From 042340ccf6e7d6408390b91f6904de0425bb3c07 Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Mon, 23 Apr 2018 22:15:29 +0200 Subject: [PATCH] Check if a direct link is expired Signed-off-by: Roeland Jago Douma --- apps/dav/lib/Direct/DirectFile.php | 20 +++++++++---------- apps/dav/lib/Direct/DirectHome.php | 32 ++++++++++++++++++++---------- 2 files changed, 31 insertions(+), 21 deletions(-) diff --git a/apps/dav/lib/Direct/DirectFile.php b/apps/dav/lib/Direct/DirectFile.php index d327a1752b..947352c514 100644 --- a/apps/dav/lib/Direct/DirectFile.php +++ b/apps/dav/lib/Direct/DirectFile.php @@ -46,47 +46,47 @@ class DirectFile implements IFile { $this->rootFolder = $rootFolder; } - function put($data) { + public function put($data) { throw new Forbidden(); } - function get() { + public function get() { $this->getFile(); return $this->file->fopen('rb'); } - function getContentType() { + public function getContentType() { $this->getFile(); return $this->file->getMimeType(); } - function getETag() { + public function getETag() { $this->getFile(); return $this->file->getEtag(); } - function getSize() { + public function getSize() { $this->getFile(); return $this->file->getSize(); } - function delete() { + public function delete() { throw new Forbidden(); } - function getName() { + public function getName() { return $this->direct->getToken(); } - function setName($name) { + public function setName($name) { throw new Forbidden(); } - function getLastModified() { + public function getLastModified() { $this->getFile(); return $this->file->getMTime(); @@ -97,8 +97,6 @@ class DirectFile implements IFile { $userFolder = $this->rootFolder->getUserFolder($this->direct->getUserId()); $files = $userFolder->getById($this->direct->getFileId()); - //TODO check expiration - if ($files === []) { throw new NotFound(); } diff --git a/apps/dav/lib/Direct/DirectHome.php b/apps/dav/lib/Direct/DirectHome.php index 247cca7a3c..f56815746a 100644 --- a/apps/dav/lib/Direct/DirectHome.php +++ b/apps/dav/lib/Direct/DirectHome.php @@ -26,6 +26,7 @@ namespace OCA\DAV\Direct; use OCA\DAV\Db\DirectMapper; use OCP\AppFramework\Db\DoesNotExistException; +use OCP\AppFramework\Utility\ITimeFactory; use OCP\Files\IRootFolder; use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\MethodNotAllowed; @@ -40,23 +41,34 @@ class DirectHome implements ICollection { /** @var DirectMapper */ private $mapper; - public function __construct(IRootFolder $rootFolder, DirectMapper $mapper) { + /** @var ITimeFactory */ + private $timeFactory; + + public function __construct(IRootFolder $rootFolder, + DirectMapper $mapper, + ITimeFactory $timeFactory) { $this->rootFolder = $rootFolder; $this->mapper = $mapper; + $this->timeFactory = $timeFactory; } - function createFile($name, $data = null) { + public function createFile($name, $data = null) { throw new Forbidden(); } - function createDirectory($name) { + public function createDirectory($name) { throw new Forbidden(); } - public function getChild($name) { + public function getChild($name): DirectFile { try { $direct = $this->mapper->getByToken($name); + // Expired + if ($direct->getExpiration() >= $this->timeFactory->getTime()) { + throw new NotFound(); + } + return new DirectFile($direct, $this->rootFolder); } catch (DoesNotExistException $e) { //TODO: throttle the ip to avoid brute forcing @@ -65,27 +77,27 @@ class DirectHome implements ICollection { } } - function getChildren() { + public function getChildren() { throw new MethodNotAllowed('Listing members of this collection is disabled'); } - function childExists($name) { + public function childExists($name): bool { return false; } - function delete() { + public function delete() { throw new Forbidden(); } - function getName() { + public function getName(): string { return 'direct'; } - function setName($name) { + public function setName($name) { throw new Forbidden(); } - function getLastModified() { + public function getLastModified(): int { return 0; }