diff options
Diffstat (limited to 'apps/files_external/lib/Controller/ApiController.php')
| -rw-r--r-- | apps/files_external/lib/Controller/ApiController.php | 76 |
1 files changed, 11 insertions, 65 deletions
diff --git a/apps/files_external/lib/Controller/ApiController.php b/apps/files_external/lib/Controller/ApiController.php index 591f73a28d7..49547357e6b 100644 --- a/apps/files_external/lib/Controller/ApiController.php +++ b/apps/files_external/lib/Controller/ApiController.php @@ -3,29 +3,9 @@ declare(strict_types=1); /** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Christoph Wurst <christoph@winzerhof-wurst.at> - * @author Jesús Macias <jmacias@solidgear.es> - * @author Joas Schilling <coding@schilljs.com> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * @author Vincent Petry <vincent@nextcloud.com> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ namespace OCA\Files_External\Controller; @@ -34,9 +14,10 @@ use OCA\Files_External\ResponseDefinitions; use OCA\Files_External\Service\UserGlobalStoragesService; use OCA\Files_External\Service\UserStoragesService; use OCP\AppFramework\Http; -use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCSController; +use OCP\Constants; use OCP\IRequest; /** @@ -44,18 +25,13 @@ use OCP\IRequest; */ class ApiController extends OCSController { - private UserGlobalStoragesService $userGlobalStoragesService; - private UserStoragesService $userStoragesService; - public function __construct( string $appName, IRequest $request, - UserGlobalStoragesService $userGlobalStorageService, - UserStoragesService $userStorageService + private UserGlobalStoragesService $userGlobalStoragesService, + private UserStoragesService $userStoragesService, ) { parent::__construct($appName, $request); - $this->userGlobalStoragesService = $userGlobalStorageService; - $this->userStoragesService = $userStorageService; } /** @@ -75,10 +51,10 @@ class ApiController extends OCSController { $isSystemMount = $mountConfig->getType() === StorageConfig::MOUNT_TYPE_ADMIN; - $permissions = \OCP\Constants::PERMISSION_READ; + $permissions = Constants::PERMISSION_READ; // personal mounts can be deleted if (!$isSystemMount) { - $permissions |= \OCP\Constants::PERMISSION_DELETE; + $permissions |= Constants::PERMISSION_DELETE; } $entry = [ @@ -96,14 +72,13 @@ class ApiController extends OCSController { } /** - * @NoAdminRequired - * * Get the mount points visible for this user * - * @return DataResponse<Http::STATUS_OK, Files_ExternalMount[], array{}> + * @return DataResponse<Http::STATUS_OK, list<Files_ExternalMount>, array{}> * * 200: User mounts returned */ + #[NoAdminRequired] public function getUserMounts(): DataResponse { $entries = []; $mountPoints = []; @@ -123,33 +98,4 @@ class ApiController extends OCSController { return new DataResponse($entries); } - - /** - * @NoAdminRequired - * @NoCSRFRequired - * - * Ask for credentials using a browser's native basic auth prompt - * Then returns it if provided - */ - #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] - public function askNativeAuth(): DataResponse { - if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) { - $response = new DataResponse([], Http::STATUS_UNAUTHORIZED); - $response->addHeader('WWW-Authenticate', 'Basic realm="Storage authentification needed"'); - return $response; - } - - $user = $_SERVER['PHP_AUTH_USER']; - $password = $_SERVER['PHP_AUTH_PW']; - - // Reset auth - unset($_SERVER['PHP_AUTH_USER']); - unset($_SERVER['PHP_AUTH_PW']); - - // Using 401 again to ensure we clear any cached Authorization - return new DataResponse([ - 'user' => $user, - 'password' => $password, - ], Http::STATUS_UNAUTHORIZED); - } } |