Merge pull request #17838 from owncloud/sharing-password-policy-master
Use a hook to integrate sharing password verification
This commit is contained in:
commit
11244736ae
|
@ -737,6 +737,7 @@ class Share extends Constants {
|
||||||
|
|
||||||
// Generate hash of password - same method as user passwords
|
// Generate hash of password - same method as user passwords
|
||||||
if (!empty($shareWith)) {
|
if (!empty($shareWith)) {
|
||||||
|
self::verifyPassword($shareWith);
|
||||||
$shareWith = \OC::$server->getHasher()->hash($shareWith);
|
$shareWith = \OC::$server->getHasher()->hash($shareWith);
|
||||||
} else {
|
} else {
|
||||||
// reuse the already set password, but only if we change permissions
|
// reuse the already set password, but only if we change permissions
|
||||||
|
@ -1218,7 +1219,7 @@ class Share extends Constants {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set expiration date for a share
|
* Set password for a public link share
|
||||||
*
|
*
|
||||||
* @param IUserSession $userSession
|
* @param IUserSession $userSession
|
||||||
* @param IDBConnection $connection
|
* @param IDBConnection $connection
|
||||||
|
@ -1252,6 +1253,8 @@ class Share extends Constants {
|
||||||
throw new \Exception('Cannot remove password');
|
throw new \Exception('Cannot remove password');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
self::verifyPassword($password);
|
||||||
|
|
||||||
$qb = $connection->getQueryBuilder();
|
$qb = $connection->getQueryBuilder();
|
||||||
$qb->update('*PREFIX*share')
|
$qb->update('*PREFIX*share')
|
||||||
->set('share_with', $qb->createParameter('pass'))
|
->set('share_with', $qb->createParameter('pass'))
|
||||||
|
@ -2604,4 +2607,23 @@ class Share extends Constants {
|
||||||
$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
|
$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
|
||||||
return $result->fetchAll();
|
return $result->fetchAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $password
|
||||||
|
* @throws \Exception
|
||||||
|
*/
|
||||||
|
private static function verifyPassword($password) {
|
||||||
|
|
||||||
|
$accepted = true;
|
||||||
|
$message = '';
|
||||||
|
\OCP\Util::emitHook('\OC\Share', 'verifyPassword', [
|
||||||
|
'password' => $password,
|
||||||
|
'accepted' => &$accepted,
|
||||||
|
'message' => &$message
|
||||||
|
]);
|
||||||
|
|
||||||
|
if (!$accepted) {
|
||||||
|
throw new \Exception($message);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -344,7 +344,7 @@ class Share extends \OC\Share\Constants {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set expiration date for a share
|
* Set password for a public link share
|
||||||
* @param int $shareId
|
* @param int $shareId
|
||||||
* @param string $password
|
* @param string $password
|
||||||
* @return boolean
|
* @return boolean
|
||||||
|
|
Loading…
Reference in New Issue