Implement middleware for sharing

Check if sharing is enabled, if not return an empty array.
Signed-off-by: brantje <brantje@gmail.com>
This commit is contained in:
brantje 2016-12-30 15:13:00 +01:00
parent 483b13dae7
commit a224ce4af9
No known key found for this signature in database
GPG key ID: 5FF1D117F918687F
6 changed files with 76 additions and 39 deletions

View file

@ -20,9 +20,7 @@ use OCA\Passman\Service\SettingsService;
use OCA\Passman\Service\ShareService;
use OCA\Passman\Utility\NotFoundJSONResponse;
use OCA\Passman\Utility\Utils;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Http\NotFoundResponse;
use OCP\IConfig;
use OCP\IRequest;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\ApiController;
@ -87,11 +85,6 @@ class ShareController extends ApiController {
* @NoCSRFRequired
*/
public function createPublicShare($item_id, $item_guid, $permissions, $expire_timestamp, $expire_views) {
if (!$this->settings->isEnabled('link_sharing_enabled')) {
return new JSONResponse(array());
}
try {
$credential = $this->credentialService->getCredentialByGUID($item_guid);
} catch (\Exception $exception) {
@ -128,9 +121,6 @@ class ShareController extends ApiController {
* @NoCSRFRequired
*/
public function applyIntermediateShare($item_id, $item_guid, $vaults, $permissions) {
if (!$this->settings->isEnabled('user_sharing_enabled')) {
return new JSONResponse(array());
}
/**
* Assemble notification
*/
@ -223,9 +213,6 @@ class ShareController extends ApiController {
* @NoCSRFRequired
*/
public function unshareCredential($item_guid) {
if (!$this->settings->isEnabled('user_sharing_enabled')) {
return new JSONResponse(array());
}
$acl_list = $this->shareService->getCredentialAclList($item_guid);
$request_list = $this->shareService->getShareRequestsByGuid($item_guid);
foreach ($acl_list as $ACL) {
@ -340,9 +327,6 @@ class ShareController extends ApiController {
* @NoCSRFRequired
*/
public function getPendingRequests() {
if (!$this->settings->isEnabled('user_sharing_enabled')) {
return new JSONResponse(array());
}
try {
$requests = $this->shareService->getUserPendingRequests($this->userId->getUID());
$results = array();
@ -379,10 +363,6 @@ class ShareController extends ApiController {
* @NoCSRFRequired
*/
public function getVaultItems($vault_guid) {
if (!$this->settings->isEnabled('user_sharing_enabled')) {
return new JSONResponse(array());
}
try {
return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid));
} catch (\Exception $ex) {
@ -433,9 +413,6 @@ class ShareController extends ApiController {
* @PublicPage
*/
public function getPublicCredentialData($credential_guid) {
if (!$this->settings->isEnabled('user_sharing_enabled')) {
return new JSONResponse(array());
}
//@TODO Check expire date
$acl = $this->shareService->getACL(null, $credential_guid);

View file

@ -198,7 +198,7 @@
$scope.settings = SettingsService.getSettings();
};
if(!SettingsService.getSetting('user_sharing_enabled')){
if(!SettingsService.getSetting('settings_loaded')){
$rootScope.$on('settings_loaded', function () {
settingsLoaded();
});

View file

@ -64,7 +64,7 @@
}
};
if(!SettingsService.getSetting('user_sharing_enabled')){
if(!SettingsService.getSetting('settings_loaded')){
$rootScope.$on('settings_loaded', function () {
settingsLoaded();
});

View file

@ -22,12 +22,14 @@
*/
namespace OCA\Passman\AppInfo;
use OC\Files\View;
use OCA\Passman\Controller\CredentialController;
use OCA\Passman\Controller\PageController;
use OCA\Passman\Controller\ShareController;
use OCA\Passman\Controller\VaultController;
use OCA\Passman\Middleware\ShareMiddleware;
use OCA\Passman\Service\ActivityService;
use OCA\Passman\Service\CronService;
use OCA\Passman\Service\CredentialService;
@ -43,22 +45,31 @@ use OCP\IDBConnection;
use OCP\AppFramework\App;
use OCP\IL10N;
use OCP\Util;
class Application extends App {
public function __construct () {
public function __construct() {
parent::__construct('passman');
$container = $this->getContainer();
// Allow automatic DI for the View, until we migrated to Nodes API
$container->registerService(View::class, function() {
$container->registerService(View::class, function () {
return new View('');
}, false);
$container->registerService('isCLI', function() {
$container->registerService('isCLI', function () {
return \OC::$CLI;
});
/**
* Middleware
*/
$container->registerService('ShareMiddleware', function ($c) {
return new ShareMiddleware($c->query('SettingsService'));
});
$container->registerMiddleware('ShareMiddleware');
/**
* Controllers
*/
$container->registerService('ShareController', function($c) {
$container->registerService('ShareController', function ($c) {
$container = $this->getContainer();
$server = $container->getServer();
return new ShareController(
@ -67,18 +78,17 @@ class Application extends App {
$server->getUserSession()->getUser(),
$server->getGroupManager(),
$server->getUserManager(),
$c->query('ActivityService'),
$c->query('VaultService'),
$c->query('ShareService'),
$c->query('CredentialService'),
$c->query('NotificationService'),
$c->query('FileService'),
$c->query('SettingsService')
$c->query('ActivityService'),
$c->query('VaultService'),
$c->query('ShareService'),
$c->query('CredentialService'),
$c->query('NotificationService'),
$c->query('FileService'),
$c->query('SettingsService')
);
});
/** Cron **/
$container->registerService('CronService', function ($c) {
return new CronService(
@ -95,7 +105,7 @@ class Application extends App {
return new Db();
});
$container->registerService('Logger', function($c) {
$container->registerService('Logger', function ($c) {
return $c->query('ServerContainer')->getLogger();
});
@ -109,7 +119,7 @@ class Application extends App {
$container->registerAlias('ActivityService', ActivityService::class);
$container->registerAlias('VaultService', VaultService::class);
$container->registerAlias('FileService', FileService::class);
$container->registerAlias('ShareService', ShareService::class);
$container->registerAlias('ShareService', ShareService::class);
$container->registerAlias('Utils', Utils::class);
$container->registerAlias('IDBConnection', IDBConnection::class);
$container->registerAlias('IConfig', IConfig::class);

View file

@ -61,6 +61,7 @@ class SettingsService {
'check_version' => intval($this->config->getAppValue('passman', 'check_version', 1)),
'https_check' => intval($this->config->getAppValue('passman', 'https_check', 1)),
'disable_contextmenu' => intval($this->config->getAppValue('passman', 'disable_contextmenu', 1)),
'settings_loaded' => 1
);
return $this->settings;
}

View file

@ -0,0 +1,49 @@
<?php
namespace OCA\Passman\Middleware;
use OCA\Passman\Controller\ShareController;
use OCA\Passman\Service\SettingsService;
use OCP\AppFramework\Http\JSONResponse;
use \OCP\AppFramework\Middleware;
use OCP\AppFramework\Http;
class ShareMiddleware extends Middleware {
private $settings;
public function __construct(SettingsService $config) {
$this->settings = $config;
}
public function beforeController($controller, $methodName) {
if ($controller instanceof ShareController) {
$http_response_code = \OCP\AppFramework\Http::STATUS_FORBIDDEN;
$result = 'FORBIDDEN';
if (in_array($methodName, array('updateSharedCredentialACL', 'getFile', 'getItemAcl'))) {
$sharing_enabled = ($this->settings->isEnabled('link_sharing_enabled') || $this->settings->isEnabled('user_sharing_enabled'));
} else {
$publicMethods = array('createPublicShare', 'getPublicCredentialData');
$setting = (in_array($methodName, $publicMethods)) ? 'link_sharing_enabled' : 'user_sharing_enabled';
$sharing_enabled = ($this->settings->isEnabled($setting));
if ($methodName === 'getVaultItems' || $methodName === 'getPendingRequests') {
$http_response_code = Http::STATUS_OK;
$result = array();
}
}
if (!$sharing_enabled) {
$response = new JSONResponse($result);
http_response_code($http_response_code);
header('Passman-sharing: disabled');
header('Passman-method: ShareController.' . $methodName);
die($response->render());
}
}
}
}