From 409b5108896edda9adf916cd566dbce2d2b00351 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Tue, 10 Dec 2013 12:05:39 +0100 Subject: Moved content disposition code+workarounds to OCP\Response Added new OC\Response API called setContentDispositionHeader() that contains the needed workarounds for UTF8 and IE. Refactored download code to use the new API. Removed unused trashbin download file. --- lib/public/response.php | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'lib/public') diff --git a/lib/public/response.php b/lib/public/response.php index 2ca0a0c9fa4..24d3c81d628 100644 --- a/lib/public/response.php +++ b/lib/public/response.php @@ -54,6 +54,15 @@ class Response { \OC_Response::setLastModifiedHeader( $lastModified ); } + /** + * Sets the content disposition header (with possible workarounds) + * @param string $filename file name + * @param string $type disposition type, either 'attachment' or 'inline' + */ + static public function setContentDispositionHeader( $filename, $type = 'attachment' ) { + \OC_Response::setContentDispositionHeader( $filename, $type ); + } + /** * Disable browser caching * @see enableCaching with cache_time = 0 -- cgit v1.2.3 From 335b2f40a631f7188ab921d69289acaf31908c6e Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Tue, 10 Dec 2013 15:32:48 +0100 Subject: Fixed download file from URL error messages - L10N now converted to string to make them work with json_encode - Added specific error message when server doesn't allow fopen on URLs - Fixed client side to correctly show error message in a notification - Added OCP\JSON::encode() method to encode JSON with support for the OC_L10N_String values --- apps/files/ajax/newfile.php | 28 ++++++++++++++++++++-------- apps/files/js/file-upload.js | 7 ++++++- lib/private/eventsource.php | 6 +++--- lib/private/json.php | 9 ++++++++- lib/public/json.php | 8 ++++++++ 5 files changed, 45 insertions(+), 13 deletions(-) (limited to 'lib/public') diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php index c327d2b9f94..ec5b716fb2a 100644 --- a/apps/files/ajax/newfile.php +++ b/apps/files/ajax/newfile.php @@ -53,13 +53,13 @@ $result = array( ); if(trim($filename) === '') { - $result['data'] = array('message' => $l10n->t('File name cannot be empty.')); + $result['data'] = array('message' => (string)$l10n->t('File name cannot be empty.')); OCP\JSON::error($result); exit(); } if(strpos($filename, '/') !== false) { - $result['data'] = array('message' => $l10n->t('File name must not contain "/". Please choose a different name.')); + $result['data'] = array('message' => (string)$l10n->t('File name must not contain "/". Please choose a different name.')); OCP\JSON::error($result); exit(); } @@ -68,7 +68,7 @@ if(strpos($filename, '/') !== false) { $target = $dir.'/'.$filename; if (\OC\Files\Filesystem::file_exists($target)) { - $result['data'] = array('message' => $l10n->t( + $result['data'] = array('message' => (string)$l10n->t( 'The name %s is already used in the folder %s. Please choose a different name.', array($filename, $dir)) ); @@ -78,20 +78,32 @@ if (\OC\Files\Filesystem::file_exists($target)) { if($source) { if(substr($source, 0, 8)!='https://' and substr($source, 0, 7)!='http://') { - OCP\JSON::error(array('data' => array( 'message' => $l10n->t('Not a valid source') ))); + OCP\JSON::error(array('data' => array('message' => $l10n->t('Not a valid source')))); + exit(); + } + + if (!ini_get('allow_url_fopen')) { + $eventSource->send('error', array('message' => $l10n->t('Server is not allowed to open URLs, please check the server configuration'))); + $eventSource->close(); exit(); } $ctx = stream_context_create(null, array('notification' =>'progress')); - $sourceStream=fopen($source, 'rb', false, $ctx); - $result=\OC\Files\Filesystem::file_put_contents($target, $sourceStream); + $sourceStream=@fopen($source, 'rb', false, $ctx); + $result = 0; + if (is_resource($sourceStream)) { + $result=\OC\Files\Filesystem::file_put_contents($target, $sourceStream); + } if($result) { $meta = \OC\Files\Filesystem::getFileInfo($target); $mime=$meta['mimetype']; $id = $meta['fileid']; - $eventSource->send('success', array('mime'=>$mime, 'size'=>\OC\Files\Filesystem::filesize($target), 'id' => $id, 'etag' => $meta['etag'])); + $eventSource->send('success', array('mime' => $mime, 'size' => \OC\Files\Filesystem::filesize($target), 'id' => $id, 'etag' => $meta['etag'])); } else { - $eventSource->send('error', $l10n->t('Error while downloading %s to %s', array($source, $target))); + $eventSource->send('error', array('message' => $l10n->t('Error while downloading %s to %s', array($source, $target)))); + } + if (is_resource($sourceStream)) { + fclose($sourceStream); } $eventSource->close(); exit(); diff --git a/apps/files/js/file-upload.js b/apps/files/js/file-upload.js index e9663353f74..196817432d5 100644 --- a/apps/files/js/file-upload.js +++ b/apps/files/js/file-upload.js @@ -658,7 +658,12 @@ $(document).ready(function() { }); eventSource.listen('error',function(error) { $('#uploadprogressbar').fadeOut(); - alert(error); + var message = (error && error.message) || t('core', 'Error fetching URL'); + OC.Notification.show(message); + //hide notification after 10 sec + setTimeout(function() { + OC.Notification.hide(); + }, 10000); }); break; } diff --git a/lib/private/eventsource.php b/lib/private/eventsource.php index a83084d9251..4df0bc2e7cd 100644 --- a/lib/private/eventsource.php +++ b/lib/private/eventsource.php @@ -64,13 +64,13 @@ class OC_EventSource{ } if($this->fallback) { $response=''.PHP_EOL; + .$this->fallBackId.',"' . $type . '",' . OCP\JSON::encode($data) . ')' . PHP_EOL; echo $response; }else{ if($type) { - echo 'event: '.$type.PHP_EOL; + echo 'event: ' . $type.PHP_EOL; } - echo 'data: '.json_encode($data).PHP_EOL; + echo 'data: ' . OCP\JSON::encode($data) . PHP_EOL; } echo PHP_EOL; flush(); diff --git a/lib/private/json.php b/lib/private/json.php index 6ba0b13806b..8401f7c3a12 100644 --- a/lib/private/json.php +++ b/lib/private/json.php @@ -109,7 +109,14 @@ class OC_JSON{ if($setContentType) { self::setContentTypeHeader(); } + echo self::encode($data); + } + + /** + * Encode JSON + */ + public static function encode($data) { array_walk_recursive($data, array('OC_JSON', 'to_string')); - echo json_encode($data); + return json_encode($data); } } diff --git a/lib/public/json.php b/lib/public/json.php index 134f724b0e6..831e3ef1cf6 100644 --- a/lib/public/json.php +++ b/lib/public/json.php @@ -169,4 +169,12 @@ class JSON { public static function checkAdminUser() { return(\OC_JSON::checkAdminUser()); } + + /** + * Encode JSON + * @param array $data + */ + public static function encode($data) { + return(\OC_JSON::encode($data)); + } } -- cgit v1.2.3 From 6408125edcb648661f4dd42e8fa1233dcbdf262b Mon Sep 17 00:00:00 2001 From: Jörn Friedrich Dreyer Date: Thu, 12 Dec 2013 19:09:21 +0100 Subject: rely only on php DateTime to parse the db datetime string --- lib/public/share.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'lib/public') diff --git a/lib/public/share.php b/lib/public/share.php index 6b3397c85c6..f0fd8e1ab1b 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -850,9 +850,8 @@ class Share { protected static function expireItem(array $item) { if (!empty($item['expiration'])) { $now = new \DateTime(); - $expirationDate = \Doctrine\DBAL\Types\Type::getType('datetime') - ->convertToPhpValue($item['expiration'], \OC_DB::getConnection()->getDatabasePlatform()); - if ($now > $expirationDate) { + $expires = new \DateTime($item['expiration']); + if ($now > $expires) { self::unshareItem($item); return true; } -- cgit v1.2.3 From 4c45c6f4180b8d087f58e4fec2b3839ded988cf3 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Fri, 13 Dec 2013 13:30:29 +0100 Subject: dont try to register background jobs if we haven't upgraded yet --- lib/base.php | 89 ++++++++++++++++++++++---------------------- lib/public/backgroundjob.php | 8 +++- 2 files changed, 51 insertions(+), 46 deletions(-) (limited to 'lib/public') diff --git a/lib/base.php b/lib/base.php index d361b7768f9..d3e483f4948 100644 --- a/lib/base.php +++ b/lib/base.php @@ -131,8 +131,8 @@ class OC { OC::$THIRDPARTYROOT = rtrim(dirname(OC::$SERVERROOT), '/'); } else { throw new Exception('3rdparty directory not found! Please put the ownCloud 3rdparty' - .' folder in the ownCloud folder or the folder above.' - .' You can also configure the location in the config.php file.'); + . ' folder in the ownCloud folder or the folder above.' + . ' You can also configure the location in the config.php file.'); } // search the apps folder $config_paths = OC_Config::getValue('apps_paths', array()); @@ -156,7 +156,7 @@ class OC { if (empty(OC::$APPSROOTS)) { throw new Exception('apps directory not found! Please put the ownCloud apps folder in the ownCloud folder' - .' or the folder above. You can also configure the location in the config.php file.'); + . ' or the folder above. You can also configure the location in the config.php file.'); } $paths = array(); foreach (OC::$APPSROOTS as $path) { @@ -176,7 +176,8 @@ class OC { public static function checkConfig() { if (file_exists(OC::$SERVERROOT . "/config/config.php") - and !is_writable(OC::$SERVERROOT . "/config/config.php")) { + and !is_writable(OC::$SERVERROOT . "/config/config.php") + ) { $defaults = new OC_Defaults(); if (self::$CLI) { echo "Can't write into config directory!\n"; @@ -188,7 +189,7 @@ class OC { OC_Template::printErrorPage( "Can't write into config directory!", 'This can usually be fixed by ' - .'giving the webserver write access to the config directory.' + . 'giving the webserver write access to the config directory.' ); } } @@ -254,31 +255,42 @@ class OC { } } - public static function checkUpgrade($showTemplate = true) { + /** + * check if the instance needs to preform an upgrade + * + * @return bool + */ + public static function needUpgrade() { if (OC_Config::getValue('installed', false)) { $installedVersion = OC_Config::getValue('version', '0.0.0'); $currentVersion = implode('.', OC_Util::getVersion()); - if (version_compare($currentVersion, $installedVersion, '>')) { - if ($showTemplate && !OC_Config::getValue('maintenance', false)) { - OC_Config::setValue('theme', ''); - $minimizerCSS = new OC_Minimizer_CSS(); - $minimizerCSS->clearCache(); - $minimizerJS = new OC_Minimizer_JS(); - $minimizerJS->clearCache(); - OC_Util::addScript('config'); // needed for web root - OC_Util::addScript('update'); - $tmpl = new OC_Template('', 'update.admin', 'guest'); - $tmpl->assign('version', OC_Util::getVersionString()); - $tmpl->printPage(); - exit(); - } else { - return true; - } - } + return version_compare($currentVersion, $installedVersion, '>'); + } else { return false; } } + public static function checkUpgrade($showTemplate = true) { + if (self::needUpgrade()) { + if ($showTemplate && !OC_Config::getValue('maintenance', false)) { + OC_Config::setValue('theme', ''); + $minimizerCSS = new OC_Minimizer_CSS(); + $minimizerCSS->clearCache(); + $minimizerJS = new OC_Minimizer_JS(); + $minimizerJS->clearCache(); + OC_Util::addScript('config'); // needed for web root + OC_Util::addScript('update'); + $tmpl = new OC_Template('', 'update.admin', 'guest'); + $tmpl->assign('version', OC_Util::getVersionString()); + $tmpl->printPage(); + exit(); + } else { + return true; + } + } + return false; + } + public static function initTemplateEngine() { // Add the stuff we need always OC_Util::addScript("jquery-1.10.0.min"); @@ -462,7 +474,7 @@ class OC { // OC_Util::getInstanceId() for namespacing. See #5409. try { self::$loader->setMemoryCache(\OC\Memcache\Factory::createLowLatency('Autoloader')); - } catch(\Exception $ex) { + } catch (\Exception $ex) { } } OC_Util::isSetLocaleWorking(); @@ -507,7 +519,7 @@ class OC { if (count($errors) > 0) { if (self::$CLI) { foreach ($errors as $error) { - echo $error['error']."\n"; + echo $error['error'] . "\n"; echo $error['hint'] . "\n\n"; } } else { @@ -602,13 +614,9 @@ class OC { * register hooks for the cache */ public static function registerCacheHooks() { - if (OC_Config::getValue('installed', false)) { //don't try to do this before we are properly setup - // register cache cleanup jobs - try { //if this is executed before the upgrade to the new backgroundjob system is completed it will throw an exception - \OCP\BackgroundJob::registerJob('OC\Cache\FileGlobalGC'); - } catch (Exception $e) { + if (OC_Config::getValue('installed', false) && !self::needUpgrade()) { //don't try to do this before we are properly setup + \OCP\BackgroundJob::registerJob('OC\Cache\FileGlobalGC'); - } // NOTE: This will be replaced to use OCP $userSession = \OC_User::getUserSession(); $userSession->listen('postLogin', '\OC\Cache\File', 'loginListener'); @@ -619,14 +627,9 @@ class OC { * register hooks for the cache */ public static function registerLogRotate() { - if (OC_Config::getValue('installed', false) && OC_Config::getValue('log_rotate_size', false)) { + if (OC_Config::getValue('installed', false) && OC_Config::getValue('log_rotate_size', false) && !self::needUpgrade()) { //don't try to do this before we are properly setup - // register cache cleanup jobs - try { //if this is executed before the upgrade to the new backgroundjob system is completed it will throw an exception - \OCP\BackgroundJob::registerJob('OC\Log\Rotate', OC_Config::getValue("datadirectory", OC::$SERVERROOT.'/data').'/owncloud.log'); - } catch (Exception $e) { - - } + \OCP\BackgroundJob::registerJob('OC\Log\Rotate', OC_Config::getValue("datadirectory", OC::$SERVERROOT . '/data') . '/owncloud.log'); } } @@ -653,7 +656,7 @@ class OC { * register hooks for sharing */ public static function registerShareHooks() { - if(\OC_Config::getValue('installed')) { + if (\OC_Config::getValue('installed')) { OC_Hook::connect('OC_User', 'post_deleteUser', 'OCP\Share', 'post_deleteUser'); OC_Hook::connect('OC_User', 'post_addToGroup', 'OCP\Share', 'post_addToGroup'); OC_Hook::connect('OC_User', 'post_removeFromGroup', 'OCP\Share', 'post_removeFromGroup'); @@ -676,7 +679,7 @@ class OC { } $request = OC_Request::getPathInfo(); - if(substr($request, -3) !== '.js') {// we need these files during the upgrade + if (substr($request, -3) !== '.js') { // we need these files during the upgrade self::checkMaintenanceMode(); self::checkUpgrade(); } @@ -794,12 +797,10 @@ class OC { // auth possible via apache module? if (OC::tryApacheAuth()) { $error[] = 'apacheauthfailed'; - } - // remember was checked after last login + } // remember was checked after last login elseif (OC::tryRememberLogin()) { $error[] = 'invalidcookie'; - } - // logon via web form + } // logon via web form elseif (OC::tryFormLogin()) { $error[] = 'invalidpassword'; if ( OC_Config::getValue('log_authfailip', false) ) { diff --git a/lib/public/backgroundjob.php b/lib/public/backgroundjob.php index 1788c4e293d..a7f54491dfa 100644 --- a/lib/public/backgroundjob.php +++ b/lib/public/backgroundjob.php @@ -45,6 +45,7 @@ use \OC\BackgroundJob\JobList; class BackgroundJob { /** * get the execution type of background jobs + * * @return string * * This method returns the type how background jobs are executed. If the user @@ -56,6 +57,7 @@ class BackgroundJob { /** * sets the background jobs execution type + * * @param string $type execution type * @return boolean * @@ -83,8 +85,10 @@ class BackgroundJob { * @return true */ public static function addRegularTask($klass, $method) { - self::registerJob('OC\BackgroundJob\Legacy\RegularJob', array($klass, $method)); - return true; + if (!\OC::needUpgrade()) { + self::registerJob('OC\BackgroundJob\Legacy\RegularJob', array($klass, $method)); + return true; + } } /** -- cgit v1.2.3 From e2efad6ae7c77f9bd50e50e1ba5db27d1d52434f Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Mon, 16 Dec 2013 14:33:03 +0100 Subject: Also add default to the \OCP\IConfig interface --- lib/private/allconfig.php | 8 ++++++-- lib/public/iconfig.php | 15 ++++++++++++--- 2 files changed, 18 insertions(+), 5 deletions(-) (limited to 'lib/public') diff --git a/lib/private/allconfig.php b/lib/private/allconfig.php index 06ecbc8a072..a4aa69d43fb 100644 --- a/lib/private/allconfig.php +++ b/lib/private/allconfig.php @@ -4,7 +4,7 @@ * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. - * + * */ namespace OC; @@ -15,6 +15,7 @@ namespace OC; class AllConfig implements \OCP\IConfig { /** * Sets a new system wide value + * * @param string $key the key of the value, under which will be saved * @param string $value the value that should be stored * @todo need a use case for this @@ -37,6 +38,7 @@ class AllConfig implements \OCP\IConfig { /** * Writes a new app wide value + * * @param string $appName the appName that we want to store the value under * @param string $key the key of the value, under which will be saved * @param string $value the value that should be stored @@ -60,6 +62,7 @@ class AllConfig implements \OCP\IConfig { /** * Set a user defined value + * * @param string $userId the userId of the user that we want to store the value under * @param string $appName the appName that we want to store the value under * @param string $key the key under which the value is being stored @@ -71,13 +74,14 @@ class AllConfig implements \OCP\IConfig { /** * Shortcut for getting a user defined value + * * @param string $userId the userId of the user that we want to store the value under * @param string $appName the appName that we stored the value under * @param string $key the key under which the value is being stored * @param string $default the default value to be returned if the value isn't set * @return string */ - public function getUserValue($userId, $appName, $key, $default = null){ + public function getUserValue($userId, $appName, $key, $default = '') { return \OCP\Config::getUserValue($userId, $appName, $key, $default); } } diff --git a/lib/public/iconfig.php b/lib/public/iconfig.php index da6b6c54843..1d0f8e0015c 100644 --- a/lib/public/iconfig.php +++ b/lib/public/iconfig.php @@ -36,6 +36,7 @@ namespace OCP; interface IConfig { /** * Sets a new system wide value + * * @param string $key the key of the value, under which will be saved * @param string $value the value that should be stored * @todo need a use case for this @@ -44,14 +45,17 @@ interface IConfig { /** * Looks up a system wide defined value + * * @param string $key the key of the value, under which it was saved + * @param string $default the default value to be returned if the value isn't set * @return string the saved value */ - public function getSystemValue($key); + public function getSystemValue($key, $default = ''); /** * Writes a new app wide value + * * @param string $appName the appName that we want to store the value under * @param string $key the key of the value, under which will be saved * @param string $value the value that should be stored @@ -60,15 +64,18 @@ interface IConfig { /** * Looks up an app wide defined value + * * @param string $appName the appName that we stored the value under * @param string $key the key of the value, under which it was saved + * @param string $default the default value to be returned if the value isn't set * @return string the saved value */ - public function getAppValue($appName, $key); + public function getAppValue($appName, $key, $default = ''); /** * Set a user defined value + * * @param string $userId the userId of the user that we want to store the value under * @param string $appName the appName that we want to store the value under * @param string $key the key under which the value is being stored @@ -78,9 +85,11 @@ interface IConfig { /** * Shortcut for getting a user defined value + * * @param string $userId the userId of the user that we want to store the value under * @param string $appName the appName that we stored the value under * @param string $key the key under which the value is being stored + * @param string $default the default value to be returned if the value isn't set */ - public function getUserValue($userId, $appName, $key); + public function getUserValue($userId, $appName, $key, $default = ''); } -- cgit v1.2.3 From 2a1d6d310628fbd22b1972442b19ad98d8ff7ad1 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Mon, 16 Dec 2013 15:04:02 +0100 Subject: Do not use L10n when logging exceptions In some specific situations, the L10N bundle isn't loadable yet (for example when there is an issue with the app_config table). In such case, we still want to be able to log the real exception. This fixes errors that say "OC_L10N_String::__toString must not throw exceptions" --- lib/private/template.php | 3 +-- lib/public/util.php | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) (limited to 'lib/public') diff --git a/lib/private/template.php b/lib/private/template.php index 9b2c1211e61..b2c3a20f281 100644 --- a/lib/private/template.php +++ b/lib/private/template.php @@ -292,9 +292,8 @@ class OC_Template extends \OC\Template\Base { if (!empty($hint)) { $hint = '
'.$hint.'
'; } - $l = OC_L10N::get('lib'); while (method_exists($exception, 'previous') && $exception = $exception->previous()) { - $error_msg .= '
'.$l->t('Caused by:').' '; + $error_msg .= '
Caused by:' . ' '; if ($exception->getCode()) { $error_msg .= '['.$exception->getCode().'] '; } diff --git a/lib/public/util.php b/lib/public/util.php index 1d76fd1e1f7..8e85f9afc3f 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -103,9 +103,8 @@ class Util { } // include cause - $l = \OC_L10N::get('lib'); while (method_exists($ex, 'getPrevious') && $ex = $ex->getPrevious()) { - $message .= ' - '.$l->t('Caused by:').' '; + $message .= ' - Caused by:' . ' '; $message .= $ex->getMessage(); if ($ex->getCode()) { $message .= '[' . $ex->getCode() . '] '; -- cgit v1.2.3 From 5eae75eeca825adedccb1ee29793ffab0502d6e9 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Thu, 19 Dec 2013 00:32:46 +0100 Subject: kill MDB2 in PHPDoc --- lib/public/db.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'lib/public') diff --git a/lib/public/db.php b/lib/public/db.php index c9997c79c3c..5dcb2d9bf4a 100644 --- a/lib/public/db.php +++ b/lib/public/db.php @@ -39,9 +39,9 @@ class DB { * @param string $query Query string * @param int $limit Limit of the SQL statement * @param int $offset Offset of the SQL statement - * @return \MDB2_Statement_Common prepared SQL query + * @return \Doctrine\DBAL\Statement prepared SQL query * - * SQL query via MDB2 prepare(), needs to be execute()'d! + * SQL query via Doctrine prepare(), needs to be execute()'d! */ static public function prepare( $query, $limit=null, $offset=null ) { return(\OC_DB::prepare($query, $limit, $offset)); @@ -73,7 +73,7 @@ class DB { * @param $table string The optional table name (will replace *PREFIX*) and add sequence suffix * @return int * - * MDB2 lastInsertID() + * \Doctrine\DBAL\Connection lastInsertID() * * Call this method right after the insert command or other functions may * cause trouble! @@ -97,7 +97,7 @@ class DB { } /** - * Check if a result is an error, works with MDB2 and PDOException + * Check if a result is an error, works with Doctrine * @param mixed $result * @return bool */ -- cgit v1.2.3 From aa17a896ac03a4aa0530b9fbdf444d1e159d6ec2 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Thu, 19 Dec 2013 00:33:29 +0100 Subject: fix return statement --- lib/public/db.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/public') diff --git a/lib/public/db.php b/lib/public/db.php index 5dcb2d9bf4a..4a19d78d444 100644 --- a/lib/public/db.php +++ b/lib/public/db.php @@ -86,14 +86,14 @@ class DB { * Start a transaction */ public static function beginTransaction() { - return(\OC_DB::beginTransaction()); + \OC_DB::beginTransaction(); } /** * Commit the database changes done during a transaction that is in progress */ public static function commit() { - return(\OC_DB::commit()); + \OC_DB::commit(); } /** -- cgit v1.2.3 From baccc8f584940d607393ef2bdd9c6d3e511b75b8 Mon Sep 17 00:00:00 2001 From: ben-denham Date: Mon, 6 Jan 2014 11:14:43 +1300 Subject: Unshare all will now delete all shares for the item, instead of only for a single owner. --- lib/public/share.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'lib/public') diff --git a/lib/public/share.php b/lib/public/share.php index f0fd8e1ab1b..eb1dd8d1c95 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -655,7 +655,15 @@ class Share { * @return Returns true on success or false on failure */ public static function unshareAll($itemType, $itemSource) { - if ($shares = self::getItemShared($itemType, $itemSource)) { + // Get all of the owners of shares of this item. + $query = \OC_DB::prepare( 'SELECT `uid_owner` from `*PREFIX*share` WHERE `item_type`=? AND `item_source`=?' ); + $result = $query->execute(array($itemType, $itemSource)); + $shares = array(); + // Add each owner's shares to the array of all shares for this item. + while ($row = $result->fetchRow()) { + $shares = array_merge($shares, self::getItems($itemType, $itemSource, null, null, $row['uid_owner'])); + } + if (!empty($shares)) { // Pass all the vars we have for now, they may be useful $hookParams = array( 'itemType' => $itemType, -- cgit v1.2.3 From 9fd4cb1b6683cdebdeaec0f744bd2ba1fb1c64e3 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Tue, 21 Jan 2014 10:42:47 +0100 Subject: adding password protection check to getShareByToken() --- apps/files_sharing/public.php | 2 +- lib/public/share.php | 36 ++++++++++++++++++++++++++++++++---- 2 files changed, 33 insertions(+), 5 deletions(-) (limited to 'lib/public') diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index d050efd5b32..100379047d3 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -35,7 +35,7 @@ function determineIcon($file, $sharingRoot, $sharingToken) { if (isset($_GET['t'])) { $token = $_GET['t']; - $linkItem = OCP\Share::getShareByToken($token); + $linkItem = OCP\Share::getShareByToken($token, false); if (is_array($linkItem) && isset($linkItem['uid_owner'])) { // seems to be a valid share $type = $linkItem['item_type']; diff --git a/lib/public/share.php b/lib/public/share.php index eb1dd8d1c95..4573fe8d8d3 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -347,11 +347,11 @@ class Share { } /** - * Get the item shared by a token - * @param string token - * @return Item + * Based on the given token the share information will be returned - password protected shares will be verified + * @param string $token + * @return array | bool false will be returned in case the token is unknown or unauthorized */ - public static function getShareByToken($token) { + public static function getShareByToken($token, $checkPasswordProtection = true) { $query = \OC_DB::prepare('SELECT * FROM `*PREFIX*share` WHERE `token` = ?', 1); $result = $query->execute(array($token)); if (\OC_DB::isError($result)) { @@ -361,6 +361,12 @@ class Share { if (is_array($row) and self::expireItem($row)) { return false; } + + // password protected shares need to me authenticated + if ($checkPasswordProtection && !\OCP\Share::checkPasswordProtectedShare($row)) { + return false; + } + return $row; } @@ -1888,6 +1894,28 @@ class Share { } } + /** + * In case a password protected link is not yet authenticated this function will return false + * + * @param array $linkItem + * @return bool + */ + public static function checkPasswordProtectedShare(array $linkItem) { + if (!isset($linkItem['share_with'])) { + return true; + } + + if ($linkItem['share_type'] != \OCP\Share::SHARE_TYPE_LINK) { + return true; + } + + if ( \OC::$session->exists('public_link_authenticated') + && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) { + return true; + } + + return false; + } } /** -- cgit v1.2.3 From 6746ad0a7315d1ee06f7b1804b7c9457755f6648 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Tue, 21 Jan 2014 10:55:10 +0100 Subject: in case no share is found for the given token we can return right away --- lib/public/share.php | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lib/public') diff --git a/lib/public/share.php b/lib/public/share.php index 4573fe8d8d3..ddc9e1e066f 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -358,6 +358,9 @@ class Share { \OC_Log::write('OCP\Share', \OC_DB::getErrorMessage($result) . ', token=' . $token, \OC_Log::ERROR); } $row = $result->fetchRow(); + if ($row === false) { + return false; + } if (is_array($row) and self::expireItem($row)) { return false; } -- cgit v1.2.3 From 23a4d0d44ef8b918f054e7ad608d04b2e9a68995 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Tue, 21 Jan 2014 11:32:30 +0100 Subject: OC_Util::setupFS($user) will create a data dir for the given string - no matter if the user really exists - OCP\JSON::checkUserExists($owner); introduces a ready to use check which will bail out with an JSON error --- apps/files/ajax/upload.php | 1 + apps/files/triggerupdate.php | 1 + apps/files_sharing/ajax/publicpreview.php | 3 ++- apps/files_sharing/appinfo/update.php | 1 + apps/files_sharing/public.php | 6 +++--- lib/private/json.php | 14 ++++++++++++++ lib/private/util.php | 4 ++++ lib/public/json.php | 10 +++++++++- 8 files changed, 35 insertions(+), 5 deletions(-) (limited to 'lib/public') diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php index 0e905f993ac..bdaf6a77d14 100644 --- a/apps/files/ajax/upload.php +++ b/apps/files/ajax/upload.php @@ -34,6 +34,7 @@ if (empty($_POST['dirToken'])) { // resolve reshares $rootLinkItem = OCP\Share::resolveReShare($linkItem); + OCP\JSON::checkUserExists($rootLinkItem['uid_owner']); // Setup FS with owner OC_Util::tearDownFS(); OC_Util::setupFS($rootLinkItem['uid_owner']); diff --git a/apps/files/triggerupdate.php b/apps/files/triggerupdate.php index 0e29edbba35..a37b9823add 100644 --- a/apps/files/triggerupdate.php +++ b/apps/files/triggerupdate.php @@ -6,6 +6,7 @@ if (OC::$CLI) { if (count($argv) === 2) { $file = $argv[1]; list(, $user) = explode('/', $file); + OCP\JSON::checkUserExists($owner); OC_Util::setupFS($user); $view = new \OC\Files\View(''); /** diff --git a/apps/files_sharing/ajax/publicpreview.php b/apps/files_sharing/ajax/publicpreview.php index 54a9806e8bf..a52f522afac 100644 --- a/apps/files_sharing/ajax/publicpreview.php +++ b/apps/files_sharing/ajax/publicpreview.php @@ -39,6 +39,7 @@ if(!isset($linkedItem['uid_owner']) || !isset($linkedItem['file_source'])) { $rootLinkItem = OCP\Share::resolveReShare($linkedItem); $userId = $rootLinkItem['uid_owner']; +OCP\JSON::checkUserExists($rootLinkItem['uid_owner']); \OC_Util::setupFS($userId); \OC\Files\Filesystem::initMountPoints($userId); $view = new \OC\Files\View('/' . $userId . '/files'); @@ -88,4 +89,4 @@ try{ } catch (\Exception $e) { \OC_Response::setStatus(500); \OC_Log::write('core', $e->getmessage(), \OC_Log::DEBUG); -} \ No newline at end of file +} diff --git a/apps/files_sharing/appinfo/update.php b/apps/files_sharing/appinfo/update.php index 0d827da28ea..4b716e764f4 100644 --- a/apps/files_sharing/appinfo/update.php +++ b/apps/files_sharing/appinfo/update.php @@ -44,6 +44,7 @@ if (version_compare($installedVersion, '0.3', '<')) { $shareType = OCP\Share::SHARE_TYPE_USER; $shareWith = $row['uid_shared_with']; } + OCP\JSON::checkUserExists($row['uid_owner']); OC_User::setUserId($row['uid_owner']); //we need to setup the filesystem for the user, otherwise OC_FileSystem::getRoot will fail and break OC_Util::setupFS($row['uid_owner']); diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index d050efd5b32..80dd708ee51 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -43,10 +43,10 @@ if (isset($_GET['t'])) { $shareOwner = $linkItem['uid_owner']; $path = null; $rootLinkItem = OCP\Share::resolveReShare($linkItem); - $fileOwner = $rootLinkItem['uid_owner']; - if (isset($fileOwner)) { + if (isset($rootLinkItem['uid_owner'])) { + OCP\JSON::checkUserExists($rootLinkItem['uid_owner']); OC_Util::tearDownFS(); - OC_Util::setupFS($fileOwner); + OC_Util::setupFS($rootLinkItem['uid_owner']); $path = \OC\Files\Filesystem::getPath($linkItem['file_source']); } } diff --git a/lib/private/json.php b/lib/private/json.php index 6a9e5a2df5e..5c5d7e3a3da 100644 --- a/lib/private/json.php +++ b/lib/private/json.php @@ -64,6 +64,20 @@ class OC_JSON{ } } + /** + * Check is a given user exists - send json error msg if not + * @param string $user + */ + public static function checkUserExists($user) { + if (!OCP\User::userExists($user)) { + $l = OC_L10N::get('lib'); + OCP\JSON::error(array('data' => array('message' => $l->t('Unknown user')))); + exit; + } + } + + + /** * Check if the user is a subadmin, send json error msg if not */ diff --git a/lib/private/util.php b/lib/private/util.php index 72afa6f9478..8aa7a074d0d 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -51,6 +51,10 @@ class OC_Util { self::$rootMounted = true; } + if ($user != '' && !OCP\User::userExists($user)) { + return false; + } + //if we aren't logged in, there is no use to set up the filesystem if( $user != "" ) { \OC\Files\Filesystem::addStorageWrapper(function($mountPoint, $storage){ diff --git a/lib/public/json.php b/lib/public/json.php index 831e3ef1cf6..cd5d233ef90 100644 --- a/lib/public/json.php +++ b/lib/public/json.php @@ -167,7 +167,7 @@ class JSON { * @return string json formatted string if not admin user. */ public static function checkAdminUser() { - return(\OC_JSON::checkAdminUser()); + \OC_JSON::checkAdminUser(); } /** @@ -177,4 +177,12 @@ class JSON { public static function encode($data) { return(\OC_JSON::encode($data)); } + + /** + * Check is a given user exists - send json error msg if not + * @param string $user + */ + public static function checkUserExists($user) { + \OC_JSON::checkUserExists($user); + } } -- cgit v1.2.3 From a3ea5aa2ac85fea812e25e2578db4cf86a0d3418 Mon Sep 17 00:00:00 2001 From: Thomas Müller Date: Tue, 21 Jan 2014 12:07:08 +0100 Subject: fixing comment + adding unit test for checkPasswordProtectedShare --- lib/public/share.php | 8 +++++++- tests/lib/share/share.php | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 1 deletion(-) (limited to 'lib/public') diff --git a/lib/public/share.php b/lib/public/share.php index ddc9e1e066f..f832d04a70f 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -365,7 +365,7 @@ class Share { return false; } - // password protected shares need to me authenticated + // password protected shares need to be authenticated if ($checkPasswordProtection && !\OCP\Share::checkPasswordProtectedShare($row)) { return false; } @@ -1907,6 +1907,12 @@ class Share { if (!isset($linkItem['share_with'])) { return true; } + if (!isset($linkItem['share_type'])) { + return true; + } + if (!isset($linkItem['id'])) { + return true; + } if ($linkItem['share_type'] != \OCP\Share::SHARE_TYPE_LINK) { return true; diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index 2fe2837019f..d6acee6c924 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -25,6 +25,8 @@ class Test_Share extends PHPUnit_Framework_TestCase { protected $userBackend; protected $user1; protected $user2; + protected $user3; + protected $user4; protected $groupBackend; protected $group1; protected $group2; @@ -656,4 +658,44 @@ class Test_Share extends PHPUnit_Framework_TestCase { 'Failed asserting that the share of the test.txt file by user 2 has been removed.' ); } + + /** + * @dataProvider checkPasswordProtectedShareDataProvider + * @param $expected + * @param $item + */ + public function testCheckPasswordProtectedShare($expected, $item) { + \OC::$session->set('public_link_authenticated', 100); + $result = \OCP\Share::checkPasswordProtectedShare($item); + $this->assertEquals($expected, $result); + } + + function checkPasswordProtectedShareDataProvider() { + return array( + array(true, array()), + array(true, array('share_with' => null)), + array(true, array('share_with' => '')), + array(true, array('share_with' => '1234567890', 'share_type' => '1')), + array(true, array('share_with' => '1234567890', 'share_type' => 1)), + array(true, array('share_with' => '1234567890', 'share_type' => '3', 'id' => 100)), + array(true, array('share_with' => '1234567890', 'share_type' => 3, 'id' => 100)), + array(false, array('share_with' => '1234567890', 'share_type' => '3', 'id' => 101)), + array(false, array('share_with' => '1234567890', 'share_type' => 3, 'id' => 101)), + ); + + /* + if (!isset($linkItem['share_with'])) { + return true; + } + + if ($linkItem['share_type'] != \OCP\Share::SHARE_TYPE_LINK) { + return true; + } + + if ( \OC::$session->exists('public_link_authenticated') + && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) { + return true; + } + * */ + } } -- cgit v1.2.3 From 506393090bf33ea1aa3a18983748e6a5b4078d4d Mon Sep 17 00:00:00 2001 From: Jens-Christian Fischer Date: Fri, 24 Jan 2014 14:04:37 +0100 Subject: Add 'mail_from_address' configuration In environments where there are rules for the email addresses, the "from address" that owncloud uses has to be configurable. This patch adds a new configuration variable 'mail_from_address'. If it is configured, owncloud will use this as the sender of *all* emails. (OwnCloud uses 'sharing-noreply' and 'password-noreply' by default). By using the 'mail_from_address' configuration, only this email address will be used. --- lib/public/util.php | 1 + tests/lib/util.php | 9 +++++++++ 2 files changed, 10 insertions(+) (limited to 'lib/public') diff --git a/lib/public/util.php b/lib/public/util.php index 8e85f9afc3f..8514a168b46 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -256,6 +256,7 @@ class Util { * it would return 'lostpassword-noreply@example.com' */ public static function getDefaultEmailAddress($user_part) { + $user_part = \OC_Config::getValue('mail_from_address', $user_part); $host_name = self::getServerHostName(); $host_name = \OC_Config::getValue('mail_domain', $host_name); $defaultEmailAddress = $user_part.'@'.$host_name; diff --git a/tests/lib/util.php b/tests/lib/util.php index 852caaeccc3..bfe68f5f680 100644 --- a/tests/lib/util.php +++ b/tests/lib/util.php @@ -88,6 +88,15 @@ class Test_Util extends PHPUnit_Framework_TestCase { OC_Config::deleteKey('mail_domain'); } + function testGetConfiguredEmailAddressFromConfig() { + OC_Config::setValue('mail_domain', 'example.com'); + OC_Config::setValue('mail_from_address', 'owncloud'); + $email = \OCP\Util::getDefaultEmailAddress("no-reply"); + $this->assertEquals('owncloud@example.com', $email); + OC_Config::deleteKey('mail_domain'); + OC_Config::deleteKey('mail_from_address'); + } + function testGetInstanceIdGeneratesValidId() { OC_Config::deleteKey('instanceid'); $this->assertStringStartsWith('oc', OC_Util::getInstanceId()); -- cgit v1.2.3 From 0f6c60717140c885ebb33dfc38d94081a894dd6d Mon Sep 17 00:00:00 2001 From: Jens-Christian Fischer Date: Fri, 24 Jan 2014 14:22:42 +0100 Subject: added function documentation --- lib/public/util.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lib/public') diff --git a/lib/public/util.php b/lib/public/util.php index 8514a168b46..6317f10a66f 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -254,6 +254,10 @@ class Util { * Example: when given lostpassword-noreply as $user_part param, * and is currently accessed via http(s)://example.com/, * it would return 'lostpassword-noreply@example.com' + * + * If the configuration value 'mail_from_address' is set in + * config.php, this value will override the $user_part that + * is passed to this function */ public static function getDefaultEmailAddress($user_part) { $user_part = \OC_Config::getValue('mail_from_address', $user_part); -- cgit v1.2.3 From 11ef12a1060f3e34312ae40c690f95765d7c5f89 Mon Sep 17 00:00:00 2001 From: Vincent Petry Date: Thu, 23 Jan 2014 12:11:53 +0100 Subject: Added exception logger plugin for sabre connector Whenever an exception occurs in the sabre connector code or code called by it, it will be logged. This plugin approach is needed because Sabre already catches exceptions to return them to the client in the XML response, so they don't appear logged in the web server log. This will make it much easier to debug syncing issues. --- apps/files/appinfo/remote.php | 1 + .../connector/sabre/exceptionloggerplugin.php | 50 ++++++++++++++++++++++ lib/private/connector/sabre/file.php | 6 +-- lib/public/util.php | 8 +++- 4 files changed, 60 insertions(+), 5 deletions(-) create mode 100644 lib/private/connector/sabre/exceptionloggerplugin.php (limited to 'lib/public') diff --git a/apps/files/appinfo/remote.php b/apps/files/appinfo/remote.php index 9f290796205..ef22fe92188 100644 --- a/apps/files/appinfo/remote.php +++ b/apps/files/appinfo/remote.php @@ -52,6 +52,7 @@ $server->addPlugin(new OC_Connector_Sabre_FilesPlugin()); $server->addPlugin(new OC_Connector_Sabre_AbortedUploadDetectionPlugin()); $server->addPlugin(new OC_Connector_Sabre_QuotaPlugin()); $server->addPlugin(new OC_Connector_Sabre_MaintenancePlugin()); +$server->addPlugin(new OC_Connector_Sabre_ExceptionLoggerPlugin('webdav')); // And off we go! $server->exec(); diff --git a/lib/private/connector/sabre/exceptionloggerplugin.php b/lib/private/connector/sabre/exceptionloggerplugin.php new file mode 100644 index 00000000000..8e77afaf207 --- /dev/null +++ b/lib/private/connector/sabre/exceptionloggerplugin.php @@ -0,0 +1,50 @@ + + * + * @license AGPL3 + */ + +class OC_Connector_Sabre_ExceptionLoggerPlugin extends Sabre_DAV_ServerPlugin +{ + private $appName; + + /** + * @param string $loggerAppName app name to use when logging + */ + public function __construct($loggerAppName = 'webdav') { + $this->appName = $loggerAppName; + } + + /** + * This initializes the plugin. + * + * This function is called by Sabre_DAV_Server, after + * addPlugin is called. + * + * This method should set up the required event subscriptions. + * + * @param Sabre_DAV_Server $server + * @return void + */ + public function initialize(Sabre_DAV_Server $server) { + + $server->subscribeEvent('exception', array($this, 'logException'), 10); + } + + /** + * Log exception + * + * @internal param Exception $e exception + */ + public function logException($e) { + $exceptionClass = get_class($e); + if ($exceptionClass !== 'Sabre_DAV_Exception_NotAuthenticated') { + \OCP\Util::logException($this->appName, $e); + } + } +} diff --git a/lib/private/connector/sabre/file.php b/lib/private/connector/sabre/file.php index c3b59007295..ed27cef440d 100644 --- a/lib/private/connector/sabre/file.php +++ b/lib/private/connector/sabre/file.php @@ -79,7 +79,7 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D \OC_Log::write('webdav', '\OC\Files\Filesystem::file_put_contents() failed', \OC_Log::ERROR); $fs->unlink($partpath); // because we have no clue about the cause we can only throw back a 500/Internal Server Error - throw new Sabre_DAV_Exception(); + throw new Sabre_DAV_Exception('Could not write file contents'); } } catch (\OCP\Files\NotPermittedException $e) { // a more general case - due to whatever reason the content could not be written @@ -105,7 +105,7 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D if ($renameOkay === false || $fileExists === false) { \OC_Log::write('webdav', '\OC\Files\Filesystem::rename() failed', \OC_Log::ERROR); $fs->unlink($partpath); - throw new Sabre_DAV_Exception(); + throw new Sabre_DAV_Exception('Could not rename part file to final file'); } // allow sync clients to send the mtime along in a header @@ -246,7 +246,7 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D if ($fileExists) { $fs->unlink($targetPath); } - throw new Sabre_DAV_Exception(); + throw new Sabre_DAV_Exception('Could not rename part file assembled from chunks'); } // allow sync clients to send the mtime along in a header diff --git a/lib/public/util.php b/lib/public/util.php index 8e85f9afc3f..e893a76d811 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -88,14 +88,18 @@ class Util { * @param Exception $ex exception to log */ public static function logException( $app, \Exception $ex ) { - $message = $ex->getMessage(); + $class = get_class($ex); + if ($class !== 'Exception') { + $message = $class . ': '; + } + $message .= $ex->getMessage(); if ($ex->getCode()) { $message .= ' [' . $ex->getCode() . ']'; } \OCP\Util::writeLog($app, 'Exception: ' . $message, \OCP\Util::FATAL); if (defined('DEBUG') and DEBUG) { // also log stack trace - $stack = explode('#', $ex->getTraceAsString()); + $stack = explode("\n", $ex->getTraceAsString()); // first element is empty array_shift($stack); foreach ($stack as $s) { -- cgit v1.2.3