diff options
| author | Robin McCorkell <rmccorkell@owncloud.com> | 2015-09-15 19:36:43 +0100 |
|---|---|---|
| committer | Robin McCorkell <rmccorkell@owncloud.com> | 2015-09-15 19:36:43 +0100 |
| commit | 0667c4363d2777b3534e72afe536eb9a9aa0ef3e (patch) | |
| tree | c6d60bfea748404f01d0208d9ac08680fbbede06 /apps/files_external/lib | |
| parent | 6379b1932ff6440865f765a918ff097849ed785f (diff) | |
| parent | 230029e5090b3deecb941e75bbc34a6bcb98c374 (diff) | |
| download | nextcloud-server-0667c4363d2777b3534e72afe536eb9a9aa0ef3e.tar.gz nextcloud-server-0667c4363d2777b3534e72afe536eb9a9aa0ef3e.zip | |
Merge branch 'master' into smb-workgroup
Diffstat (limited to 'apps/files_external/lib')
34 files changed, 981 insertions, 624 deletions
diff --git a/apps/files_external/lib/amazons3.php b/apps/files_external/lib/amazons3.php index fd98d26f834..7c6ac4cbdd5 100644 --- a/apps/files_external/lib/amazons3.php +++ b/apps/files_external/lib/amazons3.php @@ -122,7 +122,7 @@ class AmazonS3 extends \OC\Files\Storage\Common { $params['region'] = empty($params['region']) ? 'eu-west-1' : $params['region']; $params['hostname'] = empty($params['hostname']) ? 's3.amazonaws.com' : $params['hostname']; if (!isset($params['port']) || $params['port'] === '') { - $params['port'] = ($params['use_ssl'] === 'false') ? 80 : 443; + $params['port'] = ($params['use_ssl'] === false) ? 80 : 443; } $this->params = $params; } @@ -585,7 +585,7 @@ class AmazonS3 extends \OC\Files\Storage\Common { return $this->connection; } - $scheme = ($this->params['use_ssl'] === 'false') ? 'http' : 'https'; + $scheme = ($this->params['use_ssl'] === false) ? 'http' : 'https'; $base_url = $scheme . '://' . $this->params['hostname'] . ':' . $this->params['port'] . '/'; $this->connection = S3Client::factory(array( diff --git a/apps/files_external/lib/auth/amazons3/accesskey.php b/apps/files_external/lib/auth/amazons3/accesskey.php new file mode 100644 index 00000000000..9e3aab374b9 --- /dev/null +++ b/apps/files_external/lib/auth/amazons3/accesskey.php @@ -0,0 +1,47 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\AmazonS3; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; + +/** + * Amazon S3 access key authentication + */ +class AccessKey extends AuthMechanism { + + const SCHEME_AMAZONS3_ACCESSKEY = 'amazons3_accesskey'; + + public function __construct(IL10N $l) { + $this + ->setIdentifier('amazons3::accesskey') + ->setScheme(self::SCHEME_AMAZONS3_ACCESSKEY) + ->setText($l->t('Access key')) + ->addParameters([ + (new DefinitionParameter('key', $l->t('Access key'))), + (new DefinitionParameter('secret', $l->t('Secret key'))) + ->setType(DefinitionParameter::VALUE_PASSWORD), + ]); + } + +} diff --git a/apps/files_external/lib/auth/authmechanism.php b/apps/files_external/lib/auth/authmechanism.php index 11d99bb330d..ddc0c6a4dca 100644 --- a/apps/files_external/lib/auth/authmechanism.php +++ b/apps/files_external/lib/auth/authmechanism.php @@ -22,7 +22,7 @@ namespace OCA\Files_External\Lib\Auth; use \OCA\Files_External\Lib\StorageConfig; -use \OCA\Files_External\Lib\VisibilityTrait; +use \OCA\Files_External\Lib\PermissionsTrait; use \OCA\Files_External\Lib\IdentifierTrait; use \OCA\Files_External\Lib\FrontendDefinitionTrait; use \OCA\Files_External\Lib\StorageModifierTrait; @@ -40,7 +40,7 @@ use \OCA\Files_External\Lib\StorageModifierTrait; * scheme, which are provided from the authentication mechanism. * * This class uses the following traits: - * - VisibilityTrait + * - PermissionsTrait * Restrict usage to admin-only/none * - FrontendDefinitionTrait * Specify configuration parameters and other definitions @@ -58,7 +58,7 @@ class AuthMechanism implements \JsonSerializable { const SCHEME_PUBLICKEY = 'publickey'; const SCHEME_OPENSTACK = 'openstack'; - use VisibilityTrait; + use PermissionsTrait; use FrontendDefinitionTrait; use StorageModifierTrait; use IdentifierTrait; diff --git a/apps/files_external/lib/auth/oauth1/oauth1.php b/apps/files_external/lib/auth/oauth1/oauth1.php new file mode 100644 index 00000000000..3fb1b16aa6d --- /dev/null +++ b/apps/files_external/lib/auth/oauth1/oauth1.php @@ -0,0 +1,53 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\OAuth1; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; + +/** + * OAuth1 authentication + */ +class OAuth1 extends AuthMechanism { + + public function __construct(IL10N $l) { + $this + ->setIdentifier('oauth1::oauth1') + ->setScheme(self::SCHEME_OAUTH1) + ->setText($l->t('OAuth1')) + ->addParameters([ + (new DefinitionParameter('configured', 'configured')) + ->setType(DefinitionParameter::VALUE_HIDDEN), + (new DefinitionParameter('app_key', $l->t('App key'))), + (new DefinitionParameter('app_secret', $l->t('App secret'))) + ->setType(DefinitionParameter::VALUE_PASSWORD), + (new DefinitionParameter('token', 'token')) + ->setType(DefinitionParameter::VALUE_HIDDEN), + (new DefinitionParameter('token_secret', 'token_secret')) + ->setType(DefinitionParameter::VALUE_HIDDEN), + ]) + ->setCustomJs('oauth1') + ; + } + +} diff --git a/apps/files_external/lib/auth/oauth2/oauth2.php b/apps/files_external/lib/auth/oauth2/oauth2.php new file mode 100644 index 00000000000..73faa85a44e --- /dev/null +++ b/apps/files_external/lib/auth/oauth2/oauth2.php @@ -0,0 +1,51 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\OAuth2; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; + +/** + * OAuth2 authentication + */ +class OAuth2 extends AuthMechanism { + + public function __construct(IL10N $l) { + $this + ->setIdentifier('oauth2::oauth2') + ->setScheme(self::SCHEME_OAUTH2) + ->setText($l->t('OAuth2')) + ->addParameters([ + (new DefinitionParameter('configured', 'configured')) + ->setType(DefinitionParameter::VALUE_HIDDEN), + (new DefinitionParameter('client_id', $l->t('Client ID'))), + (new DefinitionParameter('client_secret', $l->t('Client secret'))) + ->setType(DefinitionParameter::VALUE_PASSWORD), + (new DefinitionParameter('token', 'token')) + ->setType(DefinitionParameter::VALUE_HIDDEN), + ]) + ->setCustomJs('oauth2') + ; + } + +} diff --git a/apps/files_external/lib/auth/openstack/openstack.php b/apps/files_external/lib/auth/openstack/openstack.php new file mode 100644 index 00000000000..faf356bcf2e --- /dev/null +++ b/apps/files_external/lib/auth/openstack/openstack.php @@ -0,0 +1,48 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\OpenStack; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; + +/** + * OpenStack Keystone authentication + */ +class OpenStack extends AuthMechanism { + + public function __construct(IL10N $l) { + $this + ->setIdentifier('openstack::openstack') + ->setScheme(self::SCHEME_OPENSTACK) + ->setText($l->t('OpenStack')) + ->addParameters([ + (new DefinitionParameter('user', $l->t('Username'))), + (new DefinitionParameter('password', $l->t('Password'))) + ->setType(DefinitionParameter::VALUE_PASSWORD), + (new DefinitionParameter('tenant', $l->t('Tenant name'))), + (new DefinitionParameter('url', $l->t('Identity endpoint URL'))), + ]) + ; + } + +} diff --git a/apps/files_external/lib/auth/openstack/rackspace.php b/apps/files_external/lib/auth/openstack/rackspace.php new file mode 100644 index 00000000000..9268f3aad87 --- /dev/null +++ b/apps/files_external/lib/auth/openstack/rackspace.php @@ -0,0 +1,46 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\OpenStack; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; + +/** + * Rackspace authentication + */ +class Rackspace extends AuthMechanism { + + public function __construct(IL10N $l) { + $this + ->setIdentifier('openstack::rackspace') + ->setScheme(self::SCHEME_OPENSTACK) + ->setText($l->t('Rackspace')) + ->addParameters([ + (new DefinitionParameter('user', $l->t('Username'))), + (new DefinitionParameter('key', $l->t('API key'))) + ->setType(DefinitionParameter::VALUE_PASSWORD), + ]) + ; + } + +} diff --git a/apps/files_external/lib/auth/publickey/rsa.php b/apps/files_external/lib/auth/publickey/rsa.php new file mode 100644 index 00000000000..f40136dda01 --- /dev/null +++ b/apps/files_external/lib/auth/publickey/rsa.php @@ -0,0 +1,80 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Auth\PublicKey; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Lib\StorageConfig; +use \OCP\IConfig; +use \phpseclib\Crypt\RSA as RSACrypt; + +/** + * RSA public key authentication + */ +class RSA extends AuthMechanism { + + const CREATE_KEY_BITS = 1024; + + /** @var IConfig */ + private $config; + + public function __construct(IL10N $l, IConfig $config) { + $this->config = $config; + + $this + ->setIdentifier('publickey::rsa') + ->setScheme(self::SCHEME_PUBLICKEY) + ->setText($l->t('RSA public key')) + ->addParameters([ + (new DefinitionParameter('user', $l->t('Username'))), + (new DefinitionParameter('public_key', $l->t('Public key'))), + (new DefinitionParameter('private_key', 'private_key')) + ->setType(DefinitionParameter::VALUE_HIDDEN), + ]) + ->setCustomJs('public_key') + ; + } + + public function manipulateStorageConfig(StorageConfig &$storage) { + $auth = new RSACrypt(); + $auth->setPassword($this->config->getSystemValue('secret', '')); + if (!$auth->loadKey($storage->getBackendOption('private_key'))) { + throw new \RuntimeException('unable to load private key'); + } + $storage->setBackendOption('public_key_auth', $auth); + } + + /** + * Generate a keypair + * + * @return array ['privatekey' => $privateKey, 'publickey' => $publicKey] + */ + public function createKey() { + $rsa = new RSACrypt(); + $rsa->setPublicKeyFormat(RSACrypt::PUBLIC_FORMAT_OPENSSH); + $rsa->setPassword($this->config->getSystemValue('secret', '')); + + return $rsa->createKey(self::CREATE_KEY_BITS); + } + +} diff --git a/apps/files_external/lib/backend/amazons3.php b/apps/files_external/lib/backend/amazons3.php new file mode 100644 index 00000000000..1cf62d7cb09 --- /dev/null +++ b/apps/files_external/lib/backend/amazons3.php @@ -0,0 +1,61 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Backend; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\Backend\Backend; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; + +use \OCA\Files_External\Lib\Auth\AmazonS3\AccessKey; + +class AmazonS3 extends Backend { + + use LegacyDependencyCheckPolyfill; + + public function __construct(IL10N $l, AccessKey $legacyAuth) { + $this + ->setIdentifier('amazons3') + ->addIdentifierAlias('\OC\Files\Storage\AmazonS3') // legacy compat + ->setStorageClass('\OC\Files\Storage\AmazonS3') + ->setText($l->t('Amazon S3')) + ->addParameters([ + (new DefinitionParameter('bucket', $l->t('Bucket'))), + (new DefinitionParameter('hostname', $l->t('Hostname'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + (new DefinitionParameter('port', $l->t('Port'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + (new DefinitionParameter('region', $l->t('Region'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + (new DefinitionParameter('use_ssl', $l->t('Enable SSL'))) + ->setType(DefinitionParameter::VALUE_BOOLEAN), + (new DefinitionParameter('use_path_style', $l->t('Enable Path Style'))) + ->setType(DefinitionParameter::VALUE_BOOLEAN), + ]) + ->addAuthScheme(AccessKey::SCHEME_AMAZONS3_ACCESSKEY) + ->setLegacyAuthMechanism($legacyAuth) + ; + } + +} diff --git a/apps/files_external/lib/backend/backend.php b/apps/files_external/lib/backend/backend.php index 90d5d38ed94..2a2add3ac59 100644 --- a/apps/files_external/lib/backend/backend.php +++ b/apps/files_external/lib/backend/backend.php @@ -22,7 +22,7 @@ namespace OCA\Files_External\Lib\Backend; use \OCA\Files_External\Lib\StorageConfig; -use \OCA\Files_External\Lib\VisibilityTrait; +use \OCA\Files_External\Lib\PermissionsTrait; use \OCA\Files_External\Lib\FrontendDefinitionTrait; use \OCA\Files_External\Lib\PriorityTrait; use \OCA\Files_External\Lib\DependencyTrait; @@ -43,7 +43,7 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism; * scheme, which are provided from the authentication mechanism. * * This class uses the following traits: - * - VisibilityTrait + * - PermissionsTrait * Restrict usage to admin-only/none * - FrontendDefinitionTrait * Specify configuration parameters and other definitions @@ -56,7 +56,7 @@ use \OCA\Files_External\Lib\Auth\AuthMechanism; */ class Backend implements \JsonSerializable { - use VisibilityTrait; + use PermissionsTrait; use FrontendDefinitionTrait; use PriorityTrait; use DependencyTrait; diff --git a/apps/files_external/lib/backend/dav.php b/apps/files_external/lib/backend/dav.php index 5ae6d122588..c4f446548e1 100644 --- a/apps/files_external/lib/backend/dav.php +++ b/apps/files_external/lib/backend/dav.php @@ -26,11 +26,14 @@ use \OCA\Files_External\Lib\Backend\Backend; use \OCA\Files_External\Lib\DefinitionParameter; use \OCA\Files_External\Lib\Auth\AuthMechanism; use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; use \OCA\Files_External\Lib\Auth\Password\Password; class DAV extends Backend { + use LegacyDependencyCheckPolyfill; + public function __construct(IL10N $l, Password $legacyAuth) { $this ->setIdentifier('dav') @@ -44,7 +47,6 @@ class DAV extends Backend { (new DefinitionParameter('secure', $l->t('Secure https://'))) ->setType(DefinitionParameter::VALUE_BOOLEAN), ]) - ->setDependencyCheck('\OC\Files\Storage\DAV::checkDependencies') ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) ->setLegacyAuthMechanism($legacyAuth) ; diff --git a/apps/files_external/lib/backend/dropbox.php b/apps/files_external/lib/backend/dropbox.php new file mode 100644 index 00000000000..3e595cb0a9c --- /dev/null +++ b/apps/files_external/lib/backend/dropbox.php @@ -0,0 +1,51 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Backend; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\Backend\Backend; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; + +use \OCA\Files_External\Lib\Auth\OAuth1\OAuth1; + +class Dropbox extends Backend { + + use LegacyDependencyCheckPolyfill; + + public function __construct(IL10N $l, OAuth1 $legacyAuth) { + $this + ->setIdentifier('dropbox') + ->addIdentifierAlias('\OC\Files\Storage\Dropbox') // legacy compat + ->setStorageClass('\OC\Files\Storage\Dropbox') + ->setText($l->t('Dropbox')) + ->addParameters([ + // all parameters handled in OAuth1 mechanism + ]) + ->addAuthScheme(AuthMechanism::SCHEME_OAUTH1) + ->setLegacyAuthMechanism($legacyAuth) + ; + } + +} diff --git a/apps/files_external/lib/backend/ftp.php b/apps/files_external/lib/backend/ftp.php index df6ca37679e..1caf3a8fcb8 100644 --- a/apps/files_external/lib/backend/ftp.php +++ b/apps/files_external/lib/backend/ftp.php @@ -26,11 +26,14 @@ use \OCA\Files_External\Lib\Backend\Backend; use \OCA\Files_External\Lib\DefinitionParameter; use \OCA\Files_External\Lib\Auth\AuthMechanism; use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; use \OCA\Files_External\Lib\Auth\Password\Password; class FTP extends Backend { + use LegacyDependencyCheckPolyfill; + public function __construct(IL10N $l, Password $legacyAuth) { $this ->setIdentifier('ftp') @@ -44,7 +47,6 @@ class FTP extends Backend { (new DefinitionParameter('secure', $l->t('Secure ftps://'))) ->setType(DefinitionParameter::VALUE_BOOLEAN), ]) - ->setDependencyCheck('\OC\Files\Storage\FTP::checkDependencies') ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) ->setLegacyAuthMechanism($legacyAuth) ; diff --git a/apps/files_external/lib/backend/google.php b/apps/files_external/lib/backend/google.php new file mode 100644 index 00000000000..bc0b52c464b --- /dev/null +++ b/apps/files_external/lib/backend/google.php @@ -0,0 +1,51 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Backend; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\Backend\Backend; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; + +use \OCA\Files_External\Lib\Auth\OAuth2\OAuth2; + +class Google extends Backend { + + use LegacyDependencyCheckPolyfill; + + public function __construct(IL10N $l, OAuth2 $legacyAuth) { + $this + ->setIdentifier('googledrive') + ->addIdentifierAlias('\OC\Files\Storage\Google') // legacy compat + ->setStorageClass('\OC\Files\Storage\Google') + ->setText($l->t('Google Drive')) + ->addParameters([ + // all parameters handled in OAuth2 mechanism + ]) + ->addAuthScheme(AuthMechanism::SCHEME_OAUTH2) + ->setLegacyAuthMechanism($legacyAuth) + ; + } + +} diff --git a/apps/files_external/lib/backend/legacybackend.php b/apps/files_external/lib/backend/legacybackend.php index 0f60c2caa47..83a5b45940d 100644 --- a/apps/files_external/lib/backend/legacybackend.php +++ b/apps/files_external/lib/backend/legacybackend.php @@ -24,12 +24,21 @@ namespace OCA\Files_External\Lib\Backend; use \OCA\Files_External\Lib\DefinitionParameter; use \OCA\Files_External\Lib\Backend\Backend; use \OCA\Files_External\Lib\Auth\Builtin; +use \OCA\Files_External\Lib\MissingDependency; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; /** * Legacy compatibility for OC_Mount_Config::registerBackend() */ class LegacyBackend extends Backend { + use LegacyDependencyCheckPolyfill { + LegacyDependencyCheckPolyfill::checkDependencies as doCheckDependencies; + } + + /** @var bool */ + protected $hasDependencies = false; + /** * @param string $class * @param array $definition @@ -78,8 +87,18 @@ class LegacyBackend extends Backend { $this->setCustomJs($definition['custom']); } if (isset($definition['has_dependencies']) && $definition['has_dependencies']) { - $this->setDependencyCheck($class . '::checkDependencies'); + $this->hasDependencies = true; + } + } + + /** + * @return MissingDependency[] + */ + public function checkDependencies() { + if ($this->hasDependencies) { + return $this->doCheckDependencies(); } + return []; } } diff --git a/apps/files_external/lib/backend/local.php b/apps/files_external/lib/backend/local.php index a80b437fab7..a6635491b6e 100644 --- a/apps/files_external/lib/backend/local.php +++ b/apps/files_external/lib/backend/local.php @@ -39,7 +39,7 @@ class Local extends Backend { ->addParameters([ (new DefinitionParameter('datadir', $l->t('Location'))), ]) - ->setAllowedVisibility(BackendService::VISIBILITY_ADMIN) + ->setAllowedPermissions(BackendService::USER_PERSONAL, BackendService::PERMISSION_NONE) ->setPriority(BackendService::PRIORITY_DEFAULT + 50) ->addAuthScheme(AuthMechanism::SCHEME_NULL) ->setLegacyAuthMechanism($legacyAuth) diff --git a/apps/files_external/lib/backend/sftp.php b/apps/files_external/lib/backend/sftp.php index dd0f5d8e2e0..c0bcd27c54b 100644 --- a/apps/files_external/lib/backend/sftp.php +++ b/apps/files_external/lib/backend/sftp.php @@ -43,6 +43,7 @@ class SFTP extends Backend { ->setFlag(DefinitionParameter::FLAG_OPTIONAL), ]) ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) + ->addAuthScheme(AuthMechanism::SCHEME_PUBLICKEY) ->setLegacyAuthMechanism($legacyAuth) ; } diff --git a/apps/files_external/lib/backend/sftp_key.php b/apps/files_external/lib/backend/sftp_key.php new file mode 100644 index 00000000000..6a75172026d --- /dev/null +++ b/apps/files_external/lib/backend/sftp_key.php @@ -0,0 +1,50 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Backend; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\Backend\Backend; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\Auth\PublicKey\RSA; + +class SFTP_Key extends Backend { + + public function __construct(IL10N $l, RSA $legacyAuth) { + $this + ->setIdentifier('\OC\Files\Storage\SFTP_Key') + ->setStorageClass('\OC\Files\Storage\SFTP') + ->setText($l->t('SFTP with secret key login [DEPRECATED]')) + ->addParameters([ + (new DefinitionParameter('host', $l->t('Host'))), + (new DefinitionParameter('root', $l->t('Remote subfolder'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + ]) + ->removeAllowedPermission(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE) + ->removeAllowedPermission(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE) + ->addAuthScheme(AuthMechanism::SCHEME_PUBLICKEY) + ->setLegacyAuthMechanism($legacyAuth) + ; + } + +} diff --git a/apps/files_external/lib/backend/smb.php b/apps/files_external/lib/backend/smb.php index dc15f6d3dbf..0613d3112ee 100644 --- a/apps/files_external/lib/backend/smb.php +++ b/apps/files_external/lib/backend/smb.php @@ -26,11 +26,14 @@ use \OCA\Files_External\Lib\Backend\Backend; use \OCA\Files_External\Lib\DefinitionParameter; use \OCA\Files_External\Lib\Auth\AuthMechanism; use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; use \OCA\Files_External\Lib\Auth\Password\Password; class SMB extends Backend { + use LegacyDependencyCheckPolyfill; + public function __construct(IL10N $l, Password $legacyAuth) { $this ->setIdentifier('smb') @@ -45,7 +48,6 @@ class SMB extends Backend { (new DefinitionParameter('domain', $l->t('Domain'))) ->setFlag(DefinitionParameter::FLAG_OPTIONAL), ]) - ->setDependencyCheck('\OC\Files\Storage\SMB::checkDependencies') ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) ->setLegacyAuthMechanism($legacyAuth) ; diff --git a/apps/files_external/lib/backend/smb_oc.php b/apps/files_external/lib/backend/smb_oc.php new file mode 100644 index 00000000000..d21b0ddaf42 --- /dev/null +++ b/apps/files_external/lib/backend/smb_oc.php @@ -0,0 +1,71 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Backend; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\Backend\Backend; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\Auth\Password\SessionCredentials; +use \OCA\Files_External\Lib\StorageConfig; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; + +/** + * Deprecated SMB_OC class - use SMB with the password::sessioncredentials auth mechanism + */ +class SMB_OC extends Backend { + + use LegacyDependencyCheckPolyfill; + + public function __construct(IL10N $l, SessionCredentials $legacyAuth) { + $this + ->setIdentifier('\OC\Files\Storage\SMB_OC') + ->setStorageClass('\OC\Files\Storage\SMB') + ->setText($l->t('SMB / CIFS using OC login [DEPRECATED]')) + ->addParameters([ + (new DefinitionParameter('host', $l->t('Host'))), + (new DefinitionParameter('username_as_share', $l->t('Username as share'))) + ->setType(DefinitionParameter::VALUE_BOOLEAN), + (new DefinitionParameter('share', $l->t('Share'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + (new DefinitionParameter('root', $l->t('Remote subfolder'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + ]) + ->removeAllowedPermission(BackendService::USER_PERSONAL, BackendService::PERMISSION_CREATE) + ->removeAllowedPermission(BackendService::USER_ADMIN, BackendService::PERMISSION_CREATE) + ->setPriority(BackendService::PRIORITY_DEFAULT - 10) + ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) + ->setLegacyAuthMechanism($legacyAuth) + ; + } + + public function manipulateStorageConfig(StorageConfig &$storage) { + $username_as_share = ($storage->getBackendOption('username_as_share') === true); + + if ($username_as_share) { + $share = '/' . $storage->getBackendOption('user'); + $storage->setBackendOption('share', $share); + } + } + +} diff --git a/apps/files_external/lib/backend/swift.php b/apps/files_external/lib/backend/swift.php new file mode 100644 index 00000000000..2e14855206c --- /dev/null +++ b/apps/files_external/lib/backend/swift.php @@ -0,0 +1,62 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib\Backend; + +use \OCP\IL10N; +use \OCA\Files_External\Lib\Backend\Backend; +use \OCA\Files_External\Lib\DefinitionParameter; +use \OCA\Files_External\Lib\Auth\AuthMechanism; +use \OCA\Files_External\Service\BackendService; +use \OCA\Files_External\Lib\Auth\OpenStack\OpenStack; +use \OCA\Files_External\Lib\Auth\OpenStack\Rackspace; +use \OCA\Files_External\Lib\LegacyDependencyCheckPolyfill; + +class Swift extends Backend { + + use LegacyDependencyCheckPolyfill; + + public function __construct(IL10N $l, OpenStack $openstackAuth, Rackspace $rackspaceAuth) { + $this + ->setIdentifier('swift') + ->addIdentifierAlias('\OC\Files\Storage\Swift') // legacy compat + ->setStorageClass('\OC\Files\Storage\Swift') + ->setText($l->t('OpenStack Object Storage')) + ->addParameters([ + (new DefinitionParameter('service_name', $l->t('Service name'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + (new DefinitionParameter('region', $l->t('Region'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + (new DefinitionParameter('bucket', $l->t('Bucket'))), + (new DefinitionParameter('timeout', $l->t('Request timeout (seconds)'))) + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), + ]) + ->addAuthScheme(AuthMechanism::SCHEME_OPENSTACK) + ->setLegacyAuthMechanismCallback(function(array $params) use ($openstackAuth, $rackspaceAuth) { + if (isset($params['options']['key']) && $params['options']['key']) { + return $rackspaceAuth; + } + return $openstackAuth; + }) + ; + } + +} diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php index b4c6867a26c..2dc7de30a6c 100644 --- a/apps/files_external/lib/config.php +++ b/apps/files_external/lib/config.php @@ -81,9 +81,7 @@ class OC_Mount_Config { * @param array $data */ public static function initMountPointsHook($data) { - self::addStorageIdToConfig(null); if ($data['user']) { - self::addStorageIdToConfig($data['user']); $user = \OC::$server->getUserManager()->get($data['user']); if (!$user) { \OC::$server->getLogger()->warning( @@ -210,7 +208,6 @@ class OC_Mount_Config { 'users' => $storage->getApplicableUsers(), ]; $mountEntry['id'] = $storage->getId(); - // $mountEntry['storage_id'] = null; // we don't store this! return $mountEntry; } @@ -230,7 +227,9 @@ class OC_Mount_Config { } } } else { - $input = str_replace('$user', $user, $input); + if (is_string($input)) { + $input = str_replace('$user', $user, $input); + } } return $input; } @@ -308,14 +307,6 @@ class OC_Mount_Config { $file = $config->getSystemValue('mount_file', $datadir . '/mount.json'); } - foreach ($data as &$applicables) { - foreach ($applicables as &$mountPoints) { - foreach ($mountPoints as &$options) { - self::addStorageId($options); - } - } - } - $content = json_encode($data, JSON_PRETTY_PRINT); @file_put_contents($file, $content); @chmod($file, 0640); @@ -490,60 +481,4 @@ class OC_Mount_Config { ); return hash('md5', $data); } - - /** - * Add storage id to the storage configurations that did not have any. - * - * @param string $user user for which to process storage configs - */ - private static function addStorageIdToConfig($user) { - $config = self::readData($user); - - $needUpdate = false; - foreach ($config as &$applicables) { - foreach ($applicables as &$mountPoints) { - foreach ($mountPoints as &$options) { - $needUpdate |= !isset($options['storage_id']); - } - } - } - - if ($needUpdate) { - self::writeData($user, $config); - } - } - - /** - * Get storage id from the numeric storage id and set - * it into the given options argument. Only do this - * if there was no storage id set yet. - * - * This might also fail if a storage wasn't fully configured yet - * and couldn't be mounted, in which case this will simply return false. - * - * @param array $options storage options - * - * @return bool true if the storage id was added, false otherwise - */ - private static function addStorageId(&$options) { - if (isset($options['storage_id'])) { - return false; - } - - $service = self::$app->getContainer()->query('OCA\Files_External\Service\BackendService'); - $class = $service->getBackend($options['backend'])->getStorageClass(); - try { - /** @var \OC\Files\Storage\Storage $storage */ - $storage = new $class($options['options']); - // TODO: introduce StorageConfigException - } catch (\Exception $e) { - // storage might not be fully configured yet (ex: Dropbox) - // note that storage instances aren't supposed to open any connections - // in the constructor, so this exception is likely to be a config exception - return false; - } - - $options['storage_id'] = $storage->getCache()->getNumericStorageId(); - return true; - } } diff --git a/apps/files_external/lib/config/configadapter.php b/apps/files_external/lib/config/configadapter.php index a15d9e06a5f..a255a7b3d25 100644 --- a/apps/files_external/lib/config/configadapter.php +++ b/apps/files_external/lib/config/configadapter.php @@ -74,6 +74,9 @@ class ConfigAdapter implements IMountProvider { $objectStore = $storage->getBackendOption('objectstore'); if ($objectStore) { $objectClass = $objectStore['class']; + if (!is_subclass_of($objectClass, '\OCP\Files\ObjectStore\IObjectStore')) { + throw new \InvalidArgumentException('Invalid object store'); + } $storage->setBackendOption('objectstore', new $objectClass($objectStore)); } diff --git a/apps/files_external/lib/definitionparameter.php b/apps/files_external/lib/definitionparameter.php index 4b560908b69..7f883e5fad1 100644 --- a/apps/files_external/lib/definitionparameter.php +++ b/apps/files_external/lib/definitionparameter.php @@ -154,22 +154,31 @@ class DefinitionParameter implements \JsonSerializable { /** * Validate a parameter value against this + * Convert type as necessary * * @param mixed $value Value to check * @return bool success */ - public function validateValue($value) { - if ($this->getFlags() & self::FLAG_OPTIONAL) { - return true; - } + public function validateValue(&$value) { + $optional = $this->getFlags() & self::FLAG_OPTIONAL; + switch ($this->getType()) { case self::VALUE_BOOLEAN: if (!is_bool($value)) { - return false; + switch ($value) { + case 'true': + $value = true; + break; + case 'false': + $value = false; + break; + default: + return false; + } } break; default: - if (empty($value)) { + if (!$value && !$optional) { return false; } break; diff --git a/apps/files_external/lib/dependencytrait.php b/apps/files_external/lib/dependencytrait.php index 116421eab14..f0d6d6080e5 100644 --- a/apps/files_external/lib/dependencytrait.php +++ b/apps/files_external/lib/dependencytrait.php @@ -28,58 +28,13 @@ use \OCA\Files_External\Lib\MissingDependency; */ trait DependencyTrait { - /** @var callable|null dependency check */ - private $dependencyCheck = null; - - /** - * @return bool - */ - public function hasDependencies() { - return !is_null($this->dependencyCheck); - } - - /** - * @param callable $dependencyCheck - * @return self - */ - public function setDependencyCheck(callable $dependencyCheck) { - $this->dependencyCheck = $dependencyCheck; - return $this; - } - /** * Check if object is valid for use * * @return MissingDependency[] Unsatisfied dependencies */ public function checkDependencies() { - $ret = []; - - if ($this->hasDependencies()) { - $result = call_user_func($this->dependencyCheck); - if ($result !== true) { - if (!is_array($result)) { - $result = [$result]; - } - foreach ($result as $key => $value) { - if (!($value instanceof MissingDependency)) { - $module = null; - $message = null; - if (is_numeric($key)) { - $module = $value; - } else { - $module = $key; - $message = $value; - } - $value = new MissingDependency($module, $this); - $value->setMessage($message); - } - $ret[] = $value; - } - } - } - - return $ret; + return []; // no dependencies by default } } diff --git a/apps/files_external/lib/frontenddefinitiontrait.php b/apps/files_external/lib/frontenddefinitiontrait.php index 4b826372d2f..a5fb1a3f62f 100644 --- a/apps/files_external/lib/frontenddefinitiontrait.php +++ b/apps/files_external/lib/frontenddefinitiontrait.php @@ -134,12 +134,12 @@ trait FrontendDefinitionTrait { * @return bool */ public function validateStorageDefinition(StorageConfig $storage) { - $options = $storage->getBackendOptions(); foreach ($this->getParameters() as $name => $parameter) { - $value = isset($options[$name]) ? $options[$name] : null; + $value = $storage->getBackendOption($name); if (!$parameter->validateValue($value)) { return false; } + $storage->setBackendOption($name, $value); } return true; } diff --git a/apps/files_external/lib/ftp.php b/apps/files_external/lib/ftp.php index aeca17c4f4c..f3631e53fa1 100644 --- a/apps/files_external/lib/ftp.php +++ b/apps/files_external/lib/ftp.php @@ -45,11 +45,7 @@ class FTP extends \OC\Files\Storage\StreamWrapper{ $this->user=$params['user']; $this->password=$params['password']; if (isset($params['secure'])) { - if (is_string($params['secure'])) { - $this->secure = ($params['secure'] === 'true'); - } else { - $this->secure = (bool)$params['secure']; - } + $this->secure = $params['secure']; } else { $this->secure = false; } diff --git a/apps/files_external/lib/google.php b/apps/files_external/lib/google.php index e29b1036244..94f954178c0 100644 --- a/apps/files_external/lib/google.php +++ b/apps/files_external/lib/google.php @@ -248,8 +248,6 @@ class Google extends \OC\Files\Storage\Common { } public function opendir($path) { - // Remove leading and trailing slashes - $path = trim($path, '/'); $folder = $this->getDriveFile($path); if ($folder) { $files = array(); diff --git a/apps/files_external/lib/legacydependencycheckpolyfill.php b/apps/files_external/lib/legacydependencycheckpolyfill.php new file mode 100644 index 00000000000..7bb137fb3e1 --- /dev/null +++ b/apps/files_external/lib/legacydependencycheckpolyfill.php @@ -0,0 +1,70 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@owncloud.com> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib; + +use \OCA\Files_External\Lib\MissingDependency; + +/** + * Polyfill for checking dependencies using legacy Storage::checkDependencies() + */ +trait LegacyDependencyCheckPolyfill { + + /** + * @return string + */ + abstract public function getStorageClass(); + + /** + * Check if object is valid for use + * + * @return MissingDependency[] Unsatisfied dependencies + */ + public function checkDependencies() { + $ret = []; + + $result = call_user_func([$this->getStorageClass(), 'checkDependencies']); + if ($result !== true) { + if (!is_array($result)) { + $result = [$result]; + } + foreach ($result as $key => $value) { + if (!($value instanceof MissingDependency)) { + $module = null; + $message = null; + if (is_numeric($key)) { + $module = $value; + } else { + $module = $key; + $message = $value; + } + $value = new MissingDependency($module, $this); + $value->setMessage($message); + } + $ret[] = $value; + } + } + + return $ret; + } + +} + diff --git a/apps/files_external/lib/permissionstrait.php b/apps/files_external/lib/permissionstrait.php new file mode 100644 index 00000000000..8509a01e422 --- /dev/null +++ b/apps/files_external/lib/permissionstrait.php @@ -0,0 +1,164 @@ +<?php +/** + * @author Robin McCorkell <rmccorkell@karoshi.org.uk> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\Files_External\Lib; + +use \OCA\Files_External\Service\BackendService; + +/** + * Trait to implement backend and auth mechanism permissions + * + * For user type constants, see BackendService::USER_* + * For permission constants, see BackendService::PERMISSION_* + */ +trait PermissionsTrait { + + /** @var array [user type => permissions] */ + protected $permissions = [ + BackendService::USER_PERSONAL => BackendService::PERMISSION_DEFAULT, + BackendService::USER_ADMIN => BackendService::PERMISSION_DEFAULT, + ]; + + /** @var array [user type => allowed permissions] */ + protected $allowedPermissions = [ + BackendService::USER_PERSONAL => BackendService::PERMISSION_DEFAULT, + BackendService::USER_ADMIN => BackendService::PERMISSION_DEFAULT, + ]; + + /** + * @param string $userType + * @return int + */ + public function getPermissions($userType) { + if (isset($this->permissions[$userType])) { + return $this->permissions[$userType]; + } + return BackendService::PERMISSION_NONE; + } + + /** + * Check if the user type has permission + * + * @param string $userType + * @param int $permission + * @return bool + */ + public function isPermitted($userType, $permission) { + if ($this->getPermissions($userType) & $permission) { + return true; + } + return false; + } + + /** + * @param string $userType + * @param int $permissions + * @return self + */ + public function setPermissions($userType, $permissions) { + $this->permissions[$userType] = $permissions; + $this->allowedPermissions[$userType] = + $this->getAllowedPermissions($userType) | $permissions; + return $this; + } + + /** + * @param string $userType + * @param int $permission + * @return self + */ + public function addPermission($userType, $permission) { + return $this->setPermissions($userType, + $this->getPermissions($userType) | $permission + ); + } + + /** + * @param string $userType + * @param int $permission + * @return self + */ + public function removePermission($userType, $permission) { + return $this->setPermissions($userType, + $this->getPermissions($userType) & ~$permission + ); + } + + /** + * @param string $userType + * @return int + */ + public function getAllowedPermissions($userType) { + if (isset($this->allowedPermissions[$userType])) { + return $this->allowedPermissions[$userType]; + } + return BackendService::PERMISSION_NONE; + } + + /** + * Check if the user type has an allowed permission + * + * @param string $userType + * @param int $permission + * @return bool + */ + public function isAllowedPermitted($userType, $permission) { + if ($this->getAllowedPermissions($userType) & $permission) { + return true; + } + return false; + } + + /** + * @param string $userType + * @param int $permissions + * @return self + */ + public function setAllowedPermissions($userType, $permissions) { + $this->allowedPermissions[$userType] = $permissions; + $this->permissions[$userType] = + $this->getPermissions($userType) & $permissions; + return $this; + } + + /** + * @param string $userType + * @param int $permission + * @return self + */ + public function addAllowedPermission($userType, $permission) { + return $this->setAllowedPermissions($userType, + $this->getAllowedPermissions($userType) | $permission + ); + } + + /** + * @param string $userType + * @param int $permission + * @return self + */ + public function removeAllowedPermission($userType, $permission) { + return $this->setAllowedPermissions($userType, + $this->getAllowedPermissions($userType) & ~$permission + ); + } + +} diff --git a/apps/files_external/lib/sftp.php b/apps/files_external/lib/sftp.php index 7f921b5342f..921e7283c66 100644 --- a/apps/files_external/lib/sftp.php +++ b/apps/files_external/lib/sftp.php @@ -40,10 +40,11 @@ use phpseclib\Net\SFTP\Stream; class SFTP extends \OC\Files\Storage\Common { private $host; private $user; - private $password; private $root; private $port = 22; + private $auth; + /** * @var SFTP */ @@ -73,8 +74,15 @@ class SFTP extends \OC\Files\Storage\Common { } $this->user = $params['user']; - $this->password - = isset($params['password']) ? $params['password'] : ''; + + if (isset($params['public_key_auth'])) { + $this->auth = $params['public_key_auth']; + } elseif (isset($params['password'])) { + $this->auth = $params['password']; + } else { + throw new \UnexpectedValueException('no authentication parameters specified'); + } + $this->root = isset($params['root']) ? $this->cleanPath($params['root']) : '/'; @@ -112,7 +120,7 @@ class SFTP extends \OC\Files\Storage\Common { $this->writeHostKeys($hostKeys); } - if (!$this->client->login($this->user, $this->password)) { + if (!$this->client->login($this->user, $this->auth)) { throw new \Exception('Login failed'); } return $this->client; @@ -125,7 +133,6 @@ class SFTP extends \OC\Files\Storage\Common { if ( !isset($this->host) || !isset($this->user) - || !isset($this->password) ) { return false; } diff --git a/apps/files_external/lib/sftp_key.php b/apps/files_external/lib/sftp_key.php deleted file mode 100644 index a193b323678..00000000000 --- a/apps/files_external/lib/sftp_key.php +++ /dev/null @@ -1,215 +0,0 @@ -<?php -/** - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Ross Nicoll <jrn@jrn.me.uk> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ -namespace OC\Files\Storage; - -use phpseclib\Crypt\RSA; - -class SFTP_Key extends \OC\Files\Storage\SFTP { - private $publicKey; - private $privateKey; - - /** - * {@inheritdoc} - */ - public function __construct($params) { - parent::__construct($params); - $this->publicKey = $params['public_key']; - $this->privateKey = $params['private_key']; - } - - /** - * Returns the connection. - * - * @return \phpseclib\Net\SFTP connected client instance - * @throws \Exception when the connection failed - */ - public function getConnection() { - if (!is_null($this->client)) { - return $this->client; - } - - $hostKeys = $this->readHostKeys(); - $this->client = new \phpseclib\Net\SFTP($this->getHost()); - - // The SSH Host Key MUST be verified before login(). - $currentHostKey = $this->client->getServerPublicHostKey(); - if (array_key_exists($this->getHost(), $hostKeys)) { - if ($hostKeys[$this->getHost()] !== $currentHostKey) { - throw new \Exception('Host public key does not match known key'); - } - } else { - $hostKeys[$this->getHost()] = $currentHostKey; - $this->writeHostKeys($hostKeys); - } - - $key = $this->getPrivateKey(); - if (is_null($key)) { - throw new \Exception('Secret key could not be loaded'); - } - if (!$this->client->login($this->getUser(), $key)) { - throw new \Exception('Login failed'); - } - return $this->client; - } - - /** - * Returns the private key to be used for authentication to the remote server. - * - * @return RSA instance or null in case of a failure to load the key. - */ - private function getPrivateKey() { - $key = new RSA(); - $key->setPassword(\OC::$server->getConfig()->getSystemValue('secret', '')); - if (!$key->loadKey($this->privateKey)) { - // Should this exception rather than return null? - return null; - } - return $key; - } - - /** - * Throws an exception if the provided host name/address is invalid (cannot be resolved - * and is not an IPv4 address). - * - * @return true; never returns in case of a problem, this return value is used just to - * make unit tests happy. - */ - public function assertHostAddressValid($hostname) { - // TODO: Should handle IPv6 addresses too - if (!preg_match('/^\d+\.\d+\.\d+\.\d+$/', $hostname) && gethostbyname($hostname) === $hostname) { - // Hostname is not an IPv4 address and cannot be resolved via DNS - throw new \InvalidArgumentException('Cannot resolve hostname.'); - } - return true; - } - - /** - * Throws an exception if the provided port number is invalid (cannot be resolved - * and is not an IPv4 address). - * - * @return true; never returns in case of a problem, this return value is used just to - * make unit tests happy. - */ - public function assertPortNumberValid($port) { - if (!preg_match('/^\d+$/', $port)) { - throw new \InvalidArgumentException('Port number must be a number.'); - } - if ($port < 0 || $port > 65535) { - throw new \InvalidArgumentException('Port number must be between 0 and 65535 inclusive.'); - } - return true; - } - - /** - * Replaces anything that's not an alphanumeric character or "." in a hostname - * with "_", to make it safe for use as part of a file name. - */ - protected function sanitizeHostName($name) { - return preg_replace('/[^\d\w\._]/', '_', $name); - } - - /** - * Replaces anything that's not an alphanumeric character or "_" in a username - * with "_", to make it safe for use as part of a file name. - */ - protected function sanitizeUserName($name) { - return preg_replace('/[^\d\w_]/', '_', $name); - } - - public function test() { - - // FIXME: Use as expression in empty once PHP 5.4 support is dropped - $host = $this->getHost(); - if (empty($host)) { - \OC::$server->getLogger()->warning('Hostname has not been specified'); - return false; - } - // FIXME: Use as expression in empty once PHP 5.4 support is dropped - $user = $this->getUser(); - if (empty($user)) { - \OC::$server->getLogger()->warning('Username has not been specified'); - return false; - } - if (!isset($this->privateKey)) { - \OC::$server->getLogger()->warning('Private key was missing from the request'); - return false; - } - - // Sanity check the host - $hostParts = explode(':', $this->getHost()); - try { - if (count($hostParts) == 1) { - $hostname = $hostParts[0]; - $this->assertHostAddressValid($hostname); - } else if (count($hostParts) == 2) { - $hostname = $hostParts[0]; - $this->assertHostAddressValid($hostname); - $this->assertPortNumberValid($hostParts[1]); - } else { - throw new \Exception('Host connection string is invalid.'); - } - } catch(\Exception $e) { - \OC::$server->getLogger()->warning($e->getMessage()); - return false; - } - - // Validate the key - $key = $this->getPrivateKey(); - if (is_null($key)) { - \OC::$server->getLogger()->warning('Secret key could not be loaded'); - return false; - } - - try { - if ($this->getConnection()->nlist() === false) { - return false; - } - } catch(\Exception $e) { - // We should be throwing a more specific error, so we're not just catching - // Exception here - \OC::$server->getLogger()->warning($e->getMessage()); - return false; - } - - // Save the key somewhere it can easily be extracted later - if (\OC::$server->getUserSession()->getUser()) { - $view = new \OC\Files\View('/'.\OC::$server->getUserSession()->getUser()->getUId().'/files_external/sftp_keys'); - if (!$view->is_dir('')) { - if (!$view->mkdir('')) { - \OC::$server->getLogger()->warning('Could not create secret key directory.'); - return false; - } - } - $key_filename = $this->sanitizeUserName($this->getUser()).'@'.$this->sanitizeHostName($hostname).'.pub'; - $key_file = $view->fopen($key_filename, "w"); - if ($key_file) { - fwrite($key_file, $this->publicKey); - fclose($key_file); - } else { - \OC::$server->getLogger()->warning('Could not write secret key file.'); - } - } - - return true; - } -} diff --git a/apps/files_external/lib/smb_oc.php b/apps/files_external/lib/smb_oc.php deleted file mode 100644 index 52b73c46ff9..00000000000 --- a/apps/files_external/lib/smb_oc.php +++ /dev/null @@ -1,126 +0,0 @@ -<?php -/** - * @author Lukas Reschke <lukas@owncloud.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <icewind@owncloud.com> - * @author Robin McCorkell <rmccorkell@karoshi.org.uk> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OC\Files\Storage; - - -use Icewind\SMB\Exception\AccessDeniedException; -use Icewind\SMB\Exception\Exception; -use Icewind\SMB\Server; - -class SMB_OC extends SMB { - private $username_as_share; - - /** - * @param array $params - * @throws \Exception - */ - public function __construct($params) { - if (isset($params['host'])) { - $host = $params['host']; - $this->username_as_share = ($params['username_as_share'] === 'true'); - - // dummy credentials, unused, to satisfy constructor - $user = 'foo'; - $password = 'bar'; - if (\OC::$server->getSession()->exists('smb-credentials')) { - $params_auth = json_decode(\OC::$server->getCrypto()->decrypt(\OC::$server->getSession()->get('smb-credentials')), true); - $user = \OC::$server->getSession()->get('loginname'); - $password = $params_auth['password']; - } else { - // assume we are testing from the admin section - } - - $root = isset($params['root']) ? $params['root'] : '/'; - $share = ''; - - if ($this->username_as_share) { - $share = '/' . $user; - } elseif (isset($params['share'])) { - $share = $params['share']; - } else { - throw new \Exception(); - } - parent::__construct(array( - "user" => $user, - "password" => $password, - "host" => $host, - "share" => $share, - "root" => $root - )); - } else { - throw new \Exception(); - } - } - - - /** - * Intercepts the user credentials on login and stores them - * encrypted inside the session if SMB_OC storage is enabled. - * @param array $params - */ - public static function login($params) { - $mountpoints = \OC_Mount_Config::getAbsoluteMountPoints($params['uid']); - $mountpointClasses = array(); - foreach($mountpoints as $mountpoint) { - $mountpointClasses[$mountpoint['class']] = true; - } - if(isset($mountpointClasses['\OC\Files\Storage\SMB_OC'])) { - \OC::$server->getSession()->set('smb-credentials', \OC::$server->getCrypto()->encrypt(json_encode($params))); - } - } - - /** - * @param string $path - * @return boolean - */ - public function isSharable($path) { - return false; - } - - /** - * @param bool $isPersonal - * @return bool - */ - public function test($isPersonal = true) { - if ($isPersonal) { - if ($this->stat('')) { - return true; - } - return false; - } else { - $server = new Server($this->server->getHost(), '', ''); - - try { - $server->listShares(); - return true; - } catch (AccessDeniedException $e) { - // expected due to anonymous login - return true; - } catch (Exception $e) { - return false; - } - } - } -} diff --git a/apps/files_external/lib/visibilitytrait.php b/apps/files_external/lib/visibilitytrait.php deleted file mode 100644 index dfd2d323ca6..00000000000 --- a/apps/files_external/lib/visibilitytrait.php +++ /dev/null @@ -1,136 +0,0 @@ -<?php -/** - * @author Robin McCorkell <rmccorkell@karoshi.org.uk> - * - * @copyright Copyright (c) 2015, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ - -namespace OCA\Files_External\Lib; - -use \OCA\Files_External\Service\BackendService; - -/** - * Trait to implement visibility mechanics for a configuration class - * - * The standard visibility defines which users/groups can use or see the - * object. The allowed visibility defines the maximum visibility allowed to be - * set on the object. The standard visibility is often set dynamically by - * stored configuration parameters that can be modified by the administrator, - * while the allowed visibility is set directly by the object and cannot be - * modified by the administrator. - */ -trait VisibilityTrait { - - /** @var int visibility */ - protected $visibility = BackendService::VISIBILITY_DEFAULT; - - /** @var int allowed visibilities */ - protected $allowedVisibility = BackendService::VISIBILITY_DEFAULT; - - /** - * @return int - */ - public function getVisibility() { - return $this->visibility; - } - - /** - * Check if the backend is visible for a user type - * - * @param int $visibility - * @return bool - */ - public function isVisibleFor($visibility) { - if ($this->visibility & $visibility) { - return true; - } - return false; - } - - /** - * @param int $visibility - * @return self - */ - public function setVisibility($visibility) { - $this->visibility = $visibility; - $this->allowedVisibility |= $visibility; - return $this; - } - - /** - * @param int $visibility - * @return self - */ - public function addVisibility($visibility) { - return $this->setVisibility($this->visibility | $visibility); - } - - /** - * @param int $visibility - * @return self - */ - public function removeVisibility($visibility) { - return $this->setVisibility($this->visibility & ~$visibility); - } - - /** - * @return int - */ - public function getAllowedVisibility() { - return $this->allowedVisibility; - } - - /** - * Check if the backend is allowed to be visible for a user type - * - * @param int $allowedVisibility - * @return bool - */ - public function isAllowedVisibleFor($allowedVisibility) { - if ($this->allowedVisibility & $allowedVisibility) { - return true; - } - return false; - } - - /** - * @param int $allowedVisibility - * @return self - */ - public function setAllowedVisibility($allowedVisibility) { - $this->allowedVisibility = $allowedVisibility; - $this->visibility &= $allowedVisibility; - return $this; - } - - /** - * @param int $allowedVisibility - * @return self - */ - public function addAllowedVisibility($allowedVisibility) { - return $this->setAllowedVisibility($this->allowedVisibility | $allowedVisibility); - } - - /** - * @param int $allowedVisibility - * @return self - */ - public function removeAllowedVisibility($allowedVisibility) { - return $this->setAllowedVisibility($this->allowedVisibility & ~$allowedVisibility); - } - -} |