From c8b7a233a5b05fd4402936a343b0dc1f6442c5ed Mon Sep 17 00:00:00 2001 From: Jonas Rittershofer Date: Sat, 2 Apr 2022 18:04:41 +0200 Subject: Allow CSRF on CORS routes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Julius Härtl Co-authored-by: Andreas Brinner Signed-off-by: Jonas Rittershofer --- lib/private/AppFramework/Middleware/Security/CORSMiddleware.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php index 1490b69f534..dd964915006 100644 --- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php @@ -87,6 +87,10 @@ class CORSMiddleware extends Middleware { $user = array_key_exists('PHP_AUTH_USER', $this->request->server) ? $this->request->server['PHP_AUTH_USER'] : null; $pass = array_key_exists('PHP_AUTH_PW', $this->request->server) ? $this->request->server['PHP_AUTH_PW'] : null; + // Allow to use the current session if a CSRF token is provided + if ($this->request->passesCSRFCheck()) { + return; + } $this->session->logout(); try { if ($user === null || $pass === null || !$this->session->logClientIn($user, $pass, $this->request, $this->throttler)) { -- cgit v1.2.3 From cea2f79bbd02ba9eafa9993baa513ce8900d9f3f Mon Sep 17 00:00:00 2001 From: Julius Härtl Date: Thu, 28 Jul 2022 07:50:17 +0200 Subject: Improve container return type annotations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- build/psalm-baseline.xml | 5 ++++- lib/private/AppFramework/Utility/SimpleContainer.php | 9 +++++++++ lib/private/Server.php | 5 +++-- lib/private/ServerContainer.php | 7 +++++++ lib/public/Server.php | 8 +++++--- 5 files changed, 28 insertions(+), 6 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/build/psalm-baseline.xml b/build/psalm-baseline.xml index 8132311ff87..ec96d584379 100644 --- a/build/psalm-baseline.xml +++ b/build/psalm-baseline.xml @@ -840,6 +840,7 @@ get_class($res) === 'OpenSSLAsymmetricKey' + is_object($res) @@ -3159,7 +3160,6 @@ bool int string - string $lastChunkPos @@ -3619,6 +3619,9 @@ \OCP\Calendar\Room\IManager \OCP\Files\Folder|null + + new GenericEvent($user) + \OC\OCSClient diff --git a/lib/private/AppFramework/Utility/SimpleContainer.php b/lib/private/AppFramework/Utility/SimpleContainer.php index 429382aa223..da1efdec826 100644 --- a/lib/private/AppFramework/Utility/SimpleContainer.php +++ b/lib/private/AppFramework/Utility/SimpleContainer.php @@ -53,6 +53,15 @@ class SimpleContainer implements ArrayAccess, ContainerInterface, IContainer { $this->container = new Container(); } + /** + * @template T + * @param class-string|string $id + * @return T|mixed + * @psalm-template S as class-string|string + * @psalm-param S $id + * @psalm-return (S is class-string ? T : mixed) + * @throws QueryException + */ public function get(string $id) { return $this->query($id); } diff --git a/lib/private/Server.php b/lib/private/Server.php index a94e0d568b0..33ac8262cea 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -155,6 +155,7 @@ use OC\Template\JSCombiner; use OC\User\DisplayNameCache; use OC\User\Listeners\BeforeUserDeletedListener; use OC\User\Listeners\UserChangedListener; +use OC\User\Session; use OCA\Theming\ImageManager; use OCA\Theming\ThemingDefaults; use OCA\Theming\Util; @@ -1672,7 +1673,7 @@ class Server extends ServerContainer implements IServerContainer { * @deprecated 20.0.0 */ public function getSession() { - return $this->get(IUserSession::class)->getSession(); + return $this->get(Session::class)->getSession(); } /** @@ -1680,7 +1681,7 @@ class Server extends ServerContainer implements IServerContainer { */ public function setSession(\OCP\ISession $session) { $this->get(SessionStorage::class)->setSession($session); - $this->get(IUserSession::class)->setSession($session); + $this->get(Session::class)->setSession($session); $this->get(Store::class)->setSession($session); } diff --git a/lib/private/ServerContainer.php b/lib/private/ServerContainer.php index d6bec7526b7..0bc99f6c152 100644 --- a/lib/private/ServerContainer.php +++ b/lib/private/ServerContainer.php @@ -127,6 +127,13 @@ class ServerContainer extends SimpleContainer { } /** + * @template T + * @param class-string|string $name + * @return T|mixed + * @psalm-template S as class-string|string + * @psalm-param S $name + * @psalm-return (S is class-string ? T : mixed) + * @throws QueryException * @deprecated 20.0.0 use \Psr\Container\ContainerInterface::get */ public function query(string $name, bool $autoload = true) { diff --git a/lib/public/Server.php b/lib/public/Server.php index f4522e8ae10..92560e2b17e 100644 --- a/lib/public/Server.php +++ b/lib/public/Server.php @@ -41,9 +41,11 @@ use Psr\Container\NotFoundExceptionInterface; final class Server { /** * @template T - * @template S as class-string|string - * @param S $serviceName - * @return (S is class-string ? T : mixed) + * @param class-string|string $serviceName + * @return T|mixed + * @psalm-template S as class-string|string + * @psalm-param S $serviceName + * @psalm-return (S is class-string ? T : mixed) * @throws ContainerExceptionInterface * @throws NotFoundExceptionInterface * @since 25.0.0 -- cgit v1.2.3 From 41b2466d35dd65138c02a3a8934839742020fb92 Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Wed, 2 Nov 2022 19:42:09 +0100 Subject: Clean up and deprecate app container aliases Signed-off-by: Christoph Wurst --- .../AppFramework/DependencyInjection/DIContainer.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index e06d5226a28..298b9f000e3 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -96,7 +96,7 @@ class DIContainer extends SimpleContainer implements IAppContainer { */ public function __construct($appName, $urlParams = [], ServerContainer $server = null) { parent::__construct(); - $this['AppName'] = $appName; + $this['appName'] = $appName; $this['urlParams'] = $urlParams; $this->registerAlias('Request', IRequest::class); @@ -109,9 +109,12 @@ class DIContainer extends SimpleContainer implements IAppContainer { $this->server->registerAppContainer($appName, $this); // aliases - $this->registerAlias('appName', 'AppName'); - $this->registerAlias('webRoot', 'WebRoot'); - $this->registerAlias('userId', 'UserId'); + /** @deprecated inject $appName */ + $this->registerAlias('AppName', 'appName'); + /** @deprecated inject $webRoot*/ + $this->registerAlias('WebRoot', 'webRoot'); + /** @deprecated inject $userId */ + $this->registerAlias('UserId', 'userId'); /** * Core services @@ -158,11 +161,11 @@ class DIContainer extends SimpleContainer implements IAppContainer { $this->registerAlias(IAppContainer::class, ContainerInterface::class); // commonly used attributes - $this->registerService('UserId', function (ContainerInterface $c) { + $this->registerService('userId', function (ContainerInterface $c) { return $c->get(IUserSession::class)->getSession()->get('user_id'); }); - $this->registerService('WebRoot', function (ContainerInterface $c) { + $this->registerService('webRoot', function (ContainerInterface $c) { return $c->get(IServerContainer::class)->getWebRoot(); }); -- cgit v1.2.3 From 2a864ec13c0f99eb75fa1b38642e23933832369b Mon Sep 17 00:00:00 2001 From: Carl Schwan Date: Thu, 1 Dec 2022 12:46:01 +0100 Subject: Improve dependency injection error message Change from display the name of the parameter to the type of the parameter. This is that in most cases is usefull. Signed-off-by: Carl Schwan --- lib/private/AppFramework/Utility/SimpleContainer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/Utility/SimpleContainer.php b/lib/private/AppFramework/Utility/SimpleContainer.php index da1efdec826..925ef67de64 100644 --- a/lib/private/AppFramework/Utility/SimpleContainer.php +++ b/lib/private/AppFramework/Utility/SimpleContainer.php @@ -108,7 +108,7 @@ class SimpleContainer implements ArrayAccess, ContainerInterface, IContainer { return $this->query($resolveName); } catch (QueryException $e2) { // don't lose the error we got while trying to query by type - throw new QueryException($e2->getMessage(), (int) $e2->getCode(), $e); + throw new QueryException($e->getMessage(), (int) $e->getCode(), $e); } } -- cgit v1.2.3 From 4a3f3beb0babf312d83b2dc6feb7b036cd106529 Mon Sep 17 00:00:00 2001 From: Julien Veyssier Date: Wed, 9 Nov 2022 18:46:54 +0100 Subject: use bruteforce protection on all methods wrapped by PublicShareMiddleware if an invalid token is provided or when share password is wrong Signed-off-by: Julien Veyssier --- .../DependencyInjection/DIContainer.php | 3 ++- .../PublicShare/PublicShareMiddleware.php | 22 +++++++++++++++++++++- .../PublicShare/PublicShareMiddlewareTest.php | 7 ++++++- 3 files changed, 29 insertions(+), 3 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index 298b9f000e3..4c413a8ae87 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -304,7 +304,8 @@ class DIContainer extends SimpleContainer implements IAppContainer { new OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware( $c->get(IRequest::class), $c->get(ISession::class), - $c->get(\OCP\IConfig::class) + $c->get(\OCP\IConfig::class), + $c->get(OC\Security\Bruteforce\Throttler::class) ) ); $dispatcher->registerMiddleware( diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php index d3beb4fd3a8..d956ce58912 100644 --- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php +++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php @@ -24,6 +24,7 @@ namespace OC\AppFramework\Middleware\PublicShare; use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException; +use OC\Security\Bruteforce\Throttler; use OCP\AppFramework\AuthPublicShareController; use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Middleware; @@ -34,6 +35,7 @@ use OCP\IRequest; use OCP\ISession; class PublicShareMiddleware extends Middleware { + /** @var IRequest */ private $request; @@ -43,10 +45,14 @@ class PublicShareMiddleware extends Middleware { /** @var IConfig */ private $config; - public function __construct(IRequest $request, ISession $session, IConfig $config) { + /** @var Throttler */ + private $throttler; + + public function __construct(IRequest $request, ISession $session, IConfig $config, Throttler $throttler) { $this->request = $request; $this->session = $session; $this->config = $config; + $this->throttler = $throttler; } public function beforeController($controller, $methodName) { @@ -54,6 +60,11 @@ class PublicShareMiddleware extends Middleware { return; } + $controllerClassPath = explode('\\', get_class($controller)); + $controllerShortClass = end($controllerClassPath); + $bruteforceProtectionAction = $controllerShortClass . '::' . $methodName; + $this->throttler->sleepDelayOrThrowOnMax($this->request->getRemoteAddress(), $bruteforceProtectionAction); + if (!$this->isLinkSharingEnabled()) { throw new NotFoundException('Link sharing is disabled'); } @@ -68,6 +79,8 @@ class PublicShareMiddleware extends Middleware { $controller->setToken($token); if (!$controller->isValidToken()) { + $this->throttle($bruteforceProtectionAction, $token); + $controller->shareNotFound(); throw new NotFoundException(); } @@ -88,6 +101,7 @@ class PublicShareMiddleware extends Middleware { throw new NeedAuthenticationException(); } + $this->throttle($bruteforceProtectionAction, $token); throw new NotFoundException(); } @@ -128,4 +142,10 @@ class PublicShareMiddleware extends Middleware { return true; } + + private function throttle($bruteforceProtectionAction, $token): void { + $ip = $this->request->getRemoteAddress(); + $this->throttler->sleepDelay($ip, $bruteforceProtectionAction); + $this->throttler->registerAttempt($bruteforceProtectionAction, $ip, ['token' => $token]); + } } diff --git a/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php b/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php index 7e7140971e4..7d07bffc46b 100644 --- a/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php @@ -25,6 +25,7 @@ namespace Test\AppFramework\Middleware\PublicShare; use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException; use OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware; +use OC\Security\Bruteforce\Throttler; use OCP\AppFramework\AuthPublicShareController; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\NotFoundResponse; @@ -44,6 +45,8 @@ class PublicShareMiddlewareTest extends \Test\TestCase { private $session; /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ private $config; + /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ + private $throttler; /** @var PublicShareMiddleware */ private $middleware; @@ -55,11 +58,13 @@ class PublicShareMiddlewareTest extends \Test\TestCase { $this->request = $this->createMock(IRequest::class); $this->session = $this->createMock(ISession::class); $this->config = $this->createMock(IConfig::class); + $this->throttler = $this->createMock(Throttler::class); $this->middleware = new PublicShareMiddleware( $this->request, $this->session, - $this->config + $this->config, + $this->throttler ); } -- cgit v1.2.3 From d7ecbe32d205309f7bf2eaed41890d40cdc5e660 Mon Sep 17 00:00:00 2001 From: Julius Härtl Date: Wed, 16 Nov 2022 18:54:25 +0100 Subject: Avoid container dance for appName MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sicne the appName is always passed for the DIContainer we can avoid using the container query logic and instead store and use a property Signed-off-by: Julius Härtl --- .../AppFramework/DependencyInjection/DIContainer.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index 4c413a8ae87..5fd363ee963 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -79,6 +79,7 @@ use Psr\Log\LoggerInterface; * @deprecated 20.0.0 */ class DIContainer extends SimpleContainer implements IAppContainer { + private string $appName; /** * @var array @@ -94,8 +95,9 @@ class DIContainer extends SimpleContainer implements IAppContainer { * @param array $urlParams * @param ServerContainer|null $server */ - public function __construct($appName, $urlParams = [], ServerContainer $server = null) { + public function __construct(string $appName, array $urlParams = [], ServerContainer $server = null) { parent::__construct(); + $this->appName = $appName; $this['appName'] = $appName; $this['urlParams'] = $urlParams; @@ -437,6 +439,9 @@ class DIContainer extends SimpleContainer implements IAppContainer { } public function query(string $name, bool $autoload = true) { + if ($name === 'AppName' || $name === 'appName') { + return $this->appName; + } try { return $this->queryNoFallback($name); } catch (QueryException $firstException) { @@ -461,11 +466,11 @@ class DIContainer extends SimpleContainer implements IAppContainer { if ($this->offsetExists($name)) { return parent::query($name); - } elseif ($this['AppName'] === 'settings' && strpos($name, 'OC\\Settings\\') === 0) { + } elseif ($this->appName === 'settings' && strpos($name, 'OC\\Settings\\') === 0) { return parent::query($name); - } elseif ($this['AppName'] === 'core' && strpos($name, 'OC\\Core\\') === 0) { + } elseif ($this->appName === 'core' && strpos($name, 'OC\\Core\\') === 0) { return parent::query($name); - } elseif (strpos($name, \OC\AppFramework\App::buildAppNamespace($this['AppName']) . '\\') === 0) { + } elseif (strpos($name, \OC\AppFramework\App::buildAppNamespace($this->appName) . '\\') === 0) { return parent::query($name); } -- cgit v1.2.3 From 3899de12b77abf7489557729cb4a9e0b8935933a Mon Sep 17 00:00:00 2001 From: Julius Härtl Date: Wed, 16 Nov 2022 20:21:33 +0100 Subject: Skip querying the app container for server namespace MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- lib/private/AppFramework/DependencyInjection/DIContainer.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index 5fd363ee963..8fe17d5a85e 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -442,6 +442,12 @@ class DIContainer extends SimpleContainer implements IAppContainer { if ($name === 'AppName' || $name === 'appName') { return $this->appName; } + + $isServerClass = str_starts_with($name, 'OCP\\') || str_starts_with($name, 'OC\\'); + if ($isServerClass && !$this->has($name)) { + return $this->getServer()->query($name, $autoload); + } + try { return $this->queryNoFallback($name); } catch (QueryException $firstException) { -- cgit v1.2.3 From f0a0bfaaeef447157801f116e90435114b271572 Mon Sep 17 00:00:00 2001 From: Julius Härtl Date: Mon, 21 Nov 2022 11:40:34 +0100 Subject: Move to str_starts_with MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- lib/private/AppFramework/DependencyInjection/DIContainer.php | 6 +++--- lib/private/ServerContainer.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index 8fe17d5a85e..462f9b978fd 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -472,11 +472,11 @@ class DIContainer extends SimpleContainer implements IAppContainer { if ($this->offsetExists($name)) { return parent::query($name); - } elseif ($this->appName === 'settings' && strpos($name, 'OC\\Settings\\') === 0) { + } elseif ($this->appName === 'settings' && str_starts_with($name, 'OC\\Settings\\')) { return parent::query($name); - } elseif ($this->appName === 'core' && strpos($name, 'OC\\Core\\') === 0) { + } elseif ($this->appName === 'core' && str_starts_with($name, 'OC\\Core\\')) { return parent::query($name); - } elseif (strpos($name, \OC\AppFramework\App::buildAppNamespace($this->appName) . '\\') === 0) { + } elseif (str_starts_with($name, \OC\AppFramework\App::buildAppNamespace($this->appName) . '\\')) { return parent::query($name); } diff --git a/lib/private/ServerContainer.php b/lib/private/ServerContainer.php index 4352d0e8350..e53737990e8 100644 --- a/lib/private/ServerContainer.php +++ b/lib/private/ServerContainer.php @@ -139,7 +139,7 @@ class ServerContainer extends SimpleContainer { public function query(string $name, bool $autoload = true) { $name = $this->sanitizeName($name); - if (strpos($name, 'OCA\\') !== 0) { + if (str_starts_with($name, 'OCA\\')) { // Skip server container query for app namespace classes try { return parent::query($name, false); -- cgit v1.2.3 From 81f2857f340464d996caf454bb38e27a7fb970c1 Mon Sep 17 00:00:00 2001 From: Artur Neumann Date: Thu, 15 Dec 2022 13:06:02 +0545 Subject: check if params given to API are really an array Signed-off-by: Artur Neumann --- lib/private/AppFramework/Http/Request.php | 3 +-- tests/lib/AppFramework/Http/RequestTest.php | 15 +++++++++++++-- 2 files changed, 14 insertions(+), 4 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 496a845dd4a..286187c696c 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -431,13 +431,12 @@ class Request implements \ArrayAccess, \Countable, IRequest { // 'application/json' must be decoded manually. if (strpos($this->getHeader('Content-Type'), 'application/json') !== false) { $params = json_decode(file_get_contents($this->inputStream), true); - if ($params !== null && \count($params) > 0) { + if (\is_array($params) && \count($params) > 0) { $this->items['params'] = $params; if ($this->method === 'POST') { $this->items['post'] = $params; } } - // Handle application/x-www-form-urlencoded for methods other than GET // or post correctly } elseif ($this->method !== 'GET' diff --git a/tests/lib/AppFramework/Http/RequestTest.php b/tests/lib/AppFramework/Http/RequestTest.php index cf5ebdca2f0..78f4f80f8be 100644 --- a/tests/lib/AppFramework/Http/RequestTest.php +++ b/tests/lib/AppFramework/Http/RequestTest.php @@ -207,9 +207,20 @@ class RequestTest extends \Test\TestCase { $this->assertSame('Joey', $request['nickname']); } - public function testNotJsonPost() { + public function notJsonDataProvider() { + return [ + ['this is not valid json'], + ['"just a string"'], + ['{"just a string"}'], + ]; + } + + /** + * @dataProvider notJsonDataProvider + */ + public function testNotJsonPost($testData) { global $data; - $data = 'this is not valid json'; + $data = $testData; $vars = [ 'method' => 'POST', 'server' => ['CONTENT_TYPE' => 'application/json; utf-8'] -- cgit v1.2.3 From b6dd1a1d7b5a5eb8c5af4b1b793b06a1725bb53a Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Thu, 15 Dec 2022 09:33:52 +0100 Subject: fix(app framework): Fix missing cast of double controller parameters ``settype`` allows 'double' as alias of 'float'. Signed-off-by: Christoph Wurst --- lib/private/AppFramework/Http/Dispatcher.php | 2 +- tests/lib/AppFramework/Http/DispatcherTest.php | 21 ++++++++++++++------- 2 files changed, 15 insertions(+), 8 deletions(-) (limited to 'lib/private/AppFramework') diff --git a/lib/private/AppFramework/Http/Dispatcher.php b/lib/private/AppFramework/Http/Dispatcher.php index c1a203a7165..aaaf2ba6560 100644 --- a/lib/private/AppFramework/Http/Dispatcher.php +++ b/lib/private/AppFramework/Http/Dispatcher.php @@ -194,7 +194,7 @@ class Dispatcher { $arguments = []; // valid types that will be casted - $types = ['int', 'integer', 'bool', 'boolean', 'float']; + $types = ['int', 'integer', 'bool', 'boolean', 'float', 'double']; foreach ($this->reflector->getParameters() as $param => $default) { diff --git a/tests/lib/AppFramework/Http/DispatcherTest.php b/tests/lib/AppFramework/Http/DispatcherTest.php index 8f591f26e58..016bd7efb58 100644 --- a/tests/lib/AppFramework/Http/DispatcherTest.php +++ b/tests/lib/AppFramework/Http/DispatcherTest.php @@ -51,11 +51,12 @@ class TestController extends Controller { /** * @param int $int * @param bool $bool + * @param double $foo * @param int $test - * @param int $test2 + * @param integer $test2 * @return array */ - public function exec($int, $bool, $test = 4, $test2 = 1) { + public function exec($int, $bool, $foo, $test = 4, $test2 = 1) { $this->registerResponder('text', function ($in) { return new JSONResponse(['text' => $in]); }); @@ -315,7 +316,8 @@ class DispatcherTest extends \Test\TestCase { [ 'post' => [ 'int' => '3', - 'bool' => 'false' + 'bool' => 'false', + 'double' => 1.2, ], 'method' => 'POST' ], @@ -346,6 +348,7 @@ class DispatcherTest extends \Test\TestCase { 'post' => [ 'int' => '3', 'bool' => 'false', + 'double' => 1.2, 'test2' => 7 ], 'method' => 'POST', @@ -377,7 +380,8 @@ class DispatcherTest extends \Test\TestCase { [ 'post' => [ 'int' => '3', - 'bool' => 'false' + 'bool' => 'false', + 'double' => 1.2, ], 'urlParams' => [ 'format' => 'text' @@ -410,7 +414,8 @@ class DispatcherTest extends \Test\TestCase { [ 'post' => [ 'int' => '3', - 'bool' => 'false' + 'bool' => 'false', + 'double' => 1.2, ], 'urlParams' => [ 'format' => 'json' @@ -443,7 +448,8 @@ class DispatcherTest extends \Test\TestCase { [ 'post' => [ 'int' => '3', - 'bool' => 'false' + 'bool' => 'false', + 'double' => 1.2, ], 'server' => [ 'HTTP_ACCEPT' => 'application/text, test', @@ -477,7 +483,8 @@ class DispatcherTest extends \Test\TestCase { [ 'post' => [ 'int' => '3', - 'bool' => 'false' + 'bool' => 'false', + 'double' => 1.2, ], 'get' => [ 'format' => 'text' -- cgit v1.2.3