diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/composer/composer/autoload_classmap.php | 6 | ||||
| -rw-r--r-- | lib/composer/composer/autoload_static.php | 6 | ||||
| -rw-r--r-- | lib/l10n/ko.js | 9 | ||||
| -rw-r--r-- | lib/l10n/ko.json | 9 | ||||
| -rw-r--r-- | lib/private/Repair.php | 10 | ||||
| -rw-r--r-- | lib/private/Repair/NC13/RepairInvalidPaths.php | 197 | ||||
| -rw-r--r-- | lib/private/Repair/NC14/RepairPendingCronJobs.php | 77 | ||||
| -rw-r--r-- | lib/private/Repair/NC15/SetVcardDatabaseUID.php | 154 | ||||
| -rw-r--r-- | lib/private/Repair/NC16/RemoveCypressFiles.php | 82 | ||||
| -rw-r--r-- | lib/private/Repair/RemoveRootShares.php | 142 | ||||
| -rw-r--r-- | lib/private/Security/CSP/ContentSecurityPolicyManager.php | 12 | ||||
| -rw-r--r-- | lib/private/Server.php | 11 | ||||
| -rw-r--r-- | lib/public/IServerContainer.php | 1 | ||||
| -rw-r--r-- | lib/public/Security/CSP/AddContentSecurityPolicyEvent.php | 52 | ||||
| -rw-r--r-- | lib/public/Security/IContentSecurityPolicyManager.php | 2 |
15 files changed, 178 insertions, 592 deletions
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index 286062163f2..ca73591d003 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -374,6 +374,7 @@ return array( 'OCP\\Search\\PagedProvider' => $baseDir . '/lib/public/Search/PagedProvider.php', 'OCP\\Search\\Provider' => $baseDir . '/lib/public/Search/Provider.php', 'OCP\\Search\\Result' => $baseDir . '/lib/public/Search/Result.php', + 'OCP\\Security\\CSP\\AddContentSecurityPolicyEvent' => $baseDir . '/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php', 'OCP\\Security\\IContentSecurityPolicyManager' => $baseDir . '/lib/public/Security/IContentSecurityPolicyManager.php', 'OCP\\Security\\ICredentialsManager' => $baseDir . '/lib/public/Security/ICredentialsManager.php', 'OCP\\Security\\ICrypto' => $baseDir . '/lib/public/Security/ICrypto.php', @@ -1060,17 +1061,14 @@ return array( 'OC\\Repair\\MoveUpdaterStepFile' => $baseDir . '/lib/private/Repair/MoveUpdaterStepFile.php', 'OC\\Repair\\NC11\\FixMountStorages' => $baseDir . '/lib/private/Repair/NC11/FixMountStorages.php', 'OC\\Repair\\NC13\\AddLogRotateJob' => $baseDir . '/lib/private/Repair/NC13/AddLogRotateJob.php', - 'OC\\Repair\\NC13\\RepairInvalidPaths' => $baseDir . '/lib/private/Repair/NC13/RepairInvalidPaths.php', 'OC\\Repair\\NC14\\AddPreviewBackgroundCleanupJob' => $baseDir . '/lib/private/Repair/NC14/AddPreviewBackgroundCleanupJob.php', - 'OC\\Repair\\NC14\\RepairPendingCronJobs' => $baseDir . '/lib/private/Repair/NC14/RepairPendingCronJobs.php', - 'OC\\Repair\\NC15\\SetVcardDatabaseUID' => $baseDir . '/lib/private/Repair/NC15/SetVcardDatabaseUID.php', 'OC\\Repair\\NC16\\AddClenupLoginFlowV2BackgroundJob' => $baseDir . '/lib/private/Repair/NC16/AddClenupLoginFlowV2BackgroundJob.php', 'OC\\Repair\\NC16\\CleanupCardDAVPhotoCache' => $baseDir . '/lib/private/Repair/NC16/CleanupCardDAVPhotoCache.php', + 'OC\\Repair\\NC16\\RemoveCypressFiles' => $baseDir . '/lib/private/Repair/NC16/RemoveCypressFiles.php', 'OC\\Repair\\OldGroupMembershipShares' => $baseDir . '/lib/private/Repair/OldGroupMembershipShares.php', 'OC\\Repair\\Owncloud\\DropAccountTermsTable' => $baseDir . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php', 'OC\\Repair\\Owncloud\\SaveAccountsTableData' => $baseDir . '/lib/private/Repair/Owncloud/SaveAccountsTableData.php', 'OC\\Repair\\RemoveLinkShares' => $baseDir . '/lib/private/Repair/RemoveLinkShares.php', - 'OC\\Repair\\RemoveRootShares' => $baseDir . '/lib/private/Repair/RemoveRootShares.php', 'OC\\Repair\\RepairInvalidShares' => $baseDir . '/lib/private/Repair/RepairInvalidShares.php', 'OC\\Repair\\RepairMimeTypes' => $baseDir . '/lib/private/Repair/RepairMimeTypes.php', 'OC\\Repair\\SqliteAutoincrement' => $baseDir . '/lib/private/Repair/SqliteAutoincrement.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index b4a8aec749b..c8c8075ce1a 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -408,6 +408,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OCP\\Search\\PagedProvider' => __DIR__ . '/../../..' . '/lib/public/Search/PagedProvider.php', 'OCP\\Search\\Provider' => __DIR__ . '/../../..' . '/lib/public/Search/Provider.php', 'OCP\\Search\\Result' => __DIR__ . '/../../..' . '/lib/public/Search/Result.php', + 'OCP\\Security\\CSP\\AddContentSecurityPolicyEvent' => __DIR__ . '/../../..' . '/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php', 'OCP\\Security\\IContentSecurityPolicyManager' => __DIR__ . '/../../..' . '/lib/public/Security/IContentSecurityPolicyManager.php', 'OCP\\Security\\ICredentialsManager' => __DIR__ . '/../../..' . '/lib/public/Security/ICredentialsManager.php', 'OCP\\Security\\ICrypto' => __DIR__ . '/../../..' . '/lib/public/Security/ICrypto.php', @@ -1094,17 +1095,14 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Repair\\MoveUpdaterStepFile' => __DIR__ . '/../../..' . '/lib/private/Repair/MoveUpdaterStepFile.php', 'OC\\Repair\\NC11\\FixMountStorages' => __DIR__ . '/../../..' . '/lib/private/Repair/NC11/FixMountStorages.php', 'OC\\Repair\\NC13\\AddLogRotateJob' => __DIR__ . '/../../..' . '/lib/private/Repair/NC13/AddLogRotateJob.php', - 'OC\\Repair\\NC13\\RepairInvalidPaths' => __DIR__ . '/../../..' . '/lib/private/Repair/NC13/RepairInvalidPaths.php', 'OC\\Repair\\NC14\\AddPreviewBackgroundCleanupJob' => __DIR__ . '/../../..' . '/lib/private/Repair/NC14/AddPreviewBackgroundCleanupJob.php', - 'OC\\Repair\\NC14\\RepairPendingCronJobs' => __DIR__ . '/../../..' . '/lib/private/Repair/NC14/RepairPendingCronJobs.php', - 'OC\\Repair\\NC15\\SetVcardDatabaseUID' => __DIR__ . '/../../..' . '/lib/private/Repair/NC15/SetVcardDatabaseUID.php', 'OC\\Repair\\NC16\\AddClenupLoginFlowV2BackgroundJob' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/AddClenupLoginFlowV2BackgroundJob.php', 'OC\\Repair\\NC16\\CleanupCardDAVPhotoCache' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/CleanupCardDAVPhotoCache.php', + 'OC\\Repair\\NC16\\RemoveCypressFiles' => __DIR__ . '/../../..' . '/lib/private/Repair/NC16/RemoveCypressFiles.php', 'OC\\Repair\\OldGroupMembershipShares' => __DIR__ . '/../../..' . '/lib/private/Repair/OldGroupMembershipShares.php', 'OC\\Repair\\Owncloud\\DropAccountTermsTable' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php', 'OC\\Repair\\Owncloud\\SaveAccountsTableData' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/SaveAccountsTableData.php', 'OC\\Repair\\RemoveLinkShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RemoveLinkShares.php', - 'OC\\Repair\\RemoveRootShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RemoveRootShares.php', 'OC\\Repair\\RepairInvalidShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RepairInvalidShares.php', 'OC\\Repair\\RepairMimeTypes' => __DIR__ . '/../../..' . '/lib/private/Repair/RepairMimeTypes.php', 'OC\\Repair\\SqliteAutoincrement' => __DIR__ . '/../../..' . '/lib/private/Repair/SqliteAutoincrement.php', diff --git a/lib/l10n/ko.js b/lib/l10n/ko.js index 660c468d49b..df15b2923f9 100644 --- a/lib/l10n/ko.js +++ b/lib/l10n/ko.js @@ -4,7 +4,10 @@ OC.L10N.register( "Cannot write into \"config\" directory!" : "\"config\" 디렉터리에 기록할 수 없습니다!", "This can usually be fixed by giving the webserver write access to the config directory" : "config 디렉터리에 웹 서버 쓰기 권한을 부여해서 해결할 수 있습니다", "See %s" : "%s 보기", + "Or, if you prefer to keep config.php file read only, set the option \"config_is_read_only\" to true in it." : "config.php 파일을 읽기 전용으로 하시려는 경우, 설정의 \"config_is_read_only\"를 true로 하십시오.", "This can usually be fixed by giving the webserver write access to the config directory. See %s" : "config 디렉터리에 웹 서버의 쓰기 권한을 부여해서 해결할 수 있습니다. %s 문서를 참조하십시오", + "Or, if you prefer to keep config.php file read only, set the option \"config_is_read_only\" to true in it. See %s" : "config.php 파일을 읽기 전용으로 하시려는 경우, 설정의 \"config_is_read_only\"를 true로 하십시오. %s를 참조하십시오.", + "The files of the app %1$s were not replaced correctly. Make sure it is a version compatible with the server." : "앱 %1$s의 파일이 올바르게 교체되지 않았습니다. 서버와 호환되는 버전인지 확인하십시오.", "Sample configuration detected" : "예제 설정 감지됨", "It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php" : "예제 설정이 복사된 것 같습니다. 올바르게 작동하지 않을 수도 있기 때문에 지원되지 않습니다. config.php를 변경하기 전 문서를 읽어 보십시오", "%1$s and %2$s" : "%1$s 및 %2$s", @@ -21,9 +24,15 @@ OC.L10N.register( "Following databases are supported: %s" : "다음 데이터베이스를 지원합니다: %s", "The command line tool %s could not be found" : "명령행 도구 %s을(를) 찾을 수 없습니다", "The library %s is not available." : "%s 라이브러리를 사용할 수 없습니다.", + "Library %1$s with a version higher than %2$s is required - available version %3$s." : "%1$s 라이브러리의 버전 %2$s 이상이 필요합니다. 사용 가능한 버전은 %3$s입니다.", + "Library %1$s with a version lower than %2$s is required - available version %3$s." : "%1$s 라이브러리의 버전 %2$s 이상이 필요합니다. 사용 가능한 버전은 %3$s입니다.", "Following platforms are supported: %s" : "다음 플랫폼을 지원합니다: %s", "Server version %s or higher is required." : "서버 버전 %s 이상이 필요합니다.", "Server version %s or lower is required." : "서버 버전 %s 미만이 필요합니다.", + "Logged in user must be an admin or sub admin" : "로그인한 사용자는 관리자 또는 부 관리자여야 합니다.", + "Logged in user must be an admin" : "로그인한 사용자는 관리자여야 합니다.", + "Wiping of device %s has started" : "디바이스 %s의 완전 삭제가 시작되었습니다.", + "Wiping of device »%s« has started" : "디바이스 »%s«의 완전 삭제가 시작되었습니다.", "Unknown filetype" : "알 수 없는 파일 형식", "Invalid image" : "잘못된 사진", "Avatar image is not square" : "아바타 사진이 정사각형이 아님", diff --git a/lib/l10n/ko.json b/lib/l10n/ko.json index eefa73b6162..be427a404f5 100644 --- a/lib/l10n/ko.json +++ b/lib/l10n/ko.json @@ -2,7 +2,10 @@ "Cannot write into \"config\" directory!" : "\"config\" 디렉터리에 기록할 수 없습니다!", "This can usually be fixed by giving the webserver write access to the config directory" : "config 디렉터리에 웹 서버 쓰기 권한을 부여해서 해결할 수 있습니다", "See %s" : "%s 보기", + "Or, if you prefer to keep config.php file read only, set the option \"config_is_read_only\" to true in it." : "config.php 파일을 읽기 전용으로 하시려는 경우, 설정의 \"config_is_read_only\"를 true로 하십시오.", "This can usually be fixed by giving the webserver write access to the config directory. See %s" : "config 디렉터리에 웹 서버의 쓰기 권한을 부여해서 해결할 수 있습니다. %s 문서를 참조하십시오", + "Or, if you prefer to keep config.php file read only, set the option \"config_is_read_only\" to true in it. See %s" : "config.php 파일을 읽기 전용으로 하시려는 경우, 설정의 \"config_is_read_only\"를 true로 하십시오. %s를 참조하십시오.", + "The files of the app %1$s were not replaced correctly. Make sure it is a version compatible with the server." : "앱 %1$s의 파일이 올바르게 교체되지 않았습니다. 서버와 호환되는 버전인지 확인하십시오.", "Sample configuration detected" : "예제 설정 감지됨", "It has been detected that the sample configuration has been copied. This can break your installation and is unsupported. Please read the documentation before performing changes on config.php" : "예제 설정이 복사된 것 같습니다. 올바르게 작동하지 않을 수도 있기 때문에 지원되지 않습니다. config.php를 변경하기 전 문서를 읽어 보십시오", "%1$s and %2$s" : "%1$s 및 %2$s", @@ -19,9 +22,15 @@ "Following databases are supported: %s" : "다음 데이터베이스를 지원합니다: %s", "The command line tool %s could not be found" : "명령행 도구 %s을(를) 찾을 수 없습니다", "The library %s is not available." : "%s 라이브러리를 사용할 수 없습니다.", + "Library %1$s with a version higher than %2$s is required - available version %3$s." : "%1$s 라이브러리의 버전 %2$s 이상이 필요합니다. 사용 가능한 버전은 %3$s입니다.", + "Library %1$s with a version lower than %2$s is required - available version %3$s." : "%1$s 라이브러리의 버전 %2$s 이상이 필요합니다. 사용 가능한 버전은 %3$s입니다.", "Following platforms are supported: %s" : "다음 플랫폼을 지원합니다: %s", "Server version %s or higher is required." : "서버 버전 %s 이상이 필요합니다.", "Server version %s or lower is required." : "서버 버전 %s 미만이 필요합니다.", + "Logged in user must be an admin or sub admin" : "로그인한 사용자는 관리자 또는 부 관리자여야 합니다.", + "Logged in user must be an admin" : "로그인한 사용자는 관리자여야 합니다.", + "Wiping of device %s has started" : "디바이스 %s의 완전 삭제가 시작되었습니다.", + "Wiping of device »%s« has started" : "디바이스 »%s«의 완전 삭제가 시작되었습니다.", "Unknown filetype" : "알 수 없는 파일 형식", "Invalid image" : "잘못된 사진", "Avatar image is not square" : "아바타 사진이 정사각형이 아님", diff --git a/lib/private/Repair.php b/lib/private/Repair.php index d27e6b812b3..4fbc89835cc 100644 --- a/lib/private/Repair.php +++ b/lib/private/Repair.php @@ -39,17 +39,14 @@ use OC\Repair\Collation; use OC\Repair\MoveUpdaterStepFile; use OC\Repair\NC11\FixMountStorages; use OC\Repair\NC13\AddLogRotateJob; -use OC\Repair\NC13\RepairInvalidPaths; use OC\Repair\NC14\AddPreviewBackgroundCleanupJob; -use OC\Repair\NC14\RepairPendingCronJobs; -use OC\Repair\NC15\SetVcardDatabaseUID; use OC\Repair\NC16\AddClenupLoginFlowV2BackgroundJob; use OC\Repair\NC16\CleanupCardDAVPhotoCache; +use OC\Repair\NC16\RemoveCypressFiles; use OC\Repair\OldGroupMembershipShares; use OC\Repair\Owncloud\DropAccountTermsTable; use OC\Repair\Owncloud\SaveAccountsTableData; use OC\Repair\RemoveLinkShares; -use OC\Repair\RemoveRootShares; use OC\Repair\RepairInvalidShares; use OC\Repair\RepairMimeTypes; use OC\Repair\SqliteAutoincrement; @@ -141,20 +138,17 @@ class Repair implements IOutput { new RepairMimeTypes(\OC::$server->getConfig()), new CleanTags(\OC::$server->getDatabaseConnection(), \OC::$server->getUserManager()), new RepairInvalidShares(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection()), - new RemoveRootShares(\OC::$server->getDatabaseConnection(), \OC::$server->getUserManager(), \OC::$server->getLazyRootFolder()), new MoveUpdaterStepFile(\OC::$server->getConfig()), new FixMountStorages(\OC::$server->getDatabaseConnection()), - new RepairInvalidPaths(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig()), new AddLogRotateJob(\OC::$server->getJobList()), new ClearFrontendCaches(\OC::$server->getMemCacheFactory(), \OC::$server->query(SCSSCacher::class), \OC::$server->query(JSCombiner::class)), new ClearGeneratedAvatarCache(\OC::$server->getConfig(), \OC::$server->query(AvatarManager::class)), new AddPreviewBackgroundCleanupJob(\OC::$server->getJobList()), new AddCleanupUpdaterBackupsJob(\OC::$server->getJobList()), - new RepairPendingCronJobs(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig()), - new SetVcardDatabaseUID(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getLogger()), new CleanupCardDAVPhotoCache(\OC::$server->getConfig(), \OC::$server->getAppDataDir('dav-photocache'), \OC::$server->getLogger()), new AddClenupLoginFlowV2BackgroundJob(\OC::$server->getJobList()), new RemoveLinkShares(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getGroupManager(), \OC::$server->getNotificationManager(), \OC::$server->query(ITimeFactory::class)), + \OC::$server->query(RemoveCypressFiles::class), ]; } diff --git a/lib/private/Repair/NC13/RepairInvalidPaths.php b/lib/private/Repair/NC13/RepairInvalidPaths.php deleted file mode 100644 index 941224012a1..00000000000 --- a/lib/private/Repair/NC13/RepairInvalidPaths.php +++ /dev/null @@ -1,197 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2017 Robin Appelman <robin@icewind.nl> - * - * @author Joas Schilling <coding@schilljs.com> - * @author Lukas Reschke <lukas@statuscode.ch> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <robin@icewind.nl> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - */ - -namespace OC\Repair\NC13; - - -use OCP\DB\QueryBuilder\IQueryBuilder; -use OCP\IConfig; -use OCP\IDBConnection; -use OCP\Migration\IOutput; -use OCP\Migration\IRepairStep; - -class RepairInvalidPaths implements IRepairStep { - const MAX_ROWS = 1000; - - /** @var IDBConnection */ - private $connection; - /** @var IConfig */ - private $config; - - private $getIdQuery; - private $updateQuery; - private $reparentQuery; - private $deleteQuery; - - public function __construct(IDBConnection $connection, IConfig $config) { - $this->connection = $connection; - $this->config = $config; - } - - - public function getName() { - return 'Repair invalid paths in file cache'; - } - - /** - * @return \Generator - * @suppress SqlInjectionChecker - */ - private function getInvalidEntries() { - $builder = $this->connection->getQueryBuilder(); - - $computedPath = $builder->func()->concat( - 'p.path', - $builder->func()->concat($builder->createNamedParameter('/'), 'f.name') - ); - - //select f.path, f.parent,p.path from oc_filecache f inner join oc_filecache p on f.parent=p.fileid and p.path!='' where f.path != p.path || '/' || f.name; - $builder->select('f.fileid', 'f.path', 'f.name', 'f.parent', 'f.storage') - ->selectAlias('p.path', 'parent_path') - ->selectAlias('p.storage', 'parent_storage') - ->from('filecache', 'f') - ->innerJoin('f', 'filecache', 'p', $builder->expr()->andX( - $builder->expr()->eq('f.parent', 'p.fileid'), - $builder->expr()->nonEmptyString('p.name') - )) - ->where($builder->expr()->neq('f.path', $computedPath)) - ->setMaxResults(self::MAX_ROWS); - - do { - $result = $builder->execute(); - $rows = $result->fetchAll(); - foreach ($rows as $row) { - yield $row; - } - $result->closeCursor(); - } while (count($rows) > 0); - } - - private function getId($storage, $path) { - if (!$this->getIdQuery) { - $builder = $this->connection->getQueryBuilder(); - - $this->getIdQuery = $builder->select('fileid') - ->from('filecache') - ->where($builder->expr()->eq('storage', $builder->createParameter('storage'))) - ->andWhere($builder->expr()->eq('path_hash', $builder->createParameter('path_hash'))); - } - - $this->getIdQuery->setParameter('storage', $storage, IQueryBuilder::PARAM_INT); - $this->getIdQuery->setParameter('path_hash', md5($path)); - - return $this->getIdQuery->execute()->fetchColumn(); - } - - /** - * @param string $fileid - * @param string $newPath - * @param string $newStorage - * @suppress SqlInjectionChecker - */ - private function update($fileid, $newPath, $newStorage) { - if (!$this->updateQuery) { - $builder = $this->connection->getQueryBuilder(); - - $this->updateQuery = $builder->update('filecache') - ->set('path', $builder->createParameter('newpath')) - ->set('path_hash', $builder->func()->md5($builder->createParameter('newpath'))) - ->set('storage', $builder->createParameter('newstorage')) - ->where($builder->expr()->eq('fileid', $builder->createParameter('fileid'))); - } - - $this->updateQuery->setParameter('newpath', $newPath); - $this->updateQuery->setParameter('newstorage', $newStorage); - $this->updateQuery->setParameter('fileid', $fileid, IQueryBuilder::PARAM_INT); - - $this->updateQuery->execute(); - } - - private function reparent($from, $to) { - if (!$this->reparentQuery) { - $builder = $this->connection->getQueryBuilder(); - - $this->reparentQuery = $builder->update('filecache') - ->set('parent', $builder->createParameter('to')) - ->where($builder->expr()->eq('fileid', $builder->createParameter('from'))); - } - - $this->reparentQuery->setParameter('from', $from); - $this->reparentQuery->setParameter('to', $to); - - $this->reparentQuery->execute(); - } - - private function delete($fileid) { - if (!$this->deleteQuery) { - $builder = $this->connection->getQueryBuilder(); - - $this->deleteQuery = $builder->delete('filecache') - ->where($builder->expr()->eq('fileid', $builder->createParameter('fileid'))); - } - - $this->deleteQuery->setParameter('fileid', $fileid, IQueryBuilder::PARAM_INT); - - $this->deleteQuery->execute(); - } - - private function repair() { - $this->connection->beginTransaction(); - $entries = $this->getInvalidEntries(); - $count = 0; - foreach ($entries as $entry) { - $count++; - $calculatedPath = $entry['parent_path'] . '/' . $entry['name']; - if ($newId = $this->getId($entry['parent_storage'], $calculatedPath)) { - // a new entry with the correct path has already been created, reuse that one and delete the incorrect entry - $this->reparent($entry['fileid'], $newId); - $this->delete($entry['fileid']); - } else { - $this->update($entry['fileid'], $calculatedPath, $entry['parent_storage']); - } - } - $this->connection->commit(); - return $count; - } - - private function shouldRun() { - $versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0'); - - // was added to 11.0.5.2, 12.0.0.30 and 13.0.0.1 - $shouldRun = version_compare($versionFromBeforeUpdate, '11.0.5.2', '<'); - $shouldRun |= version_compare($versionFromBeforeUpdate, '12.0.0.0', '>=') && version_compare($versionFromBeforeUpdate, '12.0.0.30', '<'); - $shouldRun |= version_compare($versionFromBeforeUpdate, '13.0.0.0', '=='); - return $shouldRun; - } - - public function run(IOutput $output) { - if ($this->shouldRun()) { - $count = $this->repair(); - - $output->info('Repaired ' . $count . ' paths'); - } - } -} diff --git a/lib/private/Repair/NC14/RepairPendingCronJobs.php b/lib/private/Repair/NC14/RepairPendingCronJobs.php deleted file mode 100644 index a8ca2c75e89..00000000000 --- a/lib/private/Repair/NC14/RepairPendingCronJobs.php +++ /dev/null @@ -1,77 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2018 Morris Jobke <hey@morrisjobke.de> - * - * @author Morris Jobke <hey@morrisjobke.de> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - */ - -namespace OC\Repair\NC14; - -use OCP\DB\QueryBuilder\IQueryBuilder; -use OCP\IConfig; -use OCP\IDBConnection; -use OCP\Migration\IOutput; -use OCP\Migration\IRepairStep; - -class RepairPendingCronJobs implements IRepairStep { - const MAX_ROWS = 1000; - - /** @var IDBConnection */ - private $connection; - /** @var IConfig */ - private $config; - - public function __construct(IDBConnection $connection, IConfig $config) { - $this->connection = $connection; - $this->config = $config; - } - - - public function getName() { - return 'Repair pending cron jobs'; - } - - private function shouldRun() { - $versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0'); - - return version_compare($versionFromBeforeUpdate, '14.0.0.9', '<'); - } - - /** - * @suppress SqlInjectionChecker - */ - private function repair() { - $reset = $this->connection->getQueryBuilder(); - $reset->update('jobs') - ->set('reserved_at', $reset->expr()->literal(0, IQueryBuilder::PARAM_INT)) - ->where($reset->expr()->neq('reserved_at', $reset->expr()->literal(0, IQueryBuilder::PARAM_INT))); - - return $reset->execute(); - } - - public function run(IOutput $output) { - if ($this->shouldRun()) { - $count = $this->repair(); - - $output->info('Repaired ' . $count . ' pending cron job(s).'); - } else { - $output->info('No need to repair pending cron jobs.'); - } - } -} diff --git a/lib/private/Repair/NC15/SetVcardDatabaseUID.php b/lib/private/Repair/NC15/SetVcardDatabaseUID.php deleted file mode 100644 index cefb1c18111..00000000000 --- a/lib/private/Repair/NC15/SetVcardDatabaseUID.php +++ /dev/null @@ -1,154 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2018 John Molakvoæ <skjnldsv@protonmail.com> - * - * @author John Molakvoæ <skjnldsv@protonmail.com> - * - * @license GNU AGPL version 3 or any later version - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as - * published by the Free Software Foundation, either version 3 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * - */ - -namespace OC\Repair\NC15; - -use OCP\IConfig; -use OCP\IDBConnection; -use OCP\ILogger; -use OCP\Migration\IOutput; -use OCP\Migration\IRepairStep; -use Sabre\VObject\Reader; -use Sabre\VObject\ParseException; - -class SetVcardDatabaseUID implements IRepairStep { - const MAX_ROWS = 1000; - - /** @var IDBConnection */ - private $connection; - - /** @var IConfig */ - private $config; - - /** @var ILogger */ - private $logger; - - private $updateQuery; - - public function __construct(IDBConnection $connection, IConfig $config, ILogger $logger) { - $this->connection = $connection; - $this->config = $config; - $this->logger = $logger; - } - - public function getName() { - return 'Extract the vcard uid and store it in the db'; - } - - /** - * @return \Generator - * @suppress SqlInjectionChecker - */ - private function getInvalidEntries() { - $builder = $this->connection->getQueryBuilder(); - - $builder->select('id', 'carddata') - ->from('cards') - ->where($builder->expr()->isNull('uid')) - ->setMaxResults(self::MAX_ROWS); - - do { - $result = $builder->execute(); - $rows = $result->fetchAll(); - foreach ($rows as $row) { - yield $row; - } - $result->closeCursor(); - } while (count($rows) > 0); - } - - /** - * Extract UID from vcard - * - * @param string $cardData the vcard raw data - * @param IOutput $output the output logger - * @return string the uid or empty if none - */ - private function getUID(string $cardData, IOutput $output): string { - try { - $vCard = Reader::read($cardData); - if ($vCard->UID) { - $uid = $vCard->UID->getValue(); - - return $uid; - } - } catch (ParseException $e) { - $output->warning('One vCard is broken. We logged the exception and will continue the repair.'); - $this->logger->logException($e); - } - - return ''; - } - - /** - * @param int $id - * @param string $uid - */ - private function update(int $id, string $uid) { - if (!$this->updateQuery) { - $builder = $this->connection->getQueryBuilder(); - - $this->updateQuery = $builder->update('cards') - ->set('uid', $builder->createParameter('uid')) - ->where($builder->expr()->eq('id', $builder->createParameter('id'))); - } - - $this->updateQuery->setParameter('id', $id); - $this->updateQuery->setParameter('uid', $uid); - - $this->updateQuery->execute(); - } - - private function repair(IOutput $output): int { - $this->connection->beginTransaction(); - $entries = $this->getInvalidEntries(); - $count = 0; - foreach ($entries as $entry) { - $count++; - $cardData = $entry['carddata']; - if (is_resource($cardData)) { - $cardData = stream_get_contents($cardData); - } - $uid = $this->getUID($cardData, $output); - $this->update($entry['id'], $uid); - } - $this->connection->commit(); - - return $count; - } - - private function shouldRun() { - $versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0.0'); - - // was added to 15.0.0.2 - return version_compare($versionFromBeforeUpdate, '15.0.0.2', '<='); - } - - public function run(IOutput $output) { - if ($this->shouldRun()) { - $count = $this->repair($output); - - $output->info('Fixed ' . $count . ' vcards'); - } - } -} diff --git a/lib/private/Repair/NC16/RemoveCypressFiles.php b/lib/private/Repair/NC16/RemoveCypressFiles.php new file mode 100644 index 00000000000..4b6108d0232 --- /dev/null +++ b/lib/private/Repair/NC16/RemoveCypressFiles.php @@ -0,0 +1,82 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019, Morris Jobke <hey@morrisjobke.de> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Repair\NC16; + +use OC\IntegrityCheck\Checker; +use OCP\Migration\IOutput; +use OCP\Migration\IRepairStep; + +/** + * Class CleanupCypressFiles + * + * This repair step removes "cypress" files and folder created by viewer app in 16.0.1 + * + * See https://github.com/nextcloud/server/issues/16229 for more details. + * + * @deprecated - can be removed in 18 because this is the first version where no migration from 16 can happen + */ +class RemoveCypressFiles implements IRepairStep { + + /** @var Checker $checker */ + private $checker; + + private $pathToViewerApp = __DIR__ . '/../../../../apps/viewer'; + + public function getName(): string { + return 'Cleanup cypress files from viewer app'; + } + + public function __construct(Checker $checker) { + $this->checker = $checker; + } + + public function run(IOutput $output): void { + $file = $this->pathToViewerApp . '/cypress.json'; + if (file_exists($file)) { + unlink($file); + } + + $dir = $this->pathToViewerApp . '/cypress'; + if (is_dir($dir)) { + $files = new \RecursiveIteratorIterator( + new \RecursiveDirectoryIterator($dir, \RecursiveDirectoryIterator::SKIP_DOTS), + \RecursiveIteratorIterator::CHILD_FIRST + ); + + foreach ($files as $fileInfo) { + /** @var \SplFileInfo $fileInfo */ + if ($fileInfo->isLink()) { + unlink($fileInfo->getPathname()); + } else if ($fileInfo->isDir()) { + rmdir($fileInfo->getRealPath()); + } else { + unlink($fileInfo->getRealPath()); + } + } + rmdir($dir); + } + + // re-run the instance verification + $this->checker->runInstanceVerification(); + } +} diff --git a/lib/private/Repair/RemoveRootShares.php b/lib/private/Repair/RemoveRootShares.php deleted file mode 100644 index a06105384fb..00000000000 --- a/lib/private/Repair/RemoveRootShares.php +++ /dev/null @@ -1,142 +0,0 @@ -<?php -/** - * @copyright Copyright (c) 2016, ownCloud, Inc. - * - * @author Jörn Friedrich Dreyer <jfd@butonic.de> - * @author Roeland Jago Douma <roeland@famdouma.nl> - * - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * - */ -namespace OC\Repair; - -use OCP\Files\IRootFolder; -use OCP\IDBConnection; -use OCP\IUser; -use OCP\IUserManager; -use OCP\Migration\IOutput; -use OCP\Migration\IRepairStep; - -/** - * Class RemoveRootShares - * - * @package OC\Repair - */ -class RemoveRootShares implements IRepairStep { - - /** @var IDBConnection */ - protected $connection; - - /** @var IUserManager */ - protected $userManager; - - /** @var IRootFolder */ - protected $rootFolder; - - /** - * RemoveRootShares constructor. - * - * @param IDBConnection $connection - * @param IUserManager $userManager - * @param IRootFolder $rootFolder - */ - public function __construct(IDBConnection $connection, - IUserManager $userManager, - IRootFolder $rootFolder) { - $this->connection = $connection; - $this->userManager = $userManager; - $this->rootFolder = $rootFolder; - } - - /** - * @return string - */ - public function getName() { - return 'Remove shares of a users root folder'; - } - - /** - * @param IOutput $output - */ - public function run(IOutput $output) { - if ($this->rootSharesExist()) { - $this->removeRootShares($output); - } - } - - /** - * @param IOutput $output - */ - private function removeRootShares(IOutput $output) { - $function = function(IUser $user) use ($output) { - $userFolder = $this->rootFolder->getUserFolder($user->getUID()); - $fileId = $userFolder->getId(); - - $qb = $this->connection->getQueryBuilder(); - $qb->delete('share') - ->where($qb->expr()->eq('file_source', $qb->createNamedParameter($fileId))) - ->andWhere($qb->expr()->orX( - $qb->expr()->eq('item_type', $qb->expr()->literal('file')), - $qb->expr()->eq('item_type', $qb->expr()->literal('folder')) - )); - - $qb->execute(); - - $output->advance(); - }; - - $output->startProgress($this->userManager->countSeenUsers()); - - $this->userManager->callForSeenUsers($function); - - $output->finishProgress(); - } - - /** - * Verify if this repair steps is required - * It *should* not be necessary in most cases and it can be very - * costly. - * - * @return bool - */ - private function rootSharesExist() { - $qb = $this->connection->getQueryBuilder(); - $qb2 = $this->connection->getQueryBuilder(); - - $qb->select('fileid') - ->from('filecache') - ->where($qb->expr()->eq('path', $qb->expr()->literal('files'))); - - $qb2->select('id') - ->from('share') - ->where($qb2->expr()->in('file_source', $qb2->createFunction($qb->getSQL()))) - ->andWhere($qb2->expr()->orX( - $qb2->expr()->eq('item_type', $qb->expr()->literal('file')), - $qb2->expr()->eq('item_type', $qb->expr()->literal('folder')) - )) - ->setMaxResults(1); - - $cursor = $qb2->execute(); - $data = $cursor->fetch(); - $cursor->closeCursor(); - - if ($data === false) { - return false; - } - - return true; - } -} - diff --git a/lib/private/Security/CSP/ContentSecurityPolicyManager.php b/lib/private/Security/CSP/ContentSecurityPolicyManager.php index 27a0524d3f3..332d9ebca8e 100644 --- a/lib/private/Security/CSP/ContentSecurityPolicyManager.php +++ b/lib/private/Security/CSP/ContentSecurityPolicyManager.php @@ -25,12 +25,21 @@ namespace OC\Security\CSP; use OCP\AppFramework\Http\ContentSecurityPolicy; use OCP\AppFramework\Http\EmptyContentSecurityPolicy; +use OCP\EventDispatcher\IEventDispatcher; +use OCP\Security\CSP\AddContentSecurityPolicyEvent; use OCP\Security\IContentSecurityPolicyManager; class ContentSecurityPolicyManager implements IContentSecurityPolicyManager { /** @var ContentSecurityPolicy[] */ private $policies = []; + /** @var IEventDispatcher */ + private $dispatcher; + + public function __construct(IEventDispatcher $dispatcher) { + $this->dispatcher = $dispatcher; + } + /** {@inheritdoc} */ public function addDefaultPolicy(EmptyContentSecurityPolicy $policy) { $this->policies[] = $policy; @@ -43,6 +52,9 @@ class ContentSecurityPolicyManager implements IContentSecurityPolicyManager { * @return ContentSecurityPolicy */ public function getDefaultPolicy(): ContentSecurityPolicy { + $event = new AddContentSecurityPolicyEvent($this); + $this->dispatcher->dispatch(AddContentSecurityPolicyEvent::class, $event); + $defaultPolicy = new \OC\Security\CSP\ContentSecurityPolicy(); foreach($this->policies as $policy) { $defaultPolicy = $this->mergePolicies($defaultPolicy, $policy); diff --git a/lib/private/Server.php b/lib/private/Server.php index 6a2d8106fb6..c716b996a37 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -1018,7 +1018,7 @@ class Server extends ServerContainer implements IServerContainer { $request ); }); - $this->registerService('CsrfTokenManager', function (Server $c) { + $this->registerService(CsrfTokenManager::class, function (Server $c) { $tokenGenerator = new CsrfTokenGenerator($c->getSecureRandom()); return new CsrfTokenManager( @@ -1026,13 +1026,12 @@ class Server extends ServerContainer implements IServerContainer { $c->query(SessionStorage::class) ); }); + $this->registerAlias('CsrfTokenManager', CsrfTokenManager::class); $this->registerService(SessionStorage::class, function (Server $c) { return new SessionStorage($c->getSession()); }); - $this->registerService(\OCP\Security\IContentSecurityPolicyManager::class, function (Server $c) { - return new ContentSecurityPolicyManager(); - }); - $this->registerAlias('ContentSecurityPolicyManager', \OCP\Security\IContentSecurityPolicyManager::class); + $this->registerAlias(\OCP\Security\IContentSecurityPolicyManager::class, \OC\Security\CSP\ContentSecurityPolicyManager::class); + $this->registerAlias('ContentSecurityPolicyManager', \OC\Security\CSP\ContentSecurityPolicyManager::class); $this->registerService('ContentSecurityPolicyNonceManager', function (Server $c) { return new ContentSecurityPolicyNonceManager( @@ -1901,7 +1900,7 @@ class Server extends ServerContainer implements IServerContainer { * @return CsrfTokenManager */ public function getCsrfTokenManager() { - return $this->query('CsrfTokenManager'); + return $this->query(CsrfTokenManager::class); } /** diff --git a/lib/public/IServerContainer.php b/lib/public/IServerContainer.php index a3e494479b7..bcdb6e6c9f5 100644 --- a/lib/public/IServerContainer.php +++ b/lib/public/IServerContainer.php @@ -534,6 +534,7 @@ interface IServerContainer extends IContainer { /** * @return IContentSecurityPolicyManager * @since 9.0.0 + * @deprecated 17.0.0 Use the AddContentSecurityPolicyEvent */ public function getContentSecurityPolicyManager(); diff --git a/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php b/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php new file mode 100644 index 00000000000..9bf1d57e77e --- /dev/null +++ b/lib/public/Security/CSP/AddContentSecurityPolicyEvent.php @@ -0,0 +1,52 @@ +<?php +declare(strict_types=1); +/** + * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCP\Security\CSP; + +use OC\Security\CSP\ContentSecurityPolicyManager; +use OCP\AppFramework\Http\EmptyContentSecurityPolicy; +use OCP\EventDispatcher\Event; + +/** + * @since 17.0.0 + */ +class AddContentSecurityPolicyEvent extends Event { + + /** @var ContentSecurityPolicyManager */ + private $policyManager; + + /** + * @since 17.0.0 + */ + public function __construct(ContentSecurityPolicyManager $policyManager) { + $this->policyManager = $policyManager; + } + + /** + * @since 17.0.0 + */ + public function addPolicy(EmptyContentSecurityPolicy $csp): void { + $this->policyManager->addDefaultPolicy($csp); + } +} diff --git a/lib/public/Security/IContentSecurityPolicyManager.php b/lib/public/Security/IContentSecurityPolicyManager.php index ebd477f75aa..7e9c019fda7 100644 --- a/lib/public/Security/IContentSecurityPolicyManager.php +++ b/lib/public/Security/IContentSecurityPolicyManager.php @@ -28,6 +28,7 @@ use OCP\AppFramework\Http\EmptyContentSecurityPolicy; * * @package OCP\Security * @since 9.0.0 + * @deprecated 17.0.0 listen to the AddContentSecurityPolicyEvent to add a policy */ interface IContentSecurityPolicyManager { /** @@ -46,6 +47,7 @@ interface IContentSecurityPolicyManager { * * @param EmptyContentSecurityPolicy $policy * @since 9.0.0 + * @deprecated 17.0.0 listen to the AddContentSecurityPolicyEvent to add a policy */ public function addDefaultPolicy(EmptyContentSecurityPolicy $policy); } |