diff --git a/core/Application.php b/core/Application.php index 5ba07e2cb4..f89b7e4808 100644 --- a/core/Application.php +++ b/core/Application.php @@ -28,6 +28,7 @@ namespace OC\Core; +use OC\Core\Notification\RemoveLinkSharesNotifier; use OC\DB\MissingIndexInformation; use OC\DB\SchemaWrapper; use OCP\AppFramework\App; @@ -54,6 +55,18 @@ class Application extends App { $server = $container->getServer(); $eventDispatcher = $server->getEventDispatcher(); + $notificationManager = $server->getNotificationManager(); + $notificationManager->registerNotifier(function() use ($server) { + return new RemoveLinkSharesNotifier( + $server->getL10NFactory() + ); + }, function() use ($server) { + return [ + 'id' => 'core', + 'name' => 'core', + ]; + }); + $eventDispatcher->addListener(IDBConnection::CHECK_MISSING_INDEXES_EVENT, function(GenericEvent $event) use ($container) { /** @var MissingIndexInformation $subject */ diff --git a/core/Notification/RemoveLinkSharesNotifier.php b/core/Notification/RemoveLinkSharesNotifier.php new file mode 100644 index 0000000000..b77846c847 --- /dev/null +++ b/core/Notification/RemoveLinkSharesNotifier.php @@ -0,0 +1,55 @@ + + * + * @author Roeland Jago Douma + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Core\Notification; + +use OCP\L10N\IFactory; +use OCP\Notification\INotification; +use OCP\Notification\INotifier; + +class RemoveLinkSharesNotifier implements INotifier { + /** @var IFactory */ + private $l10nFactory; + + public function __construct(IFactory $factory) { + $this->l10nFactory = $factory; + } + + public function prepare(INotification $notification, $languageCode): INotification { + if($notification->getApp() !== 'core') { + throw new \InvalidArgumentException(); + } + $l = $this->l10nFactory->get('core', $languageCode); + + if ($notification->getSubject() === 'repair_exposing_links') { + $notification->setParsedSubject($l->t('Some of your link shares have been removed')); + $notification->setParsedMessage($l->t('Due to a security bug we had to remove some of your link shares. Please see the link for more information.')); + $notification->setLink('https://nextcloud.com/security/advisory/?id=NC-SA-2019-003'); + return $notification; + } + + throw new \InvalidArgumentException('Invalid subject'); + } + +} diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index a0fe19e011..cad7c21a59 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -711,6 +711,7 @@ return array( 'OC\\Core\\Migrations\\Version15000Date20181029084625' => $baseDir . '/core/Migrations/Version15000Date20181029084625.php', 'OC\\Core\\Migrations\\Version16000Date20190207141427' => $baseDir . '/core/Migrations/Version16000Date20190207141427.php', 'OC\\Core\\Migrations\\Version16000Date20190212081545' => $baseDir . '/core/Migrations/Version16000Date20190212081545.php', + 'OC\\Core\\Notification\\RemoveLinkSharesNotifier' => $baseDir . '/core/Notification/RemoveLinkSharesNotifier.php', 'OC\\Core\\Service\\LoginFlowV2Service' => $baseDir . '/core/Service/LoginFlowV2Service.php', 'OC\\DB\\Adapter' => $baseDir . '/lib/private/DB/Adapter.php', 'OC\\DB\\AdapterMySQL' => $baseDir . '/lib/private/DB/AdapterMySQL.php', @@ -1018,6 +1019,7 @@ return array( 'OC\\Repair\\OldGroupMembershipShares' => $baseDir . '/lib/private/Repair/OldGroupMembershipShares.php', 'OC\\Repair\\Owncloud\\DropAccountTermsTable' => $baseDir . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php', 'OC\\Repair\\Owncloud\\SaveAccountsTableData' => $baseDir . '/lib/private/Repair/Owncloud/SaveAccountsTableData.php', + 'OC\\Repair\\RemoveLinkShares' => $baseDir . '/lib/private/Repair/RemoveLinkShares.php', 'OC\\Repair\\RemoveRootShares' => $baseDir . '/lib/private/Repair/RemoveRootShares.php', 'OC\\Repair\\RepairInvalidShares' => $baseDir . '/lib/private/Repair/RepairInvalidShares.php', 'OC\\Repair\\RepairMimeTypes' => $baseDir . '/lib/private/Repair/RepairMimeTypes.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 3dcca438cb..7a49d254e9 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -741,6 +741,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Core\\Migrations\\Version15000Date20181029084625' => __DIR__ . '/../../..' . '/core/Migrations/Version15000Date20181029084625.php', 'OC\\Core\\Migrations\\Version16000Date20190207141427' => __DIR__ . '/../../..' . '/core/Migrations/Version16000Date20190207141427.php', 'OC\\Core\\Migrations\\Version16000Date20190212081545' => __DIR__ . '/../../..' . '/core/Migrations/Version16000Date20190212081545.php', + 'OC\\Core\\Notification\\RemoveLinkSharesNotifier' => __DIR__ . '/../../..' . '/core/Notification/RemoveLinkSharesNotifier.php', 'OC\\Core\\Service\\LoginFlowV2Service' => __DIR__ . '/../../..' . '/core/Service/LoginFlowV2Service.php', 'OC\\DB\\Adapter' => __DIR__ . '/../../..' . '/lib/private/DB/Adapter.php', 'OC\\DB\\AdapterMySQL' => __DIR__ . '/../../..' . '/lib/private/DB/AdapterMySQL.php', @@ -1048,6 +1049,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Repair\\OldGroupMembershipShares' => __DIR__ . '/../../..' . '/lib/private/Repair/OldGroupMembershipShares.php', 'OC\\Repair\\Owncloud\\DropAccountTermsTable' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/DropAccountTermsTable.php', 'OC\\Repair\\Owncloud\\SaveAccountsTableData' => __DIR__ . '/../../..' . '/lib/private/Repair/Owncloud/SaveAccountsTableData.php', + 'OC\\Repair\\RemoveLinkShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RemoveLinkShares.php', 'OC\\Repair\\RemoveRootShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RemoveRootShares.php', 'OC\\Repair\\RepairInvalidShares' => __DIR__ . '/../../..' . '/lib/private/Repair/RepairInvalidShares.php', 'OC\\Repair\\RepairMimeTypes' => __DIR__ . '/../../..' . '/lib/private/Repair/RepairMimeTypes.php', diff --git a/lib/private/DB/QueryBuilder/QueryBuilder.php b/lib/private/DB/QueryBuilder/QueryBuilder.php index ebbcdeb087..25d59fb7d7 100644 --- a/lib/private/DB/QueryBuilder/QueryBuilder.php +++ b/lib/private/DB/QueryBuilder/QueryBuilder.php @@ -1170,6 +1170,10 @@ class QueryBuilder implements IQueryBuilder { * @return string */ public function getTableName($table) { + if ($table instanceof IQueryFunction) { + return (string) $table; + } + $table = $this->prefixTableName($table); return $this->helper->quoteColumnName($table); } diff --git a/lib/private/Repair.php b/lib/private/Repair.php index e4eb4cfcc1..d27e6b812b 100644 --- a/lib/private/Repair.php +++ b/lib/private/Repair.php @@ -48,6 +48,7 @@ use OC\Repair\NC16\CleanupCardDAVPhotoCache; use OC\Repair\OldGroupMembershipShares; use OC\Repair\Owncloud\DropAccountTermsTable; use OC\Repair\Owncloud\SaveAccountsTableData; +use OC\Repair\RemoveLinkShares; use OC\Repair\RemoveRootShares; use OC\Repair\RepairInvalidShares; use OC\Repair\RepairMimeTypes; @@ -55,6 +56,7 @@ use OC\Repair\SqliteAutoincrement; use OC\Template\JSCombiner; use OC\Template\SCSSCacher; use OCP\AppFramework\QueryException; +use OCP\AppFramework\Utility\ITimeFactory; use OCP\Migration\IOutput; use OCP\Migration\IRepairStep; use Symfony\Component\EventDispatcher\EventDispatcherInterface; @@ -152,6 +154,7 @@ class Repair implements IOutput { new SetVcardDatabaseUID(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getLogger()), new CleanupCardDAVPhotoCache(\OC::$server->getConfig(), \OC::$server->getAppDataDir('dav-photocache'), \OC::$server->getLogger()), new AddClenupLoginFlowV2BackgroundJob(\OC::$server->getJobList()), + new RemoveLinkShares(\OC::$server->getDatabaseConnection(), \OC::$server->getConfig(), \OC::$server->getGroupManager(), \OC::$server->getNotificationManager(), \OC::$server->query(ITimeFactory::class)), ]; } diff --git a/lib/private/Repair/RemoveLinkShares.php b/lib/private/Repair/RemoveLinkShares.php new file mode 100644 index 0000000000..55b5a7c1fa --- /dev/null +++ b/lib/private/Repair/RemoveLinkShares.php @@ -0,0 +1,236 @@ + + * + * @author Roeland Jago Douma + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OC\Repair; + +use Doctrine\DBAL\Driver\Statement; +use OCP\AppFramework\Utility\ITimeFactory; +use OCP\DB\QueryBuilder\IQueryBuilder; +use OCP\IConfig; +use OCP\IDBConnection; +use OCP\IGroupManager; +use OCP\Migration\IOutput; +use OCP\Migration\IRepairStep; +use OCP\Notification\IManager; + +class RemoveLinkShares implements IRepairStep { + /** @var IDBConnection */ + private $connection; + /** @var IConfig */ + private $config; + /** @var string[] */ + private $userToNotify = []; + /** @var IGroupManager */ + private $groupManager; + /** @var IManager */ + private $notificationManager; + /** @var ITimeFactory */ + private $timeFactory; + + public function __construct(IDBConnection $connection, + IConfig $config, + IGroupManager $groupManager, + IManager $notificationManager, + ITimeFactory $timeFactory) { + $this->connection = $connection; + $this->config = $config; + $this->groupManager = $groupManager; + $this->notificationManager = $notificationManager; + $this->timeFactory = $timeFactory; + } + + + public function getName(): string { + return 'Remove potentially over exposing share links'; + } + + private function shouldRun(): bool { + $versionFromBeforeUpdate = $this->config->getSystemValue('version', '0.0.0'); + + if (version_compare($versionFromBeforeUpdate, '14.0.11', '<')) { + return true; + } + if (version_compare($versionFromBeforeUpdate, '15.0.8', '<')) { + return true; + } + if (version_compare($versionFromBeforeUpdate, '16.0.0', '<=')) { + return true; + } + + return false; + } + + /** + * Delete the share + * + * @param int $id + */ + private function deleteShare(int $id): void { + $qb = $this->connection->getQueryBuilder(); + $qb->delete('share') + ->where($qb->expr()->eq('id', $qb->createNamedParameter($id))); + $qb->execute(); + } + + /** + * Get the total of affected shares + * + * @return int + */ + private function getTotal(): int { + $subSubQuery = $this->connection->getQueryBuilder(); + $subSubQuery->select('*') + ->from('share') + ->where($subSubQuery->expr()->isNotNull('parent')) + ->andWhere($subSubQuery->expr()->eq('share_type', $subSubQuery->expr()->literal(3, IQueryBuilder::PARAM_INT))); + + $subQuery = $this->connection->getQueryBuilder(); + $subQuery->select('s1.id') + ->from($subQuery->createFunction('(' . $subSubQuery->getSQL() . ')'), 's1') + ->join( + 's1', 'share', 's2', + $subQuery->expr()->eq('s1.parent', 's2.id') + ) + ->where($subQuery->expr()->orX( + $subQuery->expr()->eq('s2.share_type', $subQuery->expr()->literal(1, IQueryBuilder::PARAM_INT)), + $subQuery->expr()->eq('s2.share_type', $subQuery->expr()->literal(2, IQueryBuilder::PARAM_INT)) + )) + ->andWhere($subQuery->expr()->eq('s1.item_source', 's2.item_source')); + + $query = $this->connection->getQueryBuilder(); + $query->select($query->func()->count('*', 'total')) + ->from('share') + ->where($query->expr()->in('id', $query->createFunction('(' . $subQuery->getSQL() . ')'))); + + $result = $query->execute(); + $data = $result->fetch(); + $result->closeCursor(); + + return (int) $data['total']; + } + + /** + * Get the cursor to fetch all the shares + * + * @return \Doctrine\DBAL\Driver\Statement + */ + private function getShares(): Statement { + $subQuery = $this->connection->getQueryBuilder(); + $subQuery->select('*') + ->from('share') + ->where($subQuery->expr()->isNotNull('parent')) + ->andWhere($subQuery->expr()->eq('share_type', $subQuery->expr()->literal(3, IQueryBuilder::PARAM_INT))); + + $query = $this->connection->getQueryBuilder(); + $query->select('s1.id', 's1.uid_owner', 's1.uid_initiator') + ->from($query->createFunction('(' . $subQuery->getSQL() . ')'), 's1') + ->join( + 's1', 'share', 's2', + $query->expr()->eq('s1.parent', 's2.id') + ) + ->where($query->expr()->orX( + $query->expr()->eq('s2.share_type', $query->expr()->literal(1, IQueryBuilder::PARAM_INT)), + $query->expr()->eq('s2.share_type', $query->expr()->literal(2, IQueryBuilder::PARAM_INT)) + )) + ->andWhere($query->expr()->eq('s1.item_source', 's2.item_source')); + return $query->execute(); + } + + /** + * Process a single share + * + * @param array $data + */ + private function processShare(array $data): void { + $id = $data['id']; + + $this->addToNotify($data['uid_owner']); + $this->addToNotify($data['uid_initiator']); + + $this->deleteShare((int)$id); + } + + /** + * Update list of users to notify + * + * @param string $uid + */ + private function addToNotify(string $uid): void { + if (!isset($this->userToNotify[$uid])) { + $this->userToNotify[$uid] = true; + } + } + + /** + * Send all notifications + */ + private function sendNotification(): void { + $time = $this->timeFactory->getDateTime(); + + $notification = $this->notificationManager->createNotification(); + $notification->setApp('core') + ->setDateTime($time) + ->setObject('repair', 'exposing_links') + ->setSubject('repair_exposing_links'); + + $users = array_keys($this->userToNotify); + foreach ($users as $user) { + $notification->setUser($user); + $this->notificationManager->notify($notification); + } + } + + private function repair(IOutput $output): void { + $total = $this->getTotal(); + $output->startProgress($total); + + $shareCursor = $this->getShares(); + while($data = $shareCursor->fetch()) { + $this->processShare($data); + $output->advance(); + } + $output->finishProgress(); + $shareCursor->closeCursor(); + + // Notifiy all admins + $adminGroup = $this->groupManager->get('admin'); + $adminUsers = $adminGroup->getUsers(); + foreach ($adminUsers as $user) { + $this->addToNotify($user->getUID()); + } + + $output->info('Sending notifications to admins and affected users'); + $this->sendNotification(); + } + + public function run(IOutput $output): void { + if ($this->shouldRun()) { + $output->info('Removing potentially over exposing link shares'); + $this->repair($output); + $output->info('Removed potentially over exposing link shares'); + } else { + $output->info('No need to remove link shares.'); + } + } +} diff --git a/version.php b/version.php index 6d79827ed1..596cfc2bf1 100644 --- a/version.php +++ b/version.php @@ -29,7 +29,7 @@ // between betas, final and RCs. This is _not_ the public version number. Reset minor/patchlevel // when updating major/minor version number. -$OC_Version = array(16, 0, 0, 6); +$OC_Version = array(16, 0, 0, 7); // The human readable string $OC_VersionString = '16.0.0 RC 1';