Perform visibility checks on storages
StoragesService::getStorages() will check the visibility of the backend and auth mechanism for the storage, and if either are not visible to the user (aka disabled by admin) then the storage will be filtered out. The original method StoragesService::getAllStorages() still exists in case such storages need to be detected, but its use is discouraged.
This commit is contained in:
parent
6f5f1c4f14
commit
2404333300
|
@ -179,14 +179,5 @@ class GlobalStoragesController extends StoragesController {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the visibility type for this controller, used in validation
|
|
||||||
*
|
|
||||||
* @return string BackendService::VISIBILITY_* constants
|
|
||||||
*/
|
|
||||||
protected function getVisibilityType() {
|
|
||||||
return BackendService::VISIBILITY_ADMIN;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -153,7 +153,7 @@ abstract class StoragesController extends Controller {
|
||||||
$backend = $storage->getBackend();
|
$backend = $storage->getBackend();
|
||||||
/** @var AuthMechanism */
|
/** @var AuthMechanism */
|
||||||
$authMechanism = $storage->getAuthMechanism();
|
$authMechanism = $storage->getAuthMechanism();
|
||||||
if (!$backend || $backend->checkDependencies()) {
|
if ($backend->checkDependencies()) {
|
||||||
// invalid backend
|
// invalid backend
|
||||||
return new DataResponse(
|
return new DataResponse(
|
||||||
array(
|
array(
|
||||||
|
@ -165,7 +165,7 @@ abstract class StoragesController extends Controller {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$backend->isVisibleFor($this->getVisibilityType())) {
|
if (!$backend->isVisibleFor($this->service->getVisibilityType())) {
|
||||||
// not permitted to use backend
|
// not permitted to use backend
|
||||||
return new DataResponse(
|
return new DataResponse(
|
||||||
array(
|
array(
|
||||||
|
@ -176,7 +176,7 @@ abstract class StoragesController extends Controller {
|
||||||
Http::STATUS_UNPROCESSABLE_ENTITY
|
Http::STATUS_UNPROCESSABLE_ENTITY
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
if (!$authMechanism->isVisibleFor($this->getVisibilityType())) {
|
if (!$authMechanism->isVisibleFor($this->service->getVisibilityType())) {
|
||||||
// not permitted to use auth mechanism
|
// not permitted to use auth mechanism
|
||||||
return new DataResponse(
|
return new DataResponse(
|
||||||
array(
|
array(
|
||||||
|
@ -210,13 +210,6 @@ abstract class StoragesController extends Controller {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the visibility type for this controller, used in validation
|
|
||||||
*
|
|
||||||
* @return string BackendService::VISIBILITY_* constants
|
|
||||||
*/
|
|
||||||
abstract protected function getVisibilityType();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check whether the given storage is available / valid.
|
* Check whether the given storage is available / valid.
|
||||||
*
|
*
|
||||||
|
|
|
@ -187,13 +187,4 @@ class UserStoragesController extends StoragesController {
|
||||||
return parent::destroy($id);
|
return parent::destroy($id);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the visibility type for this controller, used in validation
|
|
||||||
*
|
|
||||||
* @return string BackendService::VISIBILITY_* constants
|
|
||||||
*/
|
|
||||||
protected function getVisibilityType() {
|
|
||||||
return BackendService::VISIBILITY_PERSONAL;
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -112,7 +112,7 @@ class OC_Mount_Config {
|
||||||
* @param string $uid user
|
* @param string $uid user
|
||||||
* @return array of mount point string as key, mountpoint config as value
|
* @return array of mount point string as key, mountpoint config as value
|
||||||
*
|
*
|
||||||
* @deprecated 8.2.0 use UserGlobalStoragesService::getAllStorages() and UserStoragesService::getAllStorages()
|
* @deprecated 8.2.0 use UserGlobalStoragesService::getStorages() and UserStoragesService::getStorages()
|
||||||
*/
|
*/
|
||||||
public static function getAbsoluteMountPoints($uid) {
|
public static function getAbsoluteMountPoints($uid) {
|
||||||
$mountPoints = array();
|
$mountPoints = array();
|
||||||
|
@ -124,7 +124,7 @@ class OC_Mount_Config {
|
||||||
$userGlobalStoragesService->setUser($user);
|
$userGlobalStoragesService->setUser($user);
|
||||||
$userStoragesService->setUser($user);
|
$userStoragesService->setUser($user);
|
||||||
|
|
||||||
foreach ($userGlobalStoragesService->getAllStorages() as $storage) {
|
foreach ($userGlobalStoragesService->getStorages() as $storage) {
|
||||||
$mountPoint = '/'.$uid.'/files'.$storage->getMountPoint();
|
$mountPoint = '/'.$uid.'/files'.$storage->getMountPoint();
|
||||||
$mountEntry = self::prepareMountPointEntry($storage, false);
|
$mountEntry = self::prepareMountPointEntry($storage, false);
|
||||||
foreach ($mountEntry['options'] as &$option) {
|
foreach ($mountEntry['options'] as &$option) {
|
||||||
|
@ -133,7 +133,7 @@ class OC_Mount_Config {
|
||||||
$mountPoints[$mountPoint] = $mountEntry;
|
$mountPoints[$mountPoint] = $mountEntry;
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($userStoragesService->getAllStorages() as $storage) {
|
foreach ($userStoragesService->getStorages() as $storage) {
|
||||||
$mountPoint = '/'.$uid.'/files'.$storage->getMountPoint();
|
$mountPoint = '/'.$uid.'/files'.$storage->getMountPoint();
|
||||||
$mountEntry = self::prepareMountPointEntry($storage, true);
|
$mountEntry = self::prepareMountPointEntry($storage, true);
|
||||||
foreach ($mountEntry['options'] as &$option) {
|
foreach ($mountEntry['options'] as &$option) {
|
||||||
|
@ -153,13 +153,13 @@ class OC_Mount_Config {
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*
|
*
|
||||||
* @deprecated 8.2.0 use GlobalStoragesService::getAllStorages()
|
* @deprecated 8.2.0 use GlobalStoragesService::getStorages()
|
||||||
*/
|
*/
|
||||||
public static function getSystemMountPoints() {
|
public static function getSystemMountPoints() {
|
||||||
$mountPoints = [];
|
$mountPoints = [];
|
||||||
$service = self::$app->getContainer()->query('OCA\Files_External\Service\GlobalStoragesService');
|
$service = self::$app->getContainer()->query('OCA\Files_External\Service\GlobalStoragesService');
|
||||||
|
|
||||||
foreach ($service->getAllStorages() as $storage) {
|
foreach ($service->getStorages() as $storage) {
|
||||||
$mountPoints[] = self::prepareMountPointEntry($storage, false);
|
$mountPoints[] = self::prepareMountPointEntry($storage, false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -171,13 +171,13 @@ class OC_Mount_Config {
|
||||||
*
|
*
|
||||||
* @return array
|
* @return array
|
||||||
*
|
*
|
||||||
* @deprecated 8.2.0 use UserStoragesService::getAllStorages()
|
* @deprecated 8.2.0 use UserStoragesService::getStorages()
|
||||||
*/
|
*/
|
||||||
public static function getPersonalMountPoints() {
|
public static function getPersonalMountPoints() {
|
||||||
$mountPoints = [];
|
$mountPoints = [];
|
||||||
$service = self::$app->getContainer()->query('OCA\Files_External\Service\UserStoragesService');
|
$service = self::$app->getContainer()->query('OCA\Files_External\Service\UserStoragesService');
|
||||||
|
|
||||||
foreach ($service->getAllStorages() as $storage) {
|
foreach ($service->getStorages() as $storage) {
|
||||||
$mountPoints[] = self::prepareMountPointEntry($storage, true);
|
$mountPoints[] = self::prepareMountPointEntry($storage, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -133,7 +133,7 @@ class ConfigAdapter implements IMountProvider {
|
||||||
$mounts[$storage->getMountPoint()] = $mount;
|
$mounts[$storage->getMountPoint()] = $mount;
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($this->userStoragesService->getAllStorages() as $storage) {
|
foreach ($this->userStoragesService->getStorages() as $storage) {
|
||||||
try {
|
try {
|
||||||
$this->prepareStorageConfig($storage, $user);
|
$this->prepareStorageConfig($storage, $user);
|
||||||
$impl = $this->constructStorage($storage);
|
$impl = $this->constructStorage($storage);
|
||||||
|
|
|
@ -54,7 +54,7 @@ foreach ($authMechanisms as $authMechanism) {
|
||||||
$tmpl = new OCP\Template('files_external', 'settings');
|
$tmpl = new OCP\Template('files_external', 'settings');
|
||||||
$tmpl->assign('encryptionEnabled', \OC::$server->getEncryptionManager()->isEnabled());
|
$tmpl->assign('encryptionEnabled', \OC::$server->getEncryptionManager()->isEnabled());
|
||||||
$tmpl->assign('isAdminPage', false);
|
$tmpl->assign('isAdminPage', false);
|
||||||
$tmpl->assign('storages', $userStoragesService->getAllStorages());
|
$tmpl->assign('storages', $userStoragesService->getStorages());
|
||||||
$tmpl->assign('dependencies', OC_Mount_Config::dependencyMessage($backendService->getBackends()));
|
$tmpl->assign('dependencies', OC_Mount_Config::dependencyMessage($backendService->getBackends()));
|
||||||
$tmpl->assign('backends', $backends);
|
$tmpl->assign('backends', $backends);
|
||||||
$tmpl->assign('authMechanisms', $authMechanisms);
|
$tmpl->assign('authMechanisms', $authMechanisms);
|
||||||
|
|
|
@ -210,4 +210,13 @@ class GlobalStoragesService extends StoragesService {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the visibility type for this controller, used in validation
|
||||||
|
*
|
||||||
|
* @return string BackendService::VISIBILITY_* constants
|
||||||
|
*/
|
||||||
|
public function getVisibilityType() {
|
||||||
|
return BackendService::VISIBILITY_ADMIN;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,6 +29,8 @@ use \OC\Files\Filesystem;
|
||||||
use \OCA\Files_external\Lib\StorageConfig;
|
use \OCA\Files_external\Lib\StorageConfig;
|
||||||
use \OCA\Files_external\NotFoundException;
|
use \OCA\Files_external\NotFoundException;
|
||||||
use \OCA\Files_External\Service\BackendService;
|
use \OCA\Files_External\Service\BackendService;
|
||||||
|
use \OCA\Files_External\Lib\Backend\Backend;
|
||||||
|
use \OCA\Files_External\Lib\Auth\AuthMechanism;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Service class to manage external storages
|
* Service class to manage external storages
|
||||||
|
@ -331,7 +333,7 @@ abstract class StoragesService {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Gets all storages
|
* Gets all storages, valid or not
|
||||||
*
|
*
|
||||||
* @return array array of storage configs
|
* @return array array of storage configs
|
||||||
*/
|
*/
|
||||||
|
@ -339,6 +341,47 @@ abstract class StoragesService {
|
||||||
return $this->readConfig();
|
return $this->readConfig();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Gets all valid storages
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function getStorages() {
|
||||||
|
return array_filter($this->getAllStorages(), [$this, 'validateStorage']);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validate storage
|
||||||
|
* FIXME: De-duplicate with StoragesController::validate()
|
||||||
|
*
|
||||||
|
* @param StorageConfig $storage
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
protected function validateStorage(StorageConfig $storage) {
|
||||||
|
/** @var Backend */
|
||||||
|
$backend = $storage->getBackend();
|
||||||
|
/** @var AuthMechanism */
|
||||||
|
$authMechanism = $storage->getAuthMechanism();
|
||||||
|
|
||||||
|
if (!$backend->isVisibleFor($this->getVisibilityType())) {
|
||||||
|
// not permitted to use backend
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!$authMechanism->isVisibleFor($this->getVisibilityType())) {
|
||||||
|
// not permitted to use auth mechanism
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the visibility type for this controller, used in validation
|
||||||
|
*
|
||||||
|
* @return string BackendService::VISIBILITY_* constants
|
||||||
|
*/
|
||||||
|
abstract public function getVisibilityType();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Add new storage to the configuration
|
* Add new storage to the configuration
|
||||||
*
|
*
|
||||||
|
|
|
@ -117,7 +117,7 @@ class UserGlobalStoragesService extends GlobalStoragesService {
|
||||||
* @return StorageConfig[]
|
* @return StorageConfig[]
|
||||||
*/
|
*/
|
||||||
public function getUniqueStorages() {
|
public function getUniqueStorages() {
|
||||||
$storages = $this->getAllStorages();
|
$storages = $this->getStorages();
|
||||||
|
|
||||||
$storagesByMountpoint = [];
|
$storagesByMountpoint = [];
|
||||||
foreach ($storages as $storage) {
|
foreach ($storages as $storage) {
|
||||||
|
|
|
@ -171,4 +171,13 @@ class UserStoragesService extends StoragesService {
|
||||||
$this->triggerHooks($newStorage, Filesystem::signal_create_mount);
|
$this->triggerHooks($newStorage, Filesystem::signal_create_mount);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the visibility type for this controller, used in validation
|
||||||
|
*
|
||||||
|
* @return string BackendService::VISIBILITY_* constants
|
||||||
|
*/
|
||||||
|
public function getVisibilityType() {
|
||||||
|
return BackendService::VISIBILITY_PERSONAL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -65,7 +65,7 @@ $userBackends = array_filter($backendService->getAvailableBackends(), function($
|
||||||
$tmpl = new OCP\Template('files_external', 'settings');
|
$tmpl = new OCP\Template('files_external', 'settings');
|
||||||
$tmpl->assign('encryptionEnabled', \OC::$server->getEncryptionManager()->isEnabled());
|
$tmpl->assign('encryptionEnabled', \OC::$server->getEncryptionManager()->isEnabled());
|
||||||
$tmpl->assign('isAdminPage', true);
|
$tmpl->assign('isAdminPage', true);
|
||||||
$tmpl->assign('storages', $globalStoragesService->getAllStorages());
|
$tmpl->assign('storages', $globalStoragesService->getStorages());
|
||||||
$tmpl->assign('backends', $backends);
|
$tmpl->assign('backends', $backends);
|
||||||
$tmpl->assign('authMechanisms', $authMechanisms);
|
$tmpl->assign('authMechanisms', $authMechanisms);
|
||||||
$tmpl->assign('userBackends', $userBackends);
|
$tmpl->assign('userBackends', $userBackends);
|
||||||
|
|
|
@ -24,6 +24,7 @@ use \OCA\Files_external\Controller\GlobalStoragesController;
|
||||||
use \OCA\Files_external\Service\GlobalStoragesService;
|
use \OCA\Files_external\Service\GlobalStoragesService;
|
||||||
use \OCP\AppFramework\Http;
|
use \OCP\AppFramework\Http;
|
||||||
use \OCA\Files_external\NotFoundException;
|
use \OCA\Files_external\NotFoundException;
|
||||||
|
use \OCA\Files_External\Service\BackendService;
|
||||||
|
|
||||||
class GlobalStoragesControllerTest extends StoragesControllerTest {
|
class GlobalStoragesControllerTest extends StoragesControllerTest {
|
||||||
public function setUp() {
|
public function setUp() {
|
||||||
|
@ -32,6 +33,9 @@ class GlobalStoragesControllerTest extends StoragesControllerTest {
|
||||||
->disableOriginalConstructor()
|
->disableOriginalConstructor()
|
||||||
->getMock();
|
->getMock();
|
||||||
|
|
||||||
|
$this->service->method('getVisibilityType')
|
||||||
|
->willReturn(BackendService::VISIBILITY_ADMIN);
|
||||||
|
|
||||||
$this->controller = new GlobalStoragesController(
|
$this->controller = new GlobalStoragesController(
|
||||||
'files_external',
|
'files_external',
|
||||||
$this->getMock('\OCP\IRequest'),
|
$this->getMock('\OCP\IRequest'),
|
||||||
|
|
|
@ -40,6 +40,9 @@ class UserStoragesControllerTest extends StoragesControllerTest {
|
||||||
->disableOriginalConstructor()
|
->disableOriginalConstructor()
|
||||||
->getMock();
|
->getMock();
|
||||||
|
|
||||||
|
$this->service->method('getVisibilityType')
|
||||||
|
->willReturn(BackendService::VISIBILITY_PERSONAL);
|
||||||
|
|
||||||
$this->controller = new UserStoragesController(
|
$this->controller = new UserStoragesController(
|
||||||
'files_external',
|
'files_external',
|
||||||
$this->getMock('\OCP\IRequest'),
|
$this->getMock('\OCP\IRequest'),
|
||||||
|
|
|
@ -209,7 +209,11 @@ class UserGlobalStoragesServiceTest extends GlobalStoragesServiceTest {
|
||||||
$expectedPrecedence
|
$expectedPrecedence
|
||||||
) {
|
) {
|
||||||
$backend = $this->backendService->getBackend('identifier:\OCA\Files_External\Lib\Backend\SMB');
|
$backend = $this->backendService->getBackend('identifier:\OCA\Files_External\Lib\Backend\SMB');
|
||||||
|
$backend->method('isVisibleFor')
|
||||||
|
->willReturn(true);
|
||||||
$authMechanism = $this->backendService->getAuthMechanism('identifier:\Auth\Mechanism');
|
$authMechanism = $this->backendService->getAuthMechanism('identifier:\Auth\Mechanism');
|
||||||
|
$authMechanism->method('isVisibleFor')
|
||||||
|
->willReturn(true);
|
||||||
|
|
||||||
$storage1 = new StorageConfig();
|
$storage1 = new StorageConfig();
|
||||||
$storage1->setMountPoint('mountpoint');
|
$storage1->setMountPoint('mountpoint');
|
||||||
|
|
Loading…
Reference in New Issue