diff options
Diffstat (limited to 'apps/federatedfilesharing/lib/Controller/RequestHandlerController.php')
| -rw-r--r-- | apps/federatedfilesharing/lib/Controller/RequestHandlerController.php | 162 |
1 files changed, 56 insertions, 106 deletions
diff --git a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php index c0fc7123a14..7fdd718cbfe 100644 --- a/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php +++ b/apps/federatedfilesharing/lib/Controller/RequestHandlerController.php @@ -12,7 +12,10 @@ use OCA\FederatedFileSharing\FederatedShareProvider; use OCA\FederatedFileSharing\Notifications; use OCP\App\IAppManager; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\Attribute\PublicPage; +use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSBadRequestException; use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCSController; @@ -23,10 +26,12 @@ use OCP\Federation\Exceptions\ProviderDoesNotExistsException; use OCP\Federation\ICloudFederationFactory; use OCP\Federation\ICloudFederationProviderManager; use OCP\Federation\ICloudIdManager; +use OCP\HintException; use OCP\IDBConnection; use OCP\IRequest; use OCP\IUserManager; use OCP\Log\Audit\CriticalActionPerformedEvent; +use OCP\Server; use OCP\Share; use OCP\Share\Exceptions\ShareNotFound; use Psr\Log\LoggerInterface; @@ -34,75 +39,25 @@ use Psr\Log\LoggerInterface; #[OpenAPI(scope: OpenAPI::SCOPE_FEDERATION)] class RequestHandlerController extends OCSController { - /** @var FederatedShareProvider */ - private $federatedShareProvider; - - /** @var IDBConnection */ - private $connection; - - /** @var Share\IManager */ - private $shareManager; - - /** @var Notifications */ - private $notifications; - - /** @var AddressHandler */ - private $addressHandler; - - /** @var IUserManager */ - private $userManager; - - /** @var string */ - private $shareTable = 'share'; - - /** @var ICloudIdManager */ - private $cloudIdManager; - - /** @var LoggerInterface */ - private $logger; - - /** @var ICloudFederationFactory */ - private $cloudFederationFactory; - - /** @var ICloudFederationProviderManager */ - private $cloudFederationProviderManager; - - /** @var IEventDispatcher */ - private $eventDispatcher; - - public function __construct(string $appName, + public function __construct( + string $appName, IRequest $request, - FederatedShareProvider $federatedShareProvider, - IDBConnection $connection, - Share\IManager $shareManager, - Notifications $notifications, - AddressHandler $addressHandler, - IUserManager $userManager, - ICloudIdManager $cloudIdManager, - LoggerInterface $logger, - ICloudFederationFactory $cloudFederationFactory, - ICloudFederationProviderManager $cloudFederationProviderManager, - IEventDispatcher $eventDispatcher + private FederatedShareProvider $federatedShareProvider, + private IDBConnection $connection, + private Share\IManager $shareManager, + private Notifications $notifications, + private AddressHandler $addressHandler, + private IUserManager $userManager, + private ICloudIdManager $cloudIdManager, + private LoggerInterface $logger, + private ICloudFederationFactory $cloudFederationFactory, + private ICloudFederationProviderManager $cloudFederationProviderManager, + private IEventDispatcher $eventDispatcher, ) { parent::__construct($appName, $request); - - $this->federatedShareProvider = $federatedShareProvider; - $this->connection = $connection; - $this->shareManager = $shareManager; - $this->notifications = $notifications; - $this->addressHandler = $addressHandler; - $this->userManager = $userManager; - $this->cloudIdManager = $cloudIdManager; - $this->logger = $logger; - $this->cloudFederationFactory = $cloudFederationFactory; - $this->cloudFederationProviderManager = $cloudFederationProviderManager; - $this->eventDispatcher = $eventDispatcher; } /** - * @NoCSRFRequired - * @PublicPage - * * create a new share * * @param string|null $remote Address of the remote @@ -114,11 +69,13 @@ class RequestHandlerController extends OCSController { * @param int|null $remoteId ID of the remote * @param string|null $sharedByFederatedId Federated ID of the sender * @param string|null $ownerFederatedId Federated ID of the receiver - * @return Http\DataResponse<Http::STATUS_OK, array<empty>, array{}> + * @return Http\DataResponse<Http::STATUS_OK, list<empty>, array{}> * @throws OCSException * * 200: Share created successfully */ + #[NoCSRFRequired] + #[PublicPage] public function createShare( ?string $remote = null, ?string $token = null, @@ -169,13 +126,10 @@ class RequestHandlerController extends OCSController { throw new OCSException('internal server error, was not able to add share from ' . $remote, 500); } - return new Http\DataResponse(); + return new DataResponse(); } /** - * @NoCSRFRequired - * @PublicPage - * * create re-share on behalf of another user * * @param int $id ID of the share @@ -188,10 +142,12 @@ class RequestHandlerController extends OCSController { * * 200: Remote share returned */ + #[NoCSRFRequired] + #[PublicPage] public function reShare(int $id, ?string $token = null, ?string $shareWith = null, ?int $remoteId = 0) { - if ($token === null || - $shareWith === null || - $remoteId === null + if ($token === null + || $shareWith === null + || $remoteId === null ) { throw new OCSBadRequestException(); } @@ -206,7 +162,7 @@ class RequestHandlerController extends OCSController { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file'); [$newToken, $localId] = $provider->notificationReceived('REQUEST_RESHARE', $id, $notification); - return new Http\DataResponse([ + return new DataResponse([ 'token' => $newToken, 'remoteId' => $localId ]); @@ -223,20 +179,19 @@ class RequestHandlerController extends OCSController { /** - * @NoCSRFRequired - * @PublicPage - * * accept server-to-server share * * @param int $id ID of the remote share * @param string|null $token Shared secret between servers - * @return Http\DataResponse<Http::STATUS_OK, array<empty>, array{}> + * @return Http\DataResponse<Http::STATUS_OK, list<empty>, array{}> * @throws OCSException * @throws ShareNotFound - * @throws \OCP\HintException + * @throws HintException * * 200: Share accepted successfully */ + #[NoCSRFRequired] + #[PublicPage] public function acceptShare(int $id, ?string $token = null) { $notification = [ 'sharedSecret' => $token, @@ -255,22 +210,21 @@ class RequestHandlerController extends OCSController { $this->logger->debug('internal server error, can not process notification: ' . $e->getMessage(), ['exception' => $e]); } - return new Http\DataResponse(); + return new DataResponse(); } /** - * @NoCSRFRequired - * @PublicPage - * * decline server-to-server share * * @param int $id ID of the remote share * @param string|null $token Shared secret between servers - * @return Http\DataResponse<Http::STATUS_OK, array<empty>, array{}> + * @return Http\DataResponse<Http::STATUS_OK, list<empty>, array{}> * @throws OCSException * * 200: Share declined successfully */ + #[NoCSRFRequired] + #[PublicPage] public function declineShare(int $id, ?string $token = null) { $notification = [ 'sharedSecret' => $token, @@ -289,22 +243,21 @@ class RequestHandlerController extends OCSController { $this->logger->debug('internal server error, can not process notification: ' . $e->getMessage(), ['exception' => $e]); } - return new Http\DataResponse(); + return new DataResponse(); } /** - * @NoCSRFRequired - * @PublicPage - * * remove server-to-server share if it was unshared by the owner * * @param int $id ID of the share * @param string|null $token Shared secret between servers - * @return Http\DataResponse<Http::STATUS_OK, array<empty>, array{}> + * @return Http\DataResponse<Http::STATUS_OK, list<empty>, array{}> * @throws OCSException * * 200: Share unshared successfully */ + #[NoCSRFRequired] + #[PublicPage] public function unshare(int $id, ?string $token = null) { if (!$this->isS2SEnabled()) { throw new OCSException('Server does not support federated cloud sharing', 503); @@ -319,7 +272,7 @@ class RequestHandlerController extends OCSController { $this->logger->debug('processing unshare notification failed: ' . $e->getMessage(), ['exception' => $e]); } - return new Http\DataResponse(); + return new DataResponse(); } private function cleanupRemote($remote) { @@ -330,24 +283,23 @@ class RequestHandlerController extends OCSController { /** - * @NoCSRFRequired - * @PublicPage - * * federated share was revoked, either by the owner or the re-sharer * * @param int $id ID of the share * @param string|null $token Shared secret between servers - * @return Http\DataResponse<Http::STATUS_OK, array<empty>, array{}> + * @return Http\DataResponse<Http::STATUS_OK, list<empty>, array{}> * @throws OCSBadRequestException Revoking the share is not possible * * 200: Share revoked successfully */ + #[NoCSRFRequired] + #[PublicPage] public function revoke(int $id, ?string $token = null) { try { $provider = $this->cloudFederationProviderManager->getCloudFederationProvider('file'); $notification = ['sharedSecret' => $token]; $provider->notificationReceived('RESHARE_UNDO', $id, $notification); - return new Http\DataResponse(); + return new DataResponse(); } catch (\Exception $e) { throw new OCSBadRequestException(); } @@ -360,7 +312,7 @@ class RequestHandlerController extends OCSController { * @return bool */ private function isS2SEnabled($incoming = false) { - $result = \OCP\Server::get(IAppManager::class)->isEnabledForUser('files_sharing'); + $result = Server::get(IAppManager::class)->isEnabledForUser('files_sharing'); if ($incoming) { $result = $result && $this->federatedShareProvider->isIncomingServer2serverShareEnabled(); @@ -372,19 +324,18 @@ class RequestHandlerController extends OCSController { } /** - * @NoCSRFRequired - * @PublicPage - * * update share information to keep federated re-shares in sync * * @param int $id ID of the share * @param string|null $token Shared secret between servers * @param int|null $permissions New permissions - * @return Http\DataResponse<Http::STATUS_OK, array<empty>, array{}> + * @return Http\DataResponse<Http::STATUS_OK, list<empty>, array{}> * @throws OCSBadRequestException Updating permissions is not possible * * 200: Permissions updated successfully */ + #[NoCSRFRequired] + #[PublicPage] public function updatePermissions(int $id, ?string $token = null, ?int $permissions = null) { $ncPermissions = $permissions; @@ -399,7 +350,7 @@ class RequestHandlerController extends OCSController { throw new OCSBadRequestException(); } - return new Http\DataResponse(); + return new DataResponse(); } /** @@ -419,8 +370,8 @@ class RequestHandlerController extends OCSController { $ocmPermissions[] = 'read'; } - if (($ncPermissions & Constants::PERMISSION_CREATE) || - ($ncPermissions & Constants::PERMISSION_UPDATE)) { + if (($ncPermissions & Constants::PERMISSION_CREATE) + || ($ncPermissions & Constants::PERMISSION_UPDATE)) { $ocmPermissions[] = 'write'; } @@ -428,9 +379,6 @@ class RequestHandlerController extends OCSController { } /** - * @NoCSRFRequired - * @PublicPage - * * change the owner of a server-to-server share * * @param int $id ID of the share @@ -442,12 +390,14 @@ class RequestHandlerController extends OCSController { * * 200: Share moved successfully */ + #[NoCSRFRequired] + #[PublicPage] public function move(int $id, ?string $token = null, ?string $remote = null, ?string $remote_id = null) { if (!$this->isS2SEnabled()) { throw new OCSException('Server does not support federated cloud sharing', 503); } - $newRemoteId = (string) ($remote_id ?? $id); + $newRemoteId = (string)($remote_id ?? $id); $cloudId = $this->cloudIdManager->resolveCloudId($remote); $qb = $this->connection->getQueryBuilder(); @@ -460,7 +410,7 @@ class RequestHandlerController extends OCSController { $affected = $query->executeStatement(); if ($affected > 0) { - return new Http\DataResponse(['remote' => $cloudId->getRemote(), 'owner' => $cloudId->getUser()]); + return new DataResponse(['remote' => $cloudId->getRemote(), 'owner' => $cloudId->getUser()]); } else { throw new OCSBadRequestException('Share not found or token invalid'); } |