diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 69 | ||||
| -rw-r--r-- | lib/private/allconfig.php | 11 | ||||
| -rw-r--r-- | lib/private/app/codechecker/infochecker.php | 146 | ||||
| -rw-r--r-- | lib/private/preview.php | 7 | ||||
| -rw-r--r-- | lib/private/server.php | 1 | ||||
| -rw-r--r-- | lib/private/systemconfig.php | 54 | ||||
| -rw-r--r-- | lib/private/template.php | 117 | ||||
| -rw-r--r-- | lib/private/util.php | 53 | ||||
| -rw-r--r-- | lib/public/iconfig.php | 15 | ||||
| -rw-r--r-- | lib/public/iservercontainer.php | 6 |
10 files changed, 387 insertions, 92 deletions
diff --git a/lib/base.php b/lib/base.php index 3624a3fbaf9..32b90cad1fa 100644 --- a/lib/base.php +++ b/lib/base.php @@ -376,63 +376,6 @@ class OC { $tmpl->printPage(); } - public static function initTemplateEngine() { - // Add the stuff we need always - // following logic will import all vendor libraries that are - // specified in core/js/core.json - $fileContent = file_get_contents(OC::$SERVERROOT . '/core/js/core.json'); - if($fileContent !== false) { - $coreDependencies = json_decode($fileContent, true); - foreach($coreDependencies['vendor'] as $vendorLibrary) { - // remove trailing ".js" as addVendorScript will append it - OC_Util::addVendorScript( - substr($vendorLibrary, 0, strlen($vendorLibrary) - 3)); - } - } else { - throw new \Exception('Cannot read core/js/core.json'); - } - - OC_Util::addScript("placeholders"); - OC_Util::addScript("compatibility"); - OC_Util::addScript("jquery.ocdialog"); - OC_Util::addScript("oc-dialogs"); - OC_Util::addScript("js"); - OC_Util::addScript("l10n"); - OC_Util::addTranslations("core"); - OC_Util::addScript("octemplate"); - OC_Util::addScript("eventsource"); - OC_Util::addScript("config"); - OC_Util::addScript('search', 'search'); - OC_Util::addScript("oc-requesttoken"); - OC_Util::addScript("apps"); - OC_Util::addScript('mimetype'); - OC_Util::addScript('mimetypelist'); - OC_Util::addVendorScript('snapjs/dist/latest/snap'); - OC_Util::addVendorScript('core', 'backbone/backbone'); - OC_Util::addScript('oc-backbone'); - - // avatars - if (\OC::$server->getSystemConfig()->getValue('enable_avatars', true) === true) { - \OC_Util::addScript('placeholder'); - \OC_Util::addVendorScript('blueimp-md5/js/md5'); - \OC_Util::addScript('jquery.avatar'); - \OC_Util::addScript('avatar'); - } - - OC_Util::addStyle("styles"); - OC_Util::addStyle("header"); - OC_Util::addStyle("mobile"); - OC_Util::addStyle("icons"); - OC_Util::addStyle("fonts"); - OC_Util::addStyle("apps"); - OC_Util::addStyle("fixes"); - OC_Util::addStyle("multiselect"); - OC_Util::addVendorStyle('jquery-ui/themes/base/jquery-ui'); - OC_Util::addStyle('jquery-ui-fixes'); - OC_Util::addStyle("tooltip"); - OC_Util::addStyle("jquery.ocdialog"); - } - public static function initSession() { // prevents javascript from accessing php session cookies ini_set('session.cookie_httponly', true); @@ -611,7 +554,6 @@ class OC { self::initSession(); } \OC::$server->getEventLogger()->end('init_session'); - self::initTemplateEngine(); self::checkConfig(); self::checkInstalled(); @@ -673,7 +615,7 @@ class OC { self::registerFilesystemHooks(); if ($systemConfig->getValue('enable_previews', true)) { self::registerPreviewHooks(); - } + } self::registerShareHooks(); self::registerLogRotate(); self::registerLocalAddressBook(); @@ -686,12 +628,6 @@ class OC { $lockProvider = \OC::$server->getLockingProvider(); register_shutdown_function(array($lockProvider, 'releaseAll')); - if ($systemConfig->getValue('installed', false) && !self::checkUpgrade(false)) { - if (\OC::$server->getConfig()->getAppValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { - OC_Util::addScript('backgroundjobs'); - } - } - // Check whether the sample configuration has been copied if($systemConfig->getValue('copied_sample_config', false)) { $l = \OC::$server->getL10N('lib'); @@ -803,8 +739,9 @@ class OC { OC_Hook::connect('\OCP\Versions', 'preDelete', 'OC\Preview', 'prepare_delete'); OC_Hook::connect('\OCP\Trashbin', 'preDelete', 'OC\Preview', 'prepare_delete'); OC_Hook::connect('OC_Filesystem', 'post_delete', 'OC\Preview', 'post_delete_files'); - OC_Hook::connect('\OCP\Versions', 'delete', 'OC\Preview', 'post_delete'); + OC_Hook::connect('\OCP\Versions', 'delete', 'OC\Preview', 'post_delete_versions'); OC_Hook::connect('\OCP\Trashbin', 'delete', 'OC\Preview', 'post_delete'); + OC_Hook::connect('\OCP\Versions', 'rollback', 'OC\Preview', 'post_delete_versions'); } /** diff --git a/lib/private/allconfig.php b/lib/private/allconfig.php index 63cc92601bb..7c2037e8048 100644 --- a/lib/private/allconfig.php +++ b/lib/private/allconfig.php @@ -119,6 +119,17 @@ class AllConfig implements \OCP\IConfig { } /** + * Looks up a system wide defined value and filters out sensitive data + * + * @param string $key the key of the value, under which it was saved + * @param mixed $default the default value to be returned if the value isn't set + * @return mixed the value or $default + */ + public function getFilteredSystemValue($key, $default = '') { + return $this->systemConfig->getFilteredValue($key, $default); + } + + /** * Delete a system wide defined value * * @param string $key the key of the value, under which it was saved diff --git a/lib/private/app/codechecker/infochecker.php b/lib/private/app/codechecker/infochecker.php new file mode 100644 index 00000000000..91580bde07d --- /dev/null +++ b/lib/private/app/codechecker/infochecker.php @@ -0,0 +1,146 @@ +<?php +/** + * @author Morris Jobke <hey@morrisjobke.de> + * + * @copyright Copyright (c) 2015, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OC\App\CodeChecker; + +use OC\App\InfoParser; +use OC\Hooks\BasicEmitter; + +class InfoChecker extends BasicEmitter { + + /** @var InfoParser */ + private $infoParser; + + private $mandatoryFields = [ + 'author', + 'description', + 'id', + 'licence', + 'name', + ]; + private $optionalFields = [ + 'bugs', + 'category', + 'default_enable', + 'dependencies', + 'documentation', + 'namespace', + 'ocsid', + 'public', + 'remote', + 'repository', + 'require', + 'requiremin', + 'types', + 'version', + 'website', + ]; + private $deprecatedFields = [ + 'info', + 'shipped', + 'standalone', + ]; + + public function __construct(InfoParser $infoParser) { + $this->infoParser = $infoParser; + } + + /** + * @param string $appId + * @return array + */ + public function analyse($appId) { + $appPath = \OC_App::getAppPath($appId); + if ($appPath === false) { + throw new \RuntimeException("No app with given id <$appId> known."); + } + + $errors = []; + + $info = $this->infoParser->parse($appPath . '/appinfo/info.xml'); + + foreach ($info as $key => $value) { + if(is_array($value)) { + $value = json_encode($value); + } + if (in_array($key, $this->mandatoryFields)) { + $this->emit('InfoChecker', 'mandatoryFieldFound', [$key, $value]); + continue; + } + + if (in_array($key, $this->optionalFields)) { + $this->emit('InfoChecker', 'optionalFieldFound', [$key, $value]); + continue; + } + + if (in_array($key, $this->deprecatedFields)) { + // skip empty arrays - empty arrays for remote and public are always added + if($value === '[]' && in_array($key, ['public', 'remote', 'info'])) { + continue; + } + $this->emit('InfoChecker', 'deprecatedFieldFound', [$key, $value]); + continue; + } + + $this->emit('InfoChecker', 'unusedFieldFound', [$key, $value]); + } + + foreach ($this->mandatoryFields as $key) { + if(!isset($info[$key])) { + $this->emit('InfoChecker', 'mandatoryFieldMissing', [$key]); + $errors[] = [ + 'type' => 'mandatoryFieldMissing', + 'field' => $key, + ]; + } + } + + $versionFile = $appPath . '/appinfo/version'; + if (is_file($versionFile)) { + $version = trim(file_get_contents($versionFile)); + if(isset($info['version'])) { + if($info['version'] !== $version) { + $this->emit('InfoChecker', 'differentVersions', + [$version, $info['version']]); + $errors[] = [ + 'type' => 'differentVersions', + 'message' => 'appinfo/version: ' . $version . + ' - appinfo/info.xml: ' . $info['version'], + ]; + } else { + $this->emit('InfoChecker', 'sameVersions', [$versionFile]); + } + } else { + $this->emit('InfoChecker', 'migrateVersion', [$version]); + } + } else { + if(!isset($info['version'])) { + $this->emit('InfoChecker', 'mandatoryFieldMissing', ['version']); + $errors[] = [ + 'type' => 'mandatoryFieldMissing', + 'field' => 'version', + ]; + } + } + + return $errors; + } +} diff --git a/lib/private/preview.php b/lib/private/preview.php index 978da1161c2..de964b72df2 100644 --- a/lib/private/preview.php +++ b/lib/private/preview.php @@ -1296,6 +1296,13 @@ class Preview { /** * @param array $args + */ + public static function post_delete_versions($args) { + self::post_delete($args, 'files/'); + } + + /** + * @param array $args * @param string $prefix */ public static function post_delete($args, $prefix = '') { diff --git a/lib/private/server.php b/lib/private/server.php index 9f99ead849b..26eb99927fc 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -1098,4 +1098,5 @@ class Server extends SimpleContainer implements IServerContainer { public function getUserStoragesService() { return \OC_Mount_Config::$app->getContainer()->query('OCA\\Files_External\\Service\\UserStoragesService'); } + } diff --git a/lib/private/systemconfig.php b/lib/private/systemconfig.php index 13b0959768a..94b815aebd7 100644 --- a/lib/private/systemconfig.php +++ b/lib/private/systemconfig.php @@ -22,12 +22,28 @@ namespace OC; + +use OCP\IConfig; + /** * Class which provides access to the system config values stored in config.php * Internal class for bootstrap only. * fixes cyclic DI: AllConfig needs AppConfig needs Database needs AllConfig */ class SystemConfig { + + /** @var array */ + protected $sensitiveValues = [ + 'dbpassword' => true, + 'dbuser' => true, + 'mail_smtpname' => true, + 'mail_smtppassword' => true, + 'passwordsalt' => true, + 'secret' => true, + 'ldap_agent_password' => true, + 'objectstore' => ['arguments' => ['password' => true]], + ]; + /** * Lists all available config keys * @return array an array of key names @@ -68,6 +84,23 @@ class SystemConfig { } /** + * Looks up a system wide defined value and filters out sensitive data + * + * @param string $key the key of the value, under which it was saved + * @param mixed $default the default value to be returned if the value isn't set + * @return mixed the value or $default + */ + public function getFilteredValue($key, $default = '') { + $value = $this->getValue($key, $default); + + if (isset($this->sensitiveValues[$key])) { + $value = $this->removeSensitiveValue($this->sensitiveValues[$key], $value); + } + + return $value; + } + + /** * Delete a system wide defined value * * @param string $key the key of the value, under which it was saved @@ -75,4 +108,25 @@ class SystemConfig { public function deleteValue($key) { \OC_Config::deleteKey($key); } + + /** + * @param bool|array $keysToRemove + * @param mixed $value + * @return mixed + */ + protected function removeSensitiveValue($keysToRemove, $value) { + if ($keysToRemove === true) { + return IConfig::SENSITIVE_VALUE; + } + + if (is_array($value)) { + foreach ($keysToRemove as $keyToRemove => $valueToRemove) { + if (isset($value[$keyToRemove])) { + $value[$keyToRemove] = $this->removeSensitiveValue($valueToRemove, $value[$keyToRemove]); + } + } + } + + return $value; + } } diff --git a/lib/private/template.php b/lib/private/template.php index 920be71abbf..0300e43edea 100644 --- a/lib/private/template.php +++ b/lib/private/template.php @@ -37,27 +37,40 @@ require_once __DIR__.'/template/functions.php'; * This class provides the templates for ownCloud. */ class OC_Template extends \OC\Template\Base { - private $renderas; // Create a full page? + + /** @var string */ + private $renderAs; // Create a full page? + + /** @var string */ private $path; // The path to the template + + /** @var array */ private $headers = array(); //custom headers + + /** @var string */ protected $app; // app id /** * Constructor * @param string $app app providing the template * @param string $name of the template file (without suffix) - * @param string $renderas = ""; produce a full page + * @param string $renderAs = ""; produce a full page * @param bool $registerCall = true * @return OC_Template object * * This function creates an OC_Template object. * - * If $renderas is set, OC_Template will try to produce a full page in the - * according layout. For now, renderas can be set to "guest", "user" or + * If $renderAs is set, OC_Template will try to produce a full page in the + * according layout. For now, $renderAs can be set to "guest", "user" or * "admin". */ - public function __construct( $app, $name, $renderas = "", $registerCall = true ) { + + protected static $initTemplateEngineFirstRun = true; + + public function __construct( $app, $name, $renderAs = "", $registerCall = true ) { // Read the selected theme from the config file + self::initTemplateEngine(); + $theme = OC_Util::getTheme(); $requesttoken = (OC::$server->getSession() and $registerCall) ? OC_Util::callRegister() : ''; @@ -69,13 +82,85 @@ class OC_Template extends \OC\Template\Base { list($path, $template) = $this->findTemplate($theme, $app, $name); // Set the private data - $this->renderas = $renderas; + $this->renderAs = $renderAs; $this->path = $path; $this->app = $app; parent::__construct($template, $requesttoken, $l10n, $themeDefaults); } + public static function initTemplateEngine() { + if (self::$initTemplateEngineFirstRun){ + + //apps that started before the template initialization can load their own scripts/styles + //so to make sure this scripts/styles here are loaded first we use OC_Util::addScript() with $prepend=true + //meaning the last script/style in this list will be loaded first + if (\OC::$server->getSystemConfig ()->getValue ( 'installed', false ) && ! \OCP\Util::needUpgrade ()) { + if (\OC::$server->getConfig ()->getAppValue ( 'core', 'backgroundjobs_mode', 'ajax' ) == 'ajax') { + OC_Util::addScript ( 'backgroundjobs', null, true ); + } + } + + OC_Util::addStyle("tooltip",null,true); + OC_Util::addStyle('jquery-ui-fixes',null,true); + OC_Util::addVendorStyle('jquery-ui/themes/base/jquery-ui',null,true); + OC_Util::addStyle("multiselect",null,true); + OC_Util::addStyle("fixes",null,true); + OC_Util::addStyle("apps",null,true); + OC_Util::addStyle("fonts",null,true); + OC_Util::addStyle("icons",null,true); + OC_Util::addStyle("mobile",null,true); + OC_Util::addStyle("header",null,true); + OC_Util::addStyle("styles",null,true); + + // avatars + if (\OC::$server->getSystemConfig()->getValue('enable_avatars', true) === true) { + \OC_Util::addScript('avatar', null, true); + \OC_Util::addScript('jquery.avatar', null, true); + \OC_Util::addScript('placeholder', null, true); + } + + OC_Util::addScript('oc-backbone', null, true); + OC_Util::addVendorScript('core', 'backbone/backbone', true); + OC_Util::addVendorScript('snapjs/dist/latest/snap', null, true); + OC_Util::addScript('mimetypelist', null, true); + OC_Util::addScript('mimetype', null, true); + OC_Util::addScript("apps", null, true); + OC_Util::addScript("oc-requesttoken", null, true); + OC_Util::addScript('search', 'search', true); + OC_Util::addScript("config", null, true); + OC_Util::addScript("eventsource", null, true); + OC_Util::addScript("octemplate", null, true); + OC_Util::addTranslations("core", null, true); + OC_Util::addScript("l10n", null, true); + OC_Util::addScript("js", null, true); + OC_Util::addScript("oc-dialogs", null, true); + OC_Util::addScript("jquery.ocdialog", null, true); + OC_Util::addStyle("jquery.ocdialog"); + OC_Util::addScript("compatibility", null, true); + OC_Util::addScript("placeholders", null, true); + + // Add the stuff we need always + // following logic will import all vendor libraries that are + // specified in core/js/core.json + $fileContent = file_get_contents(OC::$SERVERROOT . '/core/js/core.json'); + if($fileContent !== false) { + $coreDependencies = json_decode($fileContent, true); + foreach(array_reverse($coreDependencies['vendor']) as $vendorLibrary) { + // remove trailing ".js" as addVendorScript will append it + OC_Util::addVendorScript( + substr($vendorLibrary, 0, strlen($vendorLibrary) - 3),null,true); + } + } else { + throw new \Exception('Cannot read core/js/core.json'); + } + + self::$initTemplateEngineFirstRun = false; + } + + } + + /** * find the template with the given name * @param string $name of the template file (without suffix) @@ -118,14 +203,14 @@ class OC_Template extends \OC\Template\Base { * Process the template * @return boolean|string * - * This function process the template. If $this->renderas is set, it + * This function process the template. If $this->renderAs is set, it * will produce a full page. */ public function fetchPage() { $data = parent::fetchPage(); - if( $this->renderas ) { - $page = new OC_TemplateLayout($this->renderas, $this->app); + if( $this->renderAs ) { + $page = new OC_TemplateLayout($this->renderAs, $this->app); // Add custom headers $headers = ''; @@ -141,18 +226,20 @@ class OC_Template extends \OC\Template\Base { } } - $page->assign('headers', $headers, false); + $page->assign('headers', $headers); - $page->assign('content', $data, false ); + $page->assign('content', $data); return $page->fetchPage(); } - else{ - return $data; - } + + return $data; } /** * Include template + * + * @param string $file + * @param array|null $additionalParams * @return string returns content of included template * * Includes another template. use <?php echo $this->inc('template'); ?> to @@ -222,7 +309,7 @@ class OC_Template extends \OC\Template\Base { /** * print error page using Exception details - * @param Exception|Error $exception + * @param Exception $exception */ public static function printExceptionErrorPage($exception) { $request = \OC::$server->getRequest(); diff --git a/lib/private/util.php b/lib/private/util.php index 667d358655f..9abaef71a68 100644 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -439,16 +439,23 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Script to the beginning of the list * @return void */ - public static function addScript($application, $file = null) { + public static function addScript($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'js', $file); + //TODO eliminate double code if (!in_array($path, self::$scripts)) { // core js files need separate handling if ($application !== 'core' && $file !== null) { self::addTranslations($application); } - self::$scripts[] = $path; + if ($prepend===true) { + array_unshift(self::$scripts, $path); + } + else { + self::$scripts[] = $path; + } } } @@ -457,12 +464,18 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Script to the beginning of the list * @return void */ - public static function addVendorScript($application, $file = null) { + public static function addVendorScript($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'vendor', $file); - if (!in_array($path, self::$scripts)) { - self::$scripts[] = $path; + //TODO eliminate double code + if (! in_array ( $path, self::$scripts )) { + if ($prepend === true) { + array_unshift ( self::$scripts, $path ); + } else { + self::$scripts [] = $path; + } } } @@ -471,8 +484,9 @@ class OC_Util { * * @param string $application application id * @param string $languageCode language code, defaults to the current language + * @param bool $prepend prepend the Script to the beginning of the list */ - public static function addTranslations($application, $languageCode = null) { + public static function addTranslations($application, $languageCode = null, $prepend = false) { if (is_null($languageCode)) { $languageCode = \OC_L10N::findLanguage($application); } @@ -481,8 +495,13 @@ class OC_Util { } else { $path = "l10n/$languageCode"; } + //TODO eliminate double code if (!in_array($path, self::$scripts)) { - self::$scripts[] = $path; + if ($prepend === true) { + array_unshift ( self::$scripts, $path ); + } else { + self::$scripts [] = $path; + } } } @@ -491,12 +510,18 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Style to the beginning of the list * @return void */ - public static function addStyle($application, $file = null) { + public static function addStyle($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'css', $file); + //TODO eliminate double code if (!in_array($path, self::$styles)) { - self::$styles[] = $path; + if ($prepend === true) { + array_unshift ( self::$styles, $path ); + } else { + self::$styles[] = $path; + } } } @@ -505,12 +530,18 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Style to the beginning of the list * @return void */ - public static function addVendorStyle($application, $file = null) { + public static function addVendorStyle($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'vendor', $file); + //TODO eliminate double code if (!in_array($path, self::$styles)) { - self::$styles[] = $path; + if ($prepend === true) { + array_unshift ( self::$styles, $path ); + } else { + self::$styles[] = $path; + } } } diff --git a/lib/public/iconfig.php b/lib/public/iconfig.php index ff0b6c6a5b0..933eef97ae1 100644 --- a/lib/public/iconfig.php +++ b/lib/public/iconfig.php @@ -41,6 +41,11 @@ namespace OCP; */ interface IConfig { /** + * @since 8.2.0 + */ + const SENSITIVE_VALUE = '***REMOVED SENSITIVE VALUE***'; + + /** * Sets and deletes system wide values * * @param array $configs Associative array with `key => value` pairs @@ -69,6 +74,16 @@ interface IConfig { public function getSystemValue($key, $default = ''); /** + * Looks up a system wide defined value and filters out sensitive data + * + * @param string $key the key of the value, under which it was saved + * @param mixed $default the default value to be returned if the value isn't set + * @return mixed the value or $default + * @since 8.2.0 + */ + public function getFilteredSystemValue($key, $default = ''); + + /** * Delete a system wide defined value * * @param string $key the key of the value, under which it was saved diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php index 8be23dff214..e37652c1adc 100644 --- a/lib/public/iservercontainer.php +++ b/lib/public/iservercontainer.php @@ -194,6 +194,12 @@ interface IServerContainer { public function getAppConfig(); /** + * @return \OCP\L10N\IFactory + * @since 8.2.0 + */ + public function getL10NFactory(); + + /** * get an L10N instance * @param string $app appid * @param string $lang |