Merge pull request #15104 from nextcloud/enh/remote_wipe

Remote wipe support

3 files changed, 110 insertions, 1 deletions

diff --git a/core/Application.php b/core/Application.php
index f89b7e48081..967e3a62c1e 100644
--- a/core/Application.php
+++ b/core/Application.php
@@ -28,6 +28,7 @@
 
 namespace OC\Core;
 
+use OC\Authentication\Notifications\Notifier as AuthenticationNotifier;
 use OC\Core\Notification\RemoveLinkSharesNotifier;
 use OC\DB\MissingIndexInformation;
 use OC\DB\SchemaWrapper;
@@ -60,12 +61,20 @@ class Application extends App {
 			return new RemoveLinkSharesNotifier(
 				$server->getL10NFactory()
 			);
-		},  function() use ($server) {
+		}, function() {
 			return [
 				'id' => 'core',
 				'name' => 'core',
 			];
 		});
+		$notificationManager->registerNotifier(function() use ($server) {
+			return $server->query(AuthenticationNotifier::class);
+		}, function() {
+			return [
+				'id' => 'auth',
+				'name' => 'authentication notifier',
+			];
+		});
 
 		$eventDispatcher->addListener(IDBConnection::CHECK_MISSING_INDEXES_EVENT,
 			function(GenericEvent $event) use ($container) {
diff --git a/core/Controller/WipeController.php b/core/Controller/WipeController.php
new file mode 100644
index 00000000000..4b9d9ae38b5
--- /dev/null
+++ b/core/Controller/WipeController.php
@@ -0,0 +1,98 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @author Roeland Jago Douma <roeland@famdouma.nl>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OC\Core\Controller;
+
+use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Token\RemoteWipe;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\JSONResponse;
+use OCP\IRequest;
+
+class WipeController extends Controller {
+
+	/** @var RemoteWipe */
+	private $remoteWipe;
+
+	public function __construct(string $appName,
+								IRequest $request,
+								RemoteWipe $remoteWipe) {
+		parent::__construct($appName, $request);
+
+		$this->remoteWipe = $remoteWipe;
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @PublicPage
+	 *
+	 * @AnonRateThrottle(limit=10, period=300)
+	 *
+	 * @param string $token
+	 *
+	 * @return JSONResponse
+	 */
+	public function checkWipe(string $token): JSONResponse {
+		try {
+			if ($this->remoteWipe->start($token)) {
+				return new JSONResponse([
+					'wipe' => true
+				]);
+			}
+
+			return new JSONResponse([], Http::STATUS_NOT_FOUND);
+		} catch (InvalidTokenException $e) {
+			return new JSONResponse([], Http::STATUS_NOT_FOUND);
+		}
+	}
+
+
+	/**
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @PublicPage
+	 *
+	 * @AnonRateThrottle(limit=10, period=300)
+	 *
+	 * @param string $token
+	 *
+	 * @return JSONResponse
+	 */
+	public function wipeDone(string $token): JSONResponse {
+		try {
+			if ($this->remoteWipe->finish($token)) {
+				return new JSONResponse([]);
+			}
+
+			return new JSONResponse([], Http::STATUS_NOT_FOUND);
+		} catch (InvalidTokenException $e) {
+			return new JSONResponse([], Http::STATUS_NOT_FOUND);
+		}
+	}
+
+}
diff --git a/core/routes.php b/core/routes.php
index 823413cb2b8..ec8f995304d 100644
--- a/core/routes.php
+++ b/core/routes.php
@@ -81,6 +81,8 @@ $application->registerRoutes($this, [
 		['name' => 'contactsMenu#findOne', 'url' => '/contactsmenu/findOne', 'verb' => 'POST'],
 		['name' => 'WalledGarden#get', 'url' => '/204', 'verb' => 'GET'],
 		['name' => 'Search#search', 'url' => '/core/search', 'verb' => 'GET'],
+		['name' => 'Wipe#checkWipe', 'url' => '/core/wipe/check', 'verb' => 'POST'],
+		['name' => 'Wipe#wipeDone', 'url' => '/core/wipe/success', 'verb' => 'POST'],
 
 		// Legacy routes that need to be globally available while they are handled by an app
 		['name' => 'viewcontroller#showFile', 'url' => '/f/{fileid}', 'verb' => 'GET', 'app' => 'files'],