aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private
diff options
context:
space:
mode:
authorVincent Petry <vincent@nextcloud.com>2022-04-12 09:46:31 +0200
committerGitHub <noreply@github.com>2022-04-12 09:46:31 +0200
commit483741ff36ab5ce56d37f65226b76afffb858356 (patch)
treea50478ba2112ef95d8899ce8d994c1b27a49cdf7 /lib/private
parent4626bfbc83c3b5779d6688c0b9357514e08799ed (diff)
parentc6a5c07041d2e5d20771409aede8b755d28372ac (diff)
downloadnextcloud-server-483741ff36ab5ce56d37f65226b76afffb858356.tar.gz
nextcloud-server-483741ff36ab5ce56d37f65226b76afffb858356.zip
Merge pull request #31220 from nextcloud/enhancement/31005/temporary-passwords
Temporary passwords for public non-anonymous protected shares (ie: files shared with an email recipient).
Diffstat (limited to 'lib/private')
-rw-r--r--lib/private/Share20/Manager.php6
-rw-r--r--lib/private/Share20/ProviderFactory.php1
-rw-r--r--lib/private/Share20/Share.php16
3 files changed, 23 insertions, 0 deletions
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 3fca9e3fe14..4e87c37fedb 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -1552,6 +1552,12 @@ class Manager implements IManager {
return false;
}
+ // Makes sure password hasn't expired
+ $expirationTime = $share->getPasswordExpirationTime();
+ if ($expirationTime !== null && $expirationTime < new \DateTime()) {
+ return false;
+ }
+
$newHash = '';
if (!$this->hasher->verify($password, $share->getPassword(), $newHash)) {
return false;
diff --git a/lib/private/Share20/ProviderFactory.php b/lib/private/Share20/ProviderFactory.php
index 42677d6bcf7..434c0017d21 100644
--- a/lib/private/Share20/ProviderFactory.php
+++ b/lib/private/Share20/ProviderFactory.php
@@ -185,6 +185,7 @@ class ProviderFactory implements IProviderFactory {
$settingsManager = new SettingsManager($this->serverContainer->getConfig());
$this->shareByMailProvider = new ShareByMailProvider(
+ $this->serverContainer->getConfig(),
$this->serverContainer->getDatabaseConnection(),
$this->serverContainer->getSecureRandom(),
$this->serverContainer->getUserManager(),
diff --git a/lib/private/Share20/Share.php b/lib/private/Share20/Share.php
index f1df71b1143..7ed03832e4c 100644
--- a/lib/private/Share20/Share.php
+++ b/lib/private/Share20/Share.php
@@ -73,6 +73,7 @@ class Share implements IShare {
private $expireDate;
/** @var string */
private $password;
+ private ?\DateTimeInterface $passwordExpirationTime = null;
/** @var bool */
private $sendPasswordByTalk = false;
/** @var string */
@@ -464,6 +465,21 @@ class Share implements IShare {
/**
* @inheritdoc
*/
+ public function setPasswordExpirationTime(?\DateTimeInterface $passwordExpirationTime = null): IShare {
+ $this->passwordExpirationTime = $passwordExpirationTime;
+ return $this;
+ }
+
+ /**
+ * @inheritdoc
+ */
+ public function getPasswordExpirationTime(): ?\DateTimeInterface {
+ return $this->passwordExpirationTime;
+ }
+
+ /**
+ * @inheritdoc
+ */
public function setSendPasswordByTalk(bool $sendPasswordByTalk) {
$this->sendPasswordByTalk = $sendPasswordByTalk;
return $this;