diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/composer/composer/autoload_classmap.php | 1 | ||||
| -rw-r--r-- | lib/composer/composer/autoload_static.php | 1 | ||||
| -rw-r--r-- | lib/private/App/AppManager.php | 5 | ||||
| -rw-r--r-- | lib/private/Authentication/Token/DefaultTokenProvider.php | 4 | ||||
| -rw-r--r-- | lib/private/Console/Application.php | 4 | ||||
| -rw-r--r-- | lib/private/Files/View.php | 11 | ||||
| -rw-r--r-- | lib/private/Group/Manager.php | 30 | ||||
| -rw-r--r-- | lib/private/Preview/Generator.php | 38 | ||||
| -rw-r--r-- | lib/private/Server.php | 2 | ||||
| -rw-r--r-- | lib/private/Share20/DefaultShareProvider.php | 4 | ||||
| -rw-r--r-- | lib/private/Share20/Manager.php | 13 | ||||
| -rw-r--r-- | lib/private/SystemTag/SystemTagManager.php | 3 | ||||
| -rw-r--r-- | lib/private/Template/JSConfigHelper.php | 1 | ||||
| -rwxr-xr-x | lib/private/Template/ResourceLocator.php | 2 | ||||
| -rw-r--r-- | lib/private/User/Database.php | 9 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 3 | ||||
| -rw-r--r-- | lib/private/legacy/files.php | 4 | ||||
| -rw-r--r-- | lib/public/Files/FileInfo.php | 6 |
18 files changed, 110 insertions, 31 deletions
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index c87bcce194f..d0d0898d0bd 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -407,6 +407,7 @@ return array( 'OC\\Core\\Command\\Integrity\\CheckCore' => $baseDir . '/core/Command/Integrity/CheckCore.php', 'OC\\Core\\Command\\Integrity\\SignApp' => $baseDir . '/core/Command/Integrity/SignApp.php', 'OC\\Core\\Command\\Integrity\\SignCore' => $baseDir . '/core/Command/Integrity/SignCore.php', + 'OC\\Core\\Command\\InterruptedException' => $baseDir . '/core/Command/InterruptedException.php', 'OC\\Core\\Command\\L10n\\CreateJs' => $baseDir . '/core/Command/L10n/CreateJs.php', 'OC\\Core\\Command\\Log\\File' => $baseDir . '/core/Command/Log/File.php', 'OC\\Core\\Command\\Log\\Manage' => $baseDir . '/core/Command/Log/Manage.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index eb7188b69b3..7b937bd132c 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -437,6 +437,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Core\\Command\\Integrity\\CheckCore' => __DIR__ . '/../../..' . '/core/Command/Integrity/CheckCore.php', 'OC\\Core\\Command\\Integrity\\SignApp' => __DIR__ . '/../../..' . '/core/Command/Integrity/SignApp.php', 'OC\\Core\\Command\\Integrity\\SignCore' => __DIR__ . '/../../..' . '/core/Command/Integrity/SignCore.php', + 'OC\\Core\\Command\\InterruptedException' => __DIR__ . '/../../..' . '/core/Command/InterruptedException.php', 'OC\\Core\\Command\\L10n\\CreateJs' => __DIR__ . '/../../..' . '/core/Command/L10n/CreateJs.php', 'OC\\Core\\Command\\Log\\File' => __DIR__ . '/../../..' . '/core/Command/Log/File.php', 'OC\\Core\\Command\\Log\\Manage' => __DIR__ . '/../../..' . '/core/Command/Log/Manage.php', diff --git a/lib/private/App/AppManager.php b/lib/private/App/AppManager.php index 6b819ef7ac1..6c1f5ba6940 100644 --- a/lib/private/App/AppManager.php +++ b/lib/private/App/AppManager.php @@ -32,6 +32,7 @@ namespace OC\App; use OCP\App\AppPathNotFoundException; +use OC_App; use OCP\App\IAppManager; use OCP\App\ManagerEvent; use OCP\IAppConfig; @@ -210,8 +211,12 @@ class AppManager implements IAppManager { * Enable an app for every user * * @param string $appId + * @throws \Exception */ public function enableApp($appId) { + if(OC_App::getAppPath($appId) === false) { + throw new \Exception("$appId can't be enabled since it is not installed."); + } $this->installedAppsCache[$appId] = 'yes'; $this->appConfig->setValue($appId, 'enabled', 'yes'); $this->dispatcher->dispatch(ManagerEvent::EVENT_APP_ENABLE, new ManagerEvent( diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index 0e1196a9da4..6fd85295e03 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -253,10 +253,10 @@ class DefaultTokenProvider implements IProvider { */ public function invalidateOldTokens() { $olderThan = $this->time->getTime() - (int) $this->config->getSystemValue('session_lifetime', 60 * 60 * 24); - $this->logger->debug('Invalidating session tokens older than ' . date('c', $olderThan)); + $this->logger->debug('Invalidating session tokens older than ' . date('c', $olderThan), ['app' => 'cron']); $this->mapper->invalidateOld($olderThan, IToken::DO_NOT_REMEMBER); $rememberThreshold = $this->time->getTime() - (int) $this->config->getSystemValue('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); - $this->logger->debug('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold)); + $this->logger->debug('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold), ['app' => 'cron']); $this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER); } diff --git a/lib/private/Console/Application.php b/lib/private/Console/Application.php index 7d2f03d593e..693381ea2b4 100644 --- a/lib/private/Console/Application.php +++ b/lib/private/Console/Application.php @@ -37,6 +37,7 @@ use Symfony\Component\Console\Application as SymfonyApplication; use Symfony\Component\Console\Input\InputInterface; use Symfony\Component\Console\Input\InputOption; use Symfony\Component\Console\Output\OutputInterface; +use Symfony\Component\Console\Output\ConsoleOutputInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; class Application { @@ -97,7 +98,8 @@ class Application { throw new NeedsUpdateException(); } elseif ($this->config->getSystemValue('maintenance', false)) { if ($input->getArgument('command') !== '_completion') { - $output->writeln("Nextcloud is in maintenance mode - no apps have been loaded"); + $errOutput = $output->getErrorOutput(); + $errOutput->writeln('<comment>Nextcloud is in maintenance mode - no app have been loaded</comment>' . PHP_EOL); } } else { OC_App::loadApps(); diff --git a/lib/private/Files/View.php b/lib/private/Files/View.php index 6ffb5edff3e..506128d7fcd 100644 --- a/lib/private/Files/View.php +++ b/lib/private/Files/View.php @@ -96,8 +96,12 @@ class View { private $updaterEnabled = true; + /** @var \OC\User\Manager */ private $userManager; + /** @var \OCP\ILogger */ + private $logger; + /** * @param string $root * @throws \Exception If $root contains an invalid path @@ -114,6 +118,7 @@ class View { $this->lockingProvider = \OC::$server->getLockingProvider(); $this->lockingEnabled = !($this->lockingProvider instanceof \OC\Lock\NoopLockingProvider); $this->userManager = \OC::$server->getUserManager(); + $this->logger = \OC::$server->getLogger(); } public function getAbsolutePath($path = '/') { @@ -2068,6 +2073,12 @@ class View { $parts = explode('/', trim($path, '/'), 3); // "$user", "files", "path/to/dir" if (!isset($parts[1]) || $parts[1] !== 'files') { + $this->logger->error( + '$absolutePath must be relative to "files", value is "%s"', + [ + $absolutePath + ] + ); throw new \InvalidArgumentException('$absolutePath must be relative to "files"'); } if (isset($parts[2])) { diff --git a/lib/private/Group/Manager.php b/lib/private/Group/Manager.php index 944598a8296..40009dbfd80 100644 --- a/lib/private/Group/Manager.php +++ b/lib/private/Group/Manager.php @@ -37,7 +37,10 @@ namespace OC\Group; use OC\Hooks\PublicEmitter; use OCP\GroupInterface; +use OCP\IGroup; use OCP\IGroupManager; +use OCP\ILogger; +use OCP\IUser; /** * Class Manager @@ -78,11 +81,16 @@ class Manager extends PublicEmitter implements IGroupManager { /** @var \OC\SubAdmin */ private $subAdmin = null; + /** @var ILogger */ + private $logger; + /** * @param \OC\User\Manager $userManager + * @param ILogger $logger */ - public function __construct(\OC\User\Manager $userManager) { + public function __construct(\OC\User\Manager $userManager, ILogger $logger) { $this->userManager = $userManager; + $this->logger = $logger; $cachedGroups = & $this->cachedGroups; $cachedUserGroups = & $this->cachedUserGroups; $this->listen('\OC\Group', 'postDelete', function ($group) use (&$cachedGroups, &$cachedUserGroups) { @@ -186,7 +194,7 @@ class Manager extends PublicEmitter implements IGroupManager { * @return bool */ public function groupExists($gid) { - return !is_null($this->get($gid)); + return $this->get($gid) instanceof IGroup; } /** @@ -194,7 +202,7 @@ class Manager extends PublicEmitter implements IGroupManager { * @return \OC\Group\Group */ public function createGroup($gid) { - if ($gid === '' || is_null($gid)) { + if ($gid === '' || $gid === null) { return false; } else if ($group = $this->get($gid)) { return $group; @@ -223,7 +231,12 @@ class Manager extends PublicEmitter implements IGroupManager { foreach ($this->backends as $backend) { $groupIds = $backend->getGroups($search, $limit, $offset); foreach ($groupIds as $groupId) { - $groups[$groupId] = $this->get($groupId); + $aGroup = $this->get($groupId); + if ($aGroup instanceof IGroup) { + $groups[$groupId] = $aGroup; + } else { + $this->logger->debug('Group "' . $groupId . '" was returned by search but not found through direct access', ['app' => 'core']); + } } if (!is_null($limit) and $limit <= 0) { return array_values($groups); @@ -237,7 +250,7 @@ class Manager extends PublicEmitter implements IGroupManager { * @return \OC\Group\Group[] */ public function getUserGroups($user) { - if (is_null($user)) { + if (!$user instanceof IUser) { return []; } return $this->getUserIdGroups($user->getUID()); @@ -256,7 +269,12 @@ class Manager extends PublicEmitter implements IGroupManager { $groupIds = $backend->getUserGroups($uid); if (is_array($groupIds)) { foreach ($groupIds as $groupId) { - $groups[$groupId] = $this->get($groupId); + $aGroup = $this->get($groupId); + if ($aGroup instanceof IGroup) { + $groups[$groupId] = $aGroup; + } else { + $this->logger->debug('User "' . $uid . '" belongs to deleted group: "' . $groupId . '"', ['app' => 'core']); + } } } } diff --git a/lib/private/Preview/Generator.php b/lib/private/Preview/Generator.php index 32a732d8580..fd75e51b638 100644 --- a/lib/private/Preview/Generator.php +++ b/lib/private/Preview/Generator.php @@ -26,6 +26,7 @@ namespace OC\Preview; use OCP\Files\File; use OCP\Files\IAppData; use OCP\Files\NotFoundException; +use OCP\Files\NotPermittedException; use OCP\Files\SimpleFS\ISimpleFile; use OCP\Files\SimpleFS\ISimpleFolder; use OCP\IConfig; @@ -111,6 +112,11 @@ class Generator { // Calculate the preview size list($width, $height) = $this->calculateSize($width, $height, $crop, $mode, $maxWidth, $maxHeight); + // No need to generate a preview that is just the max preview + if ($width === $maxWidth && $height === $maxHeight) { + return $maxPreview; + } + // Try to get a cached preview. Else generate (and store) one try { $file = $this->getCachedPreview($previewFolder, $width, $height, $crop); @@ -158,9 +164,13 @@ class Generator { continue; } - $path = strval($preview->width()) . '-' . strval($preview->height()) . '-max.png'; - $file = $previewFolder->newFile($path); - $file->putContent($preview->data()); + $path = (string)$preview->width() . '-' . (string)$preview->height() . '-max.png'; + try { + $file = $previewFolder->newFile($path); + $file->putContent($preview->data()); + } catch (NotPermittedException $e) { + throw new NotFoundException(); + } return $file; } @@ -185,7 +195,7 @@ class Generator { * @return string */ private function generatePath($width, $height, $crop) { - $path = strval($width) . '-' . strval($height); + $path = (string)$width . '-' . (string)$height; if ($crop) { $path .= '-crop'; } @@ -246,18 +256,18 @@ class Generator { /* * Scale to the nearest power of two */ - $pow2height = pow(2, ceil(log($height) / log(2))); - $pow2width = pow(2, ceil(log($width) / log(2))); + $pow2height = 2 ** ceil(log($height) / log(2)); + $pow2width = 2 ** ceil(log($width) / log(2)); $ratioH = $height / $pow2height; $ratioW = $width / $pow2width; if ($ratioH < $ratioW) { $width = $pow2width; - $height = $height / $ratioW; + $height /= $ratioW; } else { $height = $pow2height; - $width = $width / $ratioH; + $width /= $ratioH; } } @@ -268,12 +278,12 @@ class Generator { if ($height > $maxHeight) { $ratio = $height / $maxHeight; $height = $maxHeight; - $width = $width / $ratio; + $width /= $ratio; } if ($width > $maxWidth) { $ratio = $width / $maxWidth; $width = $maxWidth; - $height = $height / $ratio; + $height /= $ratio; } return [(int)round($width), (int)round($height)]; @@ -316,8 +326,12 @@ class Generator { } $path = $this->generatePath($width, $height, $crop); - $file = $previewFolder->newFile($path); - $file->putContent($preview->data()); + try { + $file = $previewFolder->newFile($path); + $file->putContent($preview->data()); + } catch (NotPermittedException $e) { + throw new NotFoundException(); + } return $file; } diff --git a/lib/private/Server.php b/lib/private/Server.php index 24cd8b38684..dbec71457ef 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -227,7 +227,7 @@ class Server extends ServerContainer implements IServerContainer { return new \OC\User\Manager($config); }); $this->registerService('GroupManager', function (Server $c) { - $groupManager = new \OC\Group\Manager($this->getUserManager()); + $groupManager = new \OC\Group\Manager($this->getUserManager(), $this->getLogger()); $groupManager->listen('\OC\Group', 'preCreate', function ($gid) { \OC_Hook::emit('OC_Group', 'pre_createGroup', array('run' => true, 'gid' => $gid)); }); diff --git a/lib/private/Share20/DefaultShareProvider.php b/lib/private/Share20/DefaultShareProvider.php index fe6472c31a0..e4ae26be13d 100644 --- a/lib/private/Share20/DefaultShareProvider.php +++ b/lib/private/Share20/DefaultShareProvider.php @@ -329,6 +329,10 @@ class DefaultShareProvider implements IShareProvider { $group = $this->groupManager->get($share->getSharedWith()); $user = $this->userManager->get($recipient); + if (is_null($group)) { + throw new ProviderException('Group "' . $share->getSharedWith() . '" does not exist'); + } + if (!$group->inGroup($user)) { throw new ProviderException('Recipient not in receiving group'); } diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php index 3b565d1ba8c..e0457bba437 100644 --- a/lib/private/Share20/Manager.php +++ b/lib/private/Share20/Manager.php @@ -398,10 +398,12 @@ class Manager implements IManager { // The share is already shared with this user via a group share if ($existingShare->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) { $group = $this->groupManager->get($existingShare->getSharedWith()); - $user = $this->userManager->get($share->getSharedWith()); + if (!is_null($group)) { + $user = $this->userManager->get($share->getSharedWith()); - if ($group->inGroup($user) && $existingShare->getShareOwner() !== $share->getShareOwner()) { - throw new \Exception('Path already shared with this user'); + if ($group->inGroup($user) && $existingShare->getShareOwner() !== $share->getShareOwner()) { + throw new \Exception('Path already shared with this user'); + } } } } @@ -423,7 +425,7 @@ class Manager implements IManager { if ($this->shareWithGroupMembersOnly()) { $sharedBy = $this->userManager->get($share->getSharedBy()); $sharedWith = $this->groupManager->get($share->getSharedWith()); - if (!$sharedWith->inGroup($sharedBy)) { + if (is_null($sharedWith) || !$sharedWith->inGroup($sharedBy)) { throw new \Exception('Only sharing within your own groups is allowed'); } } @@ -891,6 +893,9 @@ class Manager implements IManager { if ($share->getShareType() === \OCP\Share::SHARE_TYPE_GROUP) { $sharedWith = $this->groupManager->get($share->getSharedWith()); + if (is_null($sharedWith)) { + throw new \InvalidArgumentException('Group "' . $share->getSharedWith() . '" does not exist'); + } $recipient = $this->userManager->get($recipientId); if (!$sharedWith->inGroup($recipient)) { throw new \InvalidArgumentException('Invalid recipient'); diff --git a/lib/private/SystemTag/SystemTagManager.php b/lib/private/SystemTag/SystemTagManager.php index 7c21c0e004e..d0854e885eb 100644 --- a/lib/private/SystemTag/SystemTagManager.php +++ b/lib/private/SystemTag/SystemTagManager.php @@ -400,6 +400,9 @@ class SystemTagManager implements ISystemTagManager { 'gid' => $query->createParameter('gid'), ]); foreach ($groupIds as $groupId) { + if ($groupId === '') { + continue; + } $query->setParameter('gid', $groupId); $query->execute(); } diff --git a/lib/private/Template/JSConfigHelper.php b/lib/private/Template/JSConfigHelper.php index 6bf08dcdada..ca45bbee9c6 100644 --- a/lib/private/Template/JSConfigHelper.php +++ b/lib/private/Template/JSConfigHelper.php @@ -209,6 +209,7 @@ class JSConfigHelper { 'modRewriteWorking' => ($this->config->getSystemValue('htaccess.IgnoreFrontController', false) === true || getenv('front_controller_active') === 'true'), 'sharing.maxAutocompleteResults' => intval($this->config->getSystemValue('sharing.maxAutocompleteResults', 0)), 'sharing.minSearchStringLength' => intval($this->config->getSystemValue('sharing.minSearchStringLength', 0)), + 'blacklist_files_regex' => \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX, ]), "oc_appconfig" => json_encode([ 'core' => [ diff --git a/lib/private/Template/ResourceLocator.php b/lib/private/Template/ResourceLocator.php index 9015bf5d97c..e82a77ba65f 100755 --- a/lib/private/Template/ResourceLocator.php +++ b/lib/private/Template/ResourceLocator.php @@ -84,7 +84,7 @@ abstract class ResourceLocator { $this->doFindTheme($resource); } catch (ResourceNotFoundException $e) { $resourceApp = substr($resource, 0, strpos($resource, '/')); - $this->logger->debug('Could not find resource file "' . $e->getResourcePath() . '"', ['app' => $resourceApp]); + $this->logger->debug('Could not find resource file in theme "' . $e->getResourcePath() . '"', ['app' => $resourceApp]); } } } diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php index 060953c3009..ec463ba91dd 100644 --- a/lib/private/User/Database.php +++ b/lib/private/User/Database.php @@ -234,7 +234,7 @@ class Database extends Backend implements IUserBackend { /** * Load an user in the cache * @param string $uid the username - * @return boolean + * @return boolean true if user was found, false otherwise */ private function loadUser($uid) { if (!isset($this->cache[$uid])) { @@ -254,9 +254,14 @@ class Database extends Backend implements IUserBackend { $this->cache[$uid] = false; - while ($row = $result->fetchRow()) { + // "uid" is primary key, so there can only be a single result + if ($row = $result->fetchRow()) { $this->cache[$uid]['uid'] = $row['uid']; $this->cache[$uid]['displayname'] = $row['displayname']; + $result->closeCursor(); + } else { + $result->closeCursor(); + return false; } } diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index c03cbd5891b..4980318b554 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -14,6 +14,7 @@ * @author Robin McCorkell <robin@mccorkell.me.uk> * @author Thomas Müller <thomas.mueller@tmit.eu> * @author Vincent Petry <pvince81@owncloud.com> + * @author Felix Rupp <kontakt@felixrupp.com> * * @license AGPL-3.0 * @@ -70,6 +71,7 @@ use Symfony\Component\EventDispatcher\GenericEvent; * - preRememberedLogin(string $uid) * - postRememberedLogin(\OC\User\User $user) * - logout() + * - postLogout() * * @package OC\User */ @@ -796,6 +798,7 @@ class Session implements IUserSession, Emitter { $this->setToken(null); $this->unsetMagicInCookie(); $this->session->clear(); + $this->manager->emit('\OC\User', 'postLogout'); } /** diff --git a/lib/private/legacy/files.php b/lib/private/legacy/files.php index ed3aa719409..017691805c9 100644 --- a/lib/private/legacy/files.php +++ b/lib/private/legacy/files.php @@ -264,12 +264,12 @@ class OC_Files { if (\OC\Files\Filesystem::isReadable($filename)) { self::sendHeaders($filename, $name, $rangeArray); } elseif (!\OC\Files\Filesystem::file_exists($filename)) { - header("HTTP/1.0 404 Not Found"); + header("HTTP/1.1 404 Not Found"); $tmpl = new OC_Template('', '404', 'guest'); $tmpl->printPage(); exit(); } else { - header("HTTP/1.0 403 Forbidden"); + header("HTTP/1.1 403 Forbidden"); die('403 Forbidden'); } if (isset($params['head']) && $params['head']) { diff --git a/lib/public/Files/FileInfo.php b/lib/public/Files/FileInfo.php index b6718efba34..8eeb8df08ce 100644 --- a/lib/public/Files/FileInfo.php +++ b/lib/public/Files/FileInfo.php @@ -64,6 +64,12 @@ interface FileInfo { const MIMETYPE_FOLDER = 'httpd/unix-directory'; /** + * @const \OCP\Files\FileInfo::BLACKLIST_FILES_REGEX Return regular expression to test filenames against (blacklisting) + * @since 12.0.0 + */ + const BLACKLIST_FILES_REGEX = '\.(part|filepart)$'; + + /** * Get the Etag of the file or folder * * @return string |