Merge pull request #17838 from owncloud/sharing-password-policy-master
Use a hook to integrate sharing password verification
This commit is contained in:
commit
11244736ae
|
@ -737,6 +737,7 @@ class Share extends Constants {
|
|||
|
||||
// Generate hash of password - same method as user passwords
|
||||
if (!empty($shareWith)) {
|
||||
self::verifyPassword($shareWith);
|
||||
$shareWith = \OC::$server->getHasher()->hash($shareWith);
|
||||
} else {
|
||||
// reuse the already set password, but only if we change permissions
|
||||
|
@ -1218,7 +1219,7 @@ class Share extends Constants {
|
|||
}
|
||||
|
||||
/**
|
||||
* Set expiration date for a share
|
||||
* Set password for a public link share
|
||||
*
|
||||
* @param IUserSession $userSession
|
||||
* @param IDBConnection $connection
|
||||
|
@ -1252,6 +1253,8 @@ class Share extends Constants {
|
|||
throw new \Exception('Cannot remove password');
|
||||
}
|
||||
|
||||
self::verifyPassword($password);
|
||||
|
||||
$qb = $connection->getQueryBuilder();
|
||||
$qb->update('*PREFIX*share')
|
||||
->set('share_with', $qb->createParameter('pass'))
|
||||
|
@ -2604,4 +2607,23 @@ class Share extends Constants {
|
|||
$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
|
||||
return $result->fetchAll();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $password
|
||||
* @throws \Exception
|
||||
*/
|
||||
private static function verifyPassword($password) {
|
||||
|
||||
$accepted = true;
|
||||
$message = '';
|
||||
\OCP\Util::emitHook('\OC\Share', 'verifyPassword', [
|
||||
'password' => $password,
|
||||
'accepted' => &$accepted,
|
||||
'message' => &$message
|
||||
]);
|
||||
|
||||
if (!$accepted) {
|
||||
throw new \Exception($message);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -344,7 +344,7 @@ class Share extends \OC\Share\Constants {
|
|||
}
|
||||
|
||||
/**
|
||||
* Set expiration date for a share
|
||||
* Set password for a public link share
|
||||
* @param int $shareId
|
||||
* @param string $password
|
||||
* @return boolean
|
||||
|
|
Loading…
Reference in New Issue