Merge pull request #17838 from owncloud/sharing-password-policy-master

Use a hook to integrate sharing password verification
This commit is contained in:
Thomas Müller 2015-07-24 16:47:18 +02:00
commit 11244736ae
2 changed files with 24 additions and 2 deletions

View File

@ -737,6 +737,7 @@ class Share extends Constants {
// Generate hash of password - same method as user passwords // Generate hash of password - same method as user passwords
if (!empty($shareWith)) { if (!empty($shareWith)) {
self::verifyPassword($shareWith);
$shareWith = \OC::$server->getHasher()->hash($shareWith); $shareWith = \OC::$server->getHasher()->hash($shareWith);
} else { } else {
// reuse the already set password, but only if we change permissions // reuse the already set password, but only if we change permissions
@ -1218,7 +1219,7 @@ class Share extends Constants {
} }
/** /**
* Set expiration date for a share * Set password for a public link share
* *
* @param IUserSession $userSession * @param IUserSession $userSession
* @param IDBConnection $connection * @param IDBConnection $connection
@ -1252,6 +1253,8 @@ class Share extends Constants {
throw new \Exception('Cannot remove password'); throw new \Exception('Cannot remove password');
} }
self::verifyPassword($password);
$qb = $connection->getQueryBuilder(); $qb = $connection->getQueryBuilder();
$qb->update('*PREFIX*share') $qb->update('*PREFIX*share')
->set('share_with', $qb->createParameter('pass')) ->set('share_with', $qb->createParameter('pass'))
@ -2604,4 +2607,23 @@ class Share extends Constants {
$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]); $result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
return $result->fetchAll(); return $result->fetchAll();
} }
/**
* @param string $password
* @throws \Exception
*/
private static function verifyPassword($password) {
$accepted = true;
$message = '';
\OCP\Util::emitHook('\OC\Share', 'verifyPassword', [
'password' => $password,
'accepted' => &$accepted,
'message' => &$message
]);
if (!$accepted) {
throw new \Exception($message);
}
}
} }

View File

@ -344,7 +344,7 @@ class Share extends \OC\Share\Constants {
} }
/** /**
* Set expiration date for a share * Set password for a public link share
* @param int $shareId * @param int $shareId
* @param string $password * @param string $password
* @return boolean * @return boolean