mirror of
https://github.com/nextcloud/server.git
synced 2026-02-03 20:41:22 -05:00
caff1023ea
To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
137 lines
3.3 KiB
PHP
137 lines
3.3 KiB
PHP
<?php
|
|
/**
|
|
* @copyright 2018, Roeland Jago Douma <roeland@famdouma.nl>
|
|
*
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
|
*
|
|
* @license GNU AGPL version 3 or any later version
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License as
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
* License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
declare(strict_types=1);
|
|
|
|
namespace OCP\AppFramework;
|
|
|
|
use OCP\IRequest;
|
|
use OCP\ISession;
|
|
|
|
/**
|
|
* Base controller for public shares
|
|
*
|
|
* It will verify if the user is properly authenticated to the share. If not a 404
|
|
* is thrown by the PublicShareMiddleware.
|
|
*
|
|
* Use this for example for a controller that is not to be called via a webbrowser
|
|
* directly. For example a PublicPreviewController. As this is not meant to be
|
|
* called by a user direclty.
|
|
*
|
|
* To show an auth page extend the AuthPublicShareController
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
abstract class PublicShareController extends Controller {
|
|
|
|
/** @var ISession */
|
|
protected $session;
|
|
|
|
/** @var string */
|
|
private $token;
|
|
|
|
/**
|
|
* @since 14.0.0
|
|
*/
|
|
public function __construct(string $appName,
|
|
IRequest $request,
|
|
ISession $session) {
|
|
parent::__construct($appName, $request);
|
|
|
|
$this->session = $session;
|
|
}
|
|
|
|
/**
|
|
* Middleware set the token for the request
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
final public function setToken(string $token) {
|
|
$this->token = $token;
|
|
}
|
|
|
|
/**
|
|
* Get the token for this request
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
final public function getToken(): string {
|
|
return $this->token;
|
|
}
|
|
|
|
/**
|
|
* Get a hash of the password for this share
|
|
*
|
|
* To ensure access is blocked when the password to a share is changed we store
|
|
* a hash of the password for this token.
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
abstract protected function getPasswordHash(): string;
|
|
|
|
/**
|
|
* Is the provided token a valid token
|
|
*
|
|
* This function is already called from the middleware directly after setting the token.
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
abstract public function isValidToken(): bool;
|
|
|
|
/**
|
|
* Is a share with this token password protected
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
abstract protected function isPasswordProtected(): bool;
|
|
|
|
/**
|
|
* Check if a share is authenticated or not
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
final public function isAuthenticated(): bool {
|
|
// Always authenticated against non password protected shares
|
|
if (!$this->isPasswordProtected()) {
|
|
return true;
|
|
}
|
|
|
|
// If we are authenticated properly
|
|
if ($this->session->get('public_link_authenticated_token') === $this->getToken() &&
|
|
$this->session->get('public_link_authenticated_password_hash') === $this->getPasswordHash()) {
|
|
return true;
|
|
}
|
|
|
|
// Fail by default if nothing matches
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Function called if the share is not found.
|
|
*
|
|
* You can use this to do some logging for example
|
|
*
|
|
* @since 14.0.0
|
|
*/
|
|
public function shareNotFound() {
|
|
}
|
|
}
|