2011-09-24 00:22:59 +04:00
|
|
|
<?php
|
|
|
|
/**
|
2016-07-21 18:07:57 +03:00
|
|
|
* @copyright Copyright (c) 2016, ownCloud, Inc.
|
|
|
|
*
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Bart Visscher <bartv@thisnet.nl>
|
2019-12-03 21:57:53 +03:00
|
|
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
2016-05-26 20:56:05 +03:00
|
|
|
* @author Lukas Reschke <lukas@statuscode.ch>
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Morris Jobke <hey@morrisjobke.de>
|
2016-07-21 19:13:36 +03:00
|
|
|
* @author Robin Appelman <robin@icewind.nl>
|
2017-11-06 17:56:42 +03:00
|
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
2015-03-26 13:44:34 +03:00
|
|
|
* @author Thomas Müller <thomas.mueller@tmit.eu>
|
|
|
|
* @author Thomas Tanghus <thomas@tanghus.net>
|
2020-12-16 16:54:15 +03:00
|
|
|
* @author Vincent Petry <vincent@nextcloud.com>
|
2015-03-26 13:44:34 +03:00
|
|
|
*
|
|
|
|
* @license AGPL-3.0
|
|
|
|
*
|
|
|
|
* This code is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License, version 3,
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
2019-12-03 21:57:53 +03:00
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
2015-03-26 13:44:34 +03:00
|
|
|
*
|
2015-02-26 13:37:37 +03:00
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Class OC_JSON
|
|
|
|
* @deprecated Use a AppFramework JSONResponse instead
|
2015-02-12 02:56:13 +03:00
|
|
|
*/
|
2020-04-10 15:19:56 +03:00
|
|
|
class OC_JSON {
|
2011-09-24 00:22:59 +04:00
|
|
|
|
2011-10-01 01:05:10 +04:00
|
|
|
/**
|
2015-02-12 02:56:13 +03:00
|
|
|
* Check if the app is enabled, send json error msg if not
|
|
|
|
* @param string $app
|
|
|
|
* @deprecated Use the AppFramework instead. It will automatically check if the app is enabled.
|
2017-07-19 21:21:05 +03:00
|
|
|
* @suppress PhanDeprecatedFunction
|
2015-02-12 02:56:13 +03:00
|
|
|
*/
|
2012-09-07 17:22:01 +04:00
|
|
|
public static function checkAppEnabled($app) {
|
2020-04-10 15:19:56 +03:00
|
|
|
if (!\OC::$server->getAppManager()->isEnabledForUser($app)) {
|
2014-08-31 12:05:59 +04:00
|
|
|
$l = \OC::$server->getL10N('lib');
|
2020-03-26 11:30:18 +03:00
|
|
|
self::error([ 'data' => [ 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' ]]);
|
2011-10-01 01:05:10 +04:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-09-24 00:22:59 +04:00
|
|
|
/**
|
2015-02-12 02:56:13 +03:00
|
|
|
* Check if the user is logged in, send json error msg if not
|
|
|
|
* @deprecated Use annotation based ACLs from the AppFramework instead
|
2017-07-19 21:21:05 +03:00
|
|
|
* @suppress PhanDeprecatedFunction
|
2015-02-12 02:56:13 +03:00
|
|
|
*/
|
2012-09-07 17:22:01 +04:00
|
|
|
public static function checkLoggedIn() {
|
2016-06-10 10:52:52 +03:00
|
|
|
$twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager();
|
2020-04-10 15:19:56 +03:00
|
|
|
if (!\OC::$server->getUserSession()->isLoggedIn()
|
2016-08-24 11:42:07 +03:00
|
|
|
|| $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
|
2014-08-31 12:05:59 +04:00
|
|
|
$l = \OC::$server->getL10N('lib');
|
2016-02-16 11:48:40 +03:00
|
|
|
http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
|
2020-03-26 11:30:18 +03:00
|
|
|
self::error([ 'data' => [ 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ]]);
|
2011-09-24 00:22:59 +04:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-06-13 19:33:19 +04:00
|
|
|
/**
|
2014-04-21 17:44:54 +04:00
|
|
|
* Check an ajax get/post call if the request token is valid, send json error msg if not.
|
2015-02-12 02:56:13 +03:00
|
|
|
* @deprecated Use annotation based CSRF checks from the AppFramework instead
|
2017-07-19 21:21:05 +03:00
|
|
|
* @suppress PhanDeprecatedFunction
|
2012-06-13 19:33:19 +04:00
|
|
|
*/
|
2012-09-07 17:22:01 +04:00
|
|
|
public static function callCheck() {
|
2020-04-10 15:19:56 +03:00
|
|
|
if (!\OC::$server->getRequest()->passesStrictCookieCheck()) {
|
2016-07-20 18:37:30 +03:00
|
|
|
header('Location: '.\OC::$WEBROOT);
|
|
|
|
exit();
|
|
|
|
}
|
|
|
|
|
2020-04-10 15:19:56 +03:00
|
|
|
if (!\OC::$server->getRequest()->passesCSRFCheck()) {
|
2014-08-31 12:05:59 +04:00
|
|
|
$l = \OC::$server->getL10N('lib');
|
2020-03-26 11:30:18 +03:00
|
|
|
self::error([ 'data' => [ 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ]]);
|
2012-06-13 19:33:19 +04:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
2012-08-29 10:38:33 +04:00
|
|
|
|
2011-09-24 00:22:59 +04:00
|
|
|
/**
|
2015-02-12 02:56:13 +03:00
|
|
|
* Check if the user is a admin, send json error msg if not.
|
|
|
|
* @deprecated Use annotation based ACLs from the AppFramework instead
|
2017-07-19 21:21:05 +03:00
|
|
|
* @suppress PhanDeprecatedFunction
|
2015-02-12 02:56:13 +03:00
|
|
|
*/
|
2012-09-07 17:22:01 +04:00
|
|
|
public static function checkAdminUser() {
|
2020-04-10 15:19:56 +03:00
|
|
|
if (!OC_User::isAdminUser(OC_User::getUser())) {
|
2014-08-31 12:05:59 +04:00
|
|
|
$l = \OC::$server->getL10N('lib');
|
2020-03-26 11:30:18 +03:00
|
|
|
self::error([ 'data' => [ 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ]]);
|
2011-09-24 00:22:59 +04:00
|
|
|
exit();
|
|
|
|
}
|
|
|
|
}
|
2012-08-29 10:38:33 +04:00
|
|
|
|
2011-09-24 00:22:59 +04:00
|
|
|
/**
|
2015-02-12 02:56:13 +03:00
|
|
|
* Send json error msg
|
|
|
|
* @deprecated Use a AppFramework JSONResponse instead
|
2017-07-19 21:21:05 +03:00
|
|
|
* @suppress PhanDeprecatedFunction
|
2020-12-12 00:23:11 +03:00
|
|
|
* @psalm-taint-escape html
|
2015-02-12 02:56:13 +03:00
|
|
|
*/
|
2020-03-26 11:30:18 +03:00
|
|
|
public static function error($data = []) {
|
2011-09-24 00:22:59 +04:00
|
|
|
$data['status'] = 'error';
|
2020-04-09 17:07:47 +03:00
|
|
|
header('Content-Type: application/json; charset=utf-8');
|
2018-03-12 20:28:46 +03:00
|
|
|
echo self::encode($data);
|
2011-09-24 00:22:59 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2015-02-12 02:56:13 +03:00
|
|
|
* Send json success msg
|
|
|
|
* @deprecated Use a AppFramework JSONResponse instead
|
2017-07-19 21:21:05 +03:00
|
|
|
* @suppress PhanDeprecatedFunction
|
2020-12-12 00:23:11 +03:00
|
|
|
* @psalm-taint-escape html
|
2015-02-12 02:56:13 +03:00
|
|
|
*/
|
2020-03-26 11:30:18 +03:00
|
|
|
public static function success($data = []) {
|
2011-09-24 00:22:59 +04:00
|
|
|
$data['status'] = 'success';
|
2020-04-09 17:07:47 +03:00
|
|
|
header('Content-Type: application/json; charset=utf-8');
|
2018-03-12 20:28:46 +03:00
|
|
|
echo self::encode($data);
|
2011-09-24 00:22:59 +04:00
|
|
|
}
|
|
|
|
|
2012-06-22 10:43:58 +04:00
|
|
|
/**
|
|
|
|
* Convert OC_L10N_String to string, for use in json encodings
|
|
|
|
*/
|
2012-09-07 17:22:01 +04:00
|
|
|
protected static function to_string(&$value) {
|
2017-07-24 21:17:20 +03:00
|
|
|
if ($value instanceof \OC\L10N\L10NString) {
|
2012-06-22 10:43:58 +04:00
|
|
|
$value = (string)$value;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-12-10 18:32:48 +04:00
|
|
|
/**
|
|
|
|
* Encode JSON
|
2015-02-12 02:56:13 +03:00
|
|
|
* @deprecated Use a AppFramework JSONResponse instead
|
2013-12-10 18:32:48 +04:00
|
|
|
*/
|
|
|
|
public static function encode($data) {
|
2013-12-18 18:25:28 +04:00
|
|
|
if (is_array($data)) {
|
2020-03-26 11:30:18 +03:00
|
|
|
array_walk_recursive($data, ['OC_JSON', 'to_string']);
|
2013-12-18 18:25:28 +04:00
|
|
|
}
|
2015-09-03 01:44:46 +03:00
|
|
|
return json_encode($data, JSON_HEX_TAG);
|
2011-09-24 00:22:59 +04:00
|
|
|
}
|
|
|
|
}
|