From d18bd17eb7d13010e3daef5351d7f7ec64480fd7 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Thu, 11 Jul 2013 00:00:01 +0200 Subject: - eventsource.php: in case of potential CSRF attack we send an error message from the EventSource to the browser - eventsource.js: handle undefined data on event - update.js: in case of error we close the event source - advise the user to reload the page - update.php: EventSource initialization is now done before we enter the maintenance mode in order to allow browser reload in case of possible CSRF attack --- lib/eventsource.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lib/eventsource.php') diff --git a/lib/eventsource.php b/lib/eventsource.php index 63f19792529..31d6edc1874 100644 --- a/lib/eventsource.php +++ b/lib/eventsource.php @@ -25,7 +25,7 @@ * wrapper for server side events (http://en.wikipedia.org/wiki/Server-sent_events) * includes a fallback for older browsers and IE * - * use server side events with causion, to many open requests can hang the server + * use server side events with caution, to many open requests can hang the server */ class OC_EventSource{ private $fallback; @@ -43,6 +43,7 @@ class OC_EventSource{ header("Content-Type: text/event-stream"); } if( !OC_Util::isCallRegistered()) { + $this->send('error', 'Possible CSRF attack. Connection will be closed.'); exit(); } flush(); @@ -51,10 +52,10 @@ class OC_EventSource{ /** * send a message to the client - * @param string type - * @param object data + * @param string $type + * @param object $data * - * if only one paramater is given, a typeless message will be send with that paramater as data + * if only one parameter is given, a typeless message will be send with that parameter as data */ public function send($type, $data=null) { if(is_null($data)) { -- cgit v1.2.3 From 2b89b7c88046f8eb8d2676d0a455ca0d0ba50eeb Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Fri, 19 Jul 2013 16:44:47 +0200 Subject: Split scanning logic from ajax file --- apps/files/ajax/scan.php | 74 +++++++++++++++---------------------- lib/eventsource.php | 2 +- lib/files/utils/scanner.php | 89 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 119 insertions(+), 46 deletions(-) create mode 100644 lib/files/utils/scanner.php (limited to 'lib/eventsource.php') diff --git a/apps/files/ajax/scan.php b/apps/files/ajax/scan.php index 0706d4e7829..5b32b6db9b7 100644 --- a/apps/files/ajax/scan.php +++ b/apps/files/ajax/scan.php @@ -16,72 +16,56 @@ if (isset($_GET['users'])) { } $eventSource = new OC_EventSource(); -ScanListener::$eventSource = $eventSource; -ScanListener::$view = \OC\Files\Filesystem::getView(); - -OC_Hook::connect('\OC\Files\Cache\Scanner', 'scan_folder', 'ScanListener', 'folder'); -OC_Hook::connect('\OC\Files\Cache\Scanner', 'scan_file', 'ScanListener', 'file'); +$listener = new ScanListener($eventSource); foreach ($users as $user) { $eventSource->send('user', $user); - OC_Util::tearDownFS(); - OC_Util::setupFS($user); - - $absolutePath = \OC\Files\Filesystem::getView()->getAbsolutePath($dir); - - $mountPoints = \OC\Files\Filesystem::getMountPoints($absolutePath); - $mountPoints[] = \OC\Files\Filesystem::getMountPoint($absolutePath); - $mountPoints = array_reverse($mountPoints); //start with the mount point of $dir - - foreach ($mountPoints as $mountPoint) { - $storage = \OC\Files\Filesystem::getStorage($mountPoint); - if ($storage) { - ScanListener::$mountPoints[$storage->getId()] = $mountPoint; - $scanner = $storage->getScanner(); - if ($force) { - $scanner->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE, \OC\Files\Cache\Scanner::REUSE_ETAG); - } else { - $scanner->backgroundScan(); - } - } + $scanner = new \OC\Files\Utils\Scanner($user); + $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', array($listener, 'file')); + $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', array($listener, 'folder')); + if ($force) { + $scanner->scan($dir); + } else { + $scanner->backgroundScan($dir); } } -$eventSource->send('done', ScanListener::$fileCount); +$eventSource->send('done', $listener->getCount()); $eventSource->close(); class ScanListener { - static public $fileCount = 0; - static public $lastCount = 0; + private $fileCount = 0; + private $lastCount = 0; /** - * @var \OC\Files\View $view + * @var \OC_EventSource event source to pass events to */ - static public $view; + private $eventSource; /** - * @var array $mountPoints map storage ids to mountpoints + * @param \OC_EventSource $eventSource */ - static public $mountPoints = array(); + public function __construct($eventSource) { + $this->eventSource = $eventSource; + } /** - * @var \OC_EventSource event source to pass events to + * @param string $path */ - static public $eventSource; - - static function folder($params) { - $internalPath = $params['path']; - $mountPoint = self::$mountPoints[$params['storage']]; - $path = self::$view->getRelativePath($mountPoint . $internalPath); - self::$eventSource->send('folder', $path); + public function folder($path) { + $this->eventSource->send('folder', $path); } - static function file() { - self::$fileCount++; - if (self::$fileCount > self::$lastCount + 20) { //send a count update every 20 files - self::$lastCount = self::$fileCount; - self::$eventSource->send('count', self::$fileCount); + public function file() { + $this->fileCount++; + if ($this->fileCount > $this->lastCount + 20) { //send a count update every 20 files + $this->lastCount = $this->fileCount; + $this->eventSource->send('count', $this->fileCount); } } + + public function getCount() { + return $this->fileCount; + } } diff --git a/lib/eventsource.php b/lib/eventsource.php index 31d6edc1874..a83084d9251 100644 --- a/lib/eventsource.php +++ b/lib/eventsource.php @@ -53,7 +53,7 @@ class OC_EventSource{ /** * send a message to the client * @param string $type - * @param object $data + * @param mixed $data * * if only one parameter is given, a typeless message will be send with that parameter as data */ diff --git a/lib/files/utils/scanner.php b/lib/files/utils/scanner.php new file mode 100644 index 00000000000..800bb649934 --- /dev/null +++ b/lib/files/utils/scanner.php @@ -0,0 +1,89 @@ + + * This file is licensed under the Affero General Public License version 3 or + * later. + * See the COPYING-README file. + */ + +namespace OC\Files\Utils; + +use OC\Hooks\BasicEmitter; +use OC\Files\Filesystem; + +/** + * Class Scanner + * + * Hooks available in scope \OC\Utils\Scanner + * - scanFile(string $absolutePath) + * - scanFolder(string $absolutePath) + * + * @package OC\Files\Utils + */ +class Scanner extends BasicEmitter { + /** + * @var string $user + */ + private $user; + + /** + * @param string $user + */ + public function __construct($user) { + $this->user = $user; + } + + /** + * get all storages for $dir + * + * @param string $dir + * @return \OC\Files\Mount\Mount[] + */ + protected function getMounts($dir) { + //TODO: move to the node based fileapi once that's done + \OC_Util::tearDownFS(); + \OC_Util::setupFS($this->user); + $absolutePath = Filesystem::getView()->getAbsolutePath($dir); + + $mountManager = Filesystem::getMountManager(); + $mounts = $mountManager->findIn($absolutePath); + $mounts[] = $mountManager->find($absolutePath); + $mounts = array_reverse($mounts); //start with the mount of $dir + + return $mounts; + } + + /** + * attach listeners to the scanner + * + * @param \OC\Files\Mount\Mount $mount + */ + protected function attachListener($mount) { + $scanner = $mount->getStorage()->getScanner(); + $scanner->listen('\OC\Files\Cache\Scanner', 'scanFile', function ($path) use ($mount) { + $this->emit('\OC\Files\Utils\Scanner', 'scanFile', array($mount->getMountPoint() . $path)); + }); + $scanner->listen('\OC\Files\Cache\Scanner', 'scanFolder', function ($path) use ($mount) { + $this->emit('\OC\Files\Utils\Scanner', 'scanFolder', array($mount->getMountPoint() . $path)); + }); + } + + public function backgroundScan($dir) { + $mounts = $this->getMounts($dir); + foreach ($mounts as $mount) { + $scanner = $mount->getStorage()->getScanner(); + $this->attachListener($mount); + $scanner->backgroundScan(); + } + } + + public function scan($dir) { + $mounts = $this->getMounts($dir); + foreach ($mounts as $mount) { + $scanner = $mount->getStorage()->getScanner(); + $this->attachListener($mount); + $scanner->scan('', \OC\Files\Cache\Scanner::SCAN_RECURSIVE, \OC\Files\Cache\Scanner::REUSE_ETAG); + } + } +} + -- cgit v1.2.3