diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2020-08-21 17:36:01 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2020-08-25 08:42:24 +0000 |
| commit | 7f6e2c59530a7242fb5057379a2ee9944282e695 (patch) | |
| tree | 6e68fd5c42547ba048b58d02d44f836e98d8b7a3 /apps | |
| parent | e57e66eedd8bd41973a16dcf294222be5983a023 (diff) | |
| download | nextcloud-server-7f6e2c59530a7242fb5057379a2ee9944282e695.tar.gz nextcloud-server-7f6e2c59530a7242fb5057379a2ee9944282e695.zip | |
fix possible leaking scope in Flow
- a configured flow can be brought into consideration, despite its event
was not fired
- it could either run through
- or run into a RuntimeException and killing processing of valid flows
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/workflowengine/lib/AppInfo/Application.php | 1 | ||||
| -rw-r--r-- | apps/workflowengine/lib/Service/RuleMatcher.php | 14 |
2 files changed, 15 insertions, 0 deletions
diff --git a/apps/workflowengine/lib/AppInfo/Application.php b/apps/workflowengine/lib/AppInfo/Application.php index 70b5468c553..57cfee7f1a0 100644 --- a/apps/workflowengine/lib/AppInfo/Application.php +++ b/apps/workflowengine/lib/AppInfo/Application.php @@ -95,6 +95,7 @@ class Application extends \OCP\AppFramework\App { /** @var IOperation $operation */ $operation = $this->getContainer()->query($operationClass); + $ruleMatcher->setEventName($eventName); $ruleMatcher->setEntity($entity); $ruleMatcher->setOperation($operation); diff --git a/apps/workflowengine/lib/Service/RuleMatcher.php b/apps/workflowengine/lib/Service/RuleMatcher.php index f02c28fa27e..6bad3cefd5d 100644 --- a/apps/workflowengine/lib/Service/RuleMatcher.php +++ b/apps/workflowengine/lib/Service/RuleMatcher.php @@ -62,6 +62,8 @@ class RuleMatcher implements IRuleMatcher { protected $entity; /** @var Logger */ protected $logger; + /** @var string */ + protected $eventName; public function __construct( IUserSession $session, @@ -101,6 +103,13 @@ class RuleMatcher implements IRuleMatcher { $this->entity = $entity; } + public function setEventName(string $eventName): void { + if ($this->eventName !== null) { + throw new RuntimeException('This method must not be called more than once'); + } + $this->eventName = $eventName; + } + public function getEntity(): IEntity { if ($this->entity === null) { throw new \LogicException('Entity was not set yet'); @@ -155,6 +164,11 @@ class RuleMatcher implements IRuleMatcher { $matches = []; foreach ($operations as $operation) { + $configuredEvents = json_decode($operation['events'], true); + if ($this->eventName !== null && !in_array($this->eventName, $configuredEvents)) { + continue; + } + $checkIds = json_decode($operation['checks'], true); $checks = $this->manager->getChecks($checkIds); |