) { + public function createFile($name, $data = null) { throw new Forbidden(); } - function createDirectory($name) { + public function createDirectory($name) { throw new Forbidden(); } - public function getChild($name) { + public function getChild($name): DirectFile { try { $direct = $this->mapper->getByToken($name); + // Expired + if ($direct->getExpiration() >= $this->timeFactory->getTime()) { + throw new NotFound(); + } + return new DirectFile($direct, $this->rootFolder); } catch (DoesNotExistException $e) { //TODO: throttle the ip to avoid brute forcing @@ -65,27 +77,27 @@ class DirectHome implements ICollection { } } - function getChildren() { + public function getChildren() { throw new MethodNotAllowed('Listing members of this collection is disabled'); } - function childExists($name) { + public function childExists($name): bool { return false; } - function delete() { + public function delete() { throw new Forbidden(); } - function getName() { + public function getName(): string { return 'direct'; } - function setName($name) { + public function setName($name) { throw new Forbidden(); } - function getLastModified() { + public function getLastModified(): int { return 0; } |