diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-07-24 16:47:18 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-07-24 16:47:18 +0200 |
| commit | 11244736ae6d44629d312d1e2730f60f06ccebcf (patch) | |
| tree | 2aa4a087d708690b95b8849f65a55ee8631653f2 /lib | |
| parent | 1f8ee61006a7b3dcc740cb16e5d826fa7c1646c6 (diff) | |
| parent | 632e39a750ebc9e7063fe1b73fab059ef511f692 (diff) | |
| download | nextcloud-server-11244736ae6d44629d312d1e2730f60f06ccebcf.tar.gz nextcloud-server-11244736ae6d44629d312d1e2730f60f06ccebcf.zip | |
Merge pull request #17838 from owncloud/sharing-password-policy-master
Use a hook to integrate sharing password verification
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/share/share.php | 24 | ||||
| -rw-r--r-- | lib/public/share.php | 2 |
2 files changed, 24 insertions, 2 deletions
diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 41b60ecc638..c0285125234 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -737,6 +737,7 @@ class Share extends Constants { // Generate hash of password - same method as user passwords if (!empty($shareWith)) { + self::verifyPassword($shareWith); $shareWith = \OC::$server->getHasher()->hash($shareWith); } else { // reuse the already set password, but only if we change permissions @@ -1218,7 +1219,7 @@ class Share extends Constants { } /** - * Set expiration date for a share + * Set password for a public link share * * @param IUserSession $userSession * @param IDBConnection $connection @@ -1252,6 +1253,8 @@ class Share extends Constants { throw new \Exception('Cannot remove password'); } + self::verifyPassword($password); + $qb = $connection->getQueryBuilder(); $qb->update('*PREFIX*share') ->set('share_with', $qb->createParameter('pass')) @@ -2604,4 +2607,23 @@ class Share extends Constants { $result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]); return $result->fetchAll(); } + + /** + * @param string $password + * @throws \Exception + */ + private static function verifyPassword($password) { + + $accepted = true; + $message = ''; + \OCP\Util::emitHook('\OC\Share', 'verifyPassword', [ + 'password' => $password, + 'accepted' => &$accepted, + 'message' => &$message + ]); + + if (!$accepted) { + throw new \Exception($message); + } + } } diff --git a/lib/public/share.php b/lib/public/share.php index 86e6deb9194..0f5c68c576d 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -344,7 +344,7 @@ class Share extends \OC\Share\Constants { } /** - * Set expiration date for a share + * Set password for a public link share * @param int $shareId * @param string $password * @return boolean |