summaryrefslogtreecommitdiffstats
path: root/apps/files
diff options
context:
space:
mode:
authorJulius Härtl <jus@bitgrid.net>2020-08-25 17:12:27 +0200
committerJulius Härtl <jus@bitgrid.net>2020-09-01 11:40:27 +0200
commite0ae37745a85cb08fd24f178d588a8659726f907 (patch)
tree5c18a0eb72d840639d94a0edb1233b1f59ec00ce /apps/files
parent823f94bb0118d297df25ca9443e6c235a45bb5ab (diff)
downloadnextcloud-server-e0ae37745a85cb08fd24f178d588a8659726f907.tar.gz
nextcloud-server-e0ae37745a85cb08fd24f178d588a8659726f907.zip
Do not expose direct editing if no master key is available
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Diffstat (limited to 'apps/files')
-rw-r--r--apps/files/lib/Controller/DirectEditingController.php15
-rw-r--r--apps/files/lib/Service/DirectEditingService.php4
2 files changed, 16 insertions, 3 deletions
diff --git a/apps/files/lib/Controller/DirectEditingController.php b/apps/files/lib/Controller/DirectEditingController.php
index b29316aff32..a2e765072f2 100644
--- a/apps/files/lib/Controller/DirectEditingController.php
+++ b/apps/files/lib/Controller/DirectEditingController.php
@@ -76,6 +76,9 @@ class DirectEditingController extends OCSController {
* @NoAdminRequired
*/
public function create(string $path, string $editorId, string $creatorId, string $templateId = null): DataResponse {
+ if (!$this->directEditingManager->isEnabled()) {
+ return new DataResponse(['message' => 'Direct editing is not enabled'], Http::STATUS_INTERNAL_SERVER_ERROR);
+ }
$this->eventDispatcher->dispatchTyped(new RegisterDirectEditorEvent($this->directEditingManager));
try {
@@ -85,7 +88,7 @@ class DirectEditingController extends OCSController {
]);
} catch (Exception $e) {
$this->logger->logException($e, ['message' => 'Exception when creating a new file through direct editing']);
- return new DataResponse('Failed to create file: ' . $e->getMessage(), Http::STATUS_FORBIDDEN);
+ return new DataResponse(['message' => 'Failed to create file: ' . $e->getMessage()], Http::STATUS_FORBIDDEN);
}
}
@@ -93,6 +96,9 @@ class DirectEditingController extends OCSController {
* @NoAdminRequired
*/
public function open(string $path, string $editorId = null): DataResponse {
+ if (!$this->directEditingManager->isEnabled()) {
+ return new DataResponse(['message' => 'Direct editing is not enabled'], Http::STATUS_INTERNAL_SERVER_ERROR);
+ }
$this->eventDispatcher->dispatchTyped(new RegisterDirectEditorEvent($this->directEditingManager));
try {
@@ -102,7 +108,7 @@ class DirectEditingController extends OCSController {
]);
} catch (Exception $e) {
$this->logger->logException($e, ['message' => 'Exception when opening a file through direct editing']);
- return new DataResponse('Failed to open file: ' . $e->getMessage(), Http::STATUS_FORBIDDEN);
+ return new DataResponse(['message' => 'Failed to open file: ' . $e->getMessage()], Http::STATUS_FORBIDDEN);
}
}
@@ -112,13 +118,16 @@ class DirectEditingController extends OCSController {
* @NoAdminRequired
*/
public function templates(string $editorId, string $creatorId): DataResponse {
+ if (!$this->directEditingManager->isEnabled()) {
+ return new DataResponse(['message' => 'Direct editing is not enabled'], Http::STATUS_INTERNAL_SERVER_ERROR);
+ }
$this->eventDispatcher->dispatchTyped(new RegisterDirectEditorEvent($this->directEditingManager));
try {
return new DataResponse($this->directEditingManager->getTemplates($editorId, $creatorId));
} catch (Exception $e) {
$this->logger->logException($e);
- return new DataResponse('Failed to obtain template list: ' . $e->getMessage(), Http::STATUS_INTERNAL_SERVER_ERROR);
+ return new DataResponse(['message' => 'Failed to obtain template list: ' . $e->getMessage()], Http::STATUS_INTERNAL_SERVER_ERROR);
}
}
}
diff --git a/apps/files/lib/Service/DirectEditingService.php b/apps/files/lib/Service/DirectEditingService.php
index 91e6a0acbb2..cc9ee54d45e 100644
--- a/apps/files/lib/Service/DirectEditingService.php
+++ b/apps/files/lib/Service/DirectEditingService.php
@@ -55,6 +55,10 @@ class DirectEditingService {
'creators' => []
];
+ if (!$this->directEditingManager->isEnabled()) {
+ return $capabilities;
+ }
+
/**
* @var string $id
* @var IEditor $editor