diff options
| author | Joas Schilling <coding@schilljs.com> | 2019-03-28 09:26:38 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2019-03-28 09:26:38 +0100 |
| commit | c5560117da0da512e9873a9bf55d7b6f89b37166 (patch) | |
| tree | 6e692b0da0bb691e3a9ce465c4999413248c5848 /core/Controller | |
| parent | 76b22bd76e2cb92aaba07f84cc2a644e7feaf7e8 (diff) | |
| download | nextcloud-server-c5560117da0da512e9873a9bf55d7b6f89b37166.tar.gz nextcloud-server-c5560117da0da512e9873a9bf55d7b6f89b37166.zip | |
Make the endpoint more robust against faulty resource providers
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'core/Controller')
| -rw-r--r-- | core/Controller/CollaborationResourcesController.php | 72 |
1 files changed, 59 insertions, 13 deletions
diff --git a/core/Controller/CollaborationResourcesController.php b/core/Controller/CollaborationResourcesController.php index e67a59bb36c..46ec1136c94 100644 --- a/core/Controller/CollaborationResourcesController.php +++ b/core/Controller/CollaborationResourcesController.php @@ -22,6 +22,7 @@ declare(strict_types=1); namespace OC\Core\Controller; +use Exception; use OCP\AppFramework\Http; use OCP\AppFramework\OCSController; use OCP\AppFramework\Http\DataResponse; @@ -30,6 +31,7 @@ use OCP\Collaboration\Resources\ICollection; use OCP\Collaboration\Resources\IManager; use OCP\Collaboration\Resources\IResource; use OCP\Collaboration\Resources\ResourceException; +use OCP\ILogger; use OCP\IRequest; use OCP\IUserSession; @@ -37,20 +39,23 @@ class CollaborationResourcesController extends OCSController { /** @var IManager */ private $manager; - /** @var IUserSession */ private $userSession; + /** @var ILogger */ + private $logger; public function __construct( string $appName, IRequest $request, IManager $manager, - IUserSession $userSession + IUserSession $userSession, + ILogger $logger ) { parent::__construct($appName, $request); $this->manager = $manager; $this->userSession = $userSession; + $this->logger = $logger; } /** @@ -81,7 +86,7 @@ class CollaborationResourcesController extends OCSController { return new DataResponse([], Http::STATUS_NOT_FOUND); } - return new DataResponse($this->prepareCollection($collection)); + return $this->respondCollection($collection); } /** @@ -97,7 +102,7 @@ class CollaborationResourcesController extends OCSController { return new DataResponse([], Http::STATUS_NOT_FOUND); } - return new DataResponse(array_map([$this, 'prepareCollection'], $collections)); + return new DataResponse($this->prepareCollections($collections)); } /** @@ -126,7 +131,7 @@ class CollaborationResourcesController extends OCSController { } catch (ResourceException $e) { } - return new DataResponse($this->prepareCollection($collection)); + return $this->respondCollection($collection); } /** @@ -152,7 +157,7 @@ class CollaborationResourcesController extends OCSController { $collection->removeResource($resource); - return new DataResponse($this->prepareCollection($collection)); + return $this->respondCollection($collection); } /** @@ -173,7 +178,7 @@ class CollaborationResourcesController extends OCSController { return new DataResponse([], Http::STATUS_NOT_FOUND); } - return new DataResponse(array_map([$this, 'prepareCollection'], $resource->getCollections())); + return new DataResponse($this->prepareCollections($resource->getCollections())); } /** @@ -202,7 +207,7 @@ class CollaborationResourcesController extends OCSController { $collection = $this->manager->newCollection($name); $collection->addResource($resource); - return new DataResponse($this->prepareCollection($collection)); + return $this->respondCollection($collection); } /** @@ -221,24 +226,65 @@ class CollaborationResourcesController extends OCSController { $collection->setName($collectionName); - return new DataResponse($this->prepareCollection($collection)); + return $this->respondCollection($collection); + } + + protected function respondCollection(ICollection $collection): DataResponse { + try { + return new DataResponse($this->prepareCollection($collection)); + } catch (CollectionException $e) { + return new DataResponse([], Http::STATUS_NOT_FOUND); + } catch (Exception $e) { + $this->logger->logException($e); + return new DataResponse([], Http::STATUS_INTERNAL_SERVER_ERROR); + } + } + + protected function prepareCollections(array $collections): array { + $result = []; + + foreach ($collections as $collection) { + try { + $result[] = $this->prepareCollection($collection); + } catch (CollectionException $e) { + } catch (Exception $e) { + $this->logger->logException($e); + } + } + + return $result; } protected function prepareCollection(ICollection $collection): array { if (!$collection->canAccess($this->userSession->getUser())) { - return null; + throw new CollectionException('Can not access collection'); } return [ 'id' => $collection->getId(), 'name' => $collection->getName(), - 'resources' => array_values(array_filter(array_map([$this, 'prepareResources'], $collection->getResources()))), + 'resources' => $this->prepareResources($collection->getResources()), ]; } - protected function prepareResources(IResource $resource): ?array { + protected function prepareResources(array $resources): ?array { + $result = []; + + foreach ($resources as $resource) { + try { + $result[] = $this->prepareResource($resource); + } catch (ResourceException $e) { + } catch (Exception $e) { + $this->logger->logException($e); + } + } + + return $result; + } + + protected function prepareResource(IResource $resource): array { if (!$resource->canAccess($this->userSession->getUser())) { - return null; + throw new ResourceException('Can not access resource'); } return $resource->getRichObject(); |