Merge pull request #17838 from owncloud/sharing-password-policy-master

Use a hook to integrate sharing password verification
This commit is contained in:
Thomas Müller 2015-07-24 16:47:18 +02:00
commit 11244736ae
2 changed files with 24 additions and 2 deletions

View File

@ -737,6 +737,7 @@ class Share extends Constants {
// Generate hash of password - same method as user passwords
if (!empty($shareWith)) {
self::verifyPassword($shareWith);
$shareWith = \OC::$server->getHasher()->hash($shareWith);
} else {
// reuse the already set password, but only if we change permissions
@ -1218,7 +1219,7 @@ class Share extends Constants {
}
/**
* Set expiration date for a share
* Set password for a public link share
*
* @param IUserSession $userSession
* @param IDBConnection $connection
@ -1252,6 +1253,8 @@ class Share extends Constants {
throw new \Exception('Cannot remove password');
}
self::verifyPassword($password);
$qb = $connection->getQueryBuilder();
$qb->update('*PREFIX*share')
->set('share_with', $qb->createParameter('pass'))
@ -2604,4 +2607,23 @@ class Share extends Constants {
$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
return $result->fetchAll();
}
/**
* @param string $password
* @throws \Exception
*/
private static function verifyPassword($password) {
$accepted = true;
$message = '';
\OCP\Util::emitHook('\OC\Share', 'verifyPassword', [
'password' => $password,
'accepted' => &$accepted,
'message' => &$message
]);
if (!$accepted) {
throw new \Exception($message);
}
}
}

View File

@ -344,7 +344,7 @@ class Share extends \OC\Share\Constants {
}
/**
* Set expiration date for a share
* Set password for a public link share
* @param int $shareId
* @param string $password
* @return boolean