diff --git a/apps/files_sharing/lib/Middleware/OCSShareAPIMiddleware.php b/apps/files_sharing/lib/Middleware/OCSShareAPIMiddleware.php index 5d2c168e87..dd33701250 100644 --- a/apps/files_sharing/lib/Middleware/OCSShareAPIMiddleware.php +++ b/apps/files_sharing/lib/Middleware/OCSShareAPIMiddleware.php @@ -3,6 +3,7 @@ namespace OCA\Files_Sharing\Middleware; use OCA\Files_Sharing\Controller\ShareAPIController; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; use OCP\AppFramework\OCS\OCSNotFoundException; @@ -22,12 +23,12 @@ class OCSShareAPIMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * * @throws OCSNotFoundException */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { if ($controller instanceof ShareAPIController) { if (!$this->shareManager->shareApiEnabled()) { throw new OCSNotFoundException($this->l->t('Share API is disabled')); @@ -36,12 +37,12 @@ class OCSShareAPIMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param Response $response * @return Response */ - public function afterController($controller, $methodName, Response $response) { + public function afterController(Controller $controller, $methodName, Response $response) { if ($controller instanceof ShareAPIController) { /** @var ShareAPIController $controller */ $controller->cleanup(); diff --git a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php index 9dd8d2e5ae..3dd4ad718b 100644 --- a/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php +++ b/apps/files_sharing/lib/Middleware/SharingCheckMiddleware.php @@ -28,6 +28,7 @@ namespace OCA\Files_Sharing\Middleware; use OCA\Files_Sharing\Controller\ExternalSharesController; use OCA\Files_Sharing\Controller\ShareController; use OCP\App\IAppManager; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Middleware; use OCP\Files\NotFoundException; @@ -85,13 +86,13 @@ class SharingCheckMiddleware extends Middleware { /** * Check if sharing is enabled before the controllers is executed * - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @throws NotFoundException * @throws S2SException * @throws ShareNotFound */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { if(!$this->isSharingEnabled()) { throw new NotFoundException('Sharing is disabled.'); } @@ -112,13 +113,13 @@ class SharingCheckMiddleware extends Middleware { /** * Return 404 page in case of a not found exception * - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param \Exception $exception * @return NotFoundResponse * @throws \Exception */ - public function afterException($controller, $methodName, \Exception $exception) { + public function afterException(Controller $controller, $methodName, \Exception $exception) { if(is_a($exception, '\OCP\Files\NotFoundException')) { return new NotFoundResponse(); } diff --git a/apps/provisioning_api/lib/Middleware/ProvisioningApiMiddleware.php b/apps/provisioning_api/lib/Middleware/ProvisioningApiMiddleware.php index d9afe59602..6245d2be90 100644 --- a/apps/provisioning_api/lib/Middleware/ProvisioningApiMiddleware.php +++ b/apps/provisioning_api/lib/Middleware/ProvisioningApiMiddleware.php @@ -3,6 +3,7 @@ namespace OCA\Provisioning_API\Middleware; use OCA\Provisioning_API\Middleware\Exceptions\NotSubAdminException; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; use OCP\AppFramework\OCS\OCSException; @@ -36,29 +37,29 @@ class ProvisioningApiMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * * @throws NotSubAdminException */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { if (!$this->isAdmin && !$this->reflector->hasAnnotation('NoSubAdminRequired') && !$this->isSubAdmin) { throw new NotSubAdminException(); } } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param \Exception $exception * @throws \Exception * @return Response */ - public function afterException($controller, $methodName, \Exception $exception) { + public function afterException(Controller $controller, $methodName, \Exception $exception) { if ($exception instanceof NotSubAdminException) { throw new OCSException($exception->getMessage(), \OCP\API::RESPOND_UNAUTHORISED); } throw $exception; } -} \ No newline at end of file +} diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php index e35c53d404..b8edda4db6 100644 --- a/core/Middleware/TwoFactorMiddleware.php +++ b/core/Middleware/TwoFactorMiddleware.php @@ -79,7 +79,7 @@ class TwoFactorMiddleware extends Middleware { * @param Controller $controller * @param string $methodName */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { if ($this->reflector->hasAnnotation('PublicPage')) { // Don't block public pages return; @@ -104,7 +104,7 @@ class TwoFactorMiddleware extends Middleware { // TODO: dont check/enforce 2FA if a auth token is used } - private function checkTwoFactor($controller, $methodName, IUser $user) { + private function checkTwoFactor(Controller $controller, $methodName, IUser $user) { // If two-factor auth is in progress disallow access to any controllers // defined within "LoginController". $needsSecondFactor = $this->twoFactorManager->needsSecondFactor($user); @@ -122,7 +122,7 @@ class TwoFactorMiddleware extends Middleware { } } - public function afterException($controller, $methodName, Exception $exception) { + public function afterException(Controller $controller, $methodName, Exception $exception) { if ($exception instanceof TwoFactorAuthRequiredException) { $params = []; if (isset($this->request->server['REQUEST_URI'])) { diff --git a/lib/private/AppFramework/Middleware/OCSMiddleware.php b/lib/private/AppFramework/Middleware/OCSMiddleware.php index 0fc7bb0f0e..50ee40b7b4 100644 --- a/lib/private/AppFramework/Middleware/OCSMiddleware.php +++ b/lib/private/AppFramework/Middleware/OCSMiddleware.php @@ -52,10 +52,10 @@ class OCSMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { if ($controller instanceof OCSController) { if (substr_compare($this->request->getScriptName(), '/ocs/v2.php', -strlen('/ocs/v2.php')) === 0) { $this->ocsVersion = 2; @@ -67,13 +67,13 @@ class OCSMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param \Exception $exception * @throws \Exception * @return BaseResponse */ - public function afterException($controller, $methodName, \Exception $exception) { + public function afterException(Controller $controller, $methodName, \Exception $exception) { if ($controller instanceof OCSController && $exception instanceof OCSException) { $code = $exception->getCode(); if ($code === 0) { @@ -87,12 +87,12 @@ class OCSMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param Response $response * @return \OCP\AppFramework\Http\Response */ - public function afterController($controller, $methodName, Response $response) { + public function afterController(Controller $controller, $methodName, Response $response) { /* * If a different middleware has detected that a request unauthorized or forbidden * we need to catch the response and convert it to a proper OCS response. @@ -120,7 +120,7 @@ class OCSMiddleware extends Middleware { * @param string $message * @return V1Response|V2Response */ - private function buildNewResponse($controller, $code, $message) { + private function buildNewResponse(Controller $controller, $code, $message) { $format = $this->getFormat($controller); $data = new DataResponse(); @@ -135,10 +135,10 @@ class OCSMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @return string */ - private function getFormat($controller) { + private function getFormat(Controller $controller) { // get format from the url format or request format parameter $format = $this->request->getParam('format'); diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php index b361f453bd..78c86442b5 100644 --- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php @@ -23,6 +23,7 @@ namespace OC\AppFramework\Middleware\Security; use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Security\Bruteforce\Throttler; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; use OCP\IRequest; @@ -58,7 +59,7 @@ class BruteForceMiddleware extends Middleware { /** * {@inheritDoc} */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { parent::beforeController($controller, $methodName); if($this->reflector->hasAnnotation('BruteForceProtection')) { @@ -70,7 +71,7 @@ class BruteForceMiddleware extends Middleware { /** * {@inheritDoc} */ - public function afterController($controller, $methodName, Response $response) { + public function afterController(Controller $controller, $methodName, Response $response) { if($this->reflector->hasAnnotation('BruteForceProtection') && $response->isThrottled()) { $action = $this->reflector->getAnnotationParameter('BruteForceProtection', 'action'); $ip = $this->request->getRemoteAddress(); diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php index 4b50b0d20b..77ad743059 100644 --- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php @@ -80,7 +80,7 @@ class CORSMiddleware extends Middleware { * @throws SecurityException * @since 6.0.0 */ - public function beforeController($controller, $methodName){ + public function beforeController(Controller $controller, $methodName){ // ensure that @CORS annotated API routes are not used in conjunction // with session authentication since this enables CSRF attack vectors if ($this->reflector->hasAnnotation('CORS') && @@ -110,7 +110,7 @@ class CORSMiddleware extends Middleware { * @return Response a Response object * @throws SecurityException */ - public function afterController($controller, $methodName, Response $response){ + public function afterController(Controller $controller, $methodName, Response $response){ // only react if its a CORS request and if the request sends origin and if(isset($this->request->server['HTTP_ORIGIN']) && @@ -143,7 +143,7 @@ class CORSMiddleware extends Middleware { * @throws \Exception the passed in exception if it can't handle it * @return Response a Response object or null in case that the exception could not be handled */ - public function afterException($controller, $methodName, \Exception $exception){ + public function afterException(Controller $controller, $methodName, \Exception $exception){ if($exception instanceof SecurityException){ $response = new JSONResponse(['message' => $exception->getMessage()]); if($exception->getCode() !== 0) { diff --git a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php index e9fcc1fdea..c73b31a617 100644 --- a/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/RateLimitingMiddleware.php @@ -24,6 +24,7 @@ namespace OC\AppFramework\Middleware\Security; use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Security\RateLimiting\Exception\RateLimitExceededException; use OC\Security\RateLimiting\Limiter; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Middleware; @@ -76,7 +77,7 @@ class RateLimitingMiddleware extends Middleware { * {@inheritDoc} * @throws RateLimitExceededException */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { parent::beforeController($controller, $methodName); $anonLimit = $this->reflector->getAnnotationParameter('AnonRateThrottle', 'limit'); @@ -104,7 +105,7 @@ class RateLimitingMiddleware extends Middleware { /** * {@inheritDoc} */ - public function afterException($controller, $methodName, \Exception $exception) { + public function afterException(Controller $controller, $methodName, \Exception $exception) { if($exception instanceof RateLimitExceededException) { if (stripos($this->request->getHeader('Accept'),'html') === false) { $response = new JSONResponse( diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php index 4e41c94643..becbd7b9ca 100644 --- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php @@ -136,7 +136,7 @@ class SecurityMiddleware extends Middleware { * @param string $methodName the name of the method * @throws SecurityException when a security check fails */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { // this will set the current navigation entry of the app, use this only // for normal HTML requests and not for AJAX requests @@ -205,7 +205,7 @@ class SecurityMiddleware extends Middleware { * @param Response $response * @return Response */ - public function afterController($controller, $methodName, Response $response) { + public function afterController(Controller $controller, $methodName, Response $response) { $policy = !is_null($response->getContentSecurityPolicy()) ? $response->getContentSecurityPolicy() : new ContentSecurityPolicy(); if (get_class($policy) === EmptyContentSecurityPolicy::class) { @@ -234,7 +234,7 @@ class SecurityMiddleware extends Middleware { * @throws \Exception the passed in exception if it can't handle it * @return Response a Response object or null in case that the exception could not be handled */ - public function afterException($controller, $methodName, \Exception $exception) { + public function afterException(Controller $controller, $methodName, \Exception $exception) { if($exception instanceof SecurityException) { if($exception instanceof StrictCookieMissingException) { return new RedirectResponse(\OC::$WEBROOT); diff --git a/lib/private/AppFramework/Middleware/SessionMiddleware.php b/lib/private/AppFramework/Middleware/SessionMiddleware.php index c5fefa77fc..f2545653e8 100644 --- a/lib/private/AppFramework/Middleware/SessionMiddleware.php +++ b/lib/private/AppFramework/Middleware/SessionMiddleware.php @@ -24,6 +24,7 @@ namespace OC\AppFramework\Middleware; use OC\AppFramework\Utility\ControllerMethodReflector; +use OCP\AppFramework\Controller; use OCP\IRequest; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; @@ -55,10 +56,10 @@ class SessionMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { $useSession = $this->reflector->hasAnnotation('UseSession'); if (!$useSession) { $this->session->close(); @@ -66,12 +67,12 @@ class SessionMiddleware extends Middleware { } /** - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param Response $response * @return Response */ - public function afterController($controller, $methodName, Response $response){ + public function afterController(Controller $controller, $methodName, Response $response){ $useSession = $this->reflector->hasAnnotation('UseSession'); if ($useSession) { $this->session->close(); diff --git a/settings/Middleware/SubadminMiddleware.php b/settings/Middleware/SubadminMiddleware.php index df34b80656..23f5ebac6b 100644 --- a/settings/Middleware/SubadminMiddleware.php +++ b/settings/Middleware/SubadminMiddleware.php @@ -27,6 +27,7 @@ namespace OC\Settings\Middleware; use OC\AppFramework\Http; use OC\AppFramework\Middleware\Security\Exceptions\NotAdminException; use OC\AppFramework\Utility\ControllerMethodReflector; +use OCP\AppFramework\Controller; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Middleware; @@ -54,11 +55,11 @@ class SubadminMiddleware extends Middleware { /** * Check if sharing is enabled before the controllers is executed - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @throws \Exception */ - public function beforeController($controller, $methodName) { + public function beforeController(Controller $controller, $methodName) { if(!$this->reflector->hasAnnotation('NoSubadminRequired')) { if(!$this->isSubAdmin) { throw new NotAdminException('Logged in user must be a subadmin'); @@ -68,13 +69,13 @@ class SubadminMiddleware extends Middleware { /** * Return 403 page in case of an exception - * @param \OCP\AppFramework\Controller $controller + * @param Controller $controller * @param string $methodName * @param \Exception $exception * @return TemplateResponse * @throws \Exception */ - public function afterException($controller, $methodName, \Exception $exception) { + public function afterException(Controller $controller, $methodName, \Exception $exception) { if($exception instanceof NotAdminException) { $response = new TemplateResponse('core', '403', array(), 'guest'); $response->setStatus(Http::STATUS_FORBIDDEN); diff --git a/tests/lib/AppFramework/Middleware/MiddlewareDispatcherTest.php b/tests/lib/AppFramework/Middleware/MiddlewareDispatcherTest.php index 2b7a79bae2..9eca127cb8 100644 --- a/tests/lib/AppFramework/Middleware/MiddlewareDispatcherTest.php +++ b/tests/lib/AppFramework/Middleware/MiddlewareDispatcherTest.php @@ -26,6 +26,7 @@ namespace Test\AppFramework\Middleware; use OC\AppFramework\Http\Request; use OC\AppFramework\Middleware\MiddlewareDispatcher; +use OCP\AppFramework\Controller; use OCP\AppFramework\Middleware; use OCP\AppFramework\Http\Response; @@ -61,7 +62,7 @@ class TestMiddleware extends Middleware { $this->beforeControllerThrowsEx = $beforeControllerThrowsEx; } - public function beforeController($controller, $methodName){ + public function beforeController(Controller $controller, $methodName){ self::$beforeControllerCalled++; $this->beforeControllerOrder = self::$beforeControllerCalled; $this->controller = $controller; @@ -71,7 +72,7 @@ class TestMiddleware extends Middleware { } } - public function afterException($controller, $methodName, \Exception $exception){ + public function afterException(Controller $controller, $methodName, \Exception $exception){ self::$afterExceptionCalled++; $this->afterExceptionOrder = self::$afterExceptionCalled; $this->controller = $controller; @@ -80,7 +81,7 @@ class TestMiddleware extends Middleware { parent::afterException($controller, $methodName, $exception); } - public function afterController($controller, $methodName, Response $response){ + public function afterController(Controller $controller, $methodName, Response $response){ self::$afterControllerCalled++; $this->afterControllerOrder = self::$afterControllerCalled; $this->controller = $controller; @@ -89,7 +90,7 @@ class TestMiddleware extends Middleware { return parent::afterController($controller, $methodName, $response); } - public function beforeOutput($controller, $methodName, $output){ + public function beforeOutput(Controller $controller, $methodName, $output){ self::$beforeOutputCalled++; $this->beforeOutputOrder = self::$beforeOutputCalled; $this->controller = $controller;