diff options
Diffstat (limited to 'lib/private')
| -rw-r--r-- | lib/private/appframework/dependencyinjection/dicontainer.php | 50 | ||||
| -rw-r--r-- | lib/private/appframework/utility/simplecontainer.php | 41 | ||||
| -rw-r--r-- | lib/private/files/utils/scanner.php | 3 | ||||
| -rw-r--r-- | lib/private/share/share.php | 24 |
4 files changed, 67 insertions, 51 deletions
diff --git a/lib/private/appframework/dependencyinjection/dicontainer.php b/lib/private/appframework/dependencyinjection/dicontainer.php index a11e4ee05b3..c7ce6545972 100644 --- a/lib/private/appframework/dependencyinjection/dicontainer.php +++ b/lib/private/appframework/dependencyinjection/dicontainer.php @@ -39,8 +39,6 @@ use OC\AppFramework\Middleware\Security\SecurityMiddleware; use OC\AppFramework\Middleware\Security\CORSMiddleware; use OC\AppFramework\Middleware\SessionMiddleware; use OC\AppFramework\Utility\SimpleContainer; -use OC\AppFramework\Utility\TimeFactory; -use OC\AppFramework\Utility\ControllerMethodReflector; use OCP\AppFramework\IApi; use OCP\AppFramework\IAppContainer; use OCP\AppFramework\Middleware; @@ -63,15 +61,9 @@ class DIContainer extends SimpleContainer implements IAppContainer { $this['urlParams'] = $urlParams; // aliases - $this->registerService('appName', function($c) { - return $c->query('AppName'); - }); - $this->registerService('webRoot', function($c) { - return $c->query('WebRoot'); - }); - $this->registerService('userId', function($c) { - return $c->query('UserId'); - }); + $this->registerAlias('appName', 'AppName'); + $this->registerAlias('webRoot', 'WebRoot'); + $this->registerAlias('userId', 'UserId'); /** * Core services @@ -156,9 +148,8 @@ class DIContainer extends SimpleContainer implements IAppContainer { return $this->getServer()->getJobList(); }); - $this->registerService('OCP\\AppFramework\\Utility\\IControllerMethodReflector', function($c) { - return $c->query('ControllerMethodReflector'); - }); + $this->registerAlias('OCP\\AppFramework\\Utility\\IControllerMethodReflector', 'OC\AppFramework\Utility\ControllerMethodReflector'); + $this->registerAlias('ControllerMethodReflector', 'OCP\\AppFramework\\Utility\\IControllerMethodReflector'); $this->registerService('OCP\\INavigationManager', function($c) { return $this->getServer()->getNavigationManager(); @@ -168,9 +159,10 @@ class DIContainer extends SimpleContainer implements IAppContainer { return $this->getServer()->getPreviewManager(); }); - $this->registerService('OCP\\IRequest', function($c) { - return $c->query('Request'); + $this->registerService('OCP\\IRequest', function () { + return $this->getServer()->getRequest(); }); + $this->registerAlias('Request', 'OCP\\IRequest'); $this->registerService('OCP\\ITagManager', function($c) { return $this->getServer()->getTagManager(); @@ -180,9 +172,9 @@ class DIContainer extends SimpleContainer implements IAppContainer { return $this->getServer()->getTempManager(); }); - $this->registerService('OCP\\AppFramework\\Utility\\ITimeFactory', function($c) { - return $c->query('TimeFactory'); - }); + $this->registerAlias('OCP\\AppFramework\\Utility\\ITimeFactory', 'OC\AppFramework\Utility\TimeFactory'); + $this->registerAlias('TimeFactory', 'OCP\\AppFramework\\Utility\\ITimeFactory'); + $this->registerService('OCP\\Route\\IRouter', function($c) { return $this->getServer()->getRouter(); @@ -245,14 +237,6 @@ class DIContainer extends SimpleContainer implements IAppContainer { return new API($c['AppName']); }); - $this->registerService('Request', function($c) { - /** @var $c SimpleContainer */ - /** @var $server SimpleContainer */ - $server = $c->query('ServerContainer'); - /** @var $server IServerContainer */ - return $server->getRequest(); - }); - $this->registerService('Protocol', function($c){ if(isset($_SERVER['SERVER_PROTOCOL'])) { return new Http($_SERVER, $_SERVER['SERVER_PROTOCOL']); @@ -318,18 +302,6 @@ class DIContainer extends SimpleContainer implements IAppContainer { return $dispatcher; }); - - /** - * Utilities - */ - $this->registerService('TimeFactory', function($c){ - return new TimeFactory(); - }); - - $this->registerService('ControllerMethodReflector', function($c) { - return new ControllerMethodReflector(); - }); - } diff --git a/lib/private/appframework/utility/simplecontainer.php b/lib/private/appframework/utility/simplecontainer.php index 5a69d3dbbd2..c1fc96d1975 100644 --- a/lib/private/appframework/utility/simplecontainer.php +++ b/lib/private/appframework/utility/simplecontainer.php @@ -26,21 +26,28 @@ namespace OC\AppFramework\Utility; -use \OCP\AppFramework\QueryException; +use ReflectionClass; +use ReflectionException; +use Closure; + +use Pimple\Container; + +use OCP\AppFramework\QueryException; +use OCP\IContainer; /** * Class SimpleContainer * - * SimpleContainer is a simple implementation of IContainer on basis of \Pimple + * SimpleContainer is a simple implementation of IContainer on basis of Pimple */ -class SimpleContainer extends \Pimple\Container implements \OCP\IContainer { +class SimpleContainer extends Container implements IContainer { /** - * @param \ReflectionClass $class the class to instantiate - * @return \stdClass the created class + * @param ReflectionClass $class the class to instantiate + * @return stdClass the created class */ - private function buildClass(\ReflectionClass $class) { + private function buildClass(ReflectionClass $class) { $constructor = $class->getConstructor(); if ($constructor === null) { return $class->newInstance(); @@ -67,20 +74,20 @@ class SimpleContainer extends \Pimple\Container implements \OCP\IContainer { * If a parameter is not registered in the container try to instantiate it * by using reflection to find out how to build the class * @param string $name the class name to resolve - * @return \stdClass + * @return stdClass * @throws QueryException if the class could not be found or instantiated */ private function resolve($name) { $baseMsg = 'Could not resolve ' . $name . '!'; try { - $class = new \ReflectionClass($name); + $class = new ReflectionClass($name); if ($class->isInstantiable()) { return $this->buildClass($class); } else { throw new QueryException($baseMsg . ' Class can not be instantiated'); } - } catch(\ReflectionException $e) { + } catch(ReflectionException $e) { throw new QueryException($baseMsg . ' ' . $e->getMessage()); } } @@ -117,10 +124,10 @@ class SimpleContainer extends \Pimple\Container implements \OCP\IContainer { * Created instance will be cached in case $shared is true. * * @param string $name name of the service to register another backend for - * @param \Closure $closure the closure to be called on service creation + * @param Closure $closure the closure to be called on service creation * @param bool $shared */ - public function registerService($name, \Closure $closure, $shared = true) { + public function registerService($name, Closure $closure, $shared = true) { if (isset($this[$name])) { unset($this[$name]); } @@ -131,5 +138,17 @@ class SimpleContainer extends \Pimple\Container implements \OCP\IContainer { } } + /** + * Shortcut for returning a service from a service under a different key, + * e.g. to tell the container to return a class when queried for an + * interface + * @param string $alias the alias that should be registered + * @param string $target the target that should be resolved instead + */ + public function registerAlias($alias, $target) { + $this->registerService($alias, function (IContainer $container) use ($target) { + return $container->query($target); + }); + } } diff --git a/lib/private/files/utils/scanner.php b/lib/private/files/utils/scanner.php index 3d68eb530a2..c70f4beb31d 100644 --- a/lib/private/files/utils/scanner.php +++ b/lib/private/files/utils/scanner.php @@ -131,6 +131,9 @@ class Scanner extends PublicEmitter { * @throws \OC\ForbiddenException */ public function scan($dir = '') { + if (!Filesystem::isValidPath($dir)) { + throw new \InvalidArgumentException('Invalid path to scan'); + } $mounts = $this->getMounts($dir); foreach ($mounts as $mount) { if (is_null($mount->getStorage())) { diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 41b60ecc638..c0285125234 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -737,6 +737,7 @@ class Share extends Constants { // Generate hash of password - same method as user passwords if (!empty($shareWith)) { + self::verifyPassword($shareWith); $shareWith = \OC::$server->getHasher()->hash($shareWith); } else { // reuse the already set password, but only if we change permissions @@ -1218,7 +1219,7 @@ class Share extends Constants { } /** - * Set expiration date for a share + * Set password for a public link share * * @param IUserSession $userSession * @param IDBConnection $connection @@ -1252,6 +1253,8 @@ class Share extends Constants { throw new \Exception('Cannot remove password'); } + self::verifyPassword($password); + $qb = $connection->getQueryBuilder(); $qb->update('*PREFIX*share') ->set('share_with', $qb->createParameter('pass')) @@ -2604,4 +2607,23 @@ class Share extends Constants { $result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]); return $result->fetchAll(); } + + /** + * @param string $password + * @throws \Exception + */ + private static function verifyPassword($password) { + + $accepted = true; + $message = ''; + \OCP\Util::emitHook('\OC\Share', 'verifyPassword', [ + 'password' => $password, + 'accepted' => &$accepted, + 'message' => &$message + ]); + + if (!$accepted) { + throw new \Exception($message); + } + } } |