refactor(core): Replace security annotations with respective attributes

Signed-off-by: provokateurin <kate@provokateurin.de>

2 files changed, 2 insertions, 10 deletions

diff --git a/lib/public/AppFramework/ApiController.php b/lib/public/AppFramework/ApiController.php
index da1152090c6..d3c83005ad1 100644
--- a/lib/public/AppFramework/ApiController.php
+++ b/lib/public/AppFramework/ApiController.php
@@ -7,6 +7,7 @@
  */
 namespace OCP\AppFramework;
 
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Http\Response;
@@ -51,13 +52,11 @@ abstract class ApiController extends Controller {
 	 * This method implements a preflighted cors response for you that you can
 	 * link to for the options request
 	 *
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @PublicPage
 	 * @since 7.0.0
 	 */
 	#[NoCSRFRequired]
 	#[PublicPage]
+	#[NoAdminRequired]
 	public function preflightedCors() {
 		if (isset($this->request->server['HTTP_ORIGIN'])) {
 			$origin = $this->request->server['HTTP_ORIGIN'];
diff --git a/lib/public/AppFramework/AuthPublicShareController.php b/lib/public/AppFramework/AuthPublicShareController.php
index d6c088d4a0c..9c912d0e9a6 100644
--- a/lib/public/AppFramework/AuthPublicShareController.php
+++ b/lib/public/AppFramework/AuthPublicShareController.php
@@ -46,9 +46,6 @@ abstract class AuthPublicShareController extends PublicShareController {
 	}
 
 	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
 	 * Show the authentication page
 	 * The form has to submit to the authenticate method route
 	 *
@@ -125,10 +122,6 @@ abstract class AuthPublicShareController extends PublicShareController {
 	}
 
 	/**
-	 * @UseSession
-	 * @PublicPage
-	 * @BruteForceProtection(action=publicLinkAuth)
-	 *
 	 * Authenticate the share
 	 *
 	 * @since 14.0.0