diff options
Diffstat (limited to 'core/Controller')
26 files changed, 125 insertions, 62 deletions
diff --git a/core/Controller/AppPasswordController.php b/core/Controller/AppPasswordController.php index 16ec124e23a..e5edc165bf5 100644 --- a/core/Controller/AppPasswordController.php +++ b/core/Controller/AppPasswordController.php @@ -20,6 +20,7 @@ use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired; use OCP\AppFramework\Http\Attribute\UseSession; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSForbiddenException; +use OCP\AppFramework\OCSController; use OCP\Authentication\Exceptions\CredentialsUnavailableException; use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Authentication\Exceptions\PasswordUnavailableException; @@ -31,7 +32,7 @@ use OCP\IUserManager; use OCP\Security\Bruteforce\IThrottler; use OCP\Security\ISecureRandom; -class AppPasswordController extends \OCP\AppFramework\OCSController { +class AppPasswordController extends OCSController { public function __construct( string $appName, IRequest $request, @@ -76,7 +77,7 @@ class AppPasswordController extends \OCP\AppFramework\OCSController { $password = null; } - $userAgent = $this->request->getHeader('USER_AGENT'); + $userAgent = $this->request->getHeader('user-agent'); $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER . ISecureRandom::CHAR_LOWER . ISecureRandom::CHAR_DIGITS); diff --git a/core/Controller/AvatarController.php b/core/Controller/AvatarController.php index f25a2d52752..b577b2fd460 100644 --- a/core/Controller/AvatarController.php +++ b/core/Controller/AvatarController.php @@ -8,6 +8,7 @@ namespace OC\Core\Controller; use OC\AppFramework\Utility\TimeFactory; +use OC\NotSquareException; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\FrontpageRoute; @@ -21,9 +22,11 @@ use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\Response; use OCP\Files\File; use OCP\Files\IRootFolder; +use OCP\Files\NotPermittedException; use OCP\IAvatarManager; use OCP\ICache; use OCP\IL10N; +use OCP\Image; use OCP\IRequest; use OCP\IUserManager; use Psr\Log\LoggerInterface; @@ -182,7 +185,7 @@ class AvatarController extends Controller { try { $content = $node->getContent(); - } catch (\OCP\Files\NotPermittedException $e) { + } catch (NotPermittedException $e) { return new JSONResponse( ['data' => ['message' => $this->l10n->t('The selected file cannot be read.')]], Http::STATUS_BAD_REQUEST @@ -190,8 +193,8 @@ class AvatarController extends Controller { } } elseif (!is_null($files)) { if ( - $files['error'][0] === 0 && - is_uploaded_file($files['tmp_name'][0]) + $files['error'][0] === 0 + && is_uploaded_file($files['tmp_name'][0]) ) { if ($files['size'][0] > 20 * 1024 * 1024) { return new JSONResponse( @@ -229,7 +232,7 @@ class AvatarController extends Controller { } try { - $image = new \OCP\Image(); + $image = new Image(); $image->loadFromData($content); $image->readExif($content); $image->fixOrientation(); @@ -300,7 +303,7 @@ class AvatarController extends Controller { Http::STATUS_NOT_FOUND); } - $image = new \OCP\Image(); + $image = new Image(); $image->loadFromData($tmpAvatar); $resp = new DataDisplayResponse( @@ -335,7 +338,7 @@ class AvatarController extends Controller { Http::STATUS_BAD_REQUEST); } - $image = new \OCP\Image(); + $image = new Image(); $image->loadFromData($tmpAvatar); $image->crop($crop['x'], $crop['y'], (int)round($crop['w']), (int)round($crop['h'])); try { @@ -344,7 +347,7 @@ class AvatarController extends Controller { // Clean up $this->cache->remove('tmpAvatar'); return new JSONResponse(['status' => 'success']); - } catch (\OC\NotSquareException $e) { + } catch (NotSquareException $e) { return new JSONResponse(['data' => ['message' => $this->l10n->t('Crop is not square')]], Http::STATUS_BAD_REQUEST); } catch (\Exception $e) { diff --git a/core/Controller/CSRFTokenController.php b/core/Controller/CSRFTokenController.php index 4fdd669e144..edf7c26e94c 100644 --- a/core/Controller/CSRFTokenController.php +++ b/core/Controller/CSRFTokenController.php @@ -34,6 +34,8 @@ class CSRFTokenController extends Controller { * * 200: CSRF token returned * 403: Strict cookie check failed + * + * @NoTwoFactorRequired */ #[PublicPage] #[NoCSRFRequired] diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 99074e6ff59..4464af890c4 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later @@ -17,8 +18,11 @@ use OCP\AppFramework\Http\Attribute\FrontpageRoute; use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UseSession; +use OCP\AppFramework\Http\ContentSecurityPolicy; +use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\StandaloneTemplateResponse; use OCP\AppFramework\Utility\ITimeFactory; @@ -62,7 +66,7 @@ class ClientFlowLoginController extends Controller { } private function getClientName(): string { - $userAgent = $this->request->getHeader('USER_AGENT'); + $userAgent = $this->request->getHeader('user-agent'); return $userAgent !== '' ? $userAgent : 'unknown'; } @@ -106,8 +110,8 @@ class ClientFlowLoginController extends Controller { $this->appName, 'error', [ - 'errors' => - [ + 'errors' + => [ [ 'error' => 'Access Forbidden', 'hint' => 'Invalid request', @@ -124,7 +128,7 @@ class ClientFlowLoginController extends Controller { ); $this->session->set(self::STATE_NAME, $stateToken); - $csp = new Http\ContentSecurityPolicy(); + $csp = new ContentSecurityPolicy(); if ($client) { $csp->addAllowedFormActionDomain($client->getRedirectUri()); } else { @@ -177,7 +181,7 @@ class ClientFlowLoginController extends Controller { $clientName = $client->getName(); } - $csp = new Http\ContentSecurityPolicy(); + $csp = new ContentSecurityPolicy(); if ($client) { $csp->addAllowedFormActionDomain($client->getRedirectUri()); } else { @@ -212,6 +216,7 @@ class ClientFlowLoginController extends Controller { #[NoAdminRequired] #[UseSession] + #[PasswordConfirmationRequired(strict: false)] #[FrontpageRoute(verb: 'POST', url: '/login/flow')] public function generateAppPassword( string $stateToken, @@ -313,7 +318,7 @@ class ClientFlowLoginController extends Controller { new AppPasswordCreatedEvent($generatedToken) ); - return new Http\RedirectResponse($redirectUri); + return new RedirectResponse($redirectUri); } #[PublicPage] @@ -342,7 +347,7 @@ class ClientFlowLoginController extends Controller { } $redirectUri = 'nc://login/server:' . $this->getServerPath() . '&user:' . urlencode($user) . '&password:' . urlencode($password); - return new Http\RedirectResponse($redirectUri); + return new RedirectResponse($redirectUri); } private function getServerPath(): string { diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php index b4a7622161f..8c0c1e8179d 100644 --- a/core/Controller/ClientFlowLoginV2Controller.php +++ b/core/Controller/ClientFlowLoginV2Controller.php @@ -19,6 +19,7 @@ use OCP\AppFramework\Http\Attribute\FrontpageRoute; use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UseSession; use OCP\AppFramework\Http\JSONResponse; @@ -34,6 +35,7 @@ use OCP\IURLGenerator; use OCP\IUser; use OCP\IUserSession; use OCP\Security\ISecureRandom; +use OCP\Server; /** * @psalm-import-type CoreLoginFlowV2Credentials from ResponseDefinitions @@ -204,7 +206,7 @@ class ClientFlowLoginV2Controller extends Controller { $this->session->remove(self::STATE_NAME); try { - $token = \OC::$server->get(\OC\Authentication\Token\IProvider::class)->getToken($password); + $token = Server::get(\OC\Authentication\Token\IProvider::class)->getToken($password); if ($token->getLoginName() !== $user) { throw new InvalidTokenException('login name does not match'); } @@ -227,6 +229,7 @@ class ClientFlowLoginV2Controller extends Controller { #[NoAdminRequired] #[UseSession] + #[PasswordConfirmationRequired(strict: false)] #[FrontpageRoute(verb: 'POST', url: '/login/v2/grant')] public function generateAppPassword(?string $stateToken): Response { if ($stateToken === null) { @@ -290,7 +293,7 @@ class ClientFlowLoginV2Controller extends Controller { #[OpenAPI(scope: OpenAPI::SCOPE_DEFAULT)] public function init(): JSONResponse { // Get client user agent - $userAgent = $this->request->getHeader('USER_AGENT'); + $userAgent = $this->request->getHeader('user-agent'); $tokens = $this->loginFlowV2Service->createTokens($userAgent); diff --git a/core/Controller/ContactsMenuController.php b/core/Controller/ContactsMenuController.php index f4ded1ed42b..d90ee8a1c61 100644 --- a/core/Controller/ContactsMenuController.php +++ b/core/Controller/ContactsMenuController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/core/Controller/ErrorController.php b/core/Controller/ErrorController.php index 55925ffc941..d80dc3f76eb 100644 --- a/core/Controller/ErrorController.php +++ b/core/Controller/ErrorController.php @@ -9,6 +9,7 @@ declare(strict_types=1); namespace OC\Core\Controller; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\FrontpageRoute; use OCP\AppFramework\Http\Attribute\NoCSRFRequired; @@ -17,7 +18,7 @@ use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\TemplateResponse; #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] -class ErrorController extends \OCP\AppFramework\Controller { +class ErrorController extends Controller { #[PublicPage] #[NoCSRFRequired] #[FrontpageRoute(verb: 'GET', url: 'error/403')] diff --git a/core/Controller/GuestAvatarController.php b/core/Controller/GuestAvatarController.php index 7eef6828fec..711158e0708 100644 --- a/core/Controller/GuestAvatarController.php +++ b/core/Controller/GuestAvatarController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later @@ -76,7 +77,7 @@ class GuestAvatarController extends Controller { $this->logger->error('error while creating guest avatar', [ 'err' => $e, ]); - $resp = new Http\Response(); + $resp = new Response(); $resp->setStatus(Http::STATUS_INTERNAL_SERVER_ERROR); return $resp; } diff --git a/core/Controller/HoverCardController.php b/core/Controller/HoverCardController.php index 7a816e21d14..236a81760ac 100644 --- a/core/Controller/HoverCardController.php +++ b/core/Controller/HoverCardController.php @@ -13,6 +13,7 @@ use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\ApiRoute; use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCSController; use OCP\IRequest; use OCP\IUserSession; use OCP\Share\IShare; @@ -20,7 +21,7 @@ use OCP\Share\IShare; /** * @psalm-import-type CoreContactsAction from ResponseDefinitions */ -class HoverCardController extends \OCP\AppFramework\OCSController { +class HoverCardController extends OCSController { public function __construct( IRequest $request, private IUserSession $userSession, diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index ed884460b43..5a21d27898f 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -29,6 +29,7 @@ use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UseSession; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\RedirectResponse; +use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Services\IInitialState; use OCP\Defaults; @@ -42,6 +43,7 @@ use OCP\IUserManager; use OCP\Notification\IManager; use OCP\Security\Bruteforce\IThrottler; use OCP\Security\ITrustedDomainHelper; +use OCP\Server; use OCP\Util; class LoginController extends Controller { @@ -91,8 +93,8 @@ class LoginController extends Controller { $this->session->close(); if ( - $this->request->getServerProtocol() === 'https' && - !$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME]) + $this->request->getServerProtocol() === 'https' + && !$this->request->isUserAgent([Request::USER_AGENT_CHROME, Request::USER_AGENT_ANDROID_MOBILE_CHROME]) ) { $response->addHeader('Clear-Site-Data', '"cache", "storage"'); } @@ -111,7 +113,7 @@ class LoginController extends Controller { #[UseSession] #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] #[FrontpageRoute(verb: 'GET', url: '/login')] - public function showLoginForm(?string $user = null, ?string $redirect_url = null): Http\Response { + public function showLoginForm(?string $user = null, ?string $redirect_url = null): Response { if ($this->userSession->isLoggedIn()) { return new RedirectResponse($this->urlGenerator->linkToDefaultPageUrl()); } @@ -224,7 +226,7 @@ class LoginController extends Controller { // check if user_ldap is enabled, and the required classes exist if ($this->appManager->isAppLoaded('user_ldap') && class_exists(Helper::class)) { - $helper = \OCP\Server::get(Helper::class); + $helper = Server::get(Helper::class); $allPrefixes = $helper->getServerConfigurationPrefixes(); // check each LDAP server the user is connected too foreach ($allPrefixes as $prefix) { diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index 001ab737c7e..d956f3427f2 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -14,6 +14,7 @@ use OC\Core\Events\PasswordResetEvent; use OC\Core\Exception\ResetPasswordException; use OC\Security\RateLimiting\Exception\RateLimitExceededException; use OC\Security\RateLimiting\Limiter; +use OC\User\Session; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Attribute\AnonRateLimit; use OCP\AppFramework\Http\Attribute\BruteForceProtection; @@ -36,8 +37,11 @@ use OCP\IURLGenerator; use OCP\IUser; use OCP\IUserManager; use OCP\Mail\IMailer; +use OCP\PreConditionNotMetException; use OCP\Security\VerificationToken\InvalidTokenException; use OCP\Security\VerificationToken\IVerificationToken; +use OCP\Server; +use OCP\Util; use Psr\Log\LoggerInterface; use function array_filter; use function count; @@ -52,8 +56,6 @@ use function reset; */ #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] class LostController extends Controller { - protected string $from; - public function __construct( string $appName, IRequest $request, @@ -62,7 +64,7 @@ class LostController extends Controller { private Defaults $defaults, private IL10N $l10n, private IConfig $config, - string $defaultMailAddress, + protected string $defaultMailAddress, private IManager $encryptionManager, private IMailer $mailer, private LoggerInterface $logger, @@ -73,7 +75,6 @@ class LostController extends Controller { private Limiter $limiter, ) { parent::__construct($appName, $request); - $this->from = $defaultMailAddress; } /** @@ -158,7 +159,7 @@ class LostController extends Controller { return new JSONResponse($this->error($this->l10n->t('Unsupported email length (>255)'))); } - \OCP\Util::emitHook( + Util::emitHook( '\OCA\Files_Sharing\API\Server2Server', 'preLoginNameUsedAsUserName', ['uid' => &$user] @@ -217,7 +218,7 @@ class LostController extends Controller { $this->twoFactorManager->clearTwoFactorPending($userId); $this->config->deleteUserValue($userId, 'core', 'lostpassword'); - @\OC::$server->getUserSession()->unsetMagicInCookie(); + @Server::get(Session::class)->unsetMagicInCookie(); } catch (HintException $e) { $response = new JSONResponse($this->error($e->getHint())); $response->throttle(); @@ -233,7 +234,7 @@ class LostController extends Controller { /** * @throws ResetPasswordException - * @throws \OCP\PreConditionNotMetException + * @throws PreConditionNotMetException */ protected function sendEmail(string $input): void { $user = $this->findUserByIdOrMail($input); @@ -280,7 +281,7 @@ class LostController extends Controller { try { $message = $this->mailer->createMessage(); $message->setTo([$email => $user->getDisplayName()]); - $message->setFrom([$this->from => $this->defaults->getName()]); + $message->setFrom([$this->defaultMailAddress => $this->defaults->getName()]); $message->useTemplate($emailTemplate); $this->mailer->send($message); } catch (Exception $e) { diff --git a/core/Controller/NavigationController.php b/core/Controller/NavigationController.php index 5fc929b4eb4..017061ef979 100644 --- a/core/Controller/NavigationController.php +++ b/core/Controller/NavigationController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/core/Controller/OCJSController.php b/core/Controller/OCJSController.php index 176558b013d..ea372b43b2e 100644 --- a/core/Controller/OCJSController.php +++ b/core/Controller/OCJSController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/core/Controller/OCMController.php b/core/Controller/OCMController.php index 40d53cf7a97..2d3b99f431d 100644 --- a/core/Controller/OCMController.php +++ b/core/Controller/OCMController.php @@ -10,6 +10,7 @@ declare(strict_types=1); namespace OC\Core\Controller; use Exception; +use OCA\CloudFederationAPI\Capabilities; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\FrontpageRoute; @@ -58,7 +59,7 @@ class OCMController extends Controller { $cap = Server::get( $this->appConfig->getValueString( 'core', 'ocm_providers', - \OCA\CloudFederationAPI\Capabilities::class, + Capabilities::class, lazy: true ) ); diff --git a/core/Controller/OCSController.php b/core/Controller/OCSController.php index 65ce55b8606..fb0280479c4 100644 --- a/core/Controller/OCSController.php +++ b/core/Controller/OCSController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2016 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later @@ -17,6 +18,7 @@ use OCP\IRequest; use OCP\IUserManager; use OCP\IUserSession; use OCP\ServerVersion; +use OCP\Util; class OCSController extends \OCP\AppFramework\OCSController { public function __construct( @@ -63,7 +65,7 @@ class OCSController extends \OCP\AppFramework\OCSController { 'micro' => $this->serverVersion->getPatchVersion(), 'string' => $this->serverVersion->getVersionString(), 'edition' => '', - 'extendedSupport' => \OCP\Util::hasExtendedSupport() + 'extendedSupport' => Util::hasExtendedSupport() ]; if ($this->userSession->isLoggedIn()) { diff --git a/core/Controller/PreviewController.php b/core/Controller/PreviewController.php index 0e4c71380ec..aac49c06d57 100644 --- a/core/Controller/PreviewController.php +++ b/core/Controller/PreviewController.php @@ -18,6 +18,7 @@ use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\FileDisplayResponse; use OCP\AppFramework\Http\RedirectResponse; +use OCP\AppFramework\Http\Response; use OCP\Files\File; use OCP\Files\IRootFolder; use OCP\Files\Node; @@ -68,7 +69,7 @@ class PreviewController extends Controller { bool $a = false, bool $forceIcon = true, string $mode = 'fill', - bool $mimeFallback = false): Http\Response { + bool $mimeFallback = false): Response { if ($file === '' || $x === 0 || $y === 0) { return new DataResponse([], Http::STATUS_BAD_REQUEST); } @@ -137,7 +138,7 @@ class PreviewController extends Controller { bool $a, bool $forceIcon, string $mode, - bool $mimeFallback = false) : Http\Response { + bool $mimeFallback = false) : Response { if (!($node instanceof File) || (!$forceIcon && !$this->preview->isAvailable($node))) { return new DataResponse([], Http::STATUS_NOT_FOUND); } @@ -151,15 +152,12 @@ class PreviewController extends Controller { // Is this header is set it means our UI is doing a preview for no-download shares // we check a header so we at least prevent people from using the link directly (obfuscation) - $isNextcloudPreview = $this->request->getHeader('X-NC-Preview') === 'true'; + $isNextcloudPreview = $this->request->getHeader('x-nc-preview') === 'true'; $storage = $node->getStorage(); if ($isNextcloudPreview === false && $storage->instanceOfStorage(ISharedStorage::class)) { /** @var ISharedStorage $storage */ $share = $storage->getShare(); - $attributes = $share->getAttributes(); - // No "allow preview" header set, so we must check if - // the share has not explicitly disabled download permissions - if ($attributes?->getAttribute('permissions', 'download') === false) { + if (!$share->canSeeContent()) { return new DataResponse([], Http::STATUS_FORBIDDEN); } } diff --git a/core/Controller/ReferenceApiController.php b/core/Controller/ReferenceApiController.php index 099fdb97194..d4fb753f404 100644 --- a/core/Controller/ReferenceApiController.php +++ b/core/Controller/ReferenceApiController.php @@ -15,6 +15,7 @@ use OCP\AppFramework\Http\Attribute\ApiRoute; use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCSController; use OCP\Collaboration\Reference\IDiscoverableReferenceProvider; use OCP\Collaboration\Reference\IReferenceManager; use OCP\Collaboration\Reference\Reference; @@ -24,7 +25,7 @@ use OCP\IRequest; * @psalm-import-type CoreReference from ResponseDefinitions * @psalm-import-type CoreReferenceProvider from ResponseDefinitions */ -class ReferenceApiController extends \OCP\AppFramework\OCSController { +class ReferenceApiController extends OCSController { private const LIMIT_MAX = 15; public function __construct( diff --git a/core/Controller/SetupController.php b/core/Controller/SetupController.php index 58ed599da3b..f89506680ad 100644 --- a/core/Controller/SetupController.php +++ b/core/Controller/SetupController.php @@ -7,9 +7,11 @@ */ namespace OC\Core\Controller; +use OC\IntegrityCheck\Checker; use OC\Setup; use OCP\IInitialStateService; use OCP\IURLGenerator; +use OCP\Server; use OCP\Template\ITemplateManager; use OCP\Util; use Psr\Log\LoggerInterface; @@ -104,13 +106,13 @@ class SetupController { if (file_exists($this->autoConfigFile)) { unlink($this->autoConfigFile); } - \OC::$server->getIntegrityCodeChecker()->runInstanceVerification(); + Server::get(Checker::class)->runInstanceVerification(); if ($this->setupHelper->shouldRemoveCanInstallFile()) { $this->templateManager->printGuestPage('', 'installation_incomplete'); } - header('Location: ' . \OC::$server->getURLGenerator()->getAbsoluteURL('index.php/core/apps/recommended')); + header('Location: ' . Server::get(IURLGenerator::class)->getAbsoluteURL('index.php/core/apps/recommended')); exit(); } diff --git a/core/Controller/TaskProcessingApiController.php b/core/Controller/TaskProcessingApiController.php index 2f5a81ea7a8..e60c9ebc789 100644 --- a/core/Controller/TaskProcessingApiController.php +++ b/core/Controller/TaskProcessingApiController.php @@ -17,13 +17,15 @@ use OCP\AppFramework\Http\Attribute\AnonRateLimit; use OCP\AppFramework\Http\Attribute\ApiRoute; use OCP\AppFramework\Http\Attribute\ExAppRequired; use OCP\AppFramework\Http\Attribute\NoAdminRequired; +use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UserRateLimit; -use OCP\AppFramework\Http\DataDownloadResponse; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\Http\StreamResponse; +use OCP\AppFramework\OCSController; use OCP\Files\File; -use OCP\Files\GenericFileException; use OCP\Files\IAppData; +use OCP\Files\IMimeTypeDetector; use OCP\Files\IRootFolder; use OCP\Files\NotPermittedException; use OCP\IL10N; @@ -45,7 +47,7 @@ use stdClass; * @psalm-import-type CoreTaskProcessingTask from ResponseDefinitions * @psalm-import-type CoreTaskProcessingTaskType from ResponseDefinitions */ -class TaskProcessingApiController extends \OCP\AppFramework\OCSController { +class TaskProcessingApiController extends OCSController { public function __construct( string $appName, IRequest $request, @@ -54,6 +56,7 @@ class TaskProcessingApiController extends \OCP\AppFramework\OCSController { private ?string $userId, private IRootFolder $rootFolder, private IAppData $appData, + private IMimeTypeDetector $mimeTypeDetector, ) { parent::__construct($appName, $request); } @@ -300,20 +303,22 @@ class TaskProcessingApiController extends \OCP\AppFramework\OCSController { * * @param int $taskId The id of the task * @param int $fileId The file id of the file to retrieve - * @return DataDownloadResponse<Http::STATUS_OK, string, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}> + * @return StreamResponse<Http::STATUS_OK, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}> * * 200: File content returned * 404: Task or file not found */ #[NoAdminRequired] - #[Http\Attribute\NoCSRFRequired] + #[NoCSRFRequired] #[ApiRoute(verb: 'GET', url: '/tasks/{taskId}/file/{fileId}', root: '/taskprocessing')] - public function getFileContents(int $taskId, int $fileId): Http\DataDownloadResponse|DataResponse { + public function getFileContents(int $taskId, int $fileId): StreamResponse|DataResponse { try { $task = $this->taskProcessingManager->getUserTask($taskId, $this->userId); return $this->getFileContentsInternal($task, $fileId); } catch (NotFoundException) { return new DataResponse(['message' => $this->l->t('Not found')], Http::STATUS_NOT_FOUND); + } catch (LockedException) { + return new DataResponse(['message' => $this->l->t('Node is locked')], Http::STATUS_INTERNAL_SERVER_ERROR); } catch (Exception) { return new DataResponse(['message' => $this->l->t('Internal error')], Http::STATUS_INTERNAL_SERVER_ERROR); } @@ -324,19 +329,21 @@ class TaskProcessingApiController extends \OCP\AppFramework\OCSController { * * @param int $taskId The id of the task * @param int $fileId The file id of the file to retrieve - * @return DataDownloadResponse<Http::STATUS_OK, string, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}> + * @return StreamResponse<Http::STATUS_OK, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}> * * 200: File content returned * 404: Task or file not found */ #[ExAppRequired] #[ApiRoute(verb: 'GET', url: '/tasks_provider/{taskId}/file/{fileId}', root: '/taskprocessing')] - public function getFileContentsExApp(int $taskId, int $fileId): Http\DataDownloadResponse|DataResponse { + public function getFileContentsExApp(int $taskId, int $fileId): StreamResponse|DataResponse { try { $task = $this->taskProcessingManager->getTask($taskId); return $this->getFileContentsInternal($task, $fileId); } catch (NotFoundException) { return new DataResponse(['message' => $this->l->t('Not found')], Http::STATUS_NOT_FOUND); + } catch (LockedException) { + return new DataResponse(['message' => $this->l->t('Node is locked')], Http::STATUS_INTERNAL_SERVER_ERROR); } catch (Exception) { return new DataResponse(['message' => $this->l->t('Internal error')], Http::STATUS_INTERNAL_SERVER_ERROR); } @@ -379,12 +386,11 @@ class TaskProcessingApiController extends \OCP\AppFramework\OCSController { /** * @throws NotPermittedException * @throws NotFoundException - * @throws GenericFileException * @throws LockedException * - * @return DataDownloadResponse<Http::STATUS_OK, string, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}> + * @return StreamResponse<Http::STATUS_OK, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}> */ - private function getFileContentsInternal(Task $task, int $fileId): Http\DataDownloadResponse|DataResponse { + private function getFileContentsInternal(Task $task, int $fileId): StreamResponse|DataResponse { $ids = $this->extractFileIdsFromTask($task); if (!in_array($fileId, $ids)) { return new DataResponse(['message' => $this->l->t('Not found')], Http::STATUS_NOT_FOUND); @@ -401,7 +407,25 @@ class TaskProcessingApiController extends \OCP\AppFramework\OCSController { } elseif (!$node instanceof File) { throw new NotFoundException('Node is not a file'); } - return new Http\DataDownloadResponse($node->getContent(), $node->getName(), $node->getMimeType()); + + $contentType = $node->getMimeType(); + if (function_exists('mime_content_type')) { + $mimeType = mime_content_type($node->fopen('rb')); + if ($mimeType !== false) { + $mimeType = $this->mimeTypeDetector->getSecureMimeType($mimeType); + if ($mimeType !== 'application/octet-stream') { + $contentType = $mimeType; + } + } + } + + $response = new StreamResponse($node->fopen('rb')); + $response->addHeader( + 'Content-Disposition', + 'attachment; filename="' . rawurldecode($node->getName()) . '"' + ); + $response->addHeader('Content-Type', $contentType); + return $response; } /** diff --git a/core/Controller/TeamsApiController.php b/core/Controller/TeamsApiController.php index 36685555d4d..2eb33a0c254 100644 --- a/core/Controller/TeamsApiController.php +++ b/core/Controller/TeamsApiController.php @@ -13,6 +13,7 @@ use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\ApiRoute; use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCSController; use OCP\IRequest; use OCP\Teams\ITeamManager; use OCP\Teams\Team; @@ -22,7 +23,7 @@ use OCP\Teams\Team; * @psalm-import-type CoreTeam from ResponseDefinitions * @property $userId string */ -class TeamsApiController extends \OCP\AppFramework\OCSController { +class TeamsApiController extends OCSController { public function __construct( string $appName, IRequest $request, diff --git a/core/Controller/TextProcessingApiController.php b/core/Controller/TextProcessingApiController.php index cdf39563167..d3e6967f169 100644 --- a/core/Controller/TextProcessingApiController.php +++ b/core/Controller/TextProcessingApiController.php @@ -19,6 +19,7 @@ use OCP\AppFramework\Http\Attribute\NoAdminRequired; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UserRateLimit; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCSController; use OCP\Common\Exception\NotFoundException; use OCP\DB\Exception; use OCP\IL10N; @@ -36,7 +37,7 @@ use Psr\Log\LoggerInterface; /** * @psalm-import-type CoreTextProcessingTask from ResponseDefinitions */ -class TextProcessingApiController extends \OCP\AppFramework\OCSController { +class TextProcessingApiController extends OCSController { public function __construct( string $appName, IRequest $request, diff --git a/core/Controller/TextToImageApiController.php b/core/Controller/TextToImageApiController.php index 3ffc868e80f..d2c3e1ec288 100644 --- a/core/Controller/TextToImageApiController.php +++ b/core/Controller/TextToImageApiController.php @@ -21,6 +21,7 @@ use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UserRateLimit; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\FileDisplayResponse; +use OCP\AppFramework\OCSController; use OCP\DB\Exception; use OCP\Files\NotFoundException; use OCP\IL10N; @@ -34,7 +35,7 @@ use OCP\TextToImage\Task; /** * @psalm-import-type CoreTextToImageTask from ResponseDefinitions */ -class TextToImageApiController extends \OCP\AppFramework\OCSController { +class TextToImageApiController extends OCSController { public function __construct( string $appName, IRequest $request, diff --git a/core/Controller/TranslationApiController.php b/core/Controller/TranslationApiController.php index 294251baa47..73dd0657230 100644 --- a/core/Controller/TranslationApiController.php +++ b/core/Controller/TranslationApiController.php @@ -17,13 +17,14 @@ use OCP\AppFramework\Http\Attribute\ApiRoute; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Http\Attribute\UserRateLimit; use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCSController; use OCP\IL10N; use OCP\IRequest; use OCP\PreConditionNotMetException; use OCP\Translation\CouldNotTranslateException; use OCP\Translation\ITranslationManager; -class TranslationApiController extends \OCP\AppFramework\OCSController { +class TranslationApiController extends OCSController { public function __construct( string $appName, IRequest $request, diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php index ef0f420fc82..4791139bb12 100644 --- a/core/Controller/TwoFactorChallengeController.php +++ b/core/Controller/TwoFactorChallengeController.php @@ -25,6 +25,7 @@ use OCP\IRequest; use OCP\ISession; use OCP\IURLGenerator; use OCP\IUserSession; +use OCP\Util; use Psr\Log\LoggerInterface; #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)] @@ -89,6 +90,7 @@ class TwoFactorChallengeController extends Controller { 'logout_url' => $this->getLogoutUrl(), 'hasSetupProviders' => !empty($setupProviders), ]; + Util::addScript('core', 'twofactor-request-token'); return new StandaloneTemplateResponse($this->appName, 'twofactorselectchallenge', $data, 'guest'); } @@ -141,6 +143,7 @@ class TwoFactorChallengeController extends Controller { if ($provider instanceof IProvidesCustomCSP) { $response->setContentSecurityPolicy($provider->getCSP()); } + Util::addScript('core', 'twofactor-request-token'); return $response; } @@ -204,6 +207,7 @@ class TwoFactorChallengeController extends Controller { 'redirect_url' => $redirect_url, ]; + Util::addScript('core', 'twofactor-request-token'); return new StandaloneTemplateResponse($this->appName, 'twofactorsetupselection', $data, 'guest'); } @@ -235,6 +239,7 @@ class TwoFactorChallengeController extends Controller { 'template' => $tmpl->fetchPage(), ]; $response = new StandaloneTemplateResponse($this->appName, 'twofactorsetupchallenge', $data, 'guest'); + Util::addScript('core', 'twofactor-request-token'); return $response; } diff --git a/core/Controller/WalledGardenController.php b/core/Controller/WalledGardenController.php index b55e90675a1..d0bc0665534 100644 --- a/core/Controller/WalledGardenController.php +++ b/core/Controller/WalledGardenController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2017 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later diff --git a/core/Controller/WhatsNewController.php b/core/Controller/WhatsNewController.php index 86192d8f466..af8c3d4853b 100644 --- a/core/Controller/WhatsNewController.php +++ b/core/Controller/WhatsNewController.php @@ -1,4 +1,5 @@ <?php + /** * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later @@ -19,6 +20,7 @@ use OCP\IRequest; use OCP\IUserManager; use OCP\IUserSession; use OCP\L10N\IFactory; +use OCP\PreConditionNotMetException; use OCP\ServerVersion; class WhatsNewController extends OCSController { @@ -88,7 +90,7 @@ class WhatsNewController extends OCSController { * @param string $version Version to dismiss the changes for * * @return DataResponse<Http::STATUS_OK, list<empty>, array{}> - * @throws \OCP\PreConditionNotMetException + * @throws PreConditionNotMetException * @throws DoesNotExistException * * 200: Changes dismissed |