diff options
author | Lukas Reschke <lukas@owncloud.com> | 2016-04-06 11:09:55 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@owncloud.com> | 2016-04-06 11:12:22 +0200 |
commit | c12bb839e197990db86f0062fa6b7ec54aff5121 (patch) | |
tree | f70c0ac4f4113db7c0b5fdde0665c1f510fe6601 /settings/Middleware/SubadminMiddleware.php | |
parent | 046506dd146f823499098d0d2b0042072e436469 (diff) | |
download | nextcloud-server-c12bb839e197990db86f0062fa6b7ec54aff5121.tar.gz nextcloud-server-c12bb839e197990db86f0062fa6b7ec54aff5121.zip |
Rename files to be PSR-4 compliant
Diffstat (limited to 'settings/Middleware/SubadminMiddleware.php')
-rw-r--r-- | settings/Middleware/SubadminMiddleware.php | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/settings/Middleware/SubadminMiddleware.php b/settings/Middleware/SubadminMiddleware.php new file mode 100644 index 00000000000..8e138bdc1a8 --- /dev/null +++ b/settings/Middleware/SubadminMiddleware.php @@ -0,0 +1,85 @@ +<?php +/** + * @author Lukas Reschke <lukas@owncloud.com> + * @author Morris Jobke <hey@morrisjobke.de> + * + * @copyright Copyright (c) 2016, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OC\Settings\Middleware; + +use OC\AppFramework\Http; +use OC\Appframework\Middleware\Security\Exceptions\NotAdminException; +use OC\AppFramework\Utility\ControllerMethodReflector; +use OCP\AppFramework\Http\TemplateResponse; +use OCP\AppFramework\Middleware; + +/** + * Verifies whether an user has at least subadmin rights. + * To bypass use the `@NoSubadminRequired` annotation + * + * @package OC\Settings\Middleware + */ +class SubadminMiddleware extends Middleware { + /** @var bool */ + protected $isSubAdmin; + /** @var ControllerMethodReflector */ + protected $reflector; + + /** + * @param ControllerMethodReflector $reflector + * @param bool $isSubAdmin + */ + public function __construct(ControllerMethodReflector $reflector, + $isSubAdmin) { + $this->reflector = $reflector; + $this->isSubAdmin = $isSubAdmin; + } + + /** + * Check if sharing is enabled before the controllers is executed + * @param \OCP\AppFramework\Controller $controller + * @param string $methodName + * @throws \Exception + */ + public function beforeController($controller, $methodName) { + if(!$this->reflector->hasAnnotation('NoSubadminRequired')) { + if(!$this->isSubAdmin) { + throw new NotAdminException('Logged in user must be a subadmin'); + } + } + } + + /** + * Return 403 page in case of an exception + * @param \OCP\AppFramework\Controller $controller + * @param string $methodName + * @param \Exception $exception + * @return TemplateResponse + * @throws \Exception + */ + public function afterException($controller, $methodName, \Exception $exception) { + if($exception instanceof NotAdminException) { + $response = new TemplateResponse('core', '403', array(), 'guest'); + $response->setStatus(Http::STATUS_FORBIDDEN); + return $response; + } + + throw $exception; + } + +} |