merge master into fileinfo

author: Robin Appelman <icewind@owncloud.com> 2014-01-29 16:33:27 +0100
committer: Robin Appelman <icewind@owncloud.com> 2014-01-29 16:33:27 +0100
commit: 4e2b52a376d2aab5e0f9d0034a8e2bfa196c08bd (patch)
tree: 78094fbe60703eae8e4eb1d5d7a42d249a515f21 /lib/public
parent: fc5f20112efe03b203978c4b1045ed70c2ce5e74 (diff)
parent: f5f918b8bf5279fd174fe520c21f83c902904843 (diff)
download: nextcloud-server-4e2b52a376d2aab5e0f9d0034a8e2bfa196c08bd.tar.gz
nextcloud-server-4e2b52a376d2aab5e0f9d0034a8e2bfa196c08bd.zip
3 files changed, 61 insertions, 7 deletions
diff --git a/lib/public/json.php b/lib/public/json.php
index 831e3ef1cf6..cd5d233ef90 100644
--- a/lib/public/json.php
+++ b/lib/public/json.php
@@ -167,7 +167,7 @@ class JSON {
 	* @return string json formatted string if not admin user.
 	*/
 	public static function checkAdminUser() {
-		return(\OC_JSON::checkAdminUser());
+		\OC_JSON::checkAdminUser();
 	}
 
 	/**
@@ -177,4 +177,12 @@ class JSON {
 	public static function encode($data) {
 		return(\OC_JSON::encode($data));
 	}
+
+	/**
+	 * Check is a given user exists - send json error msg if not
+	 * @param string $user
+	 */
+	public static function checkUserExists($user) {
+		\OC_JSON::checkUserExists($user);
+	}
 }
diff --git a/lib/public/share.php b/lib/public/share.php
index eb1dd8d1c95..f832d04a70f 100644
--- a/lib/public/share.php
+++ b/lib/public/share.php
@@ -347,20 +347,29 @@ class Share {
 	}
 
 	/**
-	 * Get the item shared by a token
-	 * @param string token
-	 * @return Item
+	 * Based on the given token the share information will be returned - password protected shares will be verified
+	 * @param string $token
+	 * @return array | bool false will be returned in case the token is unknown or unauthorized
 	 */
-	public static function getShareByToken($token) {
+	public static function getShareByToken($token, $checkPasswordProtection = true) {
 		$query = \OC_DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `token` = ?', 1);
 		$result = $query->execute(array($token));
 		if (\OC_DB::isError($result)) {
 			\OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) . ', token=' . $token, \OC_Log::ERROR);
 		}
 		$row = $result->fetchRow();
+		if ($row === false) {
+			return false;
+		}
 		if (is_array($row) and self::expireItem($row)) {
 			return false;
 		}
+
+		// password protected shares need to be authenticated
+		if ($checkPasswordProtection && !\OCP\Share::checkPasswordProtectedShare($row)) {
+			return false;
+		}
+
 		return $row;
 	}
 
@@ -1888,6 +1897,34 @@ class Share {
 		}
 	}
 
+	/**
+	 * In case a password protected link is not yet authenticated this function will return false
+	 *
+	 * @param array $linkItem
+	 * @return bool
+	 */
+	public static function checkPasswordProtectedShare(array $linkItem) {
+		if (!isset($linkItem['share_with'])) {
+			return true;
+		}
+		if (!isset($linkItem['share_type'])) {
+			return true;
+		}
+		if (!isset($linkItem['id'])) {
+			return true;
+		}
+
+		if ($linkItem['share_type'] != \OCP\Share::SHARE_TYPE_LINK) {
+			return true;
+		}
+
+		if ( \OC::$session->exists('public_link_authenticated')
+			&& \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) {
+			return true;
+		}
+
+		return false;
+	}
 }
 
 /**
diff --git a/lib/public/util.php b/lib/public/util.php
index 9f945f0feac..0a003fbfe92 100644
--- a/lib/public/util.php
+++ b/lib/public/util.php
@@ -88,14 +88,18 @@ class Util {
 	 * @param Exception $ex exception to log
 	 */
 	public static function logException( $app, \Exception $ex ) {
-		$message = $ex->getMessage();
+		$class = get_class($ex);
+		if ($class !== 'Exception') {
+			$message = $class . ': ';
+		}
+		$message .= $ex->getMessage();
 		if ($ex->getCode()) {
 			$message .= ' [' . $ex->getCode() . ']';
 		}
 		\OCP\Util::writeLog($app, 'Exception: ' . $message, \OCP\Util::FATAL);
 		if (defined('DEBUG') and DEBUG) {
 			// also log stack trace
-			$stack = explode('#', $ex->getTraceAsString());
+			$stack = explode("\n", $ex->getTraceAsString());
 			// first element is empty
 			array_shift($stack);
 			foreach ($stack as $s) {
@@ -254,8 +258,13 @@ class Util {
 	 * Example: when given lostpassword-noreply as $user_part param,
 	 *     and is currently accessed via http(s)://example.com/,
 	 *     it would return 'lostpassword-noreply@example.com'
+	 *
+	 * If the configuration value 'mail_from_address' is set in
+	 * config.php, this value will override the $user_part that
+	 * is passed to this function
 	 */
 	public static function getDefaultEmailAddress($user_part) {
+		$user_part = \OC_Config::getValue('mail_from_address', $user_part);
 		$host_name = self::getServerHostName();
 		$host_name = \OC_Config::getValue('mail_domain', $host_name);
 		$defaultEmailAddress = $user_part.'@'.$host_name;
author	Robin Appelman <icewind@owncloud.com>	2014-01-29 16:33:27 +0100
committer	Robin Appelman <icewind@owncloud.com>	2014-01-29 16:33:27 +0100
commit	4e2b52a376d2aab5e0f9d0034a8e2bfa196c08bd (patch)
tree	78094fbe60703eae8e4eb1d5d7a42d249a515f21 /lib/public
parent	fc5f20112efe03b203978c4b1045ed70c2ce5e74 (diff)
parent	f5f918b8bf5279fd174fe520c21f83c902904843 (diff)
download	nextcloud-server-4e2b52a376d2aab5e0f9d0034a8e2bfa196c08bd.tar.gz nextcloud-server-4e2b52a376d2aab5e0f9d0034a8e2bfa196c08bd.zip