3 files changed, 28 insertions, 33 deletions

diff --git a/apps/user_ldap/lib/Controller/ConfigAPIController.php b/apps/user_ldap/lib/Controller/ConfigAPIController.php
index a2f821dbbda..978aa005559 100644
--- a/apps/user_ldap/lib/Controller/ConfigAPIController.php
+++ b/apps/user_ldap/lib/Controller/ConfigAPIController.php
@@ -11,7 +11,9 @@ use OC\Security\IdentityProof\Manager;
 use OCA\User_LDAP\Configuration;
 use OCA\User_LDAP\ConnectionFactory;
 use OCA\User_LDAP\Helper;
+use OCA\User_LDAP\Settings\Admin;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCS\OCSBadRequestException;
 use OCP\AppFramework\OCS\OCSException;
@@ -46,12 +48,12 @@ class ConfigAPIController extends OCSController {
 	/**
 	 * Create a new (empty) configuration and return the resulting prefix
 	 *
-	 * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin)
 	 * @return DataResponse<Http::STATUS_OK, array{configID: string}, array{}>
 	 * @throws OCSException
 	 *
 	 * 200: Config created successfully
 	 */
+	#[AuthorizedAdminSetting(settings: Admin::class)]
 	public function create() {
 		try {
 			$configPrefix = $this->ldapHelper->getNextServerConfigurationPrefix();
@@ -68,7 +70,6 @@ class ConfigAPIController extends OCSController {
 	/**
 	 * Delete a LDAP configuration
 	 *
-	 * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin)
 	 * @param string $configID ID of the config
 	 * @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
 	 * @throws OCSException
@@ -76,6 +77,7 @@ class ConfigAPIController extends OCSController {
 	 *
 	 * 200: Config deleted successfully
 	 */
+	#[AuthorizedAdminSetting(settings: Admin::class)]
 	public function delete($configID) {
 		try {
 			$this->ensureConfigIDExists($configID);
@@ -95,7 +97,6 @@ class ConfigAPIController extends OCSController {
 	/**
 	 * Modify a configuration
 	 *
-	 * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin)
 	 * @param string $configID ID of the config
 	 * @param array<string, mixed> $configData New config
 	 * @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
@@ -105,6 +106,7 @@ class ConfigAPIController extends OCSController {
 	 *
 	 * 200: Config returned
 	 */
+	#[AuthorizedAdminSetting(settings: Admin::class)]
 	public function modify($configID, $configData) {
 		try {
 			$this->ensureConfigIDExists($configID);
@@ -200,7 +202,6 @@ class ConfigAPIController extends OCSController {
 	 *   </data>
 	 * </ocs>
 	 *
-	 * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin)
 	 * @param string $configID ID of the config
 	 * @param bool $showPassword Whether to show the password
 	 * @return DataResponse<Http::STATUS_OK, array<string, mixed>, array{}>
@@ -209,6 +210,7 @@ class ConfigAPIController extends OCSController {
 	 *
 	 * 200: Config returned
 	 */
+	#[AuthorizedAdminSetting(settings: Admin::class)]
 	public function show($configID, $showPassword = false) {
 		try {
 			$this->ensureConfigIDExists($configID);
@@ -237,10 +239,10 @@ class ConfigAPIController extends OCSController {
 	/**
 	 * If the given config ID is not available, an exception is thrown
 	 *
-	 * @AuthorizedAdminSetting(settings=OCA\User_LDAP\Settings\Admin)
 	 * @param string $configID
 	 * @throws OCSNotFoundException
 	 */
+	#[AuthorizedAdminSetting(settings: Admin::class)]
 	private function ensureConfigIDExists($configID): void {
 		$prefixes = $this->ldapHelper->getServerConfigurationPrefixes();
 		if (!in_array($configID, $prefixes, true)) {
diff --git a/apps/user_ldap/lib/Controller/RenewPasswordController.php b/apps/user_ldap/lib/Controller/RenewPasswordController.php
index 92b2876dc3f..574e85b4fde 100644
--- a/apps/user_ldap/lib/Controller/RenewPasswordController.php
+++ b/apps/user_ldap/lib/Controller/RenewPasswordController.php
@@ -6,7 +6,10 @@
 namespace OCA\User_LDAP\Controller;
 
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PublicPage;
+use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\RedirectResponse;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\HintException;
@@ -49,24 +52,22 @@ class RenewPasswordController extends Controller {
 	}
 
 	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 *
 	 * @return RedirectResponse
 	 */
+	#[PublicPage]
+	#[NoCSRFRequired]
 	public function cancel() {
 		return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
 	}
 
 	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
 	 * @param string $user
 	 *
 	 * @return TemplateResponse|RedirectResponse
 	 */
+	#[PublicPage]
+	#[NoCSRFRequired]
+	#[UseSession]
 	public function showRenewPasswordForm($user) {
 		if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') {
 			return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
@@ -102,15 +103,14 @@ class RenewPasswordController extends Controller {
 	}
 
 	/**
-	 * @PublicPage
-	 * @UseSession
-	 *
 	 * @param string $user
 	 * @param string $oldPassword
 	 * @param string $newPassword
 	 *
 	 * @return RedirectResponse
 	 */
+	#[PublicPage]
+	#[UseSession]
 	public function tryRenewPassword($user, $oldPassword, $newPassword) {
 		if ($this->config->getUserValue($user, 'user_ldap', 'needsPasswordReset') !== 'true') {
 			return new RedirectResponse($this->urlGenerator->linkToRouteAbsolute('core.login.showLoginForm'));
@@ -146,12 +146,11 @@ class RenewPasswordController extends Controller {
 	}
 
 	/**
-	 * @PublicPage
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
 	 * @return RedirectResponse
 	 */
+	#[PublicPage]
+	#[NoCSRFRequired]
+	#[UseSession]
 	public function showLoginFormInvalidPassword($user) {
 		$args = !is_null($user) ? ['user' => $user] : [];
 		$this->session->set('loginMessages', [
diff --git a/apps/weather_status/lib/Controller/WeatherStatusController.php b/apps/weather_status/lib/Controller/WeatherStatusController.php
index 8f3ceaa36ae..953e09f2f2d 100644
--- a/apps/weather_status/lib/Controller/WeatherStatusController.php
+++ b/apps/weather_status/lib/Controller/WeatherStatusController.php
@@ -11,6 +11,7 @@ namespace OCA\WeatherStatus\Controller;
 use OCA\WeatherStatus\ResponseDefinitions;
 use OCA\WeatherStatus\Service\WeatherStatusService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCSController;
 use OCP\IRequest;
@@ -33,21 +34,18 @@ class WeatherStatusController extends OCSController {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Try to use the address set in user personal settings as weather location
 	 *
 	 * @return DataResponse<Http::STATUS_OK, WeatherStatusLocationWithSuccess, array{}>
 	 *
 	 * 200: Address updated
 	 */
+	#[NoAdminRequired]
 	public function usePersonalAddress(): DataResponse {
 		return new DataResponse($this->service->usePersonalAddress());
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Change the weather status mode. There are currently 2 modes:
 	 * - ask the browser
 	 * - use the user defined address
@@ -57,13 +55,12 @@ class WeatherStatusController extends OCSController {
 	 *
 	 * 200: Weather status mode updated
 	 */
+	#[NoAdminRequired]
 	public function setMode(int $mode): DataResponse {
 		return new DataResponse($this->service->setMode($mode));
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Set address and resolve it to get coordinates
 	 * or directly set coordinates and get address with reverse geocoding
 	 *
@@ -74,28 +71,26 @@ class WeatherStatusController extends OCSController {
 	 *
 	 * 200: Location updated
 	 */
+	#[NoAdminRequired]
 	public function setLocation(?string $address, ?float $lat, ?float $lon): DataResponse {
 		$currentWeather = $this->service->setLocation($address, $lat, $lon);
 		return new DataResponse($currentWeather);
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Get stored user location
 	 *
 	 * @return DataResponse<Http::STATUS_OK, WeatherStatusLocationWithMode, array{}>
 	 *
 	 * 200: Location returned
 	 */
+	#[NoAdminRequired]
 	public function getLocation(): DataResponse {
 		$location = $this->service->getLocation();
 		return new DataResponse($location);
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Get forecast for current location
 	 *
 	 * @return DataResponse<Http::STATUS_OK, WeatherStatusForecast[]|array{error: string}, array{}>|DataResponse<Http::STATUS_NOT_FOUND, WeatherStatusSuccess, array{}>
@@ -103,6 +98,7 @@ class WeatherStatusController extends OCSController {
 	 * 200: Forecast returned
 	 * 404: Forecast not found
 	 */
+	#[NoAdminRequired]
 	public function getForecast(): DataResponse {
 		$forecast = $this->service->getForecast();
 		if (isset($forecast['success']) && $forecast['success'] === false) {
@@ -113,21 +109,18 @@ class WeatherStatusController extends OCSController {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Get favorites list
 	 *
 	 * @return DataResponse<Http::STATUS_OK, string[], array{}>
 	 *
 	 * 200: Favorites returned
 	 */
+	#[NoAdminRequired]
 	public function getFavorites(): DataResponse {
 		return new DataResponse($this->service->getFavorites());
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Set favorites list
 	 *
 	 * @param string[] $favorites Favorite addresses
@@ -135,6 +128,7 @@ class WeatherStatusController extends OCSController {
 	 *
 	 * 200: Favorites updated
 	 */
+	#[NoAdminRequired]
 	public function setFavorites(array $favorites): DataResponse {
 		return new DataResponse($this->service->setFavorites($favorites));
 	}