diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-06-11 14:19:15 +0200 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-06-20 08:53:37 +0200 |
| commit | 20e514690c46c2874bd2819942b0beb46015027a (patch) | |
| tree | ab13f88597b478c77c908521dc77f17083fb0752 /lib | |
| parent | 31392c24434c8dfbe770cec93ccb3c209392334e (diff) | |
| download | nextcloud-server-20e514690c46c2874bd2819942b0beb46015027a.tar.gz nextcloud-server-20e514690c46c2874bd2819942b0beb46015027a.zip | |
Don't allow public share pages if link sharing is disabled
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php index 38267779e65..92b1673b640 100644 --- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php +++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php @@ -9,6 +9,7 @@ use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; use OCP\AppFramework\PublicShareController; use OCP\Files\NotFoundException; +use OCP\IConfig; use OCP\IRequest; use OCP\ISession; @@ -19,9 +20,13 @@ class PublicShareMiddleware extends Middleware { /** @var ISession */ private $session; - public function __construct(IRequest $request, ISession $session) { + /** @var IConfig */ + private $config; + + public function __construct(IRequest $request, ISession $session, IConfig $config) { $this->request = $request; $this->session = $session; + $this->config = $config; } public function beforeController($controller, $methodName) { @@ -29,6 +34,10 @@ class PublicShareMiddleware extends Middleware { return; } + if (!$this->isLinkSharingEnabled()) { + throw new NotFoundException('Link sharing is disabled'); + } + // We require the token parameter to be set $token = $this->request->getParam('token'); if ($token === null) { @@ -83,4 +92,21 @@ class PublicShareMiddleware extends Middleware { $tmp = explode('.', $route); return array_pop($tmp); } + + /** + * Check if link sharing is allowed + */ + private function isLinkSharingEnabled(): bool { + // Check if the shareAPI is enabled + if ($this->config->getAppValue('core', 'shareapi_enabled', 'yes') !== 'yes') { + return false; + } + + // Check whether public sharing is enabled + if($this->config->getAppValue('core', 'shareapi_allow_links', 'yes') !== 'yes') { + return false; + } + + return true; + } } |