diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-03-08 11:05:18 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-03-08 11:05:18 +0100 |
| commit | 3ad7daeda5a320276021e72684bfed4469cbae37 (patch) | |
| tree | b13262bff8147bf9391e4abbe3067216d7a297da /lib/private/AppFramework | |
| parent | 340e8ef16ced722ae97e6175b82f3010772a2550 (diff) | |
| download | nextcloud-server-3ad7daeda5a320276021e72684bfed4469cbae37.tar.gz nextcloud-server-3ad7daeda5a320276021e72684bfed4469cbae37.zip | |
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/private/AppFramework')
| -rw-r--r-- | lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php | 26 |
1 files changed, 8 insertions, 18 deletions
diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php index 38ce08dd09a..7eb730ac2a3 100644 --- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php @@ -40,6 +40,7 @@ use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Security\CSP\ContentSecurityPolicyManager; use OC\Security\CSP\ContentSecurityPolicyNonceManager; use OC\Security\CSRF\CsrfTokenManager; +use OCP\App\AppPathNotFoundException; use OCP\App\IAppManager; use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\AppFramework\Http\EmptyContentSecurityPolicy; @@ -92,21 +93,6 @@ class SecurityMiddleware extends Middleware { /** @var IL10N */ private $l10n; - /** - * @param IRequest $request - * @param ControllerMethodReflector $reflector - * @param INavigationManager $navigationManager - * @param IURLGenerator $urlGenerator - * @param ILogger $logger - * @param string $appName - * @param bool $isLoggedIn - * @param bool $isAdminUser - * @param ContentSecurityPolicyManager $contentSecurityPolicyManager - * @param CSRFTokenManager $csrfTokenManager - * @param ContentSecurityPolicyNonceManager $cspNonceManager - * @param IAppManager $appManager - * @param IL10N $l10n - */ public function __construct(IRequest $request, ControllerMethodReflector $reflector, INavigationManager $navigationManager, @@ -190,16 +176,20 @@ class SecurityMiddleware extends Middleware { } /** - * FIXME: Use DI once available * Checks if app is enabled (also includes a check whether user is allowed to access the resource) * The getAppPath() check is here since components such as settings also use the AppFramework and * therefore won't pass this check. * If page is public, app does not need to be enabled for current user/visitor */ - if(\OC_App::getAppPath($this->appName) !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) { - throw new AppNotEnabledException(); + try { + $appPath = $this->appManager->getAppPath($this->appName); + } catch (AppPathNotFoundException $e) { + $appPath = false; } + if ($appPath !== false && !$isPublicPage && !$this->appManager->isEnabledForUser($this->appName)) { + throw new AppNotEnabledException(); + } } /** |