diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 66 | ||||
| -rw-r--r-- | lib/private/allconfig.php | 11 | ||||
| -rw-r--r-- | lib/private/log.php | 36 | ||||
| -rw-r--r-- | lib/private/server.php | 1 | ||||
| -rw-r--r-- | lib/private/share/share.php | 1 | ||||
| -rw-r--r-- | lib/private/systemconfig.php | 54 | ||||
| -rw-r--r-- | lib/private/template.php | 117 | ||||
| -rw-r--r-- | lib/private/util.php | 53 | ||||
| -rw-r--r-- | lib/public/iconfig.php | 15 | ||||
| -rw-r--r-- | lib/public/ilogger.php | 10 | ||||
| -rw-r--r-- | lib/public/iservercontainer.php | 6 | ||||
| -rw-r--r-- | lib/public/util.php | 11 |
12 files changed, 279 insertions, 102 deletions
diff --git a/lib/base.php b/lib/base.php index f99acaaa80a..32b90cad1fa 100644 --- a/lib/base.php +++ b/lib/base.php @@ -376,63 +376,6 @@ class OC { $tmpl->printPage(); } - public static function initTemplateEngine() { - // Add the stuff we need always - // following logic will import all vendor libraries that are - // specified in core/js/core.json - $fileContent = file_get_contents(OC::$SERVERROOT . '/core/js/core.json'); - if($fileContent !== false) { - $coreDependencies = json_decode($fileContent, true); - foreach($coreDependencies['vendor'] as $vendorLibrary) { - // remove trailing ".js" as addVendorScript will append it - OC_Util::addVendorScript( - substr($vendorLibrary, 0, strlen($vendorLibrary) - 3)); - } - } else { - throw new \Exception('Cannot read core/js/core.json'); - } - - OC_Util::addScript("placeholders"); - OC_Util::addScript("compatibility"); - OC_Util::addScript("jquery.ocdialog"); - OC_Util::addScript("oc-dialogs"); - OC_Util::addScript("js"); - OC_Util::addScript("l10n"); - OC_Util::addTranslations("core"); - OC_Util::addScript("octemplate"); - OC_Util::addScript("eventsource"); - OC_Util::addScript("config"); - OC_Util::addScript('search', 'search'); - OC_Util::addScript("oc-requesttoken"); - OC_Util::addScript("apps"); - OC_Util::addScript('mimetype'); - OC_Util::addScript('mimetypelist'); - OC_Util::addVendorScript('snapjs/dist/latest/snap'); - OC_Util::addVendorScript('core', 'backbone/backbone'); - OC_Util::addScript('oc-backbone'); - - // avatars - if (\OC::$server->getSystemConfig()->getValue('enable_avatars', true) === true) { - \OC_Util::addScript('placeholder'); - \OC_Util::addVendorScript('blueimp-md5/js/md5'); - \OC_Util::addScript('jquery.avatar'); - \OC_Util::addScript('avatar'); - } - - OC_Util::addStyle("styles"); - OC_Util::addStyle("header"); - OC_Util::addStyle("mobile"); - OC_Util::addStyle("icons"); - OC_Util::addStyle("fonts"); - OC_Util::addStyle("apps"); - OC_Util::addStyle("fixes"); - OC_Util::addStyle("multiselect"); - OC_Util::addVendorStyle('jquery-ui/themes/base/jquery-ui'); - OC_Util::addStyle('jquery-ui-fixes'); - OC_Util::addStyle("tooltip"); - OC_Util::addStyle("jquery.ocdialog"); - } - public static function initSession() { // prevents javascript from accessing php session cookies ini_set('session.cookie_httponly', true); @@ -611,7 +554,6 @@ class OC { self::initSession(); } \OC::$server->getEventLogger()->end('init_session'); - self::initTemplateEngine(); self::checkConfig(); self::checkInstalled(); @@ -673,7 +615,7 @@ class OC { self::registerFilesystemHooks(); if ($systemConfig->getValue('enable_previews', true)) { self::registerPreviewHooks(); - } + } self::registerShareHooks(); self::registerLogRotate(); self::registerLocalAddressBook(); @@ -686,12 +628,6 @@ class OC { $lockProvider = \OC::$server->getLockingProvider(); register_shutdown_function(array($lockProvider, 'releaseAll')); - if ($systemConfig->getValue('installed', false) && !self::checkUpgrade(false)) { - if (\OC::$server->getConfig()->getAppValue('core', 'backgroundjobs_mode', 'ajax') == 'ajax') { - OC_Util::addScript('backgroundjobs'); - } - } - // Check whether the sample configuration has been copied if($systemConfig->getValue('copied_sample_config', false)) { $l = \OC::$server->getL10N('lib'); diff --git a/lib/private/allconfig.php b/lib/private/allconfig.php index 63cc92601bb..7c2037e8048 100644 --- a/lib/private/allconfig.php +++ b/lib/private/allconfig.php @@ -119,6 +119,17 @@ class AllConfig implements \OCP\IConfig { } /** + * Looks up a system wide defined value and filters out sensitive data + * + * @param string $key the key of the value, under which it was saved + * @param mixed $default the default value to be returned if the value isn't set + * @return mixed the value or $default + */ + public function getFilteredSystemValue($key, $default = '') { + return $this->systemConfig->getFilteredValue($key, $default); + } + + /** * Delete a system wide defined value * * @param string $key the key of the value, under which it was saved diff --git a/lib/private/log.php b/lib/private/log.php index 3c0e7b45d1b..4a0a34b7113 100644 --- a/lib/private/log.php +++ b/lib/private/log.php @@ -3,6 +3,7 @@ * @author Bart Visscher <bartv@thisnet.nl> * @author Bernhard Posselt <dev@bernhard-posselt.com> * @author Morris Jobke <hey@morrisjobke.de> + * @author Olivier Paroz <owncloud@oparoz.com> * @author Robin Appelman <icewind@owncloud.com> * @author Thomas Müller <thomas.mueller@tmit.eu> * @author Victor Dubiniuk <dubiniuk@owncloud.com> @@ -26,6 +27,8 @@ namespace OC; +use InterfaSys\LogNormalizer\Normalizer; + use \OCP\ILogger; use OCP\Security\StringUtils; @@ -48,12 +51,15 @@ class Log implements ILogger { /** @var boolean|null cache the result of the log condition check for the request */ private $logConditionSatisfied = null; + /** @var Normalizer */ + private $normalizer; /** * @param string $logger The logger that should be used * @param SystemConfig $config the system config object + * @param null $normalizer */ - public function __construct($logger=null, SystemConfig $config=null) { + public function __construct($logger=null, SystemConfig $config=null, $normalizer = null) { // FIXME: Add this for backwards compatibility, should be fixed at some point probably if($config === null) { $config = \OC::$server->getSystemConfig(); @@ -68,6 +74,11 @@ class Log implements ILogger { } else { $this->logger = $logger; } + if ($normalizer === null) { + $this->normalizer = new Normalizer(); + } else { + $this->normalizer = $normalizer; + } } @@ -175,6 +186,8 @@ class Log implements ILogger { $minLevel = min($this->config->getValue('loglevel', \OCP\Util::WARN), \OCP\Util::ERROR); $logCondition = $this->config->getValue('log.condition', []); + array_walk($context, [$this->normalizer, 'format']); + if (isset($context['app'])) { $app = $context['app']; @@ -241,4 +254,25 @@ class Log implements ILogger { call_user_func(array($logger, 'write'), $app, $message, $level); } } + + /** + * Logs an exception very detailed + * + * @param \Exception $exception + * @param array $context + * @return void + * @since 8.2.0 + */ + public function logException(\Exception $exception, array $context = array()) { + $exception = array( + 'Exception' => get_class($exception), + 'Message' => $exception->getMessage(), + 'Code' => $exception->getCode(), + 'Trace' => $exception->getTraceAsString(), + 'File' => $exception->getFile(), + 'Line' => $exception->getLine(), + ); + $exception['Trace'] = preg_replace('!(login|checkPassword)\(.*\)!', '$1(*** username and password replaced ***)', $exception['Trace']); + $this->error('Exception: ' . json_encode($exception), $context); + } } diff --git a/lib/private/server.php b/lib/private/server.php index 9f99ead849b..26eb99927fc 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -1098,4 +1098,5 @@ class Server extends SimpleContainer implements IServerContainer { public function getUserStoragesService() { return \OC_Mount_Config::$app->getContainer()->query('OCA\\Files_External\\Service\\UserStoragesService'); } + } diff --git a/lib/private/share/share.php b/lib/private/share/share.php index 07c7f31a853..32389f34868 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -1998,7 +1998,6 @@ class Share extends Constants { $suggestedItemTarget = $result['suggestedItemTarget']; $suggestedFileTarget = $result['suggestedFileTarget']; $filePath = $result['filePath']; - $expirationDate = $result['expirationDate']; } $isGroupShare = false; diff --git a/lib/private/systemconfig.php b/lib/private/systemconfig.php index 13b0959768a..94b815aebd7 100644 --- a/lib/private/systemconfig.php +++ b/lib/private/systemconfig.php @@ -22,12 +22,28 @@ namespace OC; + +use OCP\IConfig; + /** * Class which provides access to the system config values stored in config.php * Internal class for bootstrap only. * fixes cyclic DI: AllConfig needs AppConfig needs Database needs AllConfig */ class SystemConfig { + + /** @var array */ + protected $sensitiveValues = [ + 'dbpassword' => true, + 'dbuser' => true, + 'mail_smtpname' => true, + 'mail_smtppassword' => true, + 'passwordsalt' => true, + 'secret' => true, + 'ldap_agent_password' => true, + 'objectstore' => ['arguments' => ['password' => true]], + ]; + /** * Lists all available config keys * @return array an array of key names @@ -68,6 +84,23 @@ class SystemConfig { } /** + * Looks up a system wide defined value and filters out sensitive data + * + * @param string $key the key of the value, under which it was saved + * @param mixed $default the default value to be returned if the value isn't set + * @return mixed the value or $default + */ + public function getFilteredValue($key, $default = '') { + $value = $this->getValue($key, $default); + + if (isset($this->sensitiveValues[$key])) { + $value = $this->removeSensitiveValue($this->sensitiveValues[$key], $value); + } + + return $value; + } + + /** * Delete a system wide defined value * * @param string $key the key of the value, under which it was saved @@ -75,4 +108,25 @@ class SystemConfig { public function deleteValue($key) { \OC_Config::deleteKey($key); } + + /** + * @param bool|array $keysToRemove + * @param mixed $value + * @return mixed + */ + protected function removeSensitiveValue($keysToRemove, $value) { + if ($keysToRemove === true) { + return IConfig::SENSITIVE_VALUE; + } + + if (is_array($value)) { + foreach ($keysToRemove as $keyToRemove => $valueToRemove) { + if (isset($value[$keyToRemove])) { + $value[$keyToRemove] = $this->removeSensitiveValue($valueToRemove, $value[$keyToRemove]); + } + } + } + + return $value; + } } diff --git a/lib/private/template.php b/lib/private/template.php index 920be71abbf..0300e43edea 100644 --- a/lib/private/template.php +++ b/lib/private/template.php @@ -37,27 +37,40 @@ require_once __DIR__.'/template/functions.php'; * This class provides the templates for ownCloud. */ class OC_Template extends \OC\Template\Base { - private $renderas; // Create a full page? + + /** @var string */ + private $renderAs; // Create a full page? + + /** @var string */ private $path; // The path to the template + + /** @var array */ private $headers = array(); //custom headers + + /** @var string */ protected $app; // app id /** * Constructor * @param string $app app providing the template * @param string $name of the template file (without suffix) - * @param string $renderas = ""; produce a full page + * @param string $renderAs = ""; produce a full page * @param bool $registerCall = true * @return OC_Template object * * This function creates an OC_Template object. * - * If $renderas is set, OC_Template will try to produce a full page in the - * according layout. For now, renderas can be set to "guest", "user" or + * If $renderAs is set, OC_Template will try to produce a full page in the + * according layout. For now, $renderAs can be set to "guest", "user" or * "admin". */ - public function __construct( $app, $name, $renderas = "", $registerCall = true ) { + + protected static $initTemplateEngineFirstRun = true; + + public function __construct( $app, $name, $renderAs = "", $registerCall = true ) { // Read the selected theme from the config file + self::initTemplateEngine(); + $theme = OC_Util::getTheme(); $requesttoken = (OC::$server->getSession() and $registerCall) ? OC_Util::callRegister() : ''; @@ -69,13 +82,85 @@ class OC_Template extends \OC\Template\Base { list($path, $template) = $this->findTemplate($theme, $app, $name); // Set the private data - $this->renderas = $renderas; + $this->renderAs = $renderAs; $this->path = $path; $this->app = $app; parent::__construct($template, $requesttoken, $l10n, $themeDefaults); } + public static function initTemplateEngine() { + if (self::$initTemplateEngineFirstRun){ + + //apps that started before the template initialization can load their own scripts/styles + //so to make sure this scripts/styles here are loaded first we use OC_Util::addScript() with $prepend=true + //meaning the last script/style in this list will be loaded first + if (\OC::$server->getSystemConfig ()->getValue ( 'installed', false ) && ! \OCP\Util::needUpgrade ()) { + if (\OC::$server->getConfig ()->getAppValue ( 'core', 'backgroundjobs_mode', 'ajax' ) == 'ajax') { + OC_Util::addScript ( 'backgroundjobs', null, true ); + } + } + + OC_Util::addStyle("tooltip",null,true); + OC_Util::addStyle('jquery-ui-fixes',null,true); + OC_Util::addVendorStyle('jquery-ui/themes/base/jquery-ui',null,true); + OC_Util::addStyle("multiselect",null,true); + OC_Util::addStyle("fixes",null,true); + OC_Util::addStyle("apps",null,true); + OC_Util::addStyle("fonts",null,true); + OC_Util::addStyle("icons",null,true); + OC_Util::addStyle("mobile",null,true); + OC_Util::addStyle("header",null,true); + OC_Util::addStyle("styles",null,true); + + // avatars + if (\OC::$server->getSystemConfig()->getValue('enable_avatars', true) === true) { + \OC_Util::addScript('avatar', null, true); + \OC_Util::addScript('jquery.avatar', null, true); + \OC_Util::addScript('placeholder', null, true); + } + + OC_Util::addScript('oc-backbone', null, true); + OC_Util::addVendorScript('core', 'backbone/backbone', true); + OC_Util::addVendorScript('snapjs/dist/latest/snap', null, true); + OC_Util::addScript('mimetypelist', null, true); + OC_Util::addScript('mimetype', null, true); + OC_Util::addScript("apps", null, true); + OC_Util::addScript("oc-requesttoken", null, true); + OC_Util::addScript('search', 'search', true); + OC_Util::addScript("config", null, true); + OC_Util::addScript("eventsource", null, true); + OC_Util::addScript("octemplate", null, true); + OC_Util::addTranslations("core", null, true); + OC_Util::addScript("l10n", null, true); + OC_Util::addScript("js", null, true); + OC_Util::addScript("oc-dialogs", null, true); + OC_Util::addScript("jquery.ocdialog", null, true); + OC_Util::addStyle("jquery.ocdialog"); + OC_Util::addScript("compatibility", null, true); + OC_Util::addScript("placeholders", null, true); + + // Add the stuff we need always + // following logic will import all vendor libraries that are + // specified in core/js/core.json + $fileContent = file_get_contents(OC::$SERVERROOT . '/core/js/core.json'); + if($fileContent !== false) { + $coreDependencies = json_decode($fileContent, true); + foreach(array_reverse($coreDependencies['vendor']) as $vendorLibrary) { + // remove trailing ".js" as addVendorScript will append it + OC_Util::addVendorScript( + substr($vendorLibrary, 0, strlen($vendorLibrary) - 3),null,true); + } + } else { + throw new \Exception('Cannot read core/js/core.json'); + } + + self::$initTemplateEngineFirstRun = false; + } + + } + + /** * find the template with the given name * @param string $name of the template file (without suffix) @@ -118,14 +203,14 @@ class OC_Template extends \OC\Template\Base { * Process the template * @return boolean|string * - * This function process the template. If $this->renderas is set, it + * This function process the template. If $this->renderAs is set, it * will produce a full page. */ public function fetchPage() { $data = parent::fetchPage(); - if( $this->renderas ) { - $page = new OC_TemplateLayout($this->renderas, $this->app); + if( $this->renderAs ) { + $page = new OC_TemplateLayout($this->renderAs, $this->app); // Add custom headers $headers = ''; @@ -141,18 +226,20 @@ class OC_Template extends \OC\Template\Base { } } - $page->assign('headers', $headers, false); + $page->assign('headers', $headers); - $page->assign('content', $data, false ); + $page->assign('content', $data); return $page->fetchPage(); } - else{ - return $data; - } + + return $data; } /** * Include template + * + * @param string $file + * @param array|null $additionalParams * @return string returns content of included template * * Includes another template. use <?php echo $this->inc('template'); ?> to @@ -222,7 +309,7 @@ class OC_Template extends \OC\Template\Base { /** * print error page using Exception details - * @param Exception|Error $exception + * @param Exception $exception */ public static function printExceptionErrorPage($exception) { $request = \OC::$server->getRequest(); diff --git a/lib/private/util.php b/lib/private/util.php index 667d358655f..9abaef71a68 100644 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -439,16 +439,23 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Script to the beginning of the list * @return void */ - public static function addScript($application, $file = null) { + public static function addScript($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'js', $file); + //TODO eliminate double code if (!in_array($path, self::$scripts)) { // core js files need separate handling if ($application !== 'core' && $file !== null) { self::addTranslations($application); } - self::$scripts[] = $path; + if ($prepend===true) { + array_unshift(self::$scripts, $path); + } + else { + self::$scripts[] = $path; + } } } @@ -457,12 +464,18 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Script to the beginning of the list * @return void */ - public static function addVendorScript($application, $file = null) { + public static function addVendorScript($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'vendor', $file); - if (!in_array($path, self::$scripts)) { - self::$scripts[] = $path; + //TODO eliminate double code + if (! in_array ( $path, self::$scripts )) { + if ($prepend === true) { + array_unshift ( self::$scripts, $path ); + } else { + self::$scripts [] = $path; + } } } @@ -471,8 +484,9 @@ class OC_Util { * * @param string $application application id * @param string $languageCode language code, defaults to the current language + * @param bool $prepend prepend the Script to the beginning of the list */ - public static function addTranslations($application, $languageCode = null) { + public static function addTranslations($application, $languageCode = null, $prepend = false) { if (is_null($languageCode)) { $languageCode = \OC_L10N::findLanguage($application); } @@ -481,8 +495,13 @@ class OC_Util { } else { $path = "l10n/$languageCode"; } + //TODO eliminate double code if (!in_array($path, self::$scripts)) { - self::$scripts[] = $path; + if ($prepend === true) { + array_unshift ( self::$scripts, $path ); + } else { + self::$scripts [] = $path; + } } } @@ -491,12 +510,18 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Style to the beginning of the list * @return void */ - public static function addStyle($application, $file = null) { + public static function addStyle($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'css', $file); + //TODO eliminate double code if (!in_array($path, self::$styles)) { - self::$styles[] = $path; + if ($prepend === true) { + array_unshift ( self::$styles, $path ); + } else { + self::$styles[] = $path; + } } } @@ -505,12 +530,18 @@ class OC_Util { * * @param string $application application id * @param string|null $file filename + * @param bool $prepend prepend the Style to the beginning of the list * @return void */ - public static function addVendorStyle($application, $file = null) { + public static function addVendorStyle($application, $file = null, $prepend = false) { $path = OC_Util::generatePath($application, 'vendor', $file); + //TODO eliminate double code if (!in_array($path, self::$styles)) { - self::$styles[] = $path; + if ($prepend === true) { + array_unshift ( self::$styles, $path ); + } else { + self::$styles[] = $path; + } } } diff --git a/lib/public/iconfig.php b/lib/public/iconfig.php index ff0b6c6a5b0..933eef97ae1 100644 --- a/lib/public/iconfig.php +++ b/lib/public/iconfig.php @@ -41,6 +41,11 @@ namespace OCP; */ interface IConfig { /** + * @since 8.2.0 + */ + const SENSITIVE_VALUE = '***REMOVED SENSITIVE VALUE***'; + + /** * Sets and deletes system wide values * * @param array $configs Associative array with `key => value` pairs @@ -69,6 +74,16 @@ interface IConfig { public function getSystemValue($key, $default = ''); /** + * Looks up a system wide defined value and filters out sensitive data + * + * @param string $key the key of the value, under which it was saved + * @param mixed $default the default value to be returned if the value isn't set + * @return mixed the value or $default + * @since 8.2.0 + */ + public function getFilteredSystemValue($key, $default = ''); + + /** * Delete a system wide defined value * * @param string $key the key of the value, under which it was saved diff --git a/lib/public/ilogger.php b/lib/public/ilogger.php index 43b1ef70e5b..27a5d63dfdb 100644 --- a/lib/public/ilogger.php +++ b/lib/public/ilogger.php @@ -122,4 +122,14 @@ interface ILogger { * @since 7.0.0 */ public function log($level, $message, array $context = array()); + + /** + * Logs an exception very detailed + * + * @param \Exception $exception + * @param array $context + * @return void + * @since 8.2.0 + */ + public function logException(\Exception $exception, array $context = array()); } diff --git a/lib/public/iservercontainer.php b/lib/public/iservercontainer.php index 8be23dff214..e37652c1adc 100644 --- a/lib/public/iservercontainer.php +++ b/lib/public/iservercontainer.php @@ -194,6 +194,12 @@ interface IServerContainer { public function getAppConfig(); /** + * @return \OCP\L10N\IFactory + * @since 8.2.0 + */ + public function getL10NFactory(); + + /** * get an L10N instance * @param string $app appid * @param string $lang diff --git a/lib/public/util.php b/lib/public/util.php index c32668b14a8..652df5192cf 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -158,17 +158,10 @@ class Util { * @param \Exception $ex exception to log * @param int $level log level, defaults to \OCP\Util::FATAL * @since ....0.0 - parameter $level was added in 7.0.0 + * @deprecated 8.2.0 use logException of \OCP\ILogger */ public static function logException( $app, \Exception $ex, $level = \OCP\Util::FATAL ) { - $exception = array( - 'Exception' => get_class($ex), - 'Message' => $ex->getMessage(), - 'Code' => $ex->getCode(), - 'Trace' => $ex->getTraceAsString(), - 'File' => $ex->getFile(), - 'Line' => $ex->getLine(), - ); - \OCP\Util::writeLog($app, 'Exception: ' . json_encode($exception), $level); + \OC::$server->getLogger()->logException($ex, ['app' => $app]); } /** |