Merge pull request #846 from nextcloud/provisioning_api_ocs

Move Provisioning API to the AppFramework
author: Joas Schilling <coding@schilljs.com> 2016-08-17 10:23:13 +0200
committer: GitHub <noreply@github.com> 2016-08-17 10:23:13 +0200
commit: 027069cbae9e67a205c77095be09bac9a75bfa2a (patch)
tree: 78a2af1e3e7d8f2b9038a3d64a309303f3804610 /lib
parent: c1632c3abd0f136b4ecb8d7a5bef5c3c72f9cb95 (diff)
parent: 77542817d1bfb260c4bff74f77b9507b699f1d76 (diff)
download: nextcloud-server-027069cbae9e67a205c77095be09bac9a75bfa2a.tar.gz
nextcloud-server-027069cbae9e67a205c77095be09bac9a75bfa2a.zip
2 files changed, 61 insertions, 3 deletions
diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php
index 77192847867..20351d1321c 100644
--- a/lib/private/AppFramework/DependencyInjection/DIContainer.php
+++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php
@@ -408,6 +408,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
 		$this->registerService('MiddlewareDispatcher', function($c) use (&$middleWares) {
 			$dispatcher = new MiddlewareDispatcher();
 			$dispatcher->registerMiddleware($c['CORSMiddleware']);
+			$dispatcher->registerMiddleware($c['OCSMiddleware']);
 			$dispatcher->registerMiddleware($c['SecurityMiddleware']);
 			$dispatcher->registerMiddleWare($c['TwoFactorMiddleware']);
 
@@ -416,7 +417,6 @@ class DIContainer extends SimpleContainer implements IAppContainer {
 			}
 
 			$dispatcher->registerMiddleware($c['SessionMiddleware']);
-			$dispatcher->registerMiddleware($c['OCSMiddleware']);
 			return $dispatcher;
 		});
 
diff --git a/lib/private/AppFramework/Middleware/OCSMiddleware.php b/lib/private/AppFramework/Middleware/OCSMiddleware.php
index e07d100d8ac..68445bbcc51 100644
--- a/lib/private/AppFramework/Middleware/OCSMiddleware.php
+++ b/lib/private/AppFramework/Middleware/OCSMiddleware.php
@@ -23,8 +23,14 @@
 namespace OC\AppFramework\Middleware;
 
 use OC\AppFramework\Http;
+use OCP\API;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\OCSResponse;
+use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\OCS\OCSException;
+use OCP\AppFramework\OCS\OCSForbiddenException;
+use OCP\AppFramework\OCS\OCSNotFoundException;
 use OCP\AppFramework\OCSController;
 use OCP\IRequest;
 use OCP\AppFramework\Middleware;
@@ -54,12 +60,35 @@ class OCSMiddleware extends Middleware {
 
 			$code = $exception->getCode();
 			if ($code === 0) {
-				$code = Http::STATUS_INTERNAL_SERVER_ERROR;
+				$code = API::RESPOND_UNKNOWN_ERROR;
 			}
+
+			// Build the response
 			$response = new OCSResponse($format, $code, $exception->getMessage());
 
+			// Forbidden always sets 401 (even on v1.php)
+			if ($exception instanceof OCSForbiddenException || $code === API::RESPOND_UNAUTHORISED) {
+				$response->setStatus(Http::STATUS_UNAUTHORIZED);
+			}
+
+			// On v2.php we set actual HTTP error codes
 			if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
-				$response->setStatus($code);
+				if ($code === API::RESPOND_NOT_FOUND) {
+					$response->setStatus(Http::STATUS_NOT_FOUND);
+				} else if ($code === API::RESPOND_SERVER_ERROR) {
+					$response->setStatus(Http::STATUS_INTERNAL_SERVER_ERROR);
+				} else if ($code === API::RESPOND_UNKNOWN_ERROR) {
+					$response->setStatus(Http::STATUS_INTERNAL_SERVER_ERROR);
+				} else if ($code === API::RESPOND_UNAUTHORISED) {
+					// Already set
+				}
+				// 4xx and 5xx codes are forwarded as is.
+				else if ($code >= 400 && $code < 600) {
+					$response->setStatus($code);
+				} else {
+					// All other codes get a bad request
+					$response->setStatus(Http::STATUS_BAD_REQUEST);
+				}
 			}
 			return $response;
 		}
@@ -69,6 +98,35 @@ class OCSMiddleware extends Middleware {
 
 	/**
 	 * @param \OCP\AppFramework\Controller $controller
+	 * @param string $methodName
+	 * @param Response $response
+	 * @return \OCP\AppFramework\Http\Response
+	 */
+	public function afterController($controller, $methodName, Response $response) {
+		/*
+		 * If a different middleware has detected that a request unauthorized or forbidden
+		 * we need to catch the response and convert it to a proper OCS response.
+		 */
+		if ($controller instanceof OCSController && !($response instanceof OCSResponse)) {
+			if ($response->getStatus() === Http::STATUS_UNAUTHORIZED ||
+			    $response->getStatus() === Http::STATUS_FORBIDDEN) {
+				$format = $this->getFormat($controller);
+
+				$message = '';
+				if ($response instanceof JSONResponse) {
+					/** @var DataResponse $response */
+					$message = $response->getData()['message'];
+				}
+				$response = new OCSResponse($format, \OCP\API::RESPOND_UNAUTHORISED, $message);
+				$response->setStatus(Http::STATUS_UNAUTHORIZED);
+			}
+		}
+
+		return $response;
+	}
+
+	/**
+	 * @param \OCP\AppFramework\Controller $controller
 	 * @return string
 	 */
 	private function getFormat($controller) {
author	Joas Schilling <coding@schilljs.com>	2016-08-17 10:23:13 +0200
committer	GitHub <noreply@github.com>	2016-08-17 10:23:13 +0200
commit	027069cbae9e67a205c77095be09bac9a75bfa2a (patch)
tree	78a2af1e3e7d8f2b9038a3d64a309303f3804610 /lib
parent	c1632c3abd0f136b4ecb8d7a5bef5c3c72f9cb95 (diff)
parent	77542817d1bfb260c4bff74f77b9507b699f1d76 (diff)
download	nextcloud-server-027069cbae9e67a205c77095be09bac9a75bfa2a.tar.gz nextcloud-server-027069cbae9e67a205c77095be09bac9a75bfa2a.zip