nextcloud/lib/public/AppFramework/Controller.php

<?php
/**
 * @copyright Copyright (c) 2016, ownCloud, Inc.
 *
 * @author Bernhard Posselt <dev@bernhard-posselt.com>
 * @author Donquixote <marjunebatac@gmail.com>
 * @author Lukas Reschke <lukas@statuscode.ch>
 * @author Morris Jobke <hey@morrisjobke.de>
 * @author Roeland Jago Douma <roeland@famdouma.nl>
 * @author Thomas Müller <thomas.mueller@tmit.eu>
 * @author Thomas Tanghus <thomas@tanghus.net>
 * @author Vincent Petry <pvince81@owncloud.com>
 *
 * @license AGPL-3.0
 *
 * This code is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License, version 3,
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program. If not, see <http://www.gnu.org/licenses/>
 *
 */

/**
 * Public interface of ownCloud for apps to use.
 * AppFramework\Controller class
 */

namespace OCP\AppFramework;

use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Response;
use OCP\IRequest;

/**
 * Base class to inherit your controllers from
 * @since 6.0.0
 */
abstract class Controller {

	/**
	 * app name
	 * @var string
	 * @since 7.0.0
	 */
	protected $appName;

	/**
	 * current request
	 * @var \OCP\IRequest
	 * @since 6.0.0
	 */
	protected $request;

	/**
	 * @var array
	 * @since 7.0.0
	 */
	private $responders;

	/**
	 * constructor of the controller
	 * @param string $appName the name of the app
	 * @param IRequest $request an instance of the request
	 * @since 6.0.0 - parameter $appName was added in 7.0.0 - parameter $app was removed in 7.0.0
	 */
	public function __construct($appName,
	                            IRequest $request) {
		$this->appName = $appName;
		$this->request = $request;

		// default responders
		$this->responders = array(
			'json' => function ($data) {
				if ($data instanceof DataResponse) {
					$response = new JSONResponse(
						$data->getData(),
						$data->getStatus()
					);
					$dataHeaders = $data->getHeaders();
					$headers = $response->getHeaders();
					// do not overwrite Content-Type if it already exists
					if (isset($dataHeaders['Content-Type'])) {
						unset($headers['Content-Type']);
					}
					$response->setHeaders(array_merge($dataHeaders, $headers));
					return $response;
				}
				return new JSONResponse($data);
			}
		);
	}


	/**
	 * Parses an HTTP accept header and returns the supported responder type
	 * @param string $acceptHeader
	 * @param string $default
	 * @return string the responder type
	 * @since 7.0.0
	 * @since 9.1.0 Added default parameter
	 */
	public function getResponderByHTTPHeader($acceptHeader, $default='json') {
		$headers = explode(',', $acceptHeader);

		// return the first matching responder
		foreach ($headers as $header) {
			$header = strtolower(trim($header));

			$responder = str_replace('application/', '', $header);

			if (array_key_exists($responder, $this->responders)) {
				return $responder;
			}
		}

		// no matching header return default
		return $default;
	}


	/**
	 * Registers a formatter for a type
	 * @param string $format
	 * @param \Closure $responder
	 * @since 7.0.0
	 */
	protected function registerResponder($format, \Closure $responder) {
		$this->responders[$format] = $responder;
	}


	/**
	 * Serializes and formats a response
	 * @param mixed $response the value that was returned from a controller and
	 * is not a Response instance
	 * @param string $format the format for which a formatter has been registered
	 * @throws \DomainException if format does not match a registered formatter
	 * @return Response
	 * @since 7.0.0
	 */
	public function buildResponse($response, $format='json') {
		if(array_key_exists($format, $this->responders)) {

			$responder = $this->responders[$format];

			return $responder($response);

		}
		throw new \DomainException('No responder registered for format '.
			$format . '!');
	}
}
initial import of appframework 2013-08-17 13:16:48 +04:00			`<?php`
			`/**`
Fix others 2016-07-21 18:07:57 +03:00			`* @copyright Copyright (c) 2016, ownCloud, Inc.`
			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* @author Bernhard Posselt <dev@bernhard-posselt.com>`
Run updated license header updater Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2017-11-07 15:47:42 +03:00			`* @author Donquixote <marjunebatac@gmail.com>`
Update license headers 2016-05-26 20:56:05 +03:00			`* @author Lukas Reschke <lukas@statuscode.ch>`
Update license headers 2015-03-26 13:44:34 +03:00			`* @author Morris Jobke <hey@morrisjobke.de>`
Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de> 2017-11-06 17:56:42 +03:00			`* @author Roeland Jago Douma <roeland@famdouma.nl>`
Update license headers 2015-03-26 13:44:34 +03:00			`* @author Thomas Müller <thomas.mueller@tmit.eu>`
			`* @author Thomas Tanghus <thomas@tanghus.net>`
Update license headers 2015-10-26 15:54:55 +03:00			`* @author Vincent Petry <pvince81@owncloud.com>`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* @license AGPL-3.0`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* This code is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License, version 3,`
			`* as published by the Free Software Foundation.`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* This program is distributed in the hope that it will be useful,`
initial import of appframework 2013-08-17 13:16:48 +04:00			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
Update license headers 2015-03-26 13:44:34 +03:00			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*`
Update license headers 2015-03-26 13:44:34 +03:00			`* You should have received a copy of the GNU Affero General Public License, version 3,`
Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> 2019-12-03 21:57:53 +03:00			`* along with this program. If not, see <http://www.gnu.org/licenses/>`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*`
			`*/`
Revert "Updating license headers" This reverts commit 6a1a4880f0d556fb090f19a5019fec31916f5c36. 2015-02-26 13:37:37 +03:00
			`/**`
			`* Public interface of ownCloud for apps to use.`
			`* AppFramework\Controller class`
			`*/`

OCP\AppFramework\Controller\Controller => OCP\AppFramework\Controller 2013-10-11 12:07:57 +04:00			`namespace OCP\AppFramework;`
initial import of appframework 2013-08-17 13:16:48 +04:00
add dataresponse fix docstrings adjust copyright date another copyright date update another header update implement third headers argument, fix indention, fix docstrings fix docstrings 2014-10-28 18:34:04 +03:00			`use OCP\AppFramework\Http\DataResponse;`
Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2019-11-22 22:52:10 +03:00			`use OCP\AppFramework\Http\JSONResponse;`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`use OCP\AppFramework\Http\Response;`
move controller to OCP 2013-10-07 01:16:40 +04:00			`use OCP\IRequest;`
initial import of appframework 2013-08-17 13:16:48 +04:00
			`/**`
			`* Base class to inherit your controllers from`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 6.0.0`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*/`
			`abstract class Controller {`

			`/**`
Remove dependency on container, removing service locator antipattern 2014-04-02 19:54:33 +04:00			`* app name`
			`* @var string`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 7.0.0`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*/`
Remove dependency on container, removing service locator antipattern 2014-04-02 19:54:33 +04:00			`protected $appName;`
initial import of appframework 2013-08-17 13:16:48 +04:00
move controller to OCP 2013-10-07 01:16:40 +04:00			`/**`
AppFramework(Controller\|HTTP\|HTTP-Responses\|Middleware), IContainer API fixes 2013-11-25 19:28:24 +04:00			`* current request`
move controller to OCP 2013-10-07 01:16:40 +04:00			`* @var \OCP\IRequest`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 6.0.0`
move controller to OCP 2013-10-07 01:16:40 +04:00			`*/`
initial import of appframework 2013-08-17 13:16:48 +04:00			`protected $request;`

Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`/**`
			`* @var array`
			`* @since 7.0.0`
			`*/`
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`private $responders;`
add cors middleware remove methodannotationreader namespace fix namespace for server container fix tests fail if with cors credentials header is set to true, implement a reusable preflighted cors method in the controller baseclass, make corsmiddleware private and register it for every request remove uneeded local in cors middleware registratio dont uppercase cors to easily use it from routes fix indention comment fixes explicitely set allow credentials header to false dont depend on better controllers PR, fix that stuff later split cors methods to be in a seperate controller for exposing apis remove protected definitions from apicontroller since controller has it 2014-05-08 13:47:18 +04:00
initial import of appframework 2013-08-17 13:16:48 +04:00			`/**`
AppFramework(Controller\|HTTP\|HTTP-Responses\|Middleware), IContainer API fixes 2013-11-25 19:28:24 +04:00			`* constructor of the controller`
Remove dependency on container, removing service locator antipattern 2014-04-02 19:54:33 +04:00			`* @param string $appName the name of the app`
move controller to OCP 2013-10-07 01:16:40 +04:00			`* @param IRequest $request an instance of the request`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 6.0.0 - parameter $appName was added in 7.0.0 - parameter $app was removed in 7.0.0`
initial import of appframework 2013-08-17 13:16:48 +04:00			`*/`
remove controller serializers 2014-05-29 21:14:47 +04:00			`public function __construct($appName,`
Add public API to give developers the possibility to adjust the global CSP defaults Allows to inject something into the default content policy. This is for example useful when you're injecting Javascript code into a view belonging to another controller and cannot modify its Content-Security-Policy itself. Note that the adjustment is only applied to applications that use AppFramework controllers. To use this from your `app.php` use `\OC::$server->getContentSecurityPolicyManager()->addDefaultPolicy($policy)`, $policy has to be of type `\OCP\AppFramework\Http\ContentSecurityPolicy`. To test this add something like the following into an `app.php` of any enabled app: ``` $manager = \OC::$server->getContentSecurityPolicyManager(); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(false); $policy->addAllowedFrameDomain('asdf'); $policy->addAllowedScriptDomain('yolo.com'); $policy->allowInlineScript(false); $manager->addDefaultPolicy($policy); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(false); $policy->addAllowedFontDomain('yolo.com'); $manager->addDefaultPolicy($policy); $policy = new \OCP\AppFramework\Http\ContentSecurityPolicy(false); $policy->addAllowedFrameDomain('banana.com'); $manager->addDefaultPolicy($policy); ``` If you now open the files app the policy should be: ``` Content-Security-Policy:default-src 'none';script-src yolo.com 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src yolo.com 'self';connect-src 'self';media-src 'self';frame-src asdf banana.com 'self' ``` 2016-01-28 16:33:02 +03:00			`IRequest $request) {`
Remove dependency on container, removing service locator antipattern 2014-04-02 19:54:33 +04:00			`$this->appName = $appName;`
initial import of appframework 2013-08-17 13:16:48 +04:00			`$this->request = $request;`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`// default responders`
			`$this->responders = array(`
add dataresponse fix docstrings adjust copyright date another copyright date update another header update implement third headers argument, fix indention, fix docstrings fix docstrings 2014-10-28 18:34:04 +03:00			`'json' => function ($data) {`
			`if ($data instanceof DataResponse) {`
			`$response = new JSONResponse(`
			`$data->getData(),`
			`$data->getStatus()`
			`);`
Fix uploading avatar and root certs in IE8 2015-08-26 18:08:25 +03:00			`$dataHeaders = $data->getHeaders();`
			`$headers = $response->getHeaders();`
			`// do not overwrite Content-Type if it already exists`
			`if (isset($dataHeaders['Content-Type'])) {`
			`unset($headers['Content-Type']);`
			`}`
			`$response->setHeaders(array_merge($dataHeaders, $headers));`
add dataresponse fix docstrings adjust copyright date another copyright date update another header update implement third headers argument, fix indention, fix docstrings fix docstrings 2014-10-28 18:34:04 +03:00			`return $response;`
			`}`
refactoring code to reduce cyclomatic complexit Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2016-10-29 13:00:01 +03:00			`return new JSONResponse($data);`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00			`}`
			`);`
			`}`


also handle lowercase headers 2014-06-11 03:20:09 +04:00			`/**`
			`* Parses an HTTP accept header and returns the supported responder type`
			`* @param string $acceptHeader`
Remove deprecated Controller Functions Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2017-07-20 12:03:12 +03:00			`* @param string $default`
also handle lowercase headers 2014-06-11 03:20:09 +04:00			`* @return string the responder type`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 7.0.0`
AppFramework do not get default response The OCSResponse differs from other responses in that it defaults to XML. However we fell back to json by default. This makes sure that if nothing is set we don't pass anything. Which defaults then to the controllers default (which is often 'json') but in the case of the OCSResponse 'xml'. 2016-07-20 22:30:39 +03:00			`* @since 9.1.0 Added default parameter`
also handle lowercase headers 2014-06-11 03:20:09 +04:00			`*/`
AppFramework do not get default response The OCSResponse differs from other responses in that it defaults to XML. However we fell back to json by default. This makes sure that if nothing is set we don't pass anything. Which defaults then to the controllers default (which is often 'json') but in the case of the OCSResponse 'xml'. 2016-07-20 22:30:39 +03:00			`public function getResponderByHTTPHeader($acceptHeader, $default='json') {`
also handle lowercase headers 2014-06-11 03:20:09 +04:00			`$headers = explode(',', $acceptHeader);`

			`// return the first matching responder`
			`foreach ($headers as $header) {`
			`$header = strtolower(trim($header));`

			`$responder = str_replace('application/', '', $header);`

			`if (array_key_exists($responder, $this->responders)) {`
			`return $responder;`
			`}`
			`}`

AppFramework do not get default response The OCSResponse differs from other responses in that it defaults to XML. However we fell back to json by default. This makes sure that if nothing is set we don't pass anything. Which defaults then to the controllers default (which is often 'json') but in the case of the OCSResponse 'xml'. 2016-07-20 22:30:39 +03:00			`// no matching header return default`
			`return $default;`
also handle lowercase headers 2014-06-11 03:20:09 +04:00			`}`
handle http accept headers more gracefully 2014-06-11 02:54:25 +04:00

implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00			`/**`
			`* Registers a formatter for a type`
			`* @param string $format`
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`* @param \Closure $responder`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 7.0.0`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00			`*/`
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`protected function registerResponder($format, \Closure $responder) {`
			`$this->responders[$format] = $responder;`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00			`}`


			`/**`
			`* Serializes and formats a response`
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`* @param mixed $response the value that was returned from a controller and`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00			`* is not a Response instance`
			`* @param string $format the format for which a formatter has been registered`
			`* @throws \DomainException if format does not match a registered formatter`
			`* @return Response`
Add @since tags to all methods in public namespace * enhance the app development experience - you can look up the method introduction right inside the code without searching via git blame * easier to write apps for multiple versions 2015-04-16 18:00:08 +03:00			`* @since 7.0.0`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00			`*/`
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`public function buildResponse($response, $format='json') {`
			`if(array_key_exists($format, $this->responders)) {`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`$responder = $this->responders[$format];`
remove controller serializers 2014-05-29 21:14:47 +04:00
rename formatter to responder, formatResponse to buildResponse 2014-05-06 22:25:41 +04:00			`return $responder($response);`
implement most of the basic stuff that was suggested in #8290 2014-05-06 18:29:19 +04:00
			`}`
refactoring code to reduce cyclomatic complexit Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> 2016-10-29 13:00:01 +03:00			`throw new \DomainException('No responder registered for format '.`
			`$format . '!');`
initial import of appframework 2013-08-17 13:16:48 +04:00			`}`
			`}`