summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/base.php16
-rw-r--r--lib/private/Authentication/Token/DefaultTokenProvider.php1
-rw-r--r--lib/private/Installer.php17
-rw-r--r--lib/private/Security/Bruteforce/Throttler.php27
-rw-r--r--lib/private/Share20/DefaultShareProvider.php3
-rw-r--r--lib/private/Share20/Manager.php39
6 files changed, 65 insertions, 38 deletions
diff --git a/lib/base.php b/lib/base.php
index 30f80695680..f6b4f5555eb 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -730,7 +730,7 @@ class OC {
OC_User::setIncognitoMode(true);
}
- self::registerCacheHooks();
+ self::registerCleanupHooks();
self::registerFilesystemHooks();
self::registerShareHooks();
self::registerEncryptionWrapper();
@@ -802,15 +802,23 @@ class OC {
}
/**
- * register hooks for the cache
+ * register hooks for the cleanup of cache and bruteforce protection
*/
- public static function registerCacheHooks() {
+ public static function registerCleanupHooks() {
//don't try to do this before we are properly setup
if (\OC::$server->getSystemConfig()->getValue('installed', false) && !self::checkUpgrade(false)) {
// NOTE: This will be replaced to use OCP
$userSession = self::$server->getUserSession();
- $userSession->listen('\OC\User', 'postLogin', function () {
+ $userSession->listen('\OC\User', 'postLogin', function () use ($userSession) {
+ if (!defined('PHPUNIT_RUN')) {
+ // reset brute force delay for this IP address and username
+ $uid = \OC::$server->getUserSession()->getUser()->getUID();
+ $request = \OC::$server->getRequest();
+ $throttler = \OC::$server->getBruteForceThrottler();
+ $throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
+ }
+
try {
$cache = new \OC\Cache\File();
$cache->gc();
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php
index 3fca122d287..36a8b1d5464 100644
--- a/lib/private/Authentication/Token/DefaultTokenProvider.php
+++ b/lib/private/Authentication/Token/DefaultTokenProvider.php
@@ -97,6 +97,7 @@ class DefaultTokenProvider implements IProvider {
$dbToken->setType($type);
$dbToken->setRemember($remember);
$dbToken->setLastActivity($this->time->getTime());
+ $dbToken->setLastCheck($this->time->getTime());
$this->mapper->insert($dbToken);
diff --git a/lib/private/Installer.php b/lib/private/Installer.php
index 70d6c10b335..48bd57f4c10 100644
--- a/lib/private/Installer.php
+++ b/lib/private/Installer.php
@@ -592,23 +592,6 @@ class Installer {
}
/**
- * check the code of an app with some static code checks
- * @param string $folder the folder of the app to check
- * @return boolean true for app is o.k. and false for app is not o.k.
- */
- public static function checkCode($folder) {
- // is the code checker enabled?
- if(!\OC::$server->getConfig()->getSystemValue('appcodechecker', false)) {
- return true;
- }
-
- $codeChecker = new CodeChecker(new PrivateCheck(new EmptyCheck()));
- $errors = $codeChecker->analyseFolder(basename($folder), $folder);
-
- return empty($errors);
- }
-
- /**
* @param string $script
*/
private static function includeAppScript($script) {
diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php
index 1626cee8cb3..f08b721d143 100644
--- a/lib/private/Security/Bruteforce/Throttler.php
+++ b/lib/private/Security/Bruteforce/Throttler.php
@@ -243,6 +243,33 @@ class Throttler {
}
/**
+ * Reset the throttling delay for an IP address, action and metadata
+ *
+ * @param string $ip
+ * @param string $action
+ * @param string $metadata
+ */
+ public function resetDelay($ip, $action, $metadata) {
+ $ipAddress = new IpAddress($ip);
+ if ($this->isIPWhitelisted((string)$ipAddress)) {
+ return;
+ }
+
+ $cutoffTime = (new \DateTime())
+ ->sub($this->getCutoff(43200))
+ ->getTimestamp();
+
+ $qb = $this->db->getQueryBuilder();
+ $qb->delete('bruteforce_attempts')
+ ->where($qb->expr()->gt('occurred', $qb->createNamedParameter($cutoffTime)))
+ ->andWhere($qb->expr()->eq('subnet', $qb->createNamedParameter($ipAddress->getSubnet())))
+ ->andWhere($qb->expr()->eq('action', $qb->createNamedParameter($action)))
+ ->andWhere($qb->expr()->eq('metadata', $qb->createNamedParameter(json_encode($metadata))));
+
+ $qb->execute();
+ }
+
+ /**
* Will sleep for the defined amount of time
*
* @param string $ip
diff --git a/lib/private/Share20/DefaultShareProvider.php b/lib/private/Share20/DefaultShareProvider.php
index a440c36406b..844b36b2994 100644
--- a/lib/private/Share20/DefaultShareProvider.php
+++ b/lib/private/Share20/DefaultShareProvider.php
@@ -183,6 +183,9 @@ class DefaultShareProvider implements IShareProvider {
throw new ShareNotFound();
}
+ $mailSendValue = $share->getMailSend();
+ $data['mail_send'] = ($mailSendValue === null) ? true : $mailSendValue;
+
$share = $this->createShare($data);
return $share;
}
diff --git a/lib/private/Share20/Manager.php b/lib/private/Share20/Manager.php
index 83fe4ec0d19..b22bfbc3878 100644
--- a/lib/private/Share20/Manager.php
+++ b/lib/private/Share20/Manager.php
@@ -669,26 +669,31 @@ class Manager implements IManager {
$this->eventDispatcher->dispatch('OCP\Share::postShare', $event);
if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
- $user = $this->userManager->get($share->getSharedWith());
- if ($user !== null) {
- $emailAddress = $user->getEMailAddress();
- if ($emailAddress !== null && $emailAddress !== '') {
- $userLang = $this->config->getUserValue($share->getSharedWith(), 'core', 'lang', null);
- $l = $this->l10nFactory->get('lib', $userLang);
- $this->sendMailNotification(
- $l,
- $share->getNode()->getName(),
- $this->urlGenerator->linkToRouteAbsolute('files.viewcontroller.showFile', [ 'fileid' => $share->getNode()->getId() ]),
- $share->getSharedBy(),
- $emailAddress,
- $share->getExpirationDate()
- );
- $this->logger->debug('Send share notification to ' . $emailAddress . ' for share with ID ' . $share->getId(), ['app' => 'share']);
+ $mailSend = $share->getMailSend();
+ if($mailSend === true) {
+ $user = $this->userManager->get($share->getSharedWith());
+ if ($user !== null) {
+ $emailAddress = $user->getEMailAddress();
+ if ($emailAddress !== null && $emailAddress !== '') {
+ $userLang = $this->config->getUserValue($share->getSharedWith(), 'core', 'lang', null);
+ $l = $this->l10nFactory->get('lib', $userLang);
+ $this->sendMailNotification(
+ $l,
+ $share->getNode()->getName(),
+ $this->urlGenerator->linkToRouteAbsolute('files.viewcontroller.showFile', ['fileid' => $share->getNode()->getId()]),
+ $share->getSharedBy(),
+ $emailAddress,
+ $share->getExpirationDate()
+ );
+ $this->logger->debug('Send share notification to ' . $emailAddress . ' for share with ID ' . $share->getId(), ['app' => 'share']);
+ } else {
+ $this->logger->debug('Share notification not send to ' . $share->getSharedWith() . ' because email address is not set.', ['app' => 'share']);
+ }
} else {
- $this->logger->debug('Share notification not send to ' . $share->getSharedWith() . ' because email address is not set.', ['app' => 'share']);
+ $this->logger->debug('Share notification not send to ' . $share->getSharedWith() . ' because user could not be found.', ['app' => 'share']);
}
} else {
- $this->logger->debug('Share notification not send to ' . $share->getSharedWith() . ' because user could not be found.', ['app' => 'share']);
+ $this->logger->debug('Share notification not send because mailsend is false.', ['app' => 'share']);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-07 18:57:35 +0000