diff options
| author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2019-12-22 14:27:28 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-22 14:27:28 +0100 |
| commit | 04031f606a5ac673cdb1cdb7d76fde99fd748e81 (patch) | |
| tree | 38668780726fdebba83282cad648a1de751dfd01 | |
| parent | 3af63f1593b94c811fbefea6ccfba379c71ef957 (diff) | |
| parent | 0ddb9c01362a74662a4f062683c82c1594c7da01 (diff) | |
| download | nextcloud-server-04031f606a5ac673cdb1cdb7d76fde99fd748e81.tar.gz nextcloud-server-04031f606a5ac673cdb1cdb7d76fde99fd748e81.zip | |
Merge pull request #18478 from nextcloud/fix/direct-editing-invalid-editor-id
Do not generate tokens for editor IDs that do not exist
| -rw-r--r-- | apps/files/lib/Controller/DirectEditingController.php | 6 | ||||
| -rw-r--r-- | lib/private/DirectEditing/Manager.php | 5 |
2 files changed, 8 insertions, 3 deletions
diff --git a/apps/files/lib/Controller/DirectEditingController.php b/apps/files/lib/Controller/DirectEditingController.php index b19d0f3ea1d..099c65f73e6 100644 --- a/apps/files/lib/Controller/DirectEditingController.php +++ b/apps/files/lib/Controller/DirectEditingController.php @@ -89,7 +89,7 @@ class DirectEditingController extends OCSController { ]); } catch (Exception $e) { $this->logger->logException($e, ['message' => 'Exception when creating a new file through direct editing']); - return new DataResponse('Failed to create file', Http::STATUS_FORBIDDEN); + return new DataResponse('Failed to create file: ' . $e->getMessage(), Http::STATUS_FORBIDDEN); } } @@ -106,7 +106,7 @@ class DirectEditingController extends OCSController { ]); } catch (Exception $e) { $this->logger->logException($e, ['message' => 'Exception when opening a file through direct editing']); - return new DataResponse('Failed to open file', Http::STATUS_FORBIDDEN); + return new DataResponse('Failed to open file: ' . $e->getMessage(), Http::STATUS_FORBIDDEN); } } @@ -122,7 +122,7 @@ class DirectEditingController extends OCSController { return new DataResponse($this->directEditingManager->getTemplates($editorId, $creatorId)); } catch (Exception $e) { $this->logger->logException($e); - return new DataResponse('Failed to open file', Http::STATUS_INTERNAL_SERVER_ERROR); + return new DataResponse('Failed to obtain template list: ' . $e->getMessage(), Http::STATUS_INTERNAL_SERVER_ERROR); } } } diff --git a/lib/private/DirectEditing/Manager.php b/lib/private/DirectEditing/Manager.php index a739402d629..a514eaea482 100644 --- a/lib/private/DirectEditing/Manager.php +++ b/lib/private/DirectEditing/Manager.php @@ -45,6 +45,8 @@ use OCP\IUserSession; use OCP\L10N\IFactory; use OCP\Security\ISecureRandom; use OCP\Share\IShare; +use function array_key_exists; +use function in_array; class Manager implements IManager { @@ -140,6 +142,9 @@ class Manager implements IManager { if ($editorId === null) { $editorId = $this->findEditorForFile($file); } + if (!array_key_exists($editorId, $this->editors)) { + throw new \RuntimeException("Editor $editorId is unknown"); + } return $this->createToken($editorId, $file, $filePath); } |