summaryrefslogtreecommitdiffstats
path: root/apps/files_external/controller/userstoragescontroller.php
diff options
context:
space:
mode:
authorRobin McCorkell <rmccorkell@owncloud.com>2015-08-28 16:15:21 +0100
committerRobin McCorkell <rmccorkell@owncloud.com>2015-08-28 17:28:44 +0100
commitf0c8cfa9a6a5db7134a2490cc562ff2623ce685d (patch)
tree6670e881866d4503fb96b4ba269e1e7edd7fe0af /apps/files_external/controller/userstoragescontroller.php
parentcc88c5f4b84da57c425cbdb7dc8b391b1942b503 (diff)
downloadnextcloud-server-f0c8cfa9a6a5db7134a2490cc562ff2623ce685d.tar.gz
nextcloud-server-f0c8cfa9a6a5db7134a2490cc562ff2623ce685d.zip
Validate permissions for created admin storages, auth mechanism
Backend and auth mechanism permissions are checked on storage creation, both for personal storages and for admin storages
Diffstat (limited to 'apps/files_external/controller/userstoragescontroller.php')
-rw-r--r--apps/files_external/controller/userstoragescontroller.php42
1 files changed, 10 insertions, 32 deletions
diff --git a/apps/files_external/controller/userstoragescontroller.php b/apps/files_external/controller/userstoragescontroller.php
index 9baac3a8031..585ff8eeb00 100644
--- a/apps/files_external/controller/userstoragescontroller.php
+++ b/apps/files_external/controller/userstoragescontroller.php
@@ -62,38 +62,6 @@ class UserStoragesController extends StoragesController {
}
/**
- * Validate storage config
- *
- * @param StorageConfig $storage storage config
- *
- * @return DataResponse|null returns response in case of validation error
- */
- protected function validate(StorageConfig $storage) {
- $result = parent::validate($storage);
-
- if ($result !== null) {
- return $result;
- }
-
- // Verify that the mount point applies for the current user
- // Prevent non-admin users from mounting local storage and other disabled backends
- /** @var Backend */
- $backend = $storage->getBackend();
- if (!$backend->isPermitted(BackendService::USER_PERSONAL, BackendService::PERMISSION_MOUNT)) {
- return new DataResponse(
- array(
- 'message' => (string)$this->l10n->t('Admin-only storage backend "%s"', [
- $storage->getBackend()->getIdentifier()
- ])
- ),
- Http::STATUS_UNPROCESSABLE_ENTITY
- );
- }
-
- return null;
- }
-
- /**
* Return storage
*
* @NoAdminRequired
@@ -218,4 +186,14 @@ class UserStoragesController extends StoragesController {
public function destroy($id) {
return parent::destroy($id);
}
+
+ /**
+ * Get the user type for this controller, used in validation
+ *
+ * @return string BackendService::USER_* constants
+ */
+ protected function getUserType() {
+ return BackendService::USER_PERSONAL;
+ }
+
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-19 09:39:54 +0000