Remove unused methods and constants from legacy OC_API

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-12 18:03:25 +01:00 · 2018-03-12 18:03:25 +01:00 · a1232f46ca
parent 3655951dd7
commit a1232f46ca
2 changed files with 0 additions and 392 deletions
--- a/lib/private/legacy/api.php
+++ b/lib/private/legacy/api.php
@ -37,44 +37,10 @@ use OCP\AppFramework\Http;
 class OC_API {
 	/**
 	 * API authentication levels
 	 */
 	/** @deprecated Use \OCP\API::GUEST_AUTH instead */
 	const GUEST_AUTH = 0;
 	/** @deprecated Use \OCP\API::USER_AUTH instead */
 	const USER_AUTH = 1;
 	/** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
 	const SUBADMIN_AUTH = 2;
 	/** @deprecated Use \OCP\API::ADMIN_AUTH instead */
 	const ADMIN_AUTH = 3;
 	/**
 	 * API Response Codes
 	 */
 	/** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
 	const RESPOND_UNAUTHORISED = 997;
 	/** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
 	const RESPOND_SERVER_ERROR = 996;
 	/** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
 	const RESPOND_NOT_FOUND = 998;
 	/** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
 	const RESPOND_UNKNOWN_ERROR = 999;
 	/**
 	 * api actions
 	 */
 	protected static $actions = array();
 	private static $logoutRequired = false;
 	private static $isLoggedIn = false;
 	/**
 	 * registers an api call
@ -106,249 +72,6 @@ class OC_API {
 		self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
 	}
 	/**
 	 * handles an api call
 	 * @param array $parameters
 	 */
 	public static function call($parameters) {
 		$request = \OC::$server->getRequest();
 		$method = $request->getMethod();
 		// Prepare the request variables
 		if($method === 'PUT') {
 			$parameters['_put'] = $request->getParams();
 		} else if($method === 'DELETE') {
 			$parameters['_delete'] = $request->getParams();
 		}
 		$name = $parameters['_route'];
 		// Foreach registered action
 		$responses = array();
 		$appManager = \OC::$server->getAppManager();
 		foreach(self::$actions[$name] as $action) {
 			// Check authentication and availability
 			if(!self::isAuthorised($action)) {
 				$responses[] = array(
 					'app' => $action['app'],
 					'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
 					'shipped' => $appManager->isShipped($action['app']),
 					);
 				continue;
 			}
 			if(!is_callable($action['action'])) {
 				$responses[] = array(
 					'app' => $action['app'],
 					'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
 					'shipped' => $appManager->isShipped($action['app']),
 					);
 				continue;
 			}
 			// Run the action
 			$responses[] = array(
 				'app' => $action['app'],
 				'response' => call_user_func($action['action'], $parameters),
 				'shipped' => $appManager->isShipped($action['app']),
 				);
 		}
 		$response = self::mergeResponses($responses);
 		$format = self::requestedFormat();
 		if (self::$logoutRequired) {
 			\OC::$server->getUserSession()->logout();
 		}
 		self::respond($response, $format);
 	}
 	/**
 	 * merge the returned result objects into one response
 	 * @param array $responses
 	 * @return \OC\OCS\Result
 	 */
 	public static function mergeResponses($responses) {
 		// Sort into shipped and third-party
 		$shipped = array(
 			'succeeded' => array(),
 			'failed' => array(),
 			);
 		$thirdparty = array(
 			'succeeded' => array(),
 			'failed' => array(),
 			);
 		foreach($responses as $response) {
 			if($response['shipped'] || ($response['app'] === 'core')) {
 				if($response['response']->succeeded()) {
 					$shipped['succeeded'][$response['app']] = $response;
 				} else {
 					$shipped['failed'][$response['app']] = $response;
 				}
 			} else {
 				if($response['response']->succeeded()) {
 					$thirdparty['succeeded'][$response['app']] = $response;
 				} else {
 					$thirdparty['failed'][$response['app']] = $response;
 				}
 			}
 		}
 		// Remove any error responses if there is one shipped response that succeeded
 		if(!empty($shipped['failed'])) {
 			// Which shipped response do we use if they all failed?
 			// They may have failed for different reasons (different status codes)
 			// Which response code should we return?
 			// Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
 			// Merge failed responses if more than one
 			$data = array();
 			foreach($shipped['failed'] as $failure) {
 				$data = array_merge_recursive($data, $failure['response']->getData());
 			}
 			$picked = reset($shipped['failed']);
 			$code = $picked['response']->getStatusCode();
 			$meta = $picked['response']->getMeta();
 			$headers = $picked['response']->getHeaders();
 			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
 			return $response;
 		} elseif(!empty($shipped['succeeded'])) {
 			$responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
 		} elseif(!empty($thirdparty['failed'])) {
 			// Merge failed responses if more than one
 			$data = array();
 			foreach($thirdparty['failed'] as $failure) {
 				$data = array_merge_recursive($data, $failure['response']->getData());
 			}
 			$picked = reset($thirdparty['failed']);
 			$code = $picked['response']->getStatusCode();
 			$meta = $picked['response']->getMeta();
 			$headers = $picked['response']->getHeaders();
 			$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
 			return $response;
 		} else {
 			$responses = $thirdparty['succeeded'];
 		}
 		// Merge the successful responses
 		$data = [];
 		$codes = [];
 		$header = [];
 		foreach($responses as $response) {
 			if($response['shipped']) {
 				$data = array_merge_recursive($response['response']->getData(), $data);
 			} else {
 				$data = array_merge_recursive($data, $response['response']->getData());
 			}
 			$header = array_merge_recursive($header, $response['response']->getHeaders());
 			$codes[] = ['code' => $response['response']->getStatusCode(),
 				'meta' => $response['response']->getMeta()];
 		}
 		// Use any non 100 status codes
 		$statusCode = 100;
 		$statusMessage = null;
 		foreach($codes as $code) {
 			if($code['code'] != 100) {
 				$statusCode = $code['code'];
 				$statusMessage = $code['meta']['message'];
 				break;
 			}
 		}
 		return new \OC\OCS\Result($data, $statusCode, $statusMessage, $header);
 	}
 	/**
 	 * authenticate the api call
 	 * @param array $action the action details as supplied to OC_API::register()
 	 * @return bool
 	 */
 	private static function isAuthorised($action) {
 		$level = $action['authlevel'];
 		switch($level) {
 			case API::GUEST_AUTH:
 				// Anyone can access
 				return true;
 			case API::USER_AUTH:
 				// User required
 				return self::loginUser();
 			case API::SUBADMIN_AUTH:
 				// Check for subadmin
 				$user = self::loginUser();
 				if(!$user) {
 					return false;
 				} else {
 					$userObject = \OC::$server->getUserSession()->getUser();
 					if($userObject === null) {
 						return false;
 					}
 					$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
 					$admin = OC_User::isAdminUser($user);
 					if($isSubAdmin || $admin) {
 						return true;
 					} else {
 						return false;
 					}
 				}
 			case API::ADMIN_AUTH:
 				// Check for admin
 				$user = self::loginUser();
 				if(!$user) {
 					return false;
 				} else {
 					return OC_User::isAdminUser($user);
 				}
 			default:
 				// oops looks like invalid level supplied
 				return false;
 		}
 	}
 	/**
 	 * http basic auth
 	 * @return string|false (username, or false on failure)
 	 */
 	private static function loginUser() {
 		if(self::$isLoggedIn === true) {
 			return \OC_User::getUser();
 		}
 		// reuse existing login
 		$loggedIn = \OC::$server->getUserSession()->isLoggedIn();
 		if ($loggedIn === true) {
 			if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
 				// Do not allow access to OCS until the 2FA challenge was solved successfully
 				return false;
 			}
 			$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
 			if ($ocsApiRequest) {
 				// initialize the user's filesystem
 				\OC_Util::setupFS(\OC_User::getUser());
 				self::$isLoggedIn = true;
 				return OC_User::getUser();
 			}
 			return false;
 		}
 		// basic auth - because OC_User::login will create a new session we shall only try to login
 		// if user and pass are set
 		$userSession = \OC::$server->getUserSession();
 		$request = \OC::$server->getRequest();
 		try {
 			if ($userSession->tryTokenLogin($request)
 				|| $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
 				self::$logoutRequired = true;
 			} else {
 				return false;
 			}
 			// initialize the user's filesystem
 			\OC_Util::setupFS(\OC_User::getUser());
 			self::$isLoggedIn = true;
 			return \OC_User::getUser();
 		} catch (\OC\User\LoginException $e) {
 			return false;
 		}
 	}
 	/**
 	 * respond to a call
 	 * @param \OC\OCS\Result $result
--- a/tests/lib/APITest.php
+++ b/tests/lib/APITest.php
@ -83,119 +83,4 @@ class APITest extends \Test\TestCase {
 		$this->assertEquals($expected, $this->invokePrivate(new \OC_API, 'isV2', [$request]));
 	}
 	function dataProviderTestOneResult() {
 		return [
 			[100, true],
 			[101, false],
 			[997, false],
 		];
 	}
 	/**
 	 * @dataProvider dataProviderTestOneResult
 	 *
 	 * @param $statusCode
 	 * @param $succeeded
 	 */
 	public function testOneResult($statusCode, $succeeded) {
 		// Setup some data arrays
 		$data1 = [
 			'users' => [
 				'tom' => [
 					'key' => 'value',
 				],
 				'frank' => [
 					'key' => 'value',
 				],
 			]];
 		// Test merging one success result
 		$response = $this->buildResponse(true, $data1, $statusCode);
 		$result = \OC_API::mergeResponses([$response]);
 		$this->assertEquals($response['response'], $result);
 		$this->checkResult($result, $succeeded);
 	}
 	function dataProviderTestMergeResponses() {
 		return [
 			// Two shipped success results
 			[true, 100, true, 100, true],
 			// Two shipped results, one success and one failure
 			[true, 100, true, 998, false],
 			// Two shipped results, both failure
 			[true, 997, true, 998, false],
 			// Two third party success results
 			[false, 100, false, 100, true],
 			// Two third party results, one success and one failure
 			[false, 100, false, 998, false],
 			// Two third party results, both failure
 			[false, 997, false, 998, false],
 			// One of each, both success
 			[false, 100, true, 100, true],
 			[true, 100, false, 100, true],
 			// One of each, both failure
 			[false, 997, true, 998, false],
 			// One of each, shipped success
 			[false, 997, true, 100, true],
 			// One of each, third party success
 			[false, 100, true, 998, false],
 		];
 	}
 	/**
 	 * @dataProvider dataProviderTestMergeResponses
 	 *
 	 * Test the merging of multiple responses
 	 * @param $statusCode1
 	 * @param $statusCode2
 	 * @param $succeeded
 	 */
 	public function testMultipleMergeResponses($shipped1, $statusCode1, $shipped2, $statusCode2, $succeeded){
 		// Tests that app responses are merged correctly
 		// Setup some data arrays
 		$data1 = array(
 			'users' => array(
 				'tom' => array(
 					'key' => 'value',
 				),
 				'frank' => array(
 					'key' => 'value',
 				),
 			));
 		$data2 = array(
 			'users' => array(
 				'tom' => array(
 					'key' => 'newvalue',
 				),
 				'jan' => array(
 					'key' => 'value',
 				),
 			));
 		// Two shipped success results
 		$result = \OC_API::mergeResponses(array(
 			$this->buildResponse($shipped1, $data1, $statusCode1, "message1"),
 			$this->buildResponse($shipped2, $data2, $statusCode2, "message2"),
 		));
 		$this->checkResult($result, $succeeded);
 		$resultData = $result->getData();
 		$resultMeta = $result->getMeta();
 		$resultHeaders = $result->getHeaders();
 		$resultStatusCode = $result->getStatusCode();
 		$this->assertArrayHasKey('jan', $resultData['users']);
 		$this->assertArrayHasKey('KEY', $resultHeaders);
 		// check if the returned status message matches the selected status code
 		if ($resultStatusCode === 997) {
 			$this->assertEquals('message1', $resultMeta['message']);
 		} elseif ($resultStatusCode === 998) {
 			$this->assertEquals('message2', $resultMeta['message']);
 		} elseif ($resultStatusCode === 100) {
 			$this->assertEquals(null, $resultMeta['message']);
 		}
 	}
 }