From a1232f46caba330ea6ada0a112aa1d49a4d23f3b Mon Sep 17 00:00:00 2001
From: Morris Jobke <hey@morrisjobke.de>
Date: Mon, 12 Mar 2018 18:03:25 +0100
Subject: [PATCH] Remove unused methods and constants from legacy OC_API

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
---
 lib/private/legacy/api.php | 277 -------------------------------------
 tests/lib/APITest.php      | 115 ---------------
 2 files changed, 392 deletions(-)

diff --git a/lib/private/legacy/api.php b/lib/private/legacy/api.php
index 7fe84b73c4..fde1d99e79 100644
--- a/lib/private/legacy/api.php
+++ b/lib/private/legacy/api.php
@@ -37,44 +37,10 @@ use OCP\AppFramework\Http;
 
 class OC_API {
 
-	/**
-	 * API authentication levels
-	 */
-
-	/** @deprecated Use \OCP\API::GUEST_AUTH instead */
-	const GUEST_AUTH = 0;
-
-	/** @deprecated Use \OCP\API::USER_AUTH instead */
-	const USER_AUTH = 1;
-
-	/** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
-	const SUBADMIN_AUTH = 2;
-
-	/** @deprecated Use \OCP\API::ADMIN_AUTH instead */
-	const ADMIN_AUTH = 3;
-
-	/**
-	 * API Response Codes
-	 */
-
-	/** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
-	const RESPOND_UNAUTHORISED = 997;
-
-	/** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
-	const RESPOND_SERVER_ERROR = 996;
-
-	/** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
-	const RESPOND_NOT_FOUND = 998;
-
-	/** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
-	const RESPOND_UNKNOWN_ERROR = 999;
-
 	/**
 	 * api actions
 	 */
 	protected static $actions = array();
-	private static $logoutRequired = false;
-	private static $isLoggedIn = false;
 
 	/**
 	 * registers an api call
@@ -106,249 +72,6 @@ class OC_API {
 		self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
 	}
 
-	/**
-	 * handles an api call
-	 * @param array $parameters
-	 */
-	public static function call($parameters) {
-		$request = \OC::$server->getRequest();
-		$method = $request->getMethod();
-
-		// Prepare the request variables
-		if($method === 'PUT') {
-			$parameters['_put'] = $request->getParams();
-		} else if($method === 'DELETE') {
-			$parameters['_delete'] = $request->getParams();
-		}
-		$name = $parameters['_route'];
-		// Foreach registered action
-		$responses = array();
-		$appManager = \OC::$server->getAppManager();
-		foreach(self::$actions[$name] as $action) {
-			// Check authentication and availability
-			if(!self::isAuthorised($action)) {
-				$responses[] = array(
-					'app' => $action['app'],
-					'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
-					'shipped' => $appManager->isShipped($action['app']),
-					);
-				continue;
-			}
-			if(!is_callable($action['action'])) {
-				$responses[] = array(
-					'app' => $action['app'],
-					'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
-					'shipped' => $appManager->isShipped($action['app']),
-					);
-				continue;
-			}
-			// Run the action
-			$responses[] = array(
-				'app' => $action['app'],
-				'response' => call_user_func($action['action'], $parameters),
-				'shipped' => $appManager->isShipped($action['app']),
-				);
-		}
-		$response = self::mergeResponses($responses);
-		$format = self::requestedFormat();
-		if (self::$logoutRequired) {
-			\OC::$server->getUserSession()->logout();
-		}
-
-		self::respond($response, $format);
-	}
-
-	/**
-	 * merge the returned result objects into one response
-	 * @param array $responses
-	 * @return \OC\OCS\Result
-	 */
-	public static function mergeResponses($responses) {
-		// Sort into shipped and third-party
-		$shipped = array(
-			'succeeded' => array(),
-			'failed' => array(),
-			);
-		$thirdparty = array(
-			'succeeded' => array(),
-			'failed' => array(),
-			);
-
-		foreach($responses as $response) {
-			if($response['shipped'] || ($response['app'] === 'core')) {
-				if($response['response']->succeeded()) {
-					$shipped['succeeded'][$response['app']] = $response;
-				} else {
-					$shipped['failed'][$response['app']] = $response;
-				}
-			} else {
-				if($response['response']->succeeded()) {
-					$thirdparty['succeeded'][$response['app']] = $response;
-				} else {
-					$thirdparty['failed'][$response['app']] = $response;
-				}
-			}
-		}
-
-		// Remove any error responses if there is one shipped response that succeeded
-		if(!empty($shipped['failed'])) {
-			// Which shipped response do we use if they all failed?
-			// They may have failed for different reasons (different status codes)
-			// Which response code should we return?
-			// Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
-			// Merge failed responses if more than one
-			$data = array();
-			foreach($shipped['failed'] as $failure) {
-				$data = array_merge_recursive($data, $failure['response']->getData());
-			}
-			$picked = reset($shipped['failed']);
-			$code = $picked['response']->getStatusCode();
-			$meta = $picked['response']->getMeta();
-			$headers = $picked['response']->getHeaders();
-			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
-			return $response;
-		} elseif(!empty($shipped['succeeded'])) {
-			$responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
-		} elseif(!empty($thirdparty['failed'])) {
-			// Merge failed responses if more than one
-			$data = array();
-			foreach($thirdparty['failed'] as $failure) {
-				$data = array_merge_recursive($data, $failure['response']->getData());
-			}
-			$picked = reset($thirdparty['failed']);
-			$code = $picked['response']->getStatusCode();
-			$meta = $picked['response']->getMeta();
-			$headers = $picked['response']->getHeaders();
-			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
-			return $response;
-		} else {
-			$responses = $thirdparty['succeeded'];
-		}
-		// Merge the successful responses
-		$data = [];
-		$codes = [];
-		$header = [];
-
-		foreach($responses as $response) {
-			if($response['shipped']) {
-				$data = array_merge_recursive($response['response']->getData(), $data);
-			} else {
-				$data = array_merge_recursive($data, $response['response']->getData());
-			}
-			$header = array_merge_recursive($header, $response['response']->getHeaders());
-			$codes[] = ['code' => $response['response']->getStatusCode(),
-				'meta' => $response['response']->getMeta()];
-		}
-
-		// Use any non 100 status codes
-		$statusCode = 100;
-		$statusMessage = null;
-		foreach($codes as $code) {
-			if($code['code'] != 100) {
-				$statusCode = $code['code'];
-				$statusMessage = $code['meta']['message'];
-				break;
-			}
-		}
-
-		return new \OC\OCS\Result($data, $statusCode, $statusMessage, $header);
-	}
-
-	/**
-	 * authenticate the api call
-	 * @param array $action the action details as supplied to OC_API::register()
-	 * @return bool
-	 */
-	private static function isAuthorised($action) {
-		$level = $action['authlevel'];
-		switch($level) {
-			case API::GUEST_AUTH:
-				// Anyone can access
-				return true;
-			case API::USER_AUTH:
-				// User required
-				return self::loginUser();
-			case API::SUBADMIN_AUTH:
-				// Check for subadmin
-				$user = self::loginUser();
-				if(!$user) {
-					return false;
-				} else {
-					$userObject = \OC::$server->getUserSession()->getUser();
-					if($userObject === null) {
-						return false;
-					}
-					$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
-					$admin = OC_User::isAdminUser($user);
-					if($isSubAdmin || $admin) {
-						return true;
-					} else {
-						return false;
-					}
-				}
-			case API::ADMIN_AUTH:
-				// Check for admin
-				$user = self::loginUser();
-				if(!$user) {
-					return false;
-				} else {
-					return OC_User::isAdminUser($user);
-				}
-			default:
-				// oops looks like invalid level supplied
-				return false;
-		}
-	}
-
-	/**
-	 * http basic auth
-	 * @return string|false (username, or false on failure)
-	 */
-	private static function loginUser() {
-		if(self::$isLoggedIn === true) {
-			return \OC_User::getUser();
-		}
-
-		// reuse existing login
-		$loggedIn = \OC::$server->getUserSession()->isLoggedIn();
-		if ($loggedIn === true) {
-			if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
-				// Do not allow access to OCS until the 2FA challenge was solved successfully
-				return false;
-			}
-			$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
-			if ($ocsApiRequest) {
-
-				// initialize the user's filesystem
-				\OC_Util::setupFS(\OC_User::getUser());
-				self::$isLoggedIn = true;
-
-				return OC_User::getUser();
-			}
-			return false;
-		}
-
-		// basic auth - because OC_User::login will create a new session we shall only try to login
-		// if user and pass are set
-		$userSession = \OC::$server->getUserSession();
-		$request = \OC::$server->getRequest();
-		try {
-			if ($userSession->tryTokenLogin($request)
-				|| $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
-				self::$logoutRequired = true;
-			} else {
-				return false;
-			}
-			// initialize the user's filesystem
-			\OC_Util::setupFS(\OC_User::getUser());
-			self::$isLoggedIn = true;
-
-			return \OC_User::getUser();
-		} catch (\OC\User\LoginException $e) {
-			return false;
-		}
-	}
-
 	/**
 	 * respond to a call
 	 * @param \OC\OCS\Result $result
diff --git a/tests/lib/APITest.php b/tests/lib/APITest.php
index b1ac8fbb24..bf6902fde6 100644
--- a/tests/lib/APITest.php
+++ b/tests/lib/APITest.php
@@ -83,119 +83,4 @@ class APITest extends \Test\TestCase {
 
 		$this->assertEquals($expected, $this->invokePrivate(new \OC_API, 'isV2', [$request]));
 	}
-
-	function dataProviderTestOneResult() {
-		return [
-			[100, true],
-			[101, false],
-			[997, false],
-		];
-	}
-
-	/**
-	 * @dataProvider dataProviderTestOneResult
-	 *
-	 * @param $statusCode
-	 * @param $succeeded
-	 */
-	public function testOneResult($statusCode, $succeeded) {
-		// Setup some data arrays
-		$data1 = [
-			'users' => [
-				'tom' => [
-					'key' => 'value',
-				],
-				'frank' => [
-					'key' => 'value',
-				],
-			]];
-
-		// Test merging one success result
-		$response = $this->buildResponse(true, $data1, $statusCode);
-		$result = \OC_API::mergeResponses([$response]);
-		$this->assertEquals($response['response'], $result);
-		$this->checkResult($result, $succeeded);
-	}
-
-	function dataProviderTestMergeResponses() {
-		return [
-			// Two shipped success results
-			[true, 100, true, 100, true],
-			// Two shipped results, one success and one failure
-			[true, 100, true, 998, false],
-			// Two shipped results, both failure
-			[true, 997, true, 998, false],
-			// Two third party success results
-			[false, 100, false, 100, true],
-			// Two third party results, one success and one failure
-			[false, 100, false, 998, false],
-			// Two third party results, both failure
-			[false, 997, false, 998, false],
-			// One of each, both success
-			[false, 100, true, 100, true],
-			[true, 100, false, 100, true],
-			// One of each, both failure
-			[false, 997, true, 998, false],
-			// One of each, shipped success
-			[false, 997, true, 100, true],
-			// One of each, third party success
-			[false, 100, true, 998, false],
-		];
-	}
-	/**
-	 * @dataProvider dataProviderTestMergeResponses
-	 *
-	 * Test the merging of multiple responses
-	 * @param $statusCode1
-	 * @param $statusCode2
-	 * @param $succeeded
-	 */
-	public function testMultipleMergeResponses($shipped1, $statusCode1, $shipped2, $statusCode2, $succeeded){
-		// Tests that app responses are merged correctly
-		// Setup some data arrays
-		$data1 = array(
-			'users' => array(
-				'tom' => array(
-					'key' => 'value',
-				),
-				'frank' => array(
-					'key' => 'value',
-				),
-			));
-
-		$data2 = array(
-			'users' => array(
-				'tom' => array(
-					'key' => 'newvalue',
-				),
-				'jan' => array(
-					'key' => 'value',
-				),
-			));
-
-		// Two shipped success results
-		$result = \OC_API::mergeResponses(array(
-			$this->buildResponse($shipped1, $data1, $statusCode1, "message1"),
-			$this->buildResponse($shipped2, $data2, $statusCode2, "message2"),
-		));
-		$this->checkResult($result, $succeeded);
-		$resultData = $result->getData();
-		$resultMeta = $result->getMeta();
-		$resultHeaders = $result->getHeaders();
-		$resultStatusCode = $result->getStatusCode();
-
-		$this->assertArrayHasKey('jan', $resultData['users']);
-		$this->assertArrayHasKey('KEY', $resultHeaders);
-
-		// check if the returned status message matches the selected status code
-		if ($resultStatusCode === 997) {
-			$this->assertEquals('message1', $resultMeta['message']);
-		} elseif ($resultStatusCode === 998) {
-			$this->assertEquals('message2', $resultMeta['message']);
-		} elseif ($resultStatusCode === 100) {
-			$this->assertEquals(null, $resultMeta['message']);
-		}
-
-	}
-
 }