diff options
Diffstat (limited to 'apps/settings/lib/Controller/AuthSettingsController.php')
| -rw-r--r-- | apps/settings/lib/Controller/AuthSettingsController.php | 64 |
1 files changed, 22 insertions, 42 deletions
diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php index 83db90fdc32..8652a49fb1d 100644 --- a/apps/settings/lib/Controller/AuthSettingsController.php +++ b/apps/settings/lib/Controller/AuthSettingsController.php @@ -17,6 +17,8 @@ use OCA\Settings\Activity\Provider; use OCP\Activity\IManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\NoAdminRequired; +use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired; use OCP\AppFramework\Http\JSONResponse; use OCP\Authentication\Exceptions\ExpiredTokenException; use OCP\Authentication\Exceptions\InvalidTokenException; @@ -33,27 +35,9 @@ class AuthSettingsController extends Controller { /** @var IProvider */ private $tokenProvider; - /** @var ISession */ - private $session; - - /** @var IUserSession */ - private $userSession; - - /** @var string */ - private $uid; - - /** @var ISecureRandom */ - private $random; - - /** @var IManager */ - private $activityManager; - /** @var RemoteWipe */ private $remoteWipe; - /** @var LoggerInterface */ - private $logger; - /** * @param string $appName * @param IRequest $request @@ -66,35 +50,31 @@ class AuthSettingsController extends Controller { * @param RemoteWipe $remoteWipe * @param LoggerInterface $logger */ - public function __construct(string $appName, + public function __construct( + string $appName, IRequest $request, IProvider $tokenProvider, - ISession $session, - ISecureRandom $random, - ?string $userId, - IUserSession $userSession, - IManager $activityManager, + private ISession $session, + private ISecureRandom $random, + private ?string $userId, + private IUserSession $userSession, + private IManager $activityManager, RemoteWipe $remoteWipe, - LoggerInterface $logger) { + private LoggerInterface $logger, + ) { parent::__construct($appName, $request); $this->tokenProvider = $tokenProvider; - $this->uid = $userId; - $this->userSession = $userSession; - $this->session = $session; - $this->random = $random; - $this->activityManager = $activityManager; $this->remoteWipe = $remoteWipe; - $this->logger = $logger; } /** - * @NoAdminRequired * @NoSubAdminRequired - * @PasswordConfirmationRequired * * @param string $name * @return JSONResponse */ + #[NoAdminRequired] + #[PasswordConfirmationRequired] public function create($name) { if ($this->checkAppToken()) { return $this->getServiceNotAvailableResponse(); @@ -126,7 +106,7 @@ class AuthSettingsController extends Controller { } $token = $this->generateRandomDeviceToken(); - $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN); + $deviceToken = $this->tokenProvider->generateToken($token, $this->userId, $loginName, $password, $name, IToken::PERMANENT_TOKEN); $tokenData = $deviceToken->jsonSerialize(); $tokenData['canDelete'] = true; $tokenData['canRename'] = true; @@ -169,12 +149,12 @@ class AuthSettingsController extends Controller { } /** - * @NoAdminRequired * @NoSubAdminRequired * * @param int $id * @return array|JSONResponse */ + #[NoAdminRequired] public function destroy($id) { if ($this->checkAppToken()) { return new JSONResponse([], Http::STATUS_BAD_REQUEST); @@ -189,13 +169,12 @@ class AuthSettingsController extends Controller { return new JSONResponse([], Http::STATUS_NOT_FOUND); } - $this->tokenProvider->invalidateTokenById($this->uid, $token->getId()); + $this->tokenProvider->invalidateTokenById($this->userId, $token->getId()); $this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), ['name' => $token->getName()]); return []; } /** - * @NoAdminRequired * @NoSubAdminRequired * * @param int $id @@ -203,6 +182,7 @@ class AuthSettingsController extends Controller { * @param string $name * @return array|JSONResponse */ + #[NoAdminRequired] public function update($id, array $scope, string $name) { if ($this->checkAppToken()) { return new JSONResponse([], Http::STATUS_BAD_REQUEST); @@ -243,8 +223,8 @@ class AuthSettingsController extends Controller { $event = $this->activityManager->generateEvent(); $event->setApp('settings') ->setType('security') - ->setAffectedUser($this->uid) - ->setAuthor($this->uid) + ->setAffectedUser($this->userId) + ->setAuthor($this->userId) ->setSubject($subject, $parameters) ->setObject('app_token', $id, 'App Password'); @@ -268,7 +248,7 @@ class AuthSettingsController extends Controller { } catch (ExpiredTokenException $e) { $token = $e->getToken(); } - if ($token->getUID() !== $this->uid) { + if ($token->getUID() !== $this->userId) { /** @psalm-suppress DeprecatedClass We have to throw the OC version so both OC and OCP catches catch it */ throw new OcInvalidTokenException('This token does not belong to you!'); } @@ -276,15 +256,15 @@ class AuthSettingsController extends Controller { } /** - * @NoAdminRequired * @NoSubAdminRequired - * @PasswordConfirmationRequired * * @param int $id * @return JSONResponse * @throws InvalidTokenException * @throws ExpiredTokenException */ + #[NoAdminRequired] + #[PasswordConfirmationRequired] public function wipe(int $id): JSONResponse { if ($this->checkAppToken()) { return new JSONResponse([], Http::STATUS_BAD_REQUEST); |