1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
<?php
/**
* SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
* SPDX-FileCopyrightText: 2016 ownCloud, Inc.
* SPDX-License-Identifier: AGPL-3.0-only
*/
namespace OCA\Files_External\Controller;
use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
use OCA\Files_External\Lib\Auth\PublicKey\RSA;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IGroupManager;
use OCP\IRequest;
use OCP\IUserSession;
class AjaxController extends Controller {
/** @var RSA */
private $rsaMechanism;
/** @var GlobalAuth */
private $globalAuth;
/** @var IUserSession */
private $userSession;
/** @var IGroupManager */
private $groupManager;
/**
* @param string $appName
* @param IRequest $request
* @param RSA $rsaMechanism
* @param GlobalAuth $globalAuth
* @param IUserSession $userSession
* @param IGroupManager $groupManager
*/
public function __construct($appName,
IRequest $request,
RSA $rsaMechanism,
GlobalAuth $globalAuth,
IUserSession $userSession,
IGroupManager $groupManager) {
parent::__construct($appName, $request);
$this->rsaMechanism = $rsaMechanism;
$this->globalAuth = $globalAuth;
$this->userSession = $userSession;
$this->groupManager = $groupManager;
}
/**
* @param int $keyLength
* @return array
*/
private function generateSshKeys($keyLength) {
$key = $this->rsaMechanism->createKey($keyLength);
// Replace the placeholder label with a more meaningful one
$key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']);
return $key;
}
/**
* Generates an SSH public/private key pair.
*
* @param int $keyLength
*/
#[NoAdminRequired]
public function getSshKeys($keyLength = 1024) {
$key = $this->generateSshKeys($keyLength);
return new JSONResponse(
['data' => [
'private_key' => $key['privatekey'],
'public_key' => $key['publickey']
],
'status' => 'success'
]);
}
/**
* @param string $uid
* @param string $user
* @param string $password
* @return bool
*/
#[NoAdminRequired]
public function saveGlobalCredentials($uid, $user, $password) {
$currentUser = $this->userSession->getUser();
if ($currentUser === null) {
return false;
}
// Non-admins can only edit their own credentials
// Admin can edit global credentials
$allowedToEdit = $uid === ''
? $this->groupManager->isAdmin($currentUser->getUID())
: $currentUser->getUID() === $uid;
if ($allowedToEdit) {
$this->globalAuth->saveAuth($uid, $user, $password);
return true;
}
return false;
}
}
|
