Merge pull request #31848 from nextcloud/performance/trottling-capability-frontent

Don't inject Bruteforce capability info in the webui
author: Carl Schwan <carl@carlschwan.eu> 2022-04-11 10:50:52 +0200
committer: GitHub <noreply@github.com> 2022-04-11 10:50:52 +0200
commit: 682468ef5cda2d3aefed9cd5db80021da22bb593 (patch)
tree: 1eea92ec9436bd37f803238c61104585446a1f67 /lib/private
parent: 0b8582f315bb45133c76fd0d9ee2e31528184980 (diff)
parent: 69b36fc2c5835d854279b51ff795312f988218a6 (diff)
download: nextcloud-server-682468ef5cda2d3aefed9cd5db80021da22bb593.tar.gz
nextcloud-server-682468ef5cda2d3aefed9cd5db80021da22bb593.zip
3 files changed, 10 insertions, 3 deletions
diff --git a/lib/private/CapabilitiesManager.php b/lib/private/CapabilitiesManager.php
index 16f9bd64252..ff92ebb5444 100644
--- a/lib/private/CapabilitiesManager.php
+++ b/lib/private/CapabilitiesManager.php
@@ -31,6 +31,7 @@ namespace OC;
 use OCP\AppFramework\QueryException;
 use OCP\Capabilities\ICapability;
 use OCP\Capabilities\IPublicCapability;
+use OCP\Capabilities\IInitialStateExcludedCapability;
 use Psr\Log\LoggerInterface;
 
 class CapabilitiesManager {
@@ -52,7 +53,7 @@ class CapabilitiesManager {
 	 * @throws \InvalidArgumentException
 	 * @return array
 	 */
-	public function getCapabilities(bool $public = false) : array {
+	public function getCapabilities(bool $public = false, bool $initialState = false) : array {
 		$capabilities = [];
 		foreach ($this->capabilities as $capability) {
 			try {
@@ -66,6 +67,11 @@ class CapabilitiesManager {
 
 			if ($c instanceof ICapability) {
 				if (!$public || $c instanceof IPublicCapability) {
+					if ($initialState && ($c instanceof IInitialStateExcludedCapability)) {
+						// Remove less important capabilities information that are expensive to query
+						// that we would otherwise inject to every page load
+						continue;
+					}
 					$capabilities = array_replace_recursive($capabilities, $c->getCapabilities());
 				}
 			} else {
diff --git a/lib/private/Security/Bruteforce/Capabilities.php b/lib/private/Security/Bruteforce/Capabilities.php
index 3b494d5bf49..5de4f35f24e 100644
--- a/lib/private/Security/Bruteforce/Capabilities.php
+++ b/lib/private/Security/Bruteforce/Capabilities.php
@@ -28,9 +28,10 @@ declare(strict_types=1);
 namespace OC\Security\Bruteforce;
 
 use OCP\Capabilities\IPublicCapability;
+use OCP\Capabilities\IInitialStateExcludedCapability;
 use OCP\IRequest;
 
-class Capabilities implements IPublicCapability {
+class Capabilities implements IPublicCapability, IInitialStateExcludedCapability {
 	/** @var IRequest */
 	private $request;
 
diff --git a/lib/private/Template/JSConfigHelper.php b/lib/private/Template/JSConfigHelper.php
index abd2ed1dcd8..58f3106bafd 100644
--- a/lib/private/Template/JSConfigHelper.php
+++ b/lib/private/Template/JSConfigHelper.php
@@ -187,7 +187,7 @@ class JSConfigHelper {
 			$lastConfirmTimestamp = 0;
 		}
 
-		$capabilities = $this->capabilitiesManager->getCapabilities();
+		$capabilities = $this->capabilitiesManager->getCapabilities(false, true);
 
 		$config = [
 			'session_lifetime' => min($this->config->getSystemValue('session_lifetime', $this->iniWrapper->getNumeric('session.gc_maxlifetime')), $this->iniWrapper->getNumeric('session.gc_maxlifetime')),
author	Carl Schwan <carl@carlschwan.eu>	2022-04-11 10:50:52 +0200
committer	GitHub <noreply@github.com>	2022-04-11 10:50:52 +0200
commit	682468ef5cda2d3aefed9cd5db80021da22bb593 (patch)
tree	1eea92ec9436bd37f803238c61104585446a1f67 /lib/private
parent	0b8582f315bb45133c76fd0d9ee2e31528184980 (diff)
parent	69b36fc2c5835d854279b51ff795312f988218a6 (diff)
download	nextcloud-server-682468ef5cda2d3aefed9cd5db80021da22bb593.tar.gz nextcloud-server-682468ef5cda2d3aefed9cd5db80021da22bb593.zip