From 0a77a5ec1938529f4a190df33a35b3a0c9633e4f Mon Sep 17 00:00:00 2001 From: Michael Kuhn Date: Sat, 23 Aug 2014 12:05:19 +0200 Subject: Add unit tests for new unshareFromSelf() functionality. --- tests/lib/share/share.php | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'tests/lib') diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index 5920b44a8e0..072cf32cd66 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -314,6 +314,25 @@ class Test_Share extends PHPUnit_Framework_TestCase { $this->assertTrue(in_array('test.txt', $to_test)); $this->assertTrue(in_array('test1.txt', $to_test)); + // Unshare from self + $this->assertTrue(OCP\Share::unshareFromSelf('test', 'test.txt')); + $this->assertEquals(array('test1.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + + // Unshare from self via source + $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true)); + $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + + OC_User::setUserId($this->user1); + $this->assertTrue(OCP\Share::shareItem('test', 'test.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, OCP\PERMISSION_READ)); + OC_User::setUserId($this->user3); + $this->assertTrue(OCP\Share::shareItem('test', 'share.txt', OCP\Share::SHARE_TYPE_USER, $this->user2, OCP\PERMISSION_READ)); + + OC_User::setUserId($this->user2); + $to_test = OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET); + $this->assertEquals(2, count($to_test)); + $this->assertTrue(in_array('test.txt', $to_test)); + $this->assertTrue(in_array('test1.txt', $to_test)); + // Remove user OC_User::setUserId($this->user1); OC_User::deleteUser($this->user1); @@ -513,6 +532,11 @@ class Test_Share extends PHPUnit_Framework_TestCase { OC_User::setUserId($this->user2); $this->assertEquals(array('test.txt'), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + // Unshare from self via source + OC_User::setUserId($this->user1); + $this->assertTrue(OCP\Share::unshareFromSelf('test', 'share.txt', true)); + $this->assertEquals(array(), OCP\Share::getItemsSharedWith('test', Test_Share_Backend::FORMAT_TARGET)); + // Remove group OC_Group::deleteGroup($this->group1); OC_User::setUserId($this->user4); -- cgit v1.2.3 From 7acdd018a1555c9bc5dcc1702074a10f862bb170 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Tue, 26 Aug 2014 23:58:13 +0200 Subject: Add support for getting the real client IP behind proxies Fixes https://github.com/owncloud/core/issues/10624 Fix copy paste fail Add unittest for comma separated headers Revert 3rdparty --- config/config.sample.php | 6 ++++++ lib/private/allconfig.php | 2 +- lib/private/request.php | 28 ++++++++++++++++++++++++++++ lib/public/config.php | 2 +- lib/public/iconfig.php | 2 +- tests/lib/request.php | 38 +++++++++++++++++++++++++++++++++++--- 6 files changed, 72 insertions(+), 6 deletions(-) (limited to 'tests/lib') diff --git a/config/config.sample.php b/config/config.sample.php index 96565556910..d232e18ab08 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -62,6 +62,12 @@ $CONFIG = array( /* List of trusted domains, to prevent host header poisoning ownCloud is only using these Host headers */ 'trusted_domains' => array('demo.owncloud.org', 'otherdomain.owncloud.org:8080'), +/* List of trusted proxy servers */ +'trusted_proxies' => array('203.0.113.45', '198.51.100.128'), + +/* Headers that should be trusted as client IP address in combination with `trusted_proxies` */ +'forwarded_for_headers' => array('HTTP_X_FORWARDED', 'HTTP_FORWARDED_FOR'), + /* Theme to use for ownCloud */ "theme" => "", diff --git a/lib/private/allconfig.php b/lib/private/allconfig.php index eb114546010..ef8673af231 100644 --- a/lib/private/allconfig.php +++ b/lib/private/allconfig.php @@ -28,7 +28,7 @@ class AllConfig implements \OCP\IConfig { * * @param string $key the key of the value, under which it was saved * @param mixed $default the default value to be returned if the value isn't set - * @return string the saved value + * @return mixed the value or $default */ public function getSystemValue($key, $default = '') { return \OCP\Config::getSystemValue($key, $default); diff --git a/lib/private/request.php b/lib/private/request.php index 5fd5b3a7197..b063c1f5967 100755 --- a/lib/private/request.php +++ b/lib/private/request.php @@ -15,6 +15,34 @@ class OC_Request { const REGEX_LOCALHOST = '/^(127\.0\.0\.1|localhost)(:[0-9]+|)$/'; + /** + * Returns the remote address, if the connection came from a trusted proxy and `forwarded_for_headers` has been configured + * then the IP address specified in this header will be returned instead. + * Do always use this instead of $_SERVER['REMOTE_ADDR'] + * @return string IP address + */ + public static function getRemoteAddress() { + $remoteAddress = $_SERVER['REMOTE_ADDR']; + $trustedProxies = \OC::$server->getConfig()->getSystemValue('trusted_proxies', array()); + + if(is_array($trustedProxies) && in_array($remoteAddress, $trustedProxies)) { + $forwardedForHeaders = \OC::$server->getConfig()->getSystemValue('forwarded_for_headers', array()); + + foreach($forwardedForHeaders as $header) { + if (array_key_exists($header, $_SERVER) === true) { + foreach (explode(',', $_SERVER[$header]) as $IP) { + $IP = trim($IP); + if (filter_var($IP, FILTER_VALIDATE_IP) !== false) { + return $IP; + } + } + } + } + } + + return $remoteAddress; + } + /** * Check overwrite condition * @param string $type diff --git a/lib/public/config.php b/lib/public/config.php index ea3e0c1372a..65dde39cdce 100644 --- a/lib/public/config.php +++ b/lib/public/config.php @@ -43,7 +43,7 @@ class Config { * Gets a value from config.php * @param string $key key * @param mixed $default = null default value - * @return string the value or $default + * @return mixed the value or $default * * This function gets the value from config.php. If it does not exist, * $default will be returned. diff --git a/lib/public/iconfig.php b/lib/public/iconfig.php index d4a8cdc7381..4865f8bc85b 100644 --- a/lib/public/iconfig.php +++ b/lib/public/iconfig.php @@ -47,7 +47,7 @@ interface IConfig { * * @param string $key the key of the value, under which it was saved * @param string $default the default value to be returned if the value isn't set - * @return string the saved value + * @return mixed the value or $default */ public function getSystemValue($key, $default = ''); diff --git a/tests/lib/request.php b/tests/lib/request.php index bff84e1b03f..b89bf92ece7 100644 --- a/tests/lib/request.php +++ b/tests/lib/request.php @@ -9,21 +9,53 @@ class Test_Request extends PHPUnit_Framework_TestCase { public function setUp() { - OC_Config::setValue('overwritewebroot', '/domain.tld/ownCloud'); + OC::$server->getConfig()->setSystemValue('overwritewebroot', '/domain.tld/ownCloud'); + + OC::$server->getConfig()->setSystemValue('trusted_proxies', array()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array()); } public function tearDown() { - OC_Config::setValue('overwritewebroot', ''); + OC::$server->getConfig()->setSystemValue('overwritewebroot', ''); + OC::$server->getConfig()->setSystemValue('trusted_proxies', array()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array()); } public function testScriptNameOverWrite() { $_SERVER['REMOTE_ADDR'] = '10.0.0.1'; - $_SERVER["SCRIPT_FILENAME"] = __FILE__; + $_SERVER['SCRIPT_FILENAME'] = __FILE__; $scriptName = OC_Request::scriptName(); $this->assertEquals('/domain.tld/ownCloud/tests/lib/request.php', $scriptName); } + public function testGetRemoteAddress() { + $_SERVER['REMOTE_ADDR'] = '10.0.0.2'; + $_SERVER['HTTP_X_FORWARDED'] = '10.4.0.5, 10.4.0.4'; + $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.233'; + + // Without having specified a trusted remote address + $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress()); + + // With specifying a trusted remote address but no trusted header + OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2')); + $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress()); + + // With specifying a trusted remote address and trusted headers + OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2')); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED')); + $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED')); + $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress()); + + // With specifying multiple trusted remote addresses and trusted headers + OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.3.4.2', '10.0.0.2', '127.0.3.3')); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED')); + $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress()); + OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED')); + $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress()); + } + /** * @dataProvider rawPathInfoProvider * @param $expected -- cgit v1.2.3 From 47a2e31c93b2c172bcc9ce84a3ebb9904b0fd612 Mon Sep 17 00:00:00 2001 From: Oliver Gasser Date: Wed, 27 Aug 2014 13:28:04 +0200 Subject: Make Entity properties ```protected``` as in docs Entity properties are marked as ```protected``` to correctly reflect the documentation. See also owncloud/documentation@644f2eedac8e912c3019366b29ecdfbd9a15c5d9 --- tests/lib/appframework/db/EntityTest.php | 10 +++++----- tests/lib/appframework/db/mappertest.php | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'tests/lib') diff --git a/tests/lib/appframework/db/EntityTest.php b/tests/lib/appframework/db/EntityTest.php index 9de44b9b3ba..d98cb549422 100644 --- a/tests/lib/appframework/db/EntityTest.php +++ b/tests/lib/appframework/db/EntityTest.php @@ -37,10 +37,10 @@ namespace OCP\AppFramework\Db; * @method void setPreName(string $preName) */ class TestEntity extends Entity { - public $name; - public $email; - public $testId; - public $preName; + protected $name; + protected $email; + protected $testId; + protected $preName; public function __construct($name=null){ $this->addType('testId', 'integer'); @@ -220,4 +220,4 @@ class EntityTest extends \PHPUnit_Framework_TestCase { } -} \ No newline at end of file +} diff --git a/tests/lib/appframework/db/mappertest.php b/tests/lib/appframework/db/mappertest.php index 42aa1ade810..fd1acd0367e 100644 --- a/tests/lib/appframework/db/mappertest.php +++ b/tests/lib/appframework/db/mappertest.php @@ -36,8 +36,8 @@ use Test\AppFramework\Db\MapperTestUtility; * @method void setPreName(string $preName) */ class Example extends Entity { - public $preName; - public $email; + protected $preName; + protected $email; }; -- cgit v1.2.3 From f551917a3ca2cedf748337646ed4b1d398ac8437 Mon Sep 17 00:00:00 2001 From: Jörn Friedrich Dreyer Date: Wed, 16 Jul 2014 19:40:22 +0200 Subject: kill OC::$session maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession restore order os OC::$session and OC::$CLI remove unneded initialization of dummy session write back session when $useCustomSession is true log warning when deprecated app is used --- apps/files/ajax/delete.php | 2 +- apps/files/ajax/download.php | 2 +- apps/files/ajax/getstoragestats.php | 2 +- apps/files/ajax/list.php | 2 +- apps/files/ajax/mimeicon.php | 2 +- apps/files/ajax/move.php | 2 +- apps/files/ajax/newfile.php | 2 +- apps/files/ajax/newfolder.php | 2 +- apps/files/ajax/rename.php | 2 +- apps/files/ajax/scan.php | 2 +- apps/files/ajax/upload.php | 2 +- apps/files_encryption/lib/session.php | 22 +++++------ apps/files_external/lib/smb_oc.php | 8 ++-- apps/files_sharing/lib/helper.php | 6 +-- apps/files_sharing/public.php | 6 +-- cron.php | 4 +- lib/base.php | 39 ++++++++++--------- .../dependencyinjection/dicontainer.php | 2 +- lib/private/connector/sabre/auth.php | 2 +- lib/private/server.php | 30 +++++++++------ lib/private/share/share.php | 4 +- lib/private/template.php | 12 +++--- lib/private/user.php | 8 ++-- lib/private/user/session.php | 44 ++++++++++++++++++++-- lib/private/util.php | 16 ++++---- tests/lib/ocs/privatedata.php | 2 +- tests/lib/share/share.php | 6 +-- tests/startsessionlistener.php | 4 +- 28 files changed, 142 insertions(+), 95 deletions(-) (limited to 'tests/lib') diff --git a/apps/files/ajax/delete.php b/apps/files/ajax/delete.php index aed53d5db5a..323b70706ce 100644 --- a/apps/files/ajax/delete.php +++ b/apps/files/ajax/delete.php @@ -2,7 +2,7 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); -\OC::$session->close(); +\OC::$server->getSession()->close(); // Get data diff --git a/apps/files/ajax/download.php b/apps/files/ajax/download.php index 4b4a7f8948d..b2e144c4b8f 100644 --- a/apps/files/ajax/download.php +++ b/apps/files/ajax/download.php @@ -23,7 +23,7 @@ // Check if we are a user OCP\User::checkLoggedIn(); -\OC::$session->close(); +\OC::$server->getSession()->close(); $files = $_GET["files"]; $dir = $_GET["dir"]; diff --git a/apps/files/ajax/getstoragestats.php b/apps/files/ajax/getstoragestats.php index dd8af39bada..4ab5b9a779c 100644 --- a/apps/files/ajax/getstoragestats.php +++ b/apps/files/ajax/getstoragestats.php @@ -7,7 +7,7 @@ if (isset($_GET['dir'])) { } OCP\JSON::checkLoggedIn(); -\OC::$session->close(); +\OC::$server->getSession()->close(); // send back json OCP\JSON::success(array('data' => \OCA\Files\Helper::buildFileStorageStatistics($dir))); diff --git a/apps/files/ajax/list.php b/apps/files/ajax/list.php index b4641343ed4..2f2f7054566 100644 --- a/apps/files/ajax/list.php +++ b/apps/files/ajax/list.php @@ -1,7 +1,7 @@ close(); +\OC::$server->getSession()->close(); $l = OC_L10N::get('files'); // Load the files diff --git a/apps/files/ajax/mimeicon.php b/apps/files/ajax/mimeicon.php index 6557ff941ac..fdbcc441a78 100644 --- a/apps/files/ajax/mimeicon.php +++ b/apps/files/ajax/mimeicon.php @@ -1,4 +1,4 @@ close(); +\OC::$server->getSession()->close(); print OC_Helper::mimetypeIcon($_GET['mime']); diff --git a/apps/files/ajax/move.php b/apps/files/ajax/move.php index 0a8dbc24a65..e9a34a1b2f9 100644 --- a/apps/files/ajax/move.php +++ b/apps/files/ajax/move.php @@ -2,7 +2,7 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); -\OC::$session->close(); +\OC::$server->getSession()->close(); // Get data $dir = stripslashes($_POST["dir"]); diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php index 9cfe51a6218..8173816af3a 100644 --- a/apps/files/ajax/newfile.php +++ b/apps/files/ajax/newfile.php @@ -7,7 +7,7 @@ if(!OC_User::isLoggedIn()) { exit; } -\OC::$session->close(); +\OC::$server->getSession()->close(); // Get the params $dir = isset( $_REQUEST['dir'] ) ? '/'.trim($_REQUEST['dir'], '/\\') : ''; diff --git a/apps/files/ajax/newfolder.php b/apps/files/ajax/newfolder.php index 89c241189d7..4ea2ee71de2 100644 --- a/apps/files/ajax/newfolder.php +++ b/apps/files/ajax/newfolder.php @@ -5,7 +5,7 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); -\OC::$session->close(); +\OC::$server->getSession()->close(); // Get the params $dir = isset( $_POST['dir'] ) ? stripslashes($_POST['dir']) : ''; diff --git a/apps/files/ajax/rename.php b/apps/files/ajax/rename.php index fa3ddace63d..e5fdf8af98c 100644 --- a/apps/files/ajax/rename.php +++ b/apps/files/ajax/rename.php @@ -23,7 +23,7 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); -\OC::$session->close(); +\OC::$server->getSession()->close(); $files = new \OCA\Files\App( \OC\Files\Filesystem::getView(), diff --git a/apps/files/ajax/scan.php b/apps/files/ajax/scan.php index d5d88483801..3ec7f9394b1 100644 --- a/apps/files/ajax/scan.php +++ b/apps/files/ajax/scan.php @@ -1,6 +1,6 @@ close(); +\OC::$server->getSession()->close(); $force = (isset($_GET['force']) and ($_GET['force'] === 'true')); $dir = isset($_GET['dir']) ? $_GET['dir'] : ''; diff --git a/apps/files/ajax/upload.php b/apps/files/ajax/upload.php index b737d5f8710..4eca13f1933 100644 --- a/apps/files/ajax/upload.php +++ b/apps/files/ajax/upload.php @@ -68,7 +68,7 @@ if (empty($_POST['dirToken'])) { OCP\JSON::callCheck(); if (!\OCP\App::isEnabled('files_encryption')) { // encryption app need to create keys later, so can't close too early - \OC::$session->close(); + \OC::$server->getSession()->close(); } diff --git a/apps/files_encryption/lib/session.php b/apps/files_encryption/lib/session.php index ff8fbd24ecb..7bd4fd02421 100644 --- a/apps/files_encryption/lib/session.php +++ b/apps/files_encryption/lib/session.php @@ -117,7 +117,7 @@ class Session { */ public function setPrivateKey($privateKey) { - \OC::$session->set('privateKey', $privateKey); + \OC::$server->getSession()->set('privateKey', $privateKey); return true; @@ -140,7 +140,7 @@ class Session { */ public function setInitialized($init) { - \OC::$session->set('encryptionInitialized', $init); + \OC::$server->getSession()->set('encryptionInitialized', $init); return true; @@ -150,8 +150,8 @@ class Session { * remove encryption keys and init status from session */ public function closeSession() { - \OC::$session->remove('encryptionInitialized'); - \OC::$session->remove('privateKey'); + \OC::$server->getSession()->remove('encryptionInitialized'); + \OC::$server->getSession()->remove('privateKey'); } @@ -162,8 +162,8 @@ class Session { * @note this doesn not indicate of the init was successful, we just remeber the try! */ public function getInitialized() { - if (!is_null(\OC::$session->get('encryptionInitialized'))) { - return \OC::$session->get('encryptionInitialized'); + if (!is_null(\OC::$server->getSession()->get('encryptionInitialized'))) { + return \OC::$server->getSession()->get('encryptionInitialized'); } else { return self::NOT_INITIALIZED; } @@ -179,8 +179,8 @@ class Session { if (\OCA\Encryption\Helper::isPublicAccess()) { return $this->getPublicSharePrivateKey(); } else { - if (!is_null(\OC::$session->get('privateKey'))) { - return \OC::$session->get('privateKey'); + if (!is_null(\OC::$server->getSession()->get('privateKey'))) { + return \OC::$server->getSession()->get('privateKey'); } else { return false; } @@ -194,7 +194,7 @@ class Session { */ public function setPublicSharePrivateKey($privateKey) { - \OC::$session->set('publicSharePrivateKey', $privateKey); + \OC::$server->getSession()->set('publicSharePrivateKey', $privateKey); return true; @@ -207,8 +207,8 @@ class Session { */ public function getPublicSharePrivateKey() { - if (!is_null(\OC::$session->get('publicSharePrivateKey'))) { - return \OC::$session->get('publicSharePrivateKey'); + if (!is_null(\OC::$server->getSession()->get('publicSharePrivateKey'))) { + return \OC::$server->getSession()->get('publicSharePrivateKey'); } else { return false; } diff --git a/apps/files_external/lib/smb_oc.php b/apps/files_external/lib/smb_oc.php index 0c79c06c5df..e6f3aaf4052 100644 --- a/apps/files_external/lib/smb_oc.php +++ b/apps/files_external/lib/smb_oc.php @@ -14,12 +14,12 @@ class SMB_OC extends \OC\Files\Storage\SMB { private $username_as_share; public function __construct($params) { - if (isset($params['host']) && \OC::$session->exists('smb-credentials')) { + if (isset($params['host']) && \OC::$server->getSession()->exists('smb-credentials')) { $host=$params['host']; $this->username_as_share = ($params['username_as_share'] === 'true'); - $params_auth = \OC::$session->get('smb-credentials'); - $user = \OC::$session->get('loginname'); + $params_auth = \OC::$server->getSession()->get('smb-credentials'); + $user = \OC::$server->getSession()->get('loginname'); $password = $params_auth['password']; $root=isset($params['root'])?$params['root']:'/'; @@ -45,7 +45,7 @@ class SMB_OC extends \OC\Files\Storage\SMB { } public static function login( $params ) { - \OC::$session->set('smb-credentials', $params); + \OC::$server->getSession()->set('smb-credentials', $params); } public function isSharable($path) { diff --git a/apps/files_sharing/lib/helper.php b/apps/files_sharing/lib/helper.php index f444404c2b1..e7ca4fcccd4 100644 --- a/apps/files_sharing/lib/helper.php +++ b/apps/files_sharing/lib/helper.php @@ -106,7 +106,7 @@ class Helper { return false; } else { // Save item id in session for future requests - \OC::$session->set('public_link_authenticated', $linkItem['id']); + \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']); } } else { \OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'] @@ -117,8 +117,8 @@ class Helper { } else { // not authenticated ? - if ( ! \OC::$session->exists('public_link_authenticated') - || \OC::$session->get('public_link_authenticated') !== $linkItem['id']) { + if ( ! \OC::$server->getSession()->exists('public_link_authenticated') + || \OC::$server->getSession()->get('public_link_authenticated') !== $linkItem['id']) { return false; } } diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index 746bdf87c17..bcf99d01edb 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -63,7 +63,7 @@ if (isset($path)) { exit(); } else { // Save item id in session for future requests - \OC::$session->set('public_link_authenticated', $linkItem['id']); + \OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']); } } else { OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type'] @@ -76,8 +76,8 @@ if (isset($path)) { } else { // Check if item id is set in session - if ( ! \OC::$session->exists('public_link_authenticated') - || \OC::$session->get('public_link_authenticated') !== $linkItem['id'] + if ( ! \OC::$server->getSession()->exists('public_link_authenticated') + || \OC::$server->getSession()->get('public_link_authenticated') !== $linkItem['id'] ) { // Prompt for password OCP\Util::addStyle('files_sharing', 'authenticate'); diff --git a/cron.php b/cron.php index f0acd2f0492..c48f17ed095 100644 --- a/cron.php +++ b/cron.php @@ -56,10 +56,10 @@ try { // load all apps to get all api routes properly setup OC_App::loadApps(); - \OC::$session->close(); + \OC::$server->getSession()->close(); // initialize a dummy memory session - \OC::$session = new \OC\Session\Memory(''); + \OC::$server->setSession(new \OC\Session\Memory('')); $logger = \OC_Log::$object; diff --git a/lib/base.php b/lib/base.php index 1c69d6f5671..2dd107411f0 100644 --- a/lib/base.php +++ b/lib/base.php @@ -71,6 +71,7 @@ class OC { public static $CLI = false; /** + * @deprecated use \OC::$session->getSession() instead * @var \OC\Session\Session */ public static $session = null; @@ -375,19 +376,20 @@ class OC { $cookie_path = OC::$WEBROOT ? : '/'; ini_set('session.cookie_path', $cookie_path); - //set the session object to a dummy session so code relying on the session existing still works - self::$session = new \OC\Session\Memory(''); - // Let the session name be changed in the initSession Hook $sessionName = OC_Util::getInstanceId(); try { // Allow session apps to create a custom session object $useCustomSession = false; - OC_Hook::emit('OC', 'initSession', array('session' => &self::$session, 'sessionName' => &$sessionName, 'useCustomSession' => &$useCustomSession)); - if(!$useCustomSession) { + $session = self::$server->getSession(); + OC_Hook::emit('OC', 'initSession', array('session' => &$session, 'sessionName' => &$sessionName, 'useCustomSession' => &$useCustomSession)); + if($useCustomSession) { + // use the session reference as the new Session + self::$server->setSession($session); + } else { // set the session name to the instance id - which is unique - self::$session = new \OC\Session\Internal($sessionName); + self::$server->setSession(new \OC\Session\Internal($sessionName)); } // if session cant be started break with http 500 error } catch (Exception $e) { @@ -398,15 +400,19 @@ class OC { $sessionLifeTime = self::getSessionLifeTime(); // regenerate session id periodically to avoid session fixation - if (!self::$session->exists('SID_CREATED')) { - self::$session->set('SID_CREATED', time()); - } else if (time() - self::$session->get('SID_CREATED') > $sessionLifeTime / 2) { + /** + * @var \OCP\ISession $session + */ + $session = self::$server->getSession(); + if (!$session->exists('SID_CREATED')) { + $session->set('SID_CREATED', time()); + } else if (time() - $session->get('SID_CREATED') > $sessionLifeTime / 2) { session_regenerate_id(true); - self::$session->set('SID_CREATED', time()); + $session->set('SID_CREATED', time()); } // session timeout - if (self::$session->exists('LAST_ACTIVITY') && (time() - self::$session->get('LAST_ACTIVITY') > $sessionLifeTime)) { + if ($session->exists('LAST_ACTIVITY') && (time() - $session->get('LAST_ACTIVITY') > $sessionLifeTime)) { if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, $cookie_path); } @@ -415,7 +421,7 @@ class OC { session_start(); } - self::$session->set('LAST_ACTIVITY', time()); + $session->set('LAST_ACTIVITY', time()); } /** @@ -447,9 +453,6 @@ class OC { self::$loader->registerPrefix('Pimple', '3rdparty/Pimple'); spl_autoload_register(array(self::$loader, 'load')); - // make a dummy session available as early as possible since error pages need it - self::$session = new \OC\Session\Memory(''); - // set some stuff //ob_start(); error_reporting(E_ALL | E_STRICT); @@ -544,7 +547,7 @@ class OC { // User and Groups if (!OC_Config::getValue("installed", false)) { - self::$session->set('user_id', ''); + self::$server->getSession()->set('user_id', ''); } OC_User::useBackend(new OC_User_Database()); @@ -783,7 +786,7 @@ class OC { if (isset($_COOKIE['oc_ignore_php_auth_user'])) { // Ignore HTTP Authentication for 5 more mintues. setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], time() + 300, OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : '')); - } elseif ($_SERVER['PHP_AUTH_USER'] === self::$session->get('loginname')) { + } elseif ($_SERVER['PHP_AUTH_USER'] === self::$server->getSession()->get('loginname')) { // Ignore HTTP Authentication to allow a different user to log in. setcookie('oc_ignore_php_auth_user', $_SERVER['PHP_AUTH_USER'], 0, OC::$WEBROOT.(empty(OC::$WEBROOT) ? '/' : '')); } @@ -930,7 +933,7 @@ class OC { if (OC_User::login($_POST["user"], $_POST["password"])) { // setting up the time zone if (isset($_POST['timezone-offset'])) { - self::$session->set('timezone', $_POST['timezone-offset']); + self::$server->getSession()->set('timezone', $_POST['timezone-offset']); } $userid = OC_User::getUser(); diff --git a/lib/private/appframework/dependencyinjection/dicontainer.php b/lib/private/appframework/dependencyinjection/dicontainer.php index 61a2333ecee..e7efa3fa219 100644 --- a/lib/private/appframework/dependencyinjection/dicontainer.php +++ b/lib/private/appframework/dependencyinjection/dicontainer.php @@ -191,7 +191,7 @@ class DIContainer extends SimpleContainer implements IAppContainer{ } private function getUserId() { - return \OC::$session->get('user_id'); + return \OC::$server->getSession()->get('user_id'); } /** diff --git a/lib/private/connector/sabre/auth.php b/lib/private/connector/sabre/auth.php index b1ef698583d..6e1baca9332 100644 --- a/lib/private/connector/sabre/auth.php +++ b/lib/private/connector/sabre/auth.php @@ -78,7 +78,7 @@ class OC_Connector_Sabre_Auth extends \Sabre\DAV\Auth\Backend\AbstractBasic { $result = $this->auth($server, $realm); // close the session - right after authentication there is not need to write to the session any more - \OC::$session->close(); + \OC::$server->getSession()->close(); return $result; } diff --git a/lib/private/server.php b/lib/private/server.php index aab3c82bfeb..53aab7a586a 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -10,6 +10,7 @@ use OC\DB\ConnectionWrapper; use OC\Files\Node\Root; use OC\Files\View; use OCP\IServerContainer; +use OCP\ISession; /** * Class Server @@ -31,8 +32,8 @@ class Server extends SimpleContainer implements IServerContainer { $urlParams = array(); } - if (\OC::$session->exists('requesttoken')) { - $requestToken = \OC::$session->get('requesttoken'); + if (\OC::$server->getSession()->exists('requesttoken')) { + $requestToken = \OC::$server->getSession()->get('requesttoken'); } else { $requestToken = false; } @@ -100,7 +101,7 @@ class Server extends SimpleContainer implements IServerContainer { * @var \OC\User\Manager $manager */ $manager = $c->query('UserManager'); - $userSession = new \OC\User\Session($manager, \OC::$session); + $userSession = new \OC\User\Session($manager, new \OC\Session\Memory('')); $userSession->listen('\OC\User', 'preCreateUser', function ($uid, $password) { \OC_Hook::emit('OC_User', 'pre_createUser', array('run' => true, 'uid' => $uid, 'password' => $password)); }); @@ -327,6 +328,20 @@ class Server extends SimpleContainer implements IServerContainer { return $this->query('UserSession'); } + /** + * @return \OCP\ISession + */ + function getSession() { + return $this->query('UserSession')->getSession(); + } + + /** + * @param \OCP\ISession $session + */ + function setSession(\OCP\ISession $session) { + return $this->query('UserSession')->setSession($session); + } + /** * @return \OC\NavigationManager */ @@ -392,15 +407,6 @@ class Server extends SimpleContainer implements IServerContainer { return $this->query('MemCacheFactory'); } - /** - * Returns the current session - * - * @return \OCP\ISession - */ - function getSession() { - return \OC::$session; - } - /** * Returns the current session * diff --git a/lib/private/share/share.php b/lib/private/share/share.php index faa6453d640..c3593beac45 100644 --- a/lib/private/share/share.php +++ b/lib/private/share/share.php @@ -1855,8 +1855,8 @@ class Share extends \OC\Share\Constants { return true; } - if ( \OC::$session->exists('public_link_authenticated') - && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) { + if ( \OC::$server->getSession()->exists('public_link_authenticated') + && \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id'] ) { return true; } diff --git a/lib/private/template.php b/lib/private/template.php index 173345cc001..d6afe1a3e40 100644 --- a/lib/private/template.php +++ b/lib/private/template.php @@ -52,7 +52,7 @@ class OC_Template extends \OC\Template\Base { // Read the detected formfactor and use the right file name. $fext = self::getFormFactorExtension(); - $requesttoken = OC::$session ? OC_Util::callRegister() : ''; + $requesttoken = OC::$server->getSession() ? OC_Util::callRegister() : ''; $parts = explode('/', $app); // fix translation when app is something like core/lostpassword $l10n = OC_L10N::get($parts[0]); @@ -101,20 +101,20 @@ class OC_Template extends \OC\Template\Base { */ static public function getFormFactorExtension() { - if (!\OC::$session) { + if (!\OC::$server->getSession()) { return ''; } // if the formfactor is not yet autodetected do the // autodetection now. For possible formfactors check the // detectFormfactor documentation - if (!\OC::$session->exists('formfactor')) { - \OC::$session->set('formfactor', self::detectFormfactor()); + if (!\OC::$server->getSession()->exists('formfactor')) { + \OC::$server->getSession()->set('formfactor', self::detectFormfactor()); } // allow manual override via GET parameter if(isset($_GET['formfactor'])) { - \OC::$session->set('formfactor', $_GET['formfactor']); + \OC::$server->getSession()->set('formfactor', $_GET['formfactor']); } - $formfactor = \OC::$session->get('formfactor'); + $formfactor = \OC::$server->getSession()->get('formfactor'); if($formfactor==='default') { $fext=''; }elseif($formfactor==='mobile') { diff --git a/lib/private/user.php b/lib/private/user.php index cdef4d8fe65..c9b1522f85a 100644 --- a/lib/private/user.php +++ b/lib/private/user.php @@ -300,7 +300,7 @@ class OC_User { * Sets user id for session and triggers emit */ public static function setUserId($uid) { - OC::$session->set('user_id', $uid); + \OC::$server->getSession()->set('user_id', $uid); } /** @@ -337,8 +337,8 @@ class OC_User { * Checks if the user is logged in */ public static function isLoggedIn() { - if (\OC::$session->get('user_id') !== null && self::$incognitoMode === false) { - return self::userExists(\OC::$session->get('user_id')); + if (\OC::$server->getSession()->get('user_id') !== null && self::$incognitoMode === false) { + return self::userExists(\OC::$server->getSession()->get('user_id')); } return false; } @@ -386,7 +386,7 @@ class OC_User { * @return string uid or false */ public static function getUser() { - $uid = OC::$session ? OC::$session->get('user_id') : null; + $uid = \OC::$server->getSession() ? \OC::$server->getSession()->get('user_id') : null; if (!is_null($uid) && self::$incognitoMode === false) { return $uid; } else { diff --git a/lib/private/user/session.php b/lib/private/user/session.php index 6abf8fb80d2..11938db5076 100644 --- a/lib/private/user/session.php +++ b/lib/private/user/session.php @@ -47,10 +47,10 @@ class Session implements IUserSession, Emitter { protected $activeUser; /** - * @param \OC\User\Manager $manager - * @param \OC\Session\Session $session + * @param \OCP\IUserManager $manager + * @param \OCP\ISession $session */ - public function __construct($manager, $session) { + public function __construct(\OCP\IUserManager $manager, \OCP\ISession $session) { $this->manager = $manager; $this->session = $session; } @@ -82,6 +82,44 @@ class Session implements IUserSession, Emitter { return $this->manager; } + /** + * get the session object + * + * @return \OCP\ISession + */ + public function getSession() { + // fetch the deprecated \OC::$session if it changed for backwards compatibility + if (isset(\OC::$session) && \OC::$session !== $this->session) { + \OC::$server->getLogger()->warning( + 'One of your installed apps still seems to use the deprecated '. + '\OC::$session and has replaced it with a new instance. Please file a bug against it.'. + 'Closing and replacing session in UserSession instance.' + ); + $this->setSession(\OC::$session); + } + return $this->session; + } + + /** + * set the session object + * + * @param \OCP\ISession $session + */ + public function setSession(\OCP\ISession $session) { + if ($this->session instanceof \OCP\ISession) { + $this->session->close(); + } + $this->session = $session; + + // maintain deprecated \OC::$session + if (\OC::$session !== $this->session) { + if (\OC::$session instanceof \OCP\ISession) { + \OC::$session->close(); + } + \OC::$session = $session; + } + } + /** * set the currently active user * diff --git a/lib/private/util.php b/lib/private/util.php index 4307560a928..c79f374771c 100755 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -384,11 +384,11 @@ class OC_Util { * @return string timestamp * @description adjust to clients timezone if we know it */ - public static function formatDate($timestamp, $dateOnly = false) { - if (\OC::$session->exists('timezone')) { + public static function formatDate( $timestamp, $dateOnly = false) { + if(\OC::$server->getSession()->exists('timezone')) { $systemTimeZone = intval(date('O')); $systemTimeZone = (round($systemTimeZone / 100, 0) * 60) + ($systemTimeZone % 100); - $clientTimeZone = \OC::$session->get('timezone') * 60; + $clientTimeZone = \OC::$server->getSession()->get('timezone') * 60; $offset = $clientTimeZone - $systemTimeZone; $timestamp = $timestamp + $offset * 60; } @@ -412,7 +412,7 @@ class OC_Util { } // Assume that if checkServer() succeeded before in this session, then all is fine. - if (\OC::$session->exists('checkServer_succeeded') && \OC::$session->get('checkServer_succeeded')) { + if (\OC::$server->getSession()->exists('checkServer_succeeded') && \OC::$server->getSession()->get('checkServer_succeeded')) { return $errors; } @@ -615,7 +615,7 @@ class OC_Util { $errors = array_merge($errors, self::checkDatabaseVersion()); // Cache the result of this function - \OC::$session->set('checkServer_succeeded', count($errors) == 0); + \OC::$server->getSession()->set('checkServer_succeeded', count($errors) == 0); return $errors; } @@ -938,13 +938,13 @@ class OC_Util { */ public static function callRegister() { // Check if a token exists - if (!\OC::$session->exists('requesttoken')) { + if (!\OC::$server->getSession()->exists('requesttoken')) { // No valid token found, generate a new one. $requestToken = self::generateRandomBytes(20); - \OC::$session->set('requesttoken', $requestToken); + \OC::$server->getSession()->set('requesttoken', $requestToken); } else { // Valid token already exists, send it - $requestToken = \OC::$session->get('requesttoken'); + $requestToken = \OC::$server->getSession()->get('requesttoken'); } return ($requestToken); } diff --git a/tests/lib/ocs/privatedata.php b/tests/lib/ocs/privatedata.php index 530750fabea..534fc21b07a 100644 --- a/tests/lib/ocs/privatedata.php +++ b/tests/lib/ocs/privatedata.php @@ -26,7 +26,7 @@ class Test_OC_OCS_Privatedata extends PHPUnit_Framework_TestCase private $appKey; public function setUp() { - \OC::$session->set('user_id', 'user1'); + \OC::$server->getSession()->set('user_id', 'user1'); $this->appKey = uniqid('app'); } diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index 59056003fca..0a8d7856915 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -740,7 +740,7 @@ class Test_Share extends PHPUnit_Framework_TestCase { * @param $item */ public function testCheckPasswordProtectedShare($expected, $item) { - \OC::$session->set('public_link_authenticated', 100); + \OC::$server->getSession()->set('public_link_authenticated', 100); $result = \OCP\Share::checkPasswordProtectedShare($item); $this->assertEquals($expected, $result); } @@ -767,8 +767,8 @@ class Test_Share extends PHPUnit_Framework_TestCase { return true; } - if ( \OC::$session->exists('public_link_authenticated') - && \OC::$session->get('public_link_authenticated') === $linkItem['id'] ) { + if ( \OC::$server->getSession()->exists('public_link_authenticated') + && \OC::$server->getSession()->get('public_link_authenticated') === $linkItem['id'] ) { return true; } * */ diff --git a/tests/startsessionlistener.php b/tests/startsessionlistener.php index ba049559c6e..1f3573555ca 100644 --- a/tests/startsessionlistener.php +++ b/tests/startsessionlistener.php @@ -31,9 +31,9 @@ class StartSessionListener implements PHPUnit_Framework_TestListener { public function endTest(PHPUnit_Framework_Test $test, $time) { // reopen the session - only allowed for memory session - if (\OC::$session instanceof \OC\Session\Memory) { + if (\OC::$server->getSession() instanceof \OC\Session\Memory) { /** @var $session \OC\Session\Memory */ - $session = \OC::$session; + $session = \OC::$server->getSession(); $session->reopen(); } } -- cgit v1.2.3