Fix middleware implementations signatures
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma
parent
72eb610b3d
commit
3548603a88
|
|
@ -3,6 +3,7 @@
|
|||
namespace OCA\Files_Sharing\Middleware;
|
||||
|
||||
use OCA\Files_Sharing\Controller\ShareAPIController;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\AppFramework\OCS\OCSNotFoundException;
|
||||
|
|
@ -22,12 +23,12 @@ class OCSShareAPIMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
*
|
||||
* @throws OCSNotFoundException
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
if ($controller instanceof ShareAPIController) {
|
||||
if (!$this->shareManager->shareApiEnabled()) {
|
||||
throw new OCSNotFoundException($this->l->t('Share API is disabled'));
|
||||
|
|
@ -36,12 +37,12 @@ class OCSShareAPIMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param Response $response
|
||||
* @return Response
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response) {
|
||||
public function afterController(Controller $controller, $methodName, Response $response) {
|
||||
if ($controller instanceof ShareAPIController) {
|
||||
/** @var ShareAPIController $controller */
|
||||
$controller->cleanup();
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ namespace OCA\Files_Sharing\Middleware;
|
|||
use OCA\Files_Sharing\Controller\ExternalSharesController;
|
||||
use OCA\Files_Sharing\Controller\ShareController;
|
||||
use OCP\App\IAppManager;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\NotFoundResponse;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\Files\NotFoundException;
|
||||
|
|
@ -85,13 +86,13 @@ class SharingCheckMiddleware extends Middleware {
|
|||
/**
|
||||
* Check if sharing is enabled before the controllers is executed
|
||||
*
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @throws NotFoundException
|
||||
* @throws S2SException
|
||||
* @throws ShareNotFound
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
if(!$this->isSharingEnabled()) {
|
||||
throw new NotFoundException('Sharing is disabled.');
|
||||
}
|
||||
|
|
@ -112,13 +113,13 @@ class SharingCheckMiddleware extends Middleware {
|
|||
/**
|
||||
* Return 404 page in case of a not found exception
|
||||
*
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param \Exception $exception
|
||||
* @return NotFoundResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception) {
|
||||
if(is_a($exception, '\OCP\Files\NotFoundException')) {
|
||||
return new NotFoundResponse();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@
|
|||
namespace OCA\Provisioning_API\Middleware;
|
||||
|
||||
use OCA\Provisioning_API\Middleware\Exceptions\NotSubAdminException;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\AppFramework\OCS\OCSException;
|
||||
|
|
@ -36,29 +37,29 @@ class ProvisioningApiMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
*
|
||||
* @throws NotSubAdminException
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
if (!$this->isAdmin && !$this->reflector->hasAnnotation('NoSubAdminRequired') && !$this->isSubAdmin) {
|
||||
throw new NotSubAdminException();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param \Exception $exception
|
||||
* @throws \Exception
|
||||
* @return Response
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception) {
|
||||
if ($exception instanceof NotSubAdminException) {
|
||||
throw new OCSException($exception->getMessage(), \OCP\API::RESPOND_UNAUTHORISED);
|
||||
}
|
||||
|
||||
throw $exception;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ class TwoFactorMiddleware extends Middleware {
|
|||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
if ($this->reflector->hasAnnotation('PublicPage')) {
|
||||
// Don't block public pages
|
||||
return;
|
||||
|
|
@ -104,7 +104,7 @@ class TwoFactorMiddleware extends Middleware {
|
|||
// TODO: dont check/enforce 2FA if a auth token is used
|
||||
}
|
||||
|
||||
private function checkTwoFactor($controller, $methodName, IUser $user) {
|
||||
private function checkTwoFactor(Controller $controller, $methodName, IUser $user) {
|
||||
// If two-factor auth is in progress disallow access to any controllers
|
||||
// defined within "LoginController".
|
||||
$needsSecondFactor = $this->twoFactorManager->needsSecondFactor($user);
|
||||
|
|
@ -122,7 +122,7 @@ class TwoFactorMiddleware extends Middleware {
|
|||
}
|
||||
}
|
||||
|
||||
public function afterException($controller, $methodName, Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, Exception $exception) {
|
||||
if ($exception instanceof TwoFactorAuthRequiredException) {
|
||||
$params = [];
|
||||
if (isset($this->request->server['REQUEST_URI'])) {
|
||||
|
|
|
|||
|
|
@ -52,10 +52,10 @@ class OCSMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
if ($controller instanceof OCSController) {
|
||||
if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) {
|
||||
$this->ocsVersion = 2;
|
||||
|
|
@ -67,13 +67,13 @@ class OCSMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param \Exception $exception
|
||||
* @throws \Exception
|
||||
* @return BaseResponse
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception) {
|
||||
if ($controller instanceof OCSController && $exception instanceof OCSException) {
|
||||
$code = $exception->getCode();
|
||||
if ($code === 0) {
|
||||
|
|
@ -87,12 +87,12 @@ class OCSMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param Response $response
|
||||
* @return \OCP\AppFramework\Http\Response
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response) {
|
||||
public function afterController(Controller $controller, $methodName, Response $response) {
|
||||
/*
|
||||
* If a different middleware has detected that a request unauthorized or forbidden
|
||||
* we need to catch the response and convert it to a proper OCS response.
|
||||
|
|
@ -120,7 +120,7 @@ class OCSMiddleware extends Middleware {
|
|||
* @param string $message
|
||||
* @return V1Response|V2Response
|
||||
*/
|
||||
private function buildNewResponse($controller, $code, $message) {
|
||||
private function buildNewResponse(Controller $controller, $code, $message) {
|
||||
$format = $this->getFormat($controller);
|
||||
|
||||
$data = new DataResponse();
|
||||
|
|
@ -135,10 +135,10 @@ class OCSMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @return string
|
||||
*/
|
||||
private function getFormat($controller) {
|
||||
private function getFormat(Controller $controller) {
|
||||
// get format from the url format or request format parameter
|
||||
$format = $this->request->getParam('format');
|
||||
|
||||
|
|
|
|||
|
|
@ -23,6 +23,7 @@ namespace OC\AppFramework\Middleware\Security;
|
|||
|
||||
use OC\AppFramework\Utility\ControllerMethodReflector;
|
||||
use OC\Security\Bruteforce\Throttler;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\IRequest;
|
||||
|
|
@ -58,7 +59,7 @@ class BruteForceMiddleware extends Middleware {
|
|||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
parent::beforeController($controller, $methodName);
|
||||
|
||||
if($this->reflector->hasAnnotation('BruteForceProtection')) {
|
||||
|
|
@ -70,7 +71,7 @@ class BruteForceMiddleware extends Middleware {
|
|||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response) {
|
||||
public function afterController(Controller $controller, $methodName, Response $response) {
|
||||
if($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) {
|
||||
$action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action');
|
||||
$ip = $this->request->getRemoteAddress();
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ class CORSMiddleware extends Middleware {
|
|||
* @throws SecurityException
|
||||
* @since 6.0.0
|
||||
*/
|
||||
public function beforeController($controller, $methodName){
|
||||
public function beforeController(Controller $controller, $methodName){
|
||||
// ensure that @CORS annotated API routes are not used in conjunction
|
||||
// with session authentication since this enables CSRF attack vectors
|
||||
if ($this->reflector->hasAnnotation('CORS') &&
|
||||
|
|
@ -110,7 +110,7 @@ class CORSMiddleware extends Middleware {
|
|||
* @return Response a Response object
|
||||
* @throws SecurityException
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response){
|
||||
public function afterController(Controller $controller, $methodName, Response $response){
|
||||
// only react if its a CORS request and if the request sends origin and
|
||||
|
||||
if(isset($this->request->server['HTTP_ORIGIN']) &&
|
||||
|
|
@ -143,7 +143,7 @@ class CORSMiddleware extends Middleware {
|
|||
* @throws \Exception the passed in exception if it can't handle it
|
||||
* @return Response a Response object or null in case that the exception could not be handled
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception){
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception){
|
||||
if($exception instanceof SecurityException){
|
||||
$response = new JSONResponse(['message' => $exception->getMessage()]);
|
||||
if($exception->getCode() !== 0) {
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ namespace OC\AppFramework\Middleware\Security;
|
|||
use OC\AppFramework\Utility\ControllerMethodReflector;
|
||||
use OC\Security\RateLimiting\Exception\RateLimitExceededException;
|
||||
use OC\Security\RateLimiting\Limiter;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\AppFramework\Http\TemplateResponse;
|
||||
use OCP\AppFramework\Middleware;
|
||||
|
|
@ -76,7 +77,7 @@ class RateLimitingMiddleware extends Middleware {
|
|||
* {@inheritDoc}
|
||||
* @throws RateLimitExceededException
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
parent::beforeController($controller, $methodName);
|
||||
|
||||
$anonLimit = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'limit');
|
||||
|
|
@ -104,7 +105,7 @@ class RateLimitingMiddleware extends Middleware {
|
|||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception) {
|
||||
if($exception instanceof RateLimitExceededException) {
|
||||
if (stripos($this->request->getHeader('Accept'),'html') === false) {
|
||||
$response = new JSONResponse(
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ class SecurityMiddleware extends Middleware {
|
|||
* @param string $methodName the name of the method
|
||||
* @throws SecurityException when a security check fails
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
|
||||
// this will set the current navigation entry of the app, use this only
|
||||
// for normal HTML requests and not for AJAX requests
|
||||
|
|
@ -205,7 +205,7 @@ class SecurityMiddleware extends Middleware {
|
|||
* @param Response $response
|
||||
* @return Response
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response) {
|
||||
public function afterController(Controller $controller, $methodName, Response $response) {
|
||||
$policy = !is_null($response->getContentSecurityPolicy()) ? $response->getContentSecurityPolicy() : new ContentSecurityPolicy();
|
||||
|
||||
if (get_class($policy) === EmptyContentSecurityPolicy::class) {
|
||||
|
|
@ -234,7 +234,7 @@ class SecurityMiddleware extends Middleware {
|
|||
* @throws \Exception the passed in exception if it can't handle it
|
||||
* @return Response a Response object or null in case that the exception could not be handled
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception) {
|
||||
if($exception instanceof SecurityException) {
|
||||
if($exception instanceof StrictCookieMissingException) {
|
||||
return new RedirectResponse(\OC::$WEBROOT);
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@
|
|||
namespace OC\AppFramework\Middleware;
|
||||
|
||||
use OC\AppFramework\Utility\ControllerMethodReflector;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\IRequest;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Middleware;
|
||||
|
|
@ -55,10 +56,10 @@ class SessionMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
$useSession = $this->reflector->hasAnnotation('UseSession');
|
||||
if (!$useSession) {
|
||||
$this->session->close();
|
||||
|
|
@ -66,12 +67,12 @@ class SessionMiddleware extends Middleware {
|
|||
}
|
||||
|
||||
/**
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param Response $response
|
||||
* @return Response
|
||||
*/
|
||||
public function afterController($controller, $methodName, Response $response){
|
||||
public function afterController(Controller $controller, $methodName, Response $response){
|
||||
$useSession = $this->reflector->hasAnnotation('UseSession');
|
||||
if ($useSession) {
|
||||
$this->session->close();
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@ namespace OC\Settings\Middleware;
|
|||
use OC\AppFramework\Http;
|
||||
use OC\AppFramework\Middleware\Security\Exceptions\NotAdminException;
|
||||
use OC\AppFramework\Utility\ControllerMethodReflector;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\TemplateResponse;
|
||||
use OCP\AppFramework\Middleware;
|
||||
|
||||
|
|
@ -54,11 +55,11 @@ class SubadminMiddleware extends Middleware {
|
|||
|
||||
/**
|
||||
* Check if sharing is enabled before the controllers is executed
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function beforeController($controller, $methodName) {
|
||||
public function beforeController(Controller $controller, $methodName) {
|
||||
if(!$this->reflector->hasAnnotation('NoSubadminRequired')) {
|
||||
if(!$this->isSubAdmin) {
|
||||
throw new NotAdminException('Logged in user must be a subadmin');
|
||||
|
|
@ -68,13 +69,13 @@ class SubadminMiddleware extends Middleware {
|
|||
|
||||
/**
|
||||
* Return 403 page in case of an exception
|
||||
* @param \OCP\AppFramework\Controller $controller
|
||||
* @param Controller $controller
|
||||
* @param string $methodName
|
||||
* @param \Exception $exception
|
||||
* @return TemplateResponse
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function afterException($controller, $methodName, \Exception $exception) {
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception) {
|
||||
if($exception instanceof NotAdminException) {
|
||||
$response = new TemplateResponse('core', '403', array(), 'guest');
|
||||
$response->setStatus(Http::STATUS_FORBIDDEN);
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ namespace Test\AppFramework\Middleware;
|
|||
|
||||
use OC\AppFramework\Http\Request;
|
||||
use OC\AppFramework\Middleware\MiddlewareDispatcher;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Middleware;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
|
||||
|
|
@ -61,7 +62,7 @@ class TestMiddleware extends Middleware {
|
|||
$this->beforeControllerThrowsEx = $beforeControllerThrowsEx;
|
||||
}
|
||||
|
||||
public function beforeController($controller, $methodName){
|
||||
public function beforeController(Controller $controller, $methodName){
|
||||
self::$beforeControllerCalled++;
|
||||
$this->beforeControllerOrder = self::$beforeControllerCalled;
|
||||
$this->controller = $controller;
|
||||
|
|
@ -71,7 +72,7 @@ class TestMiddleware extends Middleware {
|
|||
}
|
||||
}
|
||||
|
||||
public function afterException($controller, $methodName, \Exception $exception){
|
||||
public function afterException(Controller $controller, $methodName, \Exception $exception){
|
||||
self::$afterExceptionCalled++;
|
||||
$this->afterExceptionOrder = self::$afterExceptionCalled;
|
||||
$this->controller = $controller;
|
||||
|
|
@ -80,7 +81,7 @@ class TestMiddleware extends Middleware {
|
|||
parent::afterException($controller, $methodName, $exception);
|
||||
}
|
||||
|
||||
public function afterController($controller, $methodName, Response $response){
|
||||
public function afterController(Controller $controller, $methodName, Response $response){
|
||||
self::$afterControllerCalled++;
|
||||
$this->afterControllerOrder = self::$afterControllerCalled;
|
||||
$this->controller = $controller;
|
||||
|
|
@ -89,7 +90,7 @@ class TestMiddleware extends Middleware {
|
|||
return parent::afterController($controller, $methodName, $response);
|
||||
}
|
||||
|
||||
public function beforeOutput($controller, $methodName, $output){
|
||||
public function beforeOutput(Controller $controller, $methodName, $output){
|
||||
self::$beforeOutputCalled++;
|
||||
$this->beforeOutputOrder = self::$beforeOutputCalled;
|
||||
$this->controller = $controller;
|
||||
|
|
|
|||
Loading…
Reference in New Issue