1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
<?php
/**
* Copyright (c) 2011 Bart Visscher <bartv@thisnet.nl>
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
*/
class OC_JSON{
static protected $send_content_type_header = false;
/**
* set Content-Type header to jsonrequest
*/
public static function setContentTypeHeader($type='application/json') {
if (!self::$send_content_type_header) {
// We send json data
header( 'Content-Type: '.$type );
self::$send_content_type_header = true;
}
}
/**
* Check if the app is enabled, send json error msg if not
*/
public static function checkAppEnabled($app) {
if( !OC_App::isEnabled($app)) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Application is not enabled') )));
exit();
}
}
/**
* Check if the user is logged in, send json error msg if not
*/
public static function checkLoggedIn() {
if( !OC_User::isLoggedIn()) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
/**
* @brief Check an ajax get/post call if the request token is valid.
* @return json Error msg if not valid.
*/
public static function callCheck() {
if( !OC_Util::isCallRegistered()) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Token expired. Please reload page.') )));
exit();
}
}
/**
* Check if the user is a admin, send json error msg if not
*/
public static function checkAdminUser() {
self::checkLoggedIn();
self::verifyUser();
if( !OC_Group::inGroup( OC_User::getUser(), 'admin' )) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
/**
* Check if the user is a subadmin, send json error msg if not
*/
public static function checkSubAdminUser() {
self::checkLoggedIn();
self::verifyUser();
if(!OC_Group::inGroup(OC_User::getUser(),'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
/**
* Check if the user verified the login with his password
*/
public static function verifyUser() {
if(OC_Config::getValue('enhancedauth', false) === true) {
if(!isset($_SESSION['verifiedLogin']) OR $_SESSION['verifiedLogin'] < time()) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
}
/**
* Send json error msg
*/
public static function error($data = array()) {
$data['status'] = 'error';
self::encodedPrint($data);
}
/**
* Send json success msg
*/
public static function success($data = array()) {
$data['status'] = 'success';
self::encodedPrint($data);
}
/**
* Convert OC_L10N_String to string, for use in json encodings
*/
protected static function to_string(&$value) {
if ($value instanceof OC_L10N_String) {
$value = (string)$value;
}
}
/**
* Encode and print $data in json format
*/
public static function encodedPrint($data,$setContentType=true) {
// Disable mimesniffing, don't move this to setContentTypeHeader!
header( 'X-Content-Type-Options: nosniff' );
if($setContentType) {
self::setContentTypeHeader();
}
array_walk_recursive($data, array('OC_JSON', 'to_string'));
echo json_encode($data);
}
}
|